Pool of erros in smtpserver log because of option smtpchk in haproxy.cfg

rannick · March 31, 2020, 3:34am

Config:

backend smtp-backend-mail
# Layer 4 based load balancing
mode tcp
option smtpchk

Error:

smtpserver.log

ERROR smtpserver: Socket to hostname closed remotely.
java.net.SocketException: Connection reset

haproxy.log

31 03:31:03 localhost haproxy[13975]: IP:60416 [31/Mar/2020:03:31:03.627] https/2: Connection closed during SSL handshake
Mar 31 03:31:03 localhost haproxy[30585]: http http/ -1/-1/-1/-1/+0 400 +187 - - CR-- 0/0/0/0/0 0/0 “”
Mar 31 03:32:03 localhost haproxy[30585]: https/2: Connection closed during SSL handshake
Mar 31 03:32:03 localhost haproxy[13975]: http http/ -1/-1/-1/-1/+0 400 +187 - - CR-- 0/0/0/0/0 0/0 “”

nlindq · March 31, 2020, 9:43pm

Do you have a frontend defined for SMTP that’s bound to one or more standard ports?
You don’t appear to have any servers defined in your backend, so it appears haproxy is connecting to localhost on one of the webservice ports by default. As you can’t talk SMTP to a web server, that won’t work.

rannick · April 1, 2020, 3:24am

Thanks for the reply. Error is coming because of the option smtpchk (server health check). I even did add correct domain (option smtpchk HELO domain). Is this health check necessary? below is the frontend and backend config for SMTP

frontend smtp
    bind 127.0.0.1:25
    bind HAProxy_Server_IP:25

    mode tcp

    # Route all traffic to our backend
    default_backend smtp-backend-mail

    log global
    option tcplog
    option logasap

backend smtp-backend-mail
    # Layer 4 based load balancing
    mode tcp
    option smtpchk HELO HAProxy_Server_IP

    # IP stickyness
    balance source
    hash-type consistent   
    stick-table type ip size 20k
    stick on src

    server APP_Hostname APP_IP:25 check on-marked-down shutdown-sessions

There more configurations defined I only posted backend smtp. How to overcome this? @nlindq

nlindq · April 3, 2020, 2:59pm

The problem isn’t with the smtpchk (although the option after HELO is just for what to announce during the SMTP conversation), it’s with your server configuration.

You only seem to have one SMTP server defined (APP_Hostname); what problem are you trying to solve with HAProxy?

I’d note that for SMTP, I’ve found the frontend/backend configuration excessively cumbersome as it’s generally pretty simple.

You could likely simplify. Here’s mine, for eg:

listen smtp
    mode tcp
    bind *:25
    balance roundrobin
    option tcplog
    option smtpchk HELO [host.name]
    server [server1] [serverip]:25 check
    server [server2] [server2ip]:25 check

rannick · April 7, 2020, 1:58pm

@nlindq Tried your way of simple configuration for smtp server but the error is still coming. Is it because of network connection? Error is coming randomly.

nlindq · April 7, 2020, 6:24pm

Can you answer this part of my question?

You only seem to have one SMTP server defined (APP_Hostname); what problem are you trying to solve with HAProxy?

Please post the smtp portion of your configuration, obfuscating as desired.

rannick · April 8, 2020, 4:04am

Main purpose of HAproxy here is used as a Proxy Server. Is the error because of connectivity between server?

nlindq · April 9, 2020, 9:02pm

Please post the smtp portion of your configuration, obfuscating as desired.

rannick · April 13, 2020, 5:06am

@nlindq I did that already. Check above for configuration of SMTP frontend and backend. And proxy is sending [RST, ACK] instead of closing properly the connection after having received the answer to the “HELO localhost” command.

tcpdump: I think HA-proxy server is the one resetting the connection. (10:09:59.551109 IP HAProxy_SERVER.38910 > APP_Server.smtp: Flags [R], seq 951036460, win 0, length 0)

nlindq · April 14, 2020, 5:35pm

Your configuration includes

option smtpchk HELO HAProxy_Server_IP

so I’m curious as to why you’d see a HELO localhost in your tcpdump.

Since you only have one SMTP server, I see no point in the load balancing config items you’ve included. Have you tried removing them?

rannick · April 15, 2020, 5:31am

HELO localhost This was before adding HELO HAProxy_Server_IP. As I said earlier this setup is for using it as a proxy server.

nlindq · April 15, 2020, 2:33pm

The (optional) parameter after the HELO is only used to tell the smtpchk what to announce as part of the SMTP greeting.

I’m starting to think we have different concepts of proxy server in this context.

Please describe your intended flow of SMTP traffic.

rannick · April 18, 2020, 5:46pm

@nlindq SMTP server (i.e app server) infront that HAproxy server as proxy server. Email send and receive functionality is working fine. It’s just this error in log file.

I ran tcpdump on Haproxy setup.

HAProxy_Server_IP > App_Server_IP.smtp: Flags [R], seq 951036460, win 0, length 0

What about that Haproxy sending R flag. Is this connection reset thing is expected behaviour if we enable haproxy health checks?

Topic		Replies	Views
ERROR smtpserver: Socket to hostname (x.x.x.x) closed remotely. java.net.SocketException: Connection reset Help!	3	672	November 30, 2022
NO-TLSV11 - Layer 4 timeout on backend Help!	5	2533	March 25, 2021
HAproxy SMTP mail config Help!	3	3688	August 21, 2023
[ Closed ] Connection Dropping Issue in SSL Backend with TCP Mode Help!	5	7221	March 23, 2017
Never mark backend as failed? Help!	8	2090	December 18, 2018

Pool of erros in smtpserver log because of option smtpchk in haproxy.cfg

Related topics