Skip to content

Mailserver behind HAProxy #1523

Closed
Closed
Mailserver behind HAProxy#1523
@dfoxg

Description

@dfoxg
dfoxg
opened on May 23, 2020

Subject

  • I would like to contribute to the project (code, documentation, advocacy, integration, ...)
  • I would like some help for integrating this container with another service (rainloop, PostFWD, ...)
  • I would like to configure a not documented mail server use case
  • I would like some feedback concerning a use case
  • I have questions about TLS/SSL/STARTTLS/OpenSSL
  • Other

Description

In my Setup is a HAProxy before my Docker-Swarm-Cluster. I want to integrate the mailserver, but dont wont to expose the Ports directly from the Swarm-Nodes. Also my HAProxy takes care of the SSL-Certificates. So my Idea is following:

HAProxy (TCP-Ports 993 and 465, with SSL-Offloading) -> Swarm-Node (TCP-Ports 143 and 587).

Is this possible?

My configs are following:

HAProxy

# Floating IP. SMTP
listen lb_smtp_465
        bind xxx:465 ssl crt /media/shared/ssl/
        mode tcp

        timeout client 30000

        # use unencrypted port 587. haproxy make ssl
        server email_l0004 10.0.0.4:587 check


# Floating IP. IMAP
listen lb_imap_993
        bind xxx:993 ssl crt /media/shared/ssl/
        mode tcp

        timeout client 30000

        # use unencrypted port 143. haproxy make ssl
        server email_l0004 10.0.0.4:143 check

Docker:
Env-File:

ENABLE_SPAMASSASSIN=1
ENABLE_CLAMAV=1
ENABLE_POSTGREY=1
ONE_DIR=1
OVERRIDE_HOSTNAME=mail.xxx
OVERRIDE_DOMAINNAME=mail.xxx
POSTMASTER_ADDRESS=admin@xxx
SSL_TYPE=empty

Compose:

  mail:
    image: tvial/docker-mailserver:latest
    logging:
      driver: loki
      options:
        loki-url: "https://xxxx/loki/api/v1/push"
    ports:
      # unencrpyted esmtp
      - target: 587
        published: 587
        protocol: tcp
        mode: host
      # unencrpyted imap
      - target: 143
        published: 143
        protocol: tcp
        mode: host
    volumes:
      - /media/shared/docker/mailserver/maildata:/var/mail
      - /media/shared/docker/mailserver/mailstate:/var/mail-state
      - /media/shared/docker/mailserver/config:/tmp/docker-mailserver
    env_file: /media/shared/configs/swarm/mailserver/docker-mailserver.env
    networks:
      - default
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.labels.mail == 1

Thanks for helping!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions