Planning to add Haproxy server for resiliency to better control backend postfix relay servers for some of the clients like Java/GO Java clients -> Haproxy -> Postfix relays with policy service -> other SMTP servers -> internet
Thanks for suggesting XFORWARD which can be set by client and read by server and seems like one of the options, but with that I have to patch these clients to add X-Forward header. Is there any other option at haproxy and Postfix server level, where I don't have to touch client libraries as not all of them are under my control in my environment. I was reading that haproxy can preprend proxy header by using send-proxy and postfix can decode it by using a postscreen with some combination of below settings. Is this possible and what would the correct settings if it is possible. postscreen_upstream_proxy_protocol = haproxy On Wed, Jul 17, 2024 at 2:00 AM Wietse Venema via Postfix-users < postfix-users@postfix.org> wrote: > sandeep pawar via Postfix-users: > > Some of the Java mail client libraries don't support MX record and don't > > have a good retry mechanism and therefore want to run a group of relay > > behind load-balancer so that when relays are patched, no mails are lost > by > > ensuring a right health check. > > > > These relays are authenticated and also have policy service configured > > which also take decisions based on client IP. > > > > Want to understand how I can preserve client IP in Postfix and use it > > further in logging and policy service if possible. Found some reference > > around sendproxy protocol. > > The picture is > > Java clients -> Postfix relays with policy service -> other SMTP servers > -> internet > > and you want to know the Java client IP address in the other SMTP > servers? Postfix SMTP servers and clients implement the XFORWARD > protocol for doing that, but it requires that the other servers > support that protocol. > > > Open to any other suggestion to make relays highly available for client > and > > save against edge case with small downtime. > > Wietse > _______________________________________________ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org > -- Sandeep Pawar
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
