nginx mail module always passing PLAIN method AUTH command to backend

woon minika

11/26/22, 12:12 AM

I have implemented a nginx with mail module, and proxy to backend Hmail server. I realized no matter how I disable the auth-methods PLAIN. The nginx is just ignoring it.

How can I force to using smtp_auth login instead? As Hmail server does not support AUTH_PLAIN mechanism.


auth_http  localhost:8080/auth.pl;

 server {
        # not working as always AUTH_PLAIN
        listen    25;
        protocol  smtp;
        smtp_auth login;
#       starttls on;
        timeout 5s;
        proxy on;
        xclient off;
        proxy_smtp_auth on;
    }

206

1 + 0

smtp

nginx

smtp-auth

hmailserver

Score:0

Server

djdomi

11/26/22, 9:34 AM

In fact, i solved it in a other way, as i would like to use all features with my NGIX and my MAILCOW, i used this way

NGINX.conf

stream { include /etc/nginx/streams/*; }

/etc/nginx/streams/mailcow_proxy.conf

server {
listen [::]:25 ipv6only=off;
listen [::]:143 ipv6only=off;
listen [::]:587 ipv6only=off;
listen [::]:993 ipv6only=off;
proxy_pass 10.11.12.13:$server_port;
proxy_protocol on;
}

Conclusions

Instead of interferencing nginx to do the auth, you just pass anything directly to your Mailserver as it should and usually as you would if it would be connected directly.

You may also use the directly insertion into nginx.conf but i dislike this way.

0 + 4

woon minika

11/27/22, 12:16 AM

hi @djdomi, But it is only target to 1 mailcow right? What if we have 10 mail server and hosted at different VM. I was initially planned to use stream, but it can't differential the server_name and there is no other clue to differentiate either. for example username and so on.

djdomi

11/27/22, 4:23 AM

The Question is, how do you decide, WHAT mailserver should handle WHICH mail?

woon minika

11/28/22, 4:06 AM

we have 10 Mailserver hosting, each mail server represent it own accounts, we need to proxy a proper IP to this 10 mail servers. So stream does not work, WHY? 1. stream has no variable detection from what mail domain sending to? WHAT mailserver should handle WHICH mail? As i said stream cannot detect what mail server are you sending to, just proxy one to another one only

djdomi

11/28/22, 4:12 AM

Welcome to your [X-And-Y-Problem](https://faq-database.de/doku.php?id=en:x-and-y-problem) please ask your question in a way that all understood what you like to REAALY solve.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: nginx mail module always passing PLAIN method AUTH command to backend

TH: โมดูลอีเมล nginx มักจะส่งคำสั่ง AUTH เมธอดธรรมดาไปยังแบ็กเอนด์เสมอ

RO: Modulul de e-mail nginx transmite întotdeauna comanda AUTH a metodei PLAIN către backend

RU: Почтовый модуль nginx всегда передает команду AUTH метода PLAIN на серверную часть

VI: mô-đun thư nginx luôn chuyển lệnh AUTH của phương thức PLAIN tới phụ trợ

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.