Re: [exim] haproxy smtps problem

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Heiko Schlittermann
Date:  
À: exim-users
Sujet: Re: [exim] haproxy smtps problem
Ale via Exim-users <exim-users@???> (Fr 16 Apr 2021 18:35:31 CEST):
> I've installed exim4 on a Debian machine. This machine is not connected
> directly to the Internet, but it goes through a vps server.
>
> Incoming connections come from an haproxy on that vps server. I've been able
> to route the incoming connections toward port 25. Now I need to enable the
> authentication through port 465, but if I enable it on haproxy, my exim
> server is not able to interpret the incoming message and I see something
> like: "SMTP syntax error in "\026\003\001\001...." on the exim log file.


- The "\026\…." *could* be the proxy v2 proxy header (not sure about the exact value)
- Do you send proxy headers? (send-proxy, or send-proxy-v2)
(proxy would start with "PROXY", v2 is binary only)
- Does Exim expect the proxy headers? (hosts_proxy = …)

I've a probably similar version running:

[haproxy]

listen mail
        bind :993,:465
        mode tcp
        option tcplog


        default-server send-proxy-v2 check verify none


        option tcp-check


        # check IMAPS
        tcp-check connect port 993 ssl send-proxy
        tcp-check expect rstring ^\*\sOK
        tcp-check send x LOGOUT\r\n


        # check SMTPS
        tcp-check connect port 465 ssl send-proxy
        tcp-check expect rstring ^220
        tcp-check send QUIT\r\n
        tcp-check expect rstring ^221


        server a a.example.com
        server b b.example.com


[exim]
    ...
    hosts_proxy = x.x.x.x
    daemon_smtp_ports = ... : 465
    tls_on_connect_ports = 465



    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -