On 27/05/2013, at 5:04 PM, Vit Dua <[email protected]> wrote:
> I have used proxy protocol for SMTP
<snip>
> It worked successfully.
>
> I wanted to do smtpchk so that I added to the config:
>
> server postfix01 X.X.X.X:10000 send-proxy check
<snip>
I am running haproxy-1.5_dev18 in front of Postfix 2.10.0 SMTP servers using
the PROXY protocol.
As far as I could see in the 1.5_dev18 code, the smtpchk option does not send
the appropriate PROXY protocol chatter during the health check when send-proxy
is enabled. I tried to patch this but couldn't see an easy way to do so with
the current health check code (I can't remember the details right now).
The two options I came up with were:
1. fallback to TCP checking
2. perform the SMTP check some other way
We are now doing #2 and are doing the SMTP check (without the PROXY protocol)
to a different set of listen ports on the Postfix servers.
Here's the relevant parts of our config:
postfix master.cf:
# Regular SMTP (no PROXY) on port 'smtp' (TCP 25)
smtp inet n - n - - smtpd
# A custom service which expects haproxy's PROXY protocol on
non-standard port 9025
9025 inet n - n - - smtpd -o
smtpd_upstream_proxy_protocol=haproxy
haproxy.cfg:
frontend f-smtp
bind ....:25
mode tcp
timeout client 1m
default_backend b-smtp
backend b-smtp
mode tcp
option smtpchk
timeout server 1m
# note: data port 9025 (w/PROXY); smtpchk port 25 (no PROXY).
server smtp1 <ip>:9025 send-proxy check port 25
server smtp2 <ip>:9025 send-proxy check port 25
server smtp3 <ip>:9025 send-proxy check port 25
Tom
