nginx as proxy for mail server

hbauer

hbauer

I am trying to setup nginx as a reverse proxy for my mailserver. According to nginx documentation https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-proxy/ this should be possible by compiling nginx with certain flags and adding some configuration to the nginx.conf file.
Code: 
./configure --with-mail --with-mail_ssl_module --with-openssl=[DIR]/openssl-1.1.1
I believe I have compiled nginx the right way :
Code: 
nginx -V
nginx version: nginx/1.26.1
built with OpenSSL 3.0.13 30 Jan 2024
TLS SNI support enabled
configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --user=www --group=www --with-compat --with-pcre --modules-path=/usr/local/libexec/nginx --with-file-aio --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx/access.log --with-http_v2_module --with-http_v3_module --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module

--with-mail_ssl_module
--with-mail
--with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-threads --with-mail=dynamic --with-stream=dynamic --with-ld-opt='-L /usr/local/lib'
but after adding the required elements to nginx.conf
Code: 
vi /usr/local/etc/nginx/nginx.conf

mail {
    server_name mail.myserver.de;
    auth_http www.myserver.de/authenticate;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'HIGH:!aNULL:!MD5';
    imap {
        server { listen 143; }
        ssl_listen 993 ssl;
        ssl_certificate /usr/local/etc/letsencrypt/live/www.myserver.de/cert.pem ;
        ssl_certificate_key /usr/local/etc/letsencrypt/live/www.myserver.de/privkey.pem ;
    }
}
I still get the error
Code: 
nginx: [emerg] unknown directive "mail" in /usr/local/etc/nginx/nginx.conf:18
I guess this is telling me that there is no nginx module that does understand that part

Anybody out there who succeeded in getting this up and running?

(please no advice why I should not do this)
 
You should probably load the module before you can use it?

And you know it's enabled by default on the port/package?

Code: 
====> Modules that require MAIL module
     MAIL=on: Enable IMAP4/POP3/SMTP proxy module
     MAIL_IMAP=off: Enable IMAP4 proxy module
     MAIL_POP3=off: Enable POP3 proxy module
     MAIL_SMTP=off: Enable SMTP proxy module
     MAIL_SSL=on: Enable mail_ssl module
 
SirDice said:
You should probably load the module before you can use it?

And you know it's enabled by default on the port/package?
Click to expand...
ah. no I didnt know this. when running nginx -V with nginx from portage I have not seen -with-mail but I may just have not look closely enough.
But now at least I dont get any errors and I will now try to configure everything.
 
Code: 
MAIL_VARS=			DSO_BASEMODS+=mail
MAIL_IMAP_CONFIGURE_OFF=	--without-mail_imap_module
MAIL_POP3_CONFIGURE_OFF=	--without-mail_pop3_module
MAIL_SMTP_CONFIGURE_OFF=	--without-mail_smtp_module
MAIL_SSL_USES=			ssl
The MAIL option translates to --with-mail and the MAIL option is turned on by default. Which means the package for www/nginx has it turned on too.
 
You must log in or register to reply here.
Back
Top