Welcome! Log In Create A New Profile

Advanced

Re: SMTP without Auth can this be done

Maxim Dounin
April 22, 2009 02:51PM
Hello!

On Wed, Apr 22, 2009 at 02:31:17PM -0400, blacktux wrote:

> Does anyone have a example config of SMTP without Auth? I am just trying to get going a SMTP Relay Proxy to a internal MTAs from external connections. Or could please point me in the correct direction.

mail {
proxy_pass_error_message on;
auth_http http://127.0.0.1:8080/mail/auth;
xclient off;

server {
listen 127.0.0.1:8025;
protocol smtp;
smtp_auth none;
}
}

Simple auth server based on nginx rewrite module will look like
the following:

http {
...

server {
listen 127.0.0.1:8080;
server_name localhost;

location = /mail/auth {
set $reply ERROR;

if ($http_auth_smtp_to ~ example.com) {
set $reply OK;
}

add_header Auth-Status $reply;
add_header Auth-Server 127.0.0.1;
add_header Auth-Port 8026;
add_header Auth-Wait 1;
return 204;
}
}
}

Some notes:

1. SMTP proxy code in current nginx doesn't support PIPELINING,
while some servers seen in wild use it even if not advertised.
Expect problems.

2. The auth server provided above isn't real one, it's taken from
relevant test script. Production use will probably require much
more strict checks.

3. Make sure that your MTA is NOT configured to relay all mail
from localhost, since it will see clients coming from nginx as
coming from localhost. Or use XCLIENT as appropriate if it's
available in your MTA.

Maxim Dounin
Subject Author Posted

SMTP without Auth can this be done

blacktux April 22, 2009 02:31PM

Re: SMTP without Auth can this be done

Maxim Dounin April 22, 2009 02:51PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 41
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready