> Am 18.10.2014 um 22:32 schrieb Jason J. W. Williams > <[email protected]>: > >> With incoming mail, I can make use of HAProxy’s send-proxy feature to make >> the source-IP known to the backend SMTP-servers. >> (Works in the lab, I just need to move a few hundred customers off port 25 >> for authenticated SMTP, as send-proxy is incompatible with authentication >> (right?)) > > send-proxy just kicks in HAProxy's PROXY protocol which your backend > servers need to be able to understand: > http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt > > Authenticated vs unauthenticated vs encrypted SMTP shouldn't matter. > As that's all sent after the initial PROXY line. If your backend MTA > doesn't understand/expect the HAProxy PROXY protocol, it won't work > period. > > I believe both Postfix and Exim support the HAProxy PROXY protocol. >
Yes, I know. I have it working with postfix (in the test-environment, with unauthenticated SMTP). I was under the impression that it’ s no good for authenticated SMTP. Haven’t tried it, though. Ah, it was here: http://www.postfix.org/POSTSCREEN_README.html Still no solution for POP+IMAP…
