nginx volume mount and layer4 reverse proxing

[one-eyed-king]

I never came accross the mail module or the auth_http directive so far. Thanks for sharing its existance

I can see that you defined a location that adds fixed headers to the response.
Though, aren't you missing the "Auth-Status: OK" response header as well? Or is status 200 sufficient to determin wether a login is considered successful?

See: NGINX Docs | Configuring NGINX as a Mail Proxy Server

 

[Shadow]

Though, aren't you missing the "Auth-Status: OK" response header as well? Or is status 200 sufficient to determin wether a login is considered successful?

See: NGINX Docs | Configuring NGINX as a Mail Proxy Server

I dunno. I added the "Auth-Status: OK" response, but made no difference.

 

[one-eyed-king]

Did you try to point a browser to your "auth endpoint" and check the response headers in your browsers developer mode? Maybee the output differs from the expected one..

 

[Shadow]

Looks like this is ok...

 

[one-eyed-king]

Seems using the developer tools wasn't the right suggestion, as the headers are display in small letters only.

To be sure this is only a display error and not what the response headers realy look like, I would suggest to retry with curl (it is available in the ds shell):

curl -i https://nas.?.public/mail.auth.php

If you get a certificate error use -ik to ignore certifiacte issues.

What if the nginx main module is trying to access the headers case sensitive?
Or what if another header is missing? Module ngx_mail_auth_http_module

I wish I could be more helpful, but I have zero experience with the mail module.

 

[Shadow]

Seems using the developer tools wasn't the right suggestion, as the headers are display in small letters only.

Ye I tought about that aswell...

I wish I could be more helpful, but I have zero experience with the mail module.

You've been extremely helpful. Even an extra 2 sets of eyes is helpful.

Perhaps I should try to post this question on the official nginx forums.

THanks!

 

[one-eyed-king]

The curl output includes the expected header names wit the expected values.. beats me why it doesn't work.
There must be something ambigous or missing in the docs... if this doesn't sell like a docu bug

Good luck over there!

Keep us posted, I am intrigued to see how this one playes out.

 

[one-eyed-king]

if this doesn't sell like a docu bug

Autocomplete in my head wrote "sell" instead of "look" or "seam". Not sure though, was realy tired yesterday evening. I guess I intended to write "if this doesn't seam like a docu bug"

 

[Shadow]

I haven't found the time yet to create a big post on the NGINX forum on why the IMAP module isn't working as expected. Will do that asap.

In the meantime I've setup a 2nd nginx reverse proxy container on my other NAS that is in another location. With stream{} blocks i'm able to just route IMAP (all 993) traffic for my 2nd mail server as I specified the WAN IP of the other location in my public DNS record for that 2nd mail server.

I've learned so much thanks to you @one-eyed-king , the setup of the 2nd nginx reverse proxy was a peace of cake. Loaded with with the same nginx.conf (that now has 1691 lines) with a couple of adjustments and all went fine. I can now also use this 2nd nginx reverse proxy server as a 'hot-standy'-server for al my reversed HTTP traffic.


Offtopic: One day I'd do like to found out something that can monitor and gather nice analystic info from nginx. Something that can view incoming connections from which IP's from the last x days etc etc... (and store that information myself, and not into someone else's system...).