Hi Everyone,
I wouldlike to set up a postfix-dovecot with HA using HAproxy but im facing issues.
I've followed this documentation :
http://wiki2.dovecot.org/HAProxy (pour dovecot)
http://blog.haproxy.com/2012/06/30/efficient-smtp-relay-infrastructure-with-... (pour postfix)
Package's version :
dovecot : 2:2.2.19 (>= 2.2.19 pour proxy protocol)
haproxy : 1.5.14
postfix : 2.11.2-1 (>2.10 pour postscreen)
A part of my configuration :
##HAPROXY #postfix listen smtp bind mail.xx.xx:465 balance roundrobin timeout client 1m timeout connect 5s no option http-server-close mode tcp option smtpchk option tcplog server tst tst.xxx:10465 send-proxy server tst2 tst2.xxx:10465 send-proxy server tst3 tst3.xxx:10465 send-proxy
#dovecot listen imap bind mail.xxx.xx:993 timeout client 1m no option http-server-close balance leastconn stick store-request src stick-table type ip size 200k expire 30m mode tcp option tcplog server tst tst.xxx:10993 send-proxy-v2 server tst2tst2.xxx:10993 send-proxy-v2 server tst3 tst3.xxx:10993 send-proxy-v2
##POSTFIX
postix main.cf #Haproxy proxy protocol postscreen_upstream_proxy_protocol = haproxy
postfix master.cf #haproxy 10465 inet n – n – 1 postscreen smtpd pass – – n – – smtpd S
##DOVECOT
# 2.2.19 (719e7f8fd70b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.9 # OS: Linux 2.6.32-41-pve x86_64 Debian 7.9 simfs auth_debug = yes auth_verbose = yes disable_plaintext_auth = no *haproxy_timeout = 5 secs** **haproxy_trusted_networks = x.x.x.x* log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/mailbox/%d/%n mail_max_userip_connections = 0 mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_path = /mailbox/globalsieverc } protocols = sieve pop3 imap service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0660 user = mailboxes } unix_listener auth-userdb { group = mail mode = 0666 user = dovecot } user = root } service imap-login { inet_listener imap { port = 0 } inet_listener imap_haproxy { haproxy = yes port = 10993 } inet_listener imaps { address = * port = 993 } process_limit = 450 } service pop3-login { inet_listener pop3 { address = * port = 110 } process_limit = 180 } ssl_cert = was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail }
With my mail client :
With an IMAP connection, logs below, i don't understand why my login is empty ...
dovecot: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): *user=<>*, rip=mon_ip_publique, lip=ip_publique_haproxy, session= xxx
With a SMTP connection, logs below, i have a timeout.
postfix/postscreen[16654]: CONNECT from [my public ip]:49942 to [my haproxy public ip]:465 postfix/postscreen[16654]: PREGREET 166 after 0 from [mon ip publique]:49942: \22\3\1\161\1\157\3\3+0E\b\213\131\177\173>\r/\213\177i\223k”FjA#\144\145\153\vP\\\155HL\190
If someone could help me, thanks.
Kind regards.
--