How to control access for specific IP-addresses of clients when using as mail proxy

Hi,

I am running nginx 1.0.8 for mail proxy , and I would like to add access
control feature(by IP address) to this proxy.
For HTTP, there is http access module for this purpose, however mail
module doesn’t seem to have this feature.
Do someone know how to implement this feature?

I found ngx_tcpwrapper on https://launchpad.net/ngx-tcpwrappers ,
but unfortunately this is also only for HTTP.

Thanks and Regards,
Soichiro

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,216892,216892#msg-216892

I have added this feature in my nginx_tcp_proxy_module. You can do it as
a
reference:
https://github.com/yaoweibin/nginx_tcp_proxy_module/commit/fcacae8236444261d5e9301c144e085b706d5f32#diff-5

2011/10/19 mikiso [email protected]

Thank you very much.
I’ll refer to these codes and add something like mail access module
to the mail core module.

姚伟斌 Wrote:

I have added this feature in my
nginx_tcp_proxy_module. You can do it as a
reference:
https://github.com/yaoweibin/nginx_tcp_proxy_modul
e/commit/fcacae8236444261d5e9301c144e085b706d5f32#
diff-5

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,216892,216944#msg-216944

Finally I wrote mail access module with reference to the source code of
http access module and
Evan M.'s guide to Nginx module development because we need this
feature for only pop3 proxy.

And I noticed I don’t understand how my module to be called before the
pop3 handler.
From the guide it is important the order of the modules, however it
doesn’t mention granular control
for request/connection handling.

So I’d like to know how to call this handler before the pop3 handler and
how the ngx_mail_pop3_init_session is
called after “epoll_process_event”.

Do I need to register connection handler or do I need to implement tcp
based source code as he does?

Regards,
Soichiro

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,216892,216979#msg-216979

I noticed that HTTP request will be processed according to the
ngx_http_phases and
mail core module doesn’t have the same mechanism.

So it seems I have to refer to his code if I don’t want to modify the
core code…

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,216892,216989#msg-216989

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs