QMail SMTP backends in haproxy


#1

Hi,
I am setting up haproxy in front of several Qmail SMTP servers, however when I try to send an email through Thunderbird, it doesn’t really work.

The message could not be sent because connecting to Outgoing server (SMTP) smtp.example.com failed. The server may be unavailable or is refusing SMTP connections. Please verify that your Outgoing server (SMTP) settings are correct and try again.

But if I try to send it through telnet I do get the email but just blank email, with no sender , body…

Any idea what could be happening ?

This is the config:

frontend smtp_service_front
  bind 10.11.6.39:25
  mode tcp
  default_backend smtp_service_back
  description SMTP 25 Service
  log global
  maxconn 8000
  option socket-stats
  option tcplog
  option tcpka
  timeout client 30s

backend smtp_service_back
  mode tcp
  balance roundrobin
  option tcpka
  option smtpchk HELO smtp.example.com
  timeout connect 5s
  timeout server 31s
  server lxmail01-vm mail01.example.com:25 resolvers dns resolve-prefer ipv4 fall 4 rise 3 inter 2s   check-send-proxy send-proxy check
  server mail03 mail03.example.com:25 resolvers dns resolve-prefer ipv4 fall 4 rise 3 inter 2s check-send-proxy send-proxy check

#2

Are you sure the backend server accept the proxy protocol? Are the health checks considering the backend servers up?

Please share haproxy logs.


#3

Hi,
I am using Qmail… I am not sure whether it supports proxy mode or not…

The servers are considered as up, and I can send messages using telnet (but not the Thunderbird) , but those messages appear as empty, with no from, no to, no body…it is weird…

Here is the source code of the mail:

Content-Filter: maildrop-toaster
Return-Path: <support@example.com>
Delivered-To: example.com-xxxx@example.com
Received: (qmail 21010 invoked by uid 107); 3 May 2018 08:15:53 -0000
Received: from unknown (HELO smtp.eexample.com) (10.11.6.26)
  by mail01.example.com with SMTP; 3 May 2018 08:15:53 -0000
asdf

#4

If you did not explicitly enable proxy mode on Qmail, you cannot use it. Disable it on haproxy.


#5

I just disabled it but it still does the same. With Thunderbird it tries to send the message until it times out, and through telnet throws the following error:

The message could not be sent because the connection to Outgoing server (SMTP) smtp.example.com was lost in the middle of the transaction. Try again.

the log shows:

haproxy[71436]: 10.11.109.4:42136 [03/May/2018:11:50:36.640] smtp_authssl_service_front smtp_authssl_service_back/lxmail01-vm 1/0/30004 202 cD 2/1/0/0/0 0/0
haproxy[71436]: 10.11.109.4:42136 [03/May/2018:11:50:36.640] smtp_authssl_service_front smtp_authssl_service_back/lxmail01-vm 1/0/30004 202 cD 2/1/0/0/0 0/0
haproxy[71436]: {type:haproxy,timestamp:1525341041,http_status:0,http_request:10.11.109.4,bytes_read:148,upstream_addr:10.11.5.101,backend_name:smtp_service_back,retries:0,bytes_uploaded:83,upstream_response_time:0,session_duration:63047,termination_state:cD}
haproxy[71436]: {type:haproxy,timestamp:1525341041,http_status:0,http_request:10.11.109.4,bytes_read:148,upstream_addr:10.11.5.101,backend_name:smtp_service_back,retries:0,bytes_uploaded:83,upstream_response_time:0,session_duration:63047,termination_state:cD}

The config is now:

backend smtp_auth_service_back
  mode tcp
  balance roundrobin
  option tcpka
  option smtpchk HELO smtp.example.com
  timeout connect 5s
  timeout server 31s
  server lxmail01-vm lxmail01-vm.example.com:587 resolvers dns resolve-prefer ipv4 fall 4 rise 3 inter 2s check
  server lxmail03 lxmail03.example.com:587 resolvers dns resolve-prefer ipv4 fall 4 rise 3 inter 2s check

backend smtp_authssl_service_back
  mode tcp
  balance roundrobin
  option tcpka
  option smtpchk HELO smtp.example.com
  timeout connect 5s
  timeout server 31s
  server lxmail01-vm lxmail01-vm.example.com:587 resolvers dns resolve-prefer ipv4 fall 4 rise 3 inter 2s check
  server lxmail03 lxmail03.example.com:587 resolvers dns resolve-prefer ipv4 fall 4 rise 3 inter 2s check

backend smtp_service_back
  mode tcp
  balance roundrobin
  option tcpka
  option smtpchk HELO smtp.example.com
  timeout connect 5s
  timeout server 31s
  server lxmail01-vm lxmail01-vm.example.com:25 resolvers dns resolve-prefer ipv4 fall 4 check
  server lxmail03 lxmail03.example.com:25 resolvers dns resolve-prefer ipv4 fall 4 check