SMTP without Auth can this be done


#1

Does anyone have a example config of SMTP without Auth? I am just trying
to get going a SMTP Relay Proxy to a internal MTAs from external
connections. Or could please point me in the correct direction.
Cheers
James

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,1353,1353#msg-1353


#2

Hello!

On Wed, Apr 22, 2009 at 02:31:17PM -0400, blacktux wrote:

Does anyone have a example config of SMTP without Auth? I am just trying to get going a SMTP Relay Proxy to a internal MTAs from external connections. Or could please point me in the correct direction.

mail {
proxy_pass_error_message on;
auth_http http://127.0.0.1:8080/mail/auth;
xclient off;

server {
    listen     127.0.0.1:8025;
    protocol   smtp;
    smtp_auth  none;
}

}

Simple auth server based on nginx rewrite module will look like
the following:

http {

server {
    listen       127.0.0.1:8080;
    server_name  localhost;

    location = /mail/auth {
        set $reply ERROR;

        if ($http_auth_smtp_to ~ example.com) {
            set $reply OK;
        }

        add_header Auth-Status $reply;
        add_header Auth-Server 127.0.0.1;
        add_header Auth-Port 8026;
        add_header Auth-Wait 1;
        return 204;
    }
}

}

Some notes:

  1. SMTP proxy code in current nginx doesn’t support PIPELINING,
    while some servers seen in wild use it even if not advertised.
    Expect problems.

  2. The auth server provided above isn’t real one, it’s taken from
    relevant test script. Production use will probably require much
    more strict checks.

  3. Make sure that your MTA is NOT configured to relay all mail
    from localhost, since it will see clients coming from nginx as
    coming from localhost. Or use XCLIENT as appropriate if it’s
    available in your MTA.

Maxim D.