Unable to configure nginx as mail proxy

1
votes

I need to use nginx as a mail proxy. I am completely new to nginx and need some help with the configuration.

Here is what I did:

First I built a service that mocks the authentication services described here: http://wiki.nginx.org/NginxMailCoreModule. For example, 

curl -v -H "Host:auth.server.hostname" -H "Auth-Method:plain" -H "Auth-User:user" -H "Auth-pass:123" -H "Auth-Protocol:imap" -H "Auth-Login-Attempt:1" -H "Client-IP: 192.168.1.1" http://localhost:8080/authorize

returns the following response header:

< HTTP/1.1 200 OK
< Content-Type: text/html;charset=ISO-8859-1
< Auth-Status: OK
< Auth-Server: 192.168.1.10
< Auth-Port: 110

Second I installed nginx on my mac after installing macports:

$ sudo port -d selfupdate
$ sudo port install nginx

Third I created an nginx.conf with the following:

  worker_processes  1;

  error_log  /var/log/nginx/error.log info;

  mail {
      server_name  <my mail server here>;
      auth_http    http://localhost:8080/authorize;

      pop3_auth         plain apop cram-md5;
      pop3_capabilities "LAST" "TOP" "USER" "PIPELINING" "UIDL";

      xclient off;

      server {
          listen     110;
          protocol   pop3;
          proxy      on;
          proxy_pass_error_message  on;
      }
  }

Here is what I got running nginx:

$ nginx -V nginx version: nginx/1.2.4 configure arguments: --prefix=/opt/local --with-cc-opt='-I/opt/local/include -O2' --with-ld-opt=-L/opt/local/lib --conf-path=/opt/local/etc/nginx/nginx.conf --error-log-path=/opt/local/var/log/nginx/error.log --http-log-path=/opt/local/var/log/nginx/access.log --pid-path=/opt/local/var/run/nginx/nginx.pid --lock-path=/opt/local/var/run/nginx/nginx.lock --http-client-body-temp-path=/opt/local/var/run/nginx/client_body_temp --http-proxy-temp-path=/opt/local/var/run/nginx/proxy_temp --http-fastcgi-temp-path=/opt/local/var/run/nginx/fastcgi_temp --http-uwsgi-temp-path=/opt/local/var/run/nginx/uwsgi_temp --with-ipv6

$ nginx nginx: [emerg] unknown directive "mail" in /opt/local/etc/nginx/nginx.conf:6

The only mention of that error on the web brings up a discussion in Russian...

My questions:

  1. Why am I getting this unknow directive?

  2. Does my config look correct at first sight or am I missing some key component for the mail proxy to work using the authentication approach described here: http://wiki.nginx.org/NginxMailCoreModule?

1
emailproxynginx
Goes nginx need to get involved when my SMTP server is outgoing email only ?Scott Stensland

1 Answers

5
votes

I got the mail proxy working so I will answer my own questions for future reference:

  1. nginx doesn't install support for mail by default

    The following is needed for nginx to process the mail directive:

    $ sudo port edit nginx

    ==> add --with-mail at the end of the config parameters

    Then (re)install nginx

  2. In the config I included, I was missing the events:

    events {
    worker_connections 1024;
    }

  3. An important clarification that got me stuck for a while: the authentication service (specified with auth_http) needs to return the mail server expressed as an IP address, not a host name.

  4. Obviously for nginx to proxy on both inbound and outbound traffic, the smtp listener needs to be added. Similar approach as with the pop3 configuration. In my case, I used port 2525, so I had

    server {
    listen 2525;
    protocol smtp;
    }