I have a working Haproxy load balancer configure with postfix.
Mode: tcp
Haproxy version: 2.4.22
Postfix version: 3.5.8-7
I want to forward the client IP to postfix using the proxy protocols. So the client ip appears in the mail log and not haproxies.
I have added accept-proxy to the frontend bind.
I have added send-proxy to each backend node.
I have added the postfix main.cf with postscreen_upstream_proxy_protocol = haproxy
I have enabled postscreen in postfix master.cf and restarted both haproxy and postfix.
This is probably wrong, if it is the frontend your external clients connect to; the proxy protocol is used between haproxy and postfix but not between the clients and haproxy and postfix.
I don’t know if that is the only issue. You’d have to post the full config to be sure.
Yes that is how I have it setup. I may not of been clear, it is a standard proxy setup for postfix. It works fine but in the mail log shows the proxies IP and not the clients IP. I understand the proxy protocol is between haproxy and postfix.
The only changes I make are what I posted in haproxy.cfg and postfix main/master.cf.
accept-proxy does not belong in this configuration, like I said, you are not running the proxy protocol between SMTP clients and haproxy, so there does not belong any proxy configuration in the frontend sections of haproxy.
prx-postfix-587 appears to target the wrong port (25 instead of 587).
I’m not sure whether postfix requires version 2 of the proxy protocol. You may want to try send-proxy-v2 on the backend as a replacemente for send-proxy.