Welcome! Log In Create A New Profile

Advanced

Nginx as reverse proxy for mail server host

Posted by siva.pannier 
Nginx as reverse proxy for mail server host
July 02, 2020 02:22PM
Hi,

I am trying to proxy a SMTP server on Nginx using the below configuration. I want all the client calls to hit the SMTP server via my proxy host. I want the SSL termination on nginx for the client calls to the SMTP Server.

When I do the connection getting below exception even before the SSL handshake.. Please correct me if I am wrong anywhere.

Without SSL directive & Properties in nginx.conf, it works fine and able to do SSL handshake as well. Not sure how it would be a SSL connection, without the SSL directive and SSL properties.

Java Error
########
javax.mail.MessagingException: Could not connect to SMTP host: localhost, port: 3001, response: -1
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:2197)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:740)
at javax.mail.Service.connect(Service.java:388)
at javax.mail.Service.connect(Service.java:246)
at javax.mail.Service.connect(Service.java:195)
at javax.mail.Transport.send0(Transport.java:254)
at javax.mail.Transport.send(Transport.java:124)
at com.att.client.smtp.SMTPTestClient.main(SMTPTestClient.java:50)

nginx.conf
########
stream{
upstream smtp_backend {
least_conn;
server smtp.gmail.com:587;
}

server {
listen 3001 ssl;
proxy_pass smtp_backend;

ssl_certificate C:/nginx-selfsigned.crt;
ssl_certificate_key C:/nginx-selfsigned.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL;
#ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 4h;
ssl_handshake_timeout 30s;
}
}

Java client code
#############
..
..
Properties prop = new Properties();
//prop.put("mail.smtp.host", "smtp.gmail.com");
prop.put("mail.smtp.host", "localhost");
//prop.put("mail.smtp.port", "587");
prop.put("mail.smtp.port", "3001");
prop.put("mail.smtp.auth", "true");
prop.put("mail.smtp.starttls.enable", "true"); //TLS
//prop.put("mail.smtp.starttls.required", "true");

Session session = Session.getInstance(prop,
new javax.mail.Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(username, password);
}
});

try {

Message message = new MimeMessage(session);
message.setFrom(new InternetAddress("siva.pannier@gmail.com"));
message.setRecipients(
Message.RecipientType.TO,
InternetAddress.parse("siva.pannier@in.ibm.com")
);
message.setSubject("Testing Gmail TLS from nginx");
message.setText("Dear Mail Crawler,"
+ "\n\n Please do not spam my email!");

Transport.send(message);

System.out.println("Done");
...
....
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 61
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready