HAProxy community

IMAP + SMTP proxy for 2 Mail Domains


I’m trying to setup HAProxy to handle IMAP and SMTP for two different mail domains and two different backend servers (one server for each of the domains).

Let’s say we have the two mail domains:

For a single mail domain/mail server I configured the following for IMAP so far:

listen dovecot-imap
    bind :993 ssl crt /etc/ssl/ca_bundle.pem no-sslv3
    mode tcp
    option http-keep-alive
    balance first
    tcp-check connect port 993
    tcp-check expect string *\ OK
    stick-table type ip size 200k expire 15m
    stick on src
    timeout server 1m
    timeout connect 1m
    timeout client 5m
    server s1 ssl send-proxy-v2 verify none

Could you give me a hint please, on how to differentiate between the two mail domains?
For HTTP I found some examples which look on the hostname in the header and use this information for switching between the backend servers. How can this be handled for IMAP and SMTP? Is there an example available, somewhere?

I tried the stuff before with Nginx which misses SSL support towards the backend. AFAIK a mail proxy with SSL termination (www side) and SSL towards the backend should be possible with HAProxy, but now I stuck with the problems mentioned above.

Thanks for any hints,


1 Like

I also need such information

You can’t.

Haproxy does not know about SMTP or IMAP, and therefor cannot make load-balancing decision based on that. Also, the destination email address is unknown when the connection establishes first (and when the first packet is send) - which is when a load-balancing decision has to take place (unless the proxy itself is a full-blown SMTP/IMAP speaker).

So this really requires a software that is actually able to dialog in SMTP/IMAP with the client, which haproxy isn’t.