The messages come into Postfix first and Postfix creates a Received header with the IP address of the originating server. Then Postfix sends the message to localhost:10024 which is normally an instance of amavis but in my case it's an instance of haproxy which load balances between multiple amavis servers.
-----Original Message----- From: Tom Sommer [mailto:[email protected]] Sent: Thursday, October 30, 2014 3:07 PM To: Tom Johnson Cc: Kent Oyer; [email protected] Subject: Re: Proxy protocol support So how do you make sure the postfix and amavis instances see the IP of the mailserver and not of the haproxy server? --- Tom Sommer On 2014-10-30 19:59, Tom Johnson wrote: > We just run postfix and amavisd-new on all our servers, and those sit > behind haproxy. > > > >> On Oct 30, 2014, at 11:53 AM, Kent Oyer <[email protected]> wrote: >> >> Hi Tom, >> >> I don't know if amavis supports the PROXY protocol but I kinda doubt >> it. I've solved the problem by putting haproxy in between postfix and >> amavis like this >> >> --> Postfix (ingress) --> haproxy --> amavisd --> Postfix (egress) >> --> --> >> >> The ingress Postfix server does all the SPF and RBL checks. Then it >> sends the messages to haproxy which divides the load between several >> amavis servers to do the heavy lifting. You should add the IP address >> of the haproxy server to the trusted_networks list in Spamassassin. >> In my case, I'm running haproxy on the same machine as the ingress >> Postfix server. So I have 2 Postfix/haproxy servers and 6 amavisd >> servers followed by 2 Postfix egress servers. It been working great >> so far. >> >> Thanks >> Kent >> >> -----Original Message----- >> From: Tom Sommer [mailto:[email protected]] >> Sent: Monday, October 27, 2014 8:42 AM >> To: [email protected] >> Subject: Proxy protocol support >> >> Hi >> >> Does amavis support the PROXY protocol? >> http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt >> >> I want to create an amavis cluster with a load-balancer in front of >> all the nodes, I was thinking haproxy. >> I need the source IP in amavis to be the mailserver and not the load >> balancer (to support forward_method=*), the PROXY protocol seem to >> fix this? >> >> Thanks >> >> -- >> Tom Sommer >> >>
