Config Mail Proxy for POP3/SMTP microsoft exchange

Hi there,

Is NGINX support Microsoft Exchange POP3 / SMTP ???
If yes, can anyone help me to config NGINX as reverse proxy for MS
Exchange.

Followed the link : IMAP Proxy Example | NGINX but I could
still dont understand where to put the IP POP3/IMAP target server’s IP

Many thanks.
Tan

Posted at Nginx Forum:

Hello!

On Wed, Oct 16, 2013 at 03:43:53AM -0400, hcmnttan wrote:

Hi there,

Is NGINX support Microsoft Exchange POP3 / SMTP ???
If yes, can anyone help me to config NGINX as reverse proxy for MS Exchange.

Followed the link : IMAP Proxy Example | NGINX but I could
still dont understand where to put the IP POP3/IMAP target server’s IP

Backend server IP address should be returned by auth_http in the
Auth-Server header. See authentication protocol description here:

http://nginx.org/en/docs/mail/ngx_mail_auth_http_module.html#protocol


Maxim D.
http://nginx.org/en/donation.html

Thanks for your respond.
So we must 1st setup an HTTP authentication server (PHP or something )
for
auth_http, right ?
Could you tell me a little more how to setup this HTTP authen URL ?

In my example:
NGINX server IP : 192.168.1.100
POP3 / SMTP server IP : 192.168.1.101

Thanks.
Tan

Posted at Nginx Forum:

Hello!

On Wed, Oct 16, 2013 at 10:42:24PM -0400, hcmnttan wrote:

Thanks for your respond.
So we must 1st setup an HTTP authentication server (PHP or something ) for
auth_http, right ?

Yes.

Could you tell me a little more how to setup this HTTP authen URL ?

In my example:
NGINX server IP : 192.168.1.100
POP3 / SMTP server IP : 192.168.1.101

There were couple of examples here:


Maxim D.
http://nginx.org/en/donation.html

I found that link before,
Things I wonder is that where “localhost:9000/cgi-bin/auth;” is coming
from? Is it a http URL ?

I don’t know how to define “localhost:9000/cgi-bin/auth” URL for
auth_http
Sorry if my question is so silly. I’m very new to NGINX.

Thanks

Posted at Nginx Forum:

Hello!

On Thu, Oct 17, 2013 at 05:55:46AM -0400, hcmnttan wrote:

I found that link before,
Things I wonder is that where “localhost:9000/cgi-bin/auth;” is coming
from? Is it a http URL ?

I don’t know how to define “localhost:9000/cgi-bin/auth” URL for auth_http
Sorry if my question is so silly. I’m very new to NGINX.

It’s an auth http script URL - it’s a script you are expected to
write to check passwords/return appropriate backends in your
system. Try looking at other configuration examples at the link
provided to see complete examples with some simple auth scripts
included.


Maxim D.
http://nginx.org/en/donation.html

Hello!

On Sat, Oct 19, 2013 at 05:36:54AM -0400, hcmnttan wrote:

334 VXNlcm5hbWU6
subject: Test mail
test
.
550 5.7.1 Client does not have permissions to send as this sender

I could do a test telnet from nginx to backend SMTP server. Could you help
??
Below is my config file

It’s an error from your backend server. Please note that nginx
doesn’t try to authenticate against SMTP backends. Instead, it
uses xclient to pass username to a backend, but in your config
it’s switched off.


Maxim D.
http://nginx.org/en/donation.html

Thanks,
It works for me now.
The error “550 5.7.1 Client does not have permissions to send as this
sender” is because our SMTP back-end did not accept SMTP relay from
NGINX.
Configure SMTP backend allow NGINX relay fix my error.

I used xclient-> on, when I try to auth login, SMTP backend return error
with code “500 5.3.3 Unrecognized command” like my SMTP does not support
xclient ( I guess)

Thanks
Tan

Posted at Nginx Forum:

Thanks Max,

I could config NGINX work for POP3,
But in SMTP, I just could do auth login only, when send a test email, an
error message appear ( using telnet )

telnet 192.168.1.15 25

220 mailproxy ESMTP ready
auth login
334 VXNlcm5hbWU6
xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
334 UGFzc3dvcmQ6
xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
235 2.0.0 OK
mail from: [email protected]
250 2.1.0 Sender OK
rcpt to: [email protected]
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
subject: Test mail
test
.
550 5.7.1 Client does not have permissions to send as this sender

I could do a test telnet from nginx to backend SMTP server. Could you
help
??
Below is my config file


nginx.conf

user nobody;
worker_processes 1;
error_log logs/error.log info;
pid run/nginx.pid;

events {
worker_connections 1024;
multi_accept on;
}

http {
perl_modules perl/lib;
perl_require mailauth.pm;

server {
location /auth {
perl mailauth::handler;
}
}
}

mail {
auth_http 127.0.0.1:80/auth;

pop3_capabilities “TOP” “USER”;
smtp_capabilities “PIPELINING” “SIZE 10240000” “VRFY” “ETRN”
“ENHANCEDSTATUSCODES” “8BITMIME” “DSN”;
smtp_auth LOGIN ;
xclient off;

server {
listen 110;
protocol pop3;
proxy on;
}

server {
listen 25;
protocol smtp;
proxy on;
}
}

mailauth.pm

package mailauth;
use nginx;

our $auth_ok;
our $protocol_ports={};
$cas=“172.16.3.22”;
$protocol_ports->{‘pop3’}=110;
$protocol_ports->{‘smtp’}=25;

sub handler {
my $r = shift;
$r->header_out(“Auth-Status”, “OK”) ;
$r->header_out(“Auth-Server”, $cas );
$r->header_out(“Auth-Port”,
$protocol_ports->{$r->header_in(“Auth-Protocol”)});
$r->send_http_header(“text/html”);
return OK;
}
1;
END