1. Mail Proxy

Configuring NGINX as a Mail Proxy Server https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-proxy/

Simplify your email service and improve its performance with NGINX or NGINX Plus as a proxy for the IMAP, POP3, and SMTP protocols

This article will explain how to configure NGINX Plus or NGINX Open Source as a proxy for a mail server or an external mail service.

1.1. Introduction

NGINX can proxy IMAP, POP3 and SMTP protocols to one of the upstream mail servers that host mail accounts and thus can be used as a single endpoint for email clients.

This may bring in a number of benefits, such as:

    easy scaling the number of mail servers
    choosing a mail server basing on different rules, for example, 
       choosing the nearest server basing on a client’s IP address
    distributing the load among mail servers

1.2. conifg

In the NGINX configuration file:

Create a top-level mail context (is defined at the same level as the http context):

Specify the HTTP authentication server with the auth_http directive. The authentication server will authenticate email clients, choose an upstream server for email processing, and report errors. See Setting up Authentication for a Mail Proxy.

mail {
    server_name mail.example.com;
    auth_http   localhost:9000/cgi-bin/nginxauth.cgi;
    #...
}

Alternatively, specify whether to inform a user about errors from the authentication server by specifying the proxy_pass_error_message directive. This may be handy when a mailbox runs out of memory:

mail {
    server_name mail.example.com;
    auth_http   localhost:9000/cgi-bin/nginxauth.cgi;

    proxy_pass_error_message on;
    #...
}

Configure each SMTP, IMAP, or POP3 server with the server blocks. For each server, specify:

• the port number that correspond to the specified protocol with the listen directive the protocol with the protocol directive (if not specified, will be automatically detected from the port specified in the listen directive) permitted authentication methods with imap_auth, pop3_auth, and smtp_auth directives:

server {
    listen    25;
    protocol  smtp;
    smtp_auth login plain cram-md5;
} 

server {
    listen    110;
    protocol  pop3;
    pop3_auth plain apop cram-md5;
}

server {
    listen   143;
    protocol imap;
}

1.3. Setting up Authentication for a Mail Proxy

CategoryDns CategoryWatch CategoryTemplate