Hi,
I am trying to proxy a SMTP server on Nginx using the below configuration. I want all the client calls to hit the SMTP server via my proxy host. I want the SSL termination on nginx for the client calls to the SMTP Server.
When I do the connection getting below exception even before the SSL handshake.. Please correct me if I am wrong anywhere.
Without SSL directive & Properties in nginx.conf, it works fine and able to do SSL handshake as well. Not sure how it would be a SSL connection, without the SSL directive and SSL properties.
Java Error
########
javax.mail.MessagingException: Could not connect to SMTP host: localhost, port: 3001, response: -1
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:2197)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:740)
at javax.mail.Service.connect(Service.java:388)
at javax.mail.Service.connect(Service.java:246)
at javax.mail.Service.connect(Service.java:195)
at javax.mail.Transport.send0(Transport.java:254)
at javax.mail.Transport.send(Transport.java:124)
at com.att.client.smtp.SMTPTestClient.main(SMTPTestClient.java:50)
nginx.conf
########
stream{
upstream smtp_backend {
least_conn;
server smtp.gmail.com:587;
}
server {
listen 3001 ssl;
proxy_pass smtp_backend;
ssl_certificate C:/nginx-selfsigned.crt;
ssl_certificate_key C:/nginx-selfsigned.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL;
#ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 4h;
ssl_handshake_timeout 30s;
}
}
Java client code
#############
..
..
Properties prop = new Properties();
//prop.put("mail.smtp.host", "smtp.gmail.com");
prop.put("mail.smtp.host", "localhost");
//prop.put("mail.smtp.port", "587");
prop.put("mail.smtp.port", "3001");
prop.put("mail.smtp.auth", "true");
prop.put("mail.smtp.starttls.enable", "true"); //TLS
//prop.put("mail.smtp.starttls.required", "true");
Session session = Session.getInstance(prop,
new javax.mail.Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(username, password);
}
});
try {
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress("siva.pannier@gmail.com"));
message.setRecipients(
Message.RecipientType.TO,
InternetAddress.parse("siva.pannier@in.ibm.com")
);
message.setSubject("Testing Gmail TLS from nginx");
message.setText("Dear Mail Crawler,"
+ "\n\n Please do not spam my email!");
Transport.send(message);
System.out.println("Done");
...
....