Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problems using HAproxy with postfix

    Cache/Proxy
    2
    3
    538
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      credulous
      last edited by credulous

      Hello All,

      So I have been using HAproxy for a while for web traffic and I thought I would try and use it for incoming email for my domains, my config is as follows
      0_1543684960410_Frontend.png
      0_1543684972624_Backend.png

      and I have this in my postfix main.cf
      0_1543687297206_main_cf_excerpt.png
      I can see the source IP in Postfix logs, so it must be parsing the proxy header correctly, and yet immediately after the 220 from postfix, the proxy kills the connection .. see wireshark trace
      0_1543687802535_Wireshark.png

      I am running HAproxy 1.7.11 on pfSense 2.4.4 and Postfix is 2.10.1 on Centos 7.
      I suspected the cause here might have been the old version of postfix with Centos not compatible with latest proxy protocol being used by HAproxy, but I have also tried replacing the backend with postfix 3.1.4 on Fedora 24 .. and I get exactly the same problem.

      Any ideas what I have missed? It is probably something really obvious !!

      Steve

      P 1 Reply Last reply Reply Quote 0
      • P
        PiBa @credulous
        last edited by

        @credulous
        The timeout of 60ms is probably a bit short..

        1 Reply Last reply Reply Quote 0
        • C
          credulous
          last edited by

          Damn .. I didn't spot they were milliseconds .. though I was OK on frontend !!

          Thanks for the help .. dropped to default, and bingo!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.