Configuring HA Proxy with exchange and SonicWall

Question

I'm setting up a new HA Proxy server (first time encountering it) and have problems forwarding traffic

It's supposed to forward SMTP traffic to two SMTP relay servers, and to two exchange servers (IMAP)

Version is 1.8.8-1 on Ubuntu 18.04.1 server (HA proxy is the only thing that's installed)

SMTP and IMAP configuration is as follows

frontend SMTP
    bind 10.1.1.232:25 name smtp
    mode tcp
    option tcplog
    default_backend SMTP
frontend IMAP4
    bind 10.1.1.232:143 name imap
    mode tcp
    default_backend IMAP4
backend SMTP
    mode tcp
    server SWES 10.1.1.233:25 send-proxy check port 25
    server POSTFIX 10.1.1.234:25 send-proxy check port 25

backend IMAP4 mode tcp server Exc1 10.1.1.230:143 send-proxy check port 143 server Exc2 10.1.1.231:143 send-proxy check port 143

Thunderbird fails when connecting to both ports with errors: 'This mail server is not an imap mail server', and 'message could not be sent for an unknown reason'

Telneting to specified ports result in:

su@haproxy:/home$ telnet 10.1.1.232 25
Trying 10.1.1.232...
Connected to 10.1.1.232.
Escape character is '^]'.
220 mail.example.com ESMTP mail.example.com
502 5.5.1 Error: invalid command

and

su@haproxy:/home$ telnet 10.1.1.232 143
Trying 10.1.1.232...
Connected to 10.1.1.232.
Escape character is '^]'.
* OK The Microsoft Exchange IMAP4 service is ready.
PROXY BAD Command Error. 12

telneting directly to target hosts works without any errors

Does anyone have any ideas about those errors and how to fix them?

Thanks

backend IMAP4 mode tcp server Exc1 10.1.1.230:143 send-proxy check port 143 server Exc2 10.1.1.231:143 send-proxy check port 143 — Tomislav Plečko, Feb 04 '19 at 14:13
You can't activate the proxy protocol for a back-end using the [`send-proxy`](http://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.2-send-proxy) directive unless the backend service supports the proxy protocol and the feature is enabled in the backend server configuration. These errors indicate the back-end does not support the proxy protocol, or it is not enabled in the configuration of the backend. — Michael - sqlbot, Feb 04 '19 at 19:15
Some questions about HAProxy are on-topic here, since some aspects of HAProxy's configuration are quite properly considered "programming" (conditionals, regex, Lua integration, etc.)... but questions about server administration in a business environment should be posted to [Server Fault](https://serverfault.com) rather than Stack Overflow. — Michael - sqlbot, Feb 04 '19 at 19:15
@Michael-sqlbot noted. Site redirected me elsewhere, but no similar topics were present, so i posted here, where i found similar topics. — Tomislav Plečko, Feb 04 '19 at 21:15
@Michael-sqlbot removing send-proxy helped! Thanks for comments, I'll continue on new post on Server Fault, if and when needed. Thanks — Tomislav Plečko, Feb 05 '19 at 07:11

score 0 · Accepted Answer · answered Feb 05 '19 at 07:19

0

Apparently send-proxy option isn't supported on nether Sonic Wall Email Security, or on Exchange. Haven't tested the option with Postfix, but according to documentation, Postfix works with said option.

answered Feb 05 '19 at 07:19

Tomislav Plečko

167
2
14

Configuring HA Proxy with exchange and SonicWall

1 Answers1