How to use PowerMTA with HAProxy?

  • Thread starter wildermann
  • Start date
W

wildermann

Premium
Verified
  • #1
Saw this on the documentation:

10.2 HAProxy Protocol for outbound traffic​


Tried to do it but doesnt work for me and cant find tutorials on the internet.
Anyone know how to do it correctly?

Thanks
 
D•Jass

D•Jass

Staff member
Verified
  • #2
wildermann said:
Saw this on the documentation:

10.2 HAProxy Protocol for outbound traffic​


Tried to do it but doesnt work for me and cant find tutorials on the internet.
Anyone know how to do it correctly?

Thanks
Click to expand...
frontend ft_smtp
      bind 12.34.56.78:2525
      mode tcp
      timeout client 1m
      log global
      option tcplog
      default_backend bk_smtp

backend bk_smtp
      mode tcp
      log global
      option tcplog
      timeout server 1m
      timeout connect 7s
      server postfix 10.10.10.101:25 send-proxy

You can connect to HAProxy using the 2525/tcp protocol and will be redirected to one of the servers added to the "bk_smtp" backend on the specified port. Using the "send-proxy" setting, you enable the v1 proxy protocol, which will send the source IP address client at the beginning of the session. Please note that in this case the application on 10.10.10.101:25 will need to support the v1 proxy protocol.

Remove "send-proxy" to disable the proxy protocol if the upstream (read "server") does not support that protocol OR if you want the request to appear as if the request came from the node running your HAProxy instance.

Add as many mail relay servers to your backend as you like by copying the line starting with "server" and giving it a name of your choice and the correct IP+port the mail relay is running on. By default, HAProxy will cycle through them.
 
W

wildermann

Premium
Verified
  • #3
D•Jass said:
You can connect to HAProxy using the 2525/tcp protocol and will be redirected to one of the servers added to the "bk_smtp" backend on the specified port. Using the "send-proxy" setting, you enable the v1 proxy protocol, which will send the source IP address client at the beginning of the session. Please note that in this case the application on 10.10.10.101:25 will need to support the v1 proxy protocol.

Remove "send-proxy" to disable the proxy protocol if the upstream (read "server") does not support that protocol OR if you want the request to appear as if the request came from the node running your HAProxy instance.

Add as many mail relay servers to your backend as you like by copying the line starting with "server" and giving it a name of your choice and the correct IP+port the mail relay is running on. By default, HAProxy will cycle through them.
Click to expand...


I dont understand.
Maybe I have some flaws in my logic.
I have 2 server. Mainserver with PowerMTA installed. And OutboundServer with HAProxy and PowerMTA installed.
Virtualhost in MainServer

<proxy mta-proxy-a>
  # the proxy server listens on IP 10.1.2.3, port 5000 for incoming connections
  server 10.1.2.3:5000
  # the client IP tells the proxy what source IP to use when connecting to the destination host
  client (IP of OutboundServer):0  (hostname of OutBoundServer)
</proxy>

<virtual-mta standard-vmta>

host-name mail.example.com

max-smtp-out 850

    <domain *>
        use-starttls yes
        require-starttls no
    </domain>

smtp-source-host (IP of MainServer) (hostname of MainServer)
use-proxy mta-proxy-a
</virtual-mta>


haproxy config file on OutBoundServer

frontend ft_smtp
      bind (IP of OutBoundServer):2525
      mode tcp
      timeout client 1m
      log global
      option tcplog
      default_backend bk_smtp

backend bk_smtp
      mode tcp
      log global
      option tcplog
      timeout server 1m
      timeout connect 7s
      server pmta 10.1.2.3:5000 send-proxy


PowerMTA on OutBoundServer is configured like a powermta without haproxy.
In my logic I should now connect to the MainServer through SMTP and the mail should be sent with the IP of OutBoundServer. But the mails arent going out. only in.

Where is my error?
 
Last edited:
D•Jass

D•Jass

Staff member
Verified
  • #4
wildermann said:
I dont understand.
Maybe I have some flaws in my logic.
I have 2 server. Mainserver with PowerMTA installed. And OutboundServer with HAProxy and PowerMTA installed.
Virtualhost in MainServer

<proxy mta-proxy-a>
  # the proxy server listens on IP 10.1.2.3, port 5000 for incoming connections
  server 10.1.2.3:5000
  # the client IP tells the proxy what source IP to use when connecting to the destination host
  client (IP of OutboundServer):0  (hostname of OutBoundServer)
</proxy>

<virtual-mta standard-vmta>

host-name mail.example.com

max-smtp-out 850

    <domain *>
        use-starttls yes
        require-starttls no
    </domain>

smtp-source-host (IP of MainServer) (hostname of MainServer)
use-proxy mta-proxy-a
</virtual-mta>


haproxy config file on OutBoundServer

frontend ft_smtp
      bind (IP of OutBoundServer):2525
      mode tcp
      timeout client 1m
      log global
      option tcplog
      default_backend bk_smtp

backend bk_smtp
      mode tcp
      log global
      option tcplog
      timeout server 1m
      timeout connect 7s
      server pmta 10.1.2.3:5000 send-proxy


PowerMTA on OutBoundServer is configured like a powermta without haproxy.
In my logic I should now connect to the MainServer through SMTP and the mail should be sent with the IP of OutBoundServer. But the mails arent going out. only in.

Where is my error?
Click to expand...
I want to configure it on my server first, then I'll let you know what kind of configuration I used.
 
  • Like
Reactions: wildermann
You must log in or register to reply here.
Top