Hi haproxy user's
I encounter problems with haproxy 1.5 and 2.11 postfix. I use the option "smtpd_upstream_proxy_protocol = haproxy" in postfix "main.cf" to retrieve the source IP of the user instead of the proxy ip. Everything works perfectly if I stop there. The problem is that I would like to add clamsmtpd for mail filtering. This is where things get complicated. I get the following message in the log: Mar 10 14:39:58 smtp-postfix210 postfix/smtpd[4828]: warning: haproxy read: timeout error Mar 10 14:39:58 smtp-postfix210 postfix/smtpd[4828]: connect from unknown[unknown] Mar 10 14:39:58 smtp-postfix210 postfix/smtpd[4828]: disconnect from unknown[unknown] Mar 10 14:39:58 smtp-postfix210 postfix/smtp[4824]: 2CC5D22C52: to=<t...@domain.com>, relay=127.0.0.1[127.0.0.1]:10025, delay=342, delays=337/0.02/5/0, dsn=4.4.2, status=deferred (lost connection with 127.0.0.1[127.0.0.1] while receiving the initial server greeting) - master.cf scan unix - - - - 20 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10026 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_relay_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_address_mappings,no_header_body_checks,no_unknown_recipient_checks - main.cf (a classic one with in addition) content_filter = scan:[127.0.0.1]:10025 smtpd_upstream_proxy_protocol = haproxy - clamsmtpd.conf # ------------------------------------------------------------------------------ # SAMPLE CLAMSMTPD CONFIG FILE # ------------------------------------------------------------------------------ # # - Comments are a line that starts with a # # - All the options are found below with their defaults commented out # The address to send scanned mail to. # This option is required unless TransparentProxy is enabled OutAddress: 10026 # The maximum number of connection allowed at once. # Be sure that clamd can also handle this many connections #MaxConnections: 64 # Amount of time (in seconds) to wait on network IO #TimeOut: 180 # Address to listen on (defaults to all local addresses on port 10025) Listen: 127.0.0.1:10025 # The address clamd is listening on ClamAddress: /var/run/clamav/clamd.ctl # A header to add to all scanned email #Header: X-AV-Checked: ClamAV using ClamSMTP # Directory for temporary files TempDirectory: /var/spool/clamsmtp # PidFile: location of PID file PidFile: /var/run/clamsmtp/clamsmtpd.pid # Whether or not to bounce email (default is to silently drop) #Bounce: off # Whether or not to keep virus files #Quarantine: off # Enable transparent proxy support #TransparentProxy: off # User to run as User: clamsmtp # Virus actions: There's an option to run a script every time a # virus is found. Read the man page for clamsmtpd.conf for details. Thank you for your help, I'm interested if you have any idea --------------------------------- Nicolas - Mailoo.org mail : nico...@mailoo.org web : https://www.mailoo.org [1] --------------------------------- Pour nous aider : www.mailoo.org/dons [2] Links: ------ [1] https://www.mailoo.org [2] http://www.mailoo.org/dons
