Good day Guys

I am busy building a mail gateway for the corp I work for, but with haproxy in front of the MTAs (TLS).

The problem we are experiencing is, we are getting the following error message:

2019-05-22 12:23:15 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=smtpgatewayserver [IP_OF_LB_SERVER] input="PROXY TCP4 $MY_IP $IP_OF_LB_SERVER 39156 587\r\n"

We use Exim and I set:
hostlist haproxy_hosts = IP.OF.LB

My haproxy config:
https://pastebin.com/raw/JYAXkAq4

If I run
openssl s_client -host smtpgatewayserver -port 587 -starttls smtp -crlf

openssl says connected, but SSL-Session is empty.

I would like to say, if I change 'send-proxy' to 'check', the everything works, BUT the IP logged by Exim, is that of the LB, and not the client.

If anyone could please review the haproxy config / my setup, it would be appreciated.

Many thanks
Brent Clark


Reply via email to