Re: [exim] haproxy smtps problem

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-users
Subject: Re: [exim] haproxy smtps problem
On Fri, Apr 16, 2021 at 10:09:37PM +0200, Heiko Schlittermann via Exim-users wrote:

> > Incoming connections come from an haproxy on that vps server. I've been able
> > to route the incoming connections toward port 25. Now I need to enable the
> > authentication through port 465, but if I enable it on haproxy, my exim
> > server is not able to interpret the incoming message and I see something
> > like: "SMTP syntax error in "\026\003\001\001...." on the exim log file.
>
> - The "\026\…." *could* be the proxy v2 proxy header (not sure about the exact value)


It isn't, it is a TLS client HELLO message. Possibilities:

    - The proxy handling has already been done, and the issue
      is that the SMTP server is not configured to do "implicit
      TLS" on this port (expects STARTTLS).


    - The proxy is not actually handling this port and raw
      TLS is hitting the SMTP server when it is expecting
      the proxy handshake.


My money is on the first variant (it says "SMTP syntax", not
"haproxy syntax" after all).

-- 
    Viktor.