How can I use HAProxy as Forward Proxy for PowerMTA?

PowerMTA can use HAProxy as forward proxy to deliver mail using the IP address HAProxy is serving on.

This is not the typical use case of HAProxy because it’s not load balancing, it is connecting THROUGH haproxy to use the IP address that HAProxy is on. They wrote an article about this here:


I’ve googled and not found much. The one article I did find is like the opposite of what I want:

They say to use the following:

frontend ft_smtp
      bind 12.34.56.78:25
      mode tcp
      timeout client 1m
      log global
      option tcplog
      default_backend bk_smtp

backend bk_smtp
      mode tcp
      log global
      option tcplog
      timeout server 1m
      timeout connect 7s
      server postfix 10.10.10.101:2525 send-proxy

I am wanting to connect to HAProxy on port 2525, and have it act as a proxy to connecting to smtp servers, i.e. test@gmail.com.

I am not sure if I explained this well enough, if not please let me know. Any help would be much appreciated as I can not find much online.

Did you read (and or understand) the article you posted? You should have noticed that an SMTP server is used here as a relay proxy - and not a load balancer.

Please use - as suggested in the article - “postmaster”. This will then work as desired. HAPROXY will only serve you well in the opposite direction.

I’m not following your response. The article in postmaster is only to say that it can be done with HAProxy.

What are you saying to use as suggested? Are you saying it can’t be done with HAProxy?

Maybe I am wrong - but I would say it is not possible directly via HAPROXY.
I would suggest doing it like described here. From my point of view you could leave out HAPROXY and use postfix directly as relay.

You might take a look here, how HAPROXY could be used as an outgoing proxy in a layer 7 environment, but I cannot see how this would work for smtp. (And I dont see the benefit to use HAPROXY over postfix.)

The PowerMTA manual has been updated with its latest version and it describes using HAProxy. I know that it is being used like I am thinking (Maybe I did not describe well)–because the article describes having previously used GRE tunnels in place of this new feature.

The setup should be like this PowerMTA (Server A) → HAProxy (Server B) → test@gmail.com

It is basically using HAProxy like you would use a proxy with chrome web browser.

The benefit, or purpose of this, is because IPs are important for mailing and to have a central server where PowerMTA “feeds” smaller servers that act as a proxy would be beneficial–as opposed to setting up a mailer server on the smaller servers.

The PowerMTA manual has been updated with its latest version and it describes using HAProxy. I know that it is being used like I am thinking (Maybe I did not describe well)–because the article describes having previously used GRE tunnels in place of this new feature.

Don’t take me wrong - but if they already do it - why ask us?

Postmastery has developed a lean and fast proxy which is very easy to set up and runs on Linux and Windows.

If HAPROXY is doing the job that flawless - why would they develop their own proxy?

I took a deep dive in the configuration docs and it might work with a frontend in the way of

listen outsmtp
	bind *:2525 accept-proxy
	mode tcp
	server out 0.0.0.0:25 source 0.0.0.0 usesrc clientip

and might need elevated priviledges on the server.