Hi,
I have a nginx server which is using the proxy protocol to forward tcp connections to dovecot. Dovecot is configured to be a submission service for email to be sent. Then postfix should send the email itself which is also using the ha proxy protocol. There are a few moving parts in this problem so I'm not sure where the problem is. But I want to ask if somebody can validate my dovecot configuration somehow so I can start to tick off some things from the list.
Sending email fails, seems to get to postfix, then die Receiving emails succeeds and I don't have any problem to pick them up.
I've figured out some stuff, like lmtp shouldn't use haproxy when talking between postfix -> dovecot for receiving emails. If I enable the protocol on lmtp, I can't receive any emails at all.
In order to get postfix to accept emails, I enabled haproxy protocol and enabled postscreen and then postfix could access the source ip and stop my server from being an open relay.
I've got tls certificates installed on dovecot and postfix, all created by letsencrypt and I don't appear to have any problems with them.
I will try to give as much information about the config as I can, I'm not sure what other parts are good to have, but let me know if you are missing something or want to check a value.
10-master.conf: service submission-login { inet_listener submission { port = 587 haproxy = yes } }
service lmtp { inet_listener lmtp { port = 24 haproxy = no } }
20-submission.conf submission_relay_host = postfix.mail-server submission_relay_port = 25 submission_relay_ssl = starttls submission_relay_ssl_verify = yes
Then because it might help to give the other side of the connection configuration for postfix, here is the relevant information:
master.cf: smtp inet n - - - 1 postscreen smtpd pass - - - - - smtpd
main.cf
postscreen_upstream_proxy_protocol = haproxy postscreen_upstream_proxy_timeout = 10s
That's it. I don't know what other information could be useful.
There are some logs, they are like this (I've got logging turned on for pretty much every option I have:
Dovecot logs:
Apr 19 17:54:47 submission(__EMAIL__)<497>
Postfix Logs: postfix/postscreen[525]: warning: haproxy read: time limit exceeded
If anybody could help out, I'd be grateful because I just can't see what the problem is.
Chris