Reverse proxy imap

dubstep · February 9, 2011, 9:09am

Someone has set up a reverse proxy imap, you connect to a Lotus Domino
server on port 993? It is the typical question, but could send the
configuration files? It would help me a lot to understand how to
configure
it. Thanks.

I installed nginx from the Fedora repository, version is 0.8.53.

My nginx.conf:

user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
multi_accept on;
}

mail {
auth_http localhost:80;
auth_http_timeout 6000;
imap_auth plain;
imap_capabilities “IMAP4rev1” “UIDPLUS”;

server {
    listen     993;
    protocol   imap;
    proxy      on;
}

}

http {
include mime.types;
default_type application/octet-stream;
perl_modules lib/perl5;
perl_require mailauth.pm;

    sendfile on;

    keepalive_timeout 65;

    server {
            listen 80;
            server_name localhost;
            location /auth {
             perl mailauth::handler;
            }
    location / {
            root html;
            index index.html index.htm;
            }
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
            root html;
            }
    }

}

The mailauth.pm (is in /usr/lib/perl5/ )

package mailauth;
use nginx;

our $auth_ok;
our $mail_server_ip={“172.18.1.9”};
our $protocol_ports={};
$domino=“172.18.1.9”;
$protocol_ports->{‘imap’}=993;

sub handler {
my $r=shift;
$auth_ok=1;
if ($auth_ok==1){
$r->header_out(“Auth-Status”, “OK”);
$r->header_out(“Auth-Server”, $domino);
$r->header_out(“Auth-Port”,
$protocol_ports->{$r->header_in(“Auth-Protocol”)});
$r->header_out(“Auth Plain”,$r->header_in(“Auth Plain”));
} else {
$r->header_out(“Auth-Status”, “Invalid login or password”) ;
}

$r->send_http_header(“text/html”);

return OK;
}

1;

Thanks!

Jose Antonio Vico Palomino
E-Mail: [email protected]

Visita mi Blogs:
Thomas Riemer, Author at TechMaze
http://www.mobileme.es
http://www.manchegox.org
http://www.todosconsoftwarelibre.es
http://www.caminodesantiago.vicosoft.org

Facebook: Redirecting...
Twitter: http://twitter.com/vicosoft

Skype: vicosoft
Google Talk: [email protected]

casper_the_ghost · February 9, 2011, 11:52am

Imap works reverse proxy on port 143 successfully. With this setting.

File → mailauth.pm:

package mailauth;
use nginx;

sub handler {
my $r = shift;
$r->header_out(“Auth-Status”, “OK”);
$r->header_out(“Auth-Server”, ‘172.18.1.9’);
$r->header_out(“Auth-Port”, ‘143’);
$r->send_http_header(“Auth Plain”, “text/html”);

warn 'H: ',$r->remote_addr;

return OK;

}
1;

But I’m not clear how to do work against the SSL port 993. I generate
certificates in the proxy server or Lotus Domino server? I have no idea.
Help.

Jose Antonio Vico Palomino
E-Mail: [email protected]

Visita mi Blogs:
Thomas Riemer, Author at TechMaze
http://www.mobileme.es
http://www.manchegox.org
http://www.todosconsoftwarelibre.es
http://www.caminodesantiago.vicosoft.org

Facebook: Redirecting...
Twitter: http://twitter.com/vicosoft

Skype: vicosoft
Google Talk: [email protected]

2011/2/9 [email protected] [email protected]

casper_the_ghost · February 10, 2011, 7:49am

Thanks.

Now I understand. And is there any way the proxy server is who would
pass
the request to port 993 Lotus Domino server and this is who sent the SSL
certificate?

Jose Antonio Vico Palomino
E-Mail: [email protected]

Visita mi Blogs:
Thomas Riemer, Author at TechMaze
http://www.mobileme.es
http://www.manchegox.org
http://www.todosconsoftwarelibre.es
http://www.caminodesantiago.vicosoft.org

Facebook: Redirecting...
Twitter: http://twitter.com/vicosoft

Skype: vicosoft
Google Talk: [email protected]

2011/2/9 Igor S. [email protected]

casper_the_ghost · February 9, 2011, 12:10pm

On Wed, Feb 09, 2011 at 11:50:50AM +0100, [email protected] wrote:

$r->header_out("Auth-Server", '172.18.1.9');
$r->header_out("Auth-Port", '143');
$r->send_http_header("Auth Plain", "text/html");
warn 'H: ',$r->remote_addr;
return OK;
}
1;

But I’m not clear how to do work against the SSL port 993. I generate
certificates in the proxy server or Lotus Domino server? I have no idea.

nginx can not proxy IMAP using SSL.

–
Igor S.
http://sysoev.ru/en/

casper_the_ghost · February 10, 2011, 8:05am

[email protected] at 2011-2-10 14:47 wrote:

Thanks.

Now I understand. And is there any way the proxy server is who would
pass the request to port 993 Lotus Domino server and this is who sent
the SSL certificate?
How about my tcp proxy module
(GitHub - yaoweibin/nginx_tcp_proxy_module: add the feature of tcp proxy with nginx, with health check and status monitor)?

2011/2/9 Igor S. <[email protected] mailto:[email protected]>
>
>
Igor S.

nginx mailing list
[email protected]
nginx Info Page

–
Weibin Y.

Reverse proxy imap

warn 'H: ',$r->remote_addr;

Now I understand. And is there any way the proxy server is who would pass the request to port 993 Lotus Domino server and this is who sent the SSL certificate?

warn 'H: ',$r->remote_addr;

Now I understand. And is there any way the proxy server is who would
pass
the request to port 993 Lotus Domino server and this is who sent the SSL
certificate?