W dniu 17.04.2025 o 14:11, natan via Postfix-users pisze:
Hi
For test I use setup like haproxy + postfix - works fine via 587 / 587+tls and I have problem with 465

....
frontend ft_submission
  bind 0.0.0.0:587
  mode tcp
  timeout client 1m
  log global
  default_backend bk_submission

backend bk_submission
  mode tcp
        timeout server 1m
        timeout connect 5s

  server postfix1 12.xxx.xxx.xxx:10587 send-proxy check maxconn 2000 weight 2

frontend ft_ssmtp
  bind 0.0.0.0:465 ssl crt /etc/dovecot/ssl/cert.pem
  mode tcp
  timeout client 1m
  log global
  default_backend bk_ssmtp

backend bk_ssmtp
  mode tcp
        timeout server 1m
        timeout connect 5s

  server postfix1 12.xxx.xxx.xxx:10587 send-proxy check maxconn 2000 weight 2  # server postfix1 12.xxx.xxx.xxx:10465 send-proxy check maxconn 2000 weight 2
.....

master.cf:
10587 inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission-haproxy
  -o smtpd_upstream_proxy_protocol=haproxy

10465     inet  n    -    -    -    -    smtpd
  -o syslog_name=postfix/smtps-haproxy
  -o smtpd_upstream_proxy_protocol=haproxy


If I testev via:
openssl s_client -connect haproxy.domain.ltd:465 -crlf

works fine after AUTH LOGIN etc

If i test via swaks
1)swaks --auth LOGIN --server haproxy.domain.ltd --port 587 --to us...@domain.ltd --from us...@domain.ltd --auth-user us...@domain.ltd --auth-password ..... --tls ------ works fine 2)swaks --auth LOGIN --server haproxy.domain.ltd --port 465 --to us...@domain.ltd --from us...@domain.ltd --auth-user us...@domain.ltd --auth-password ..... --tls
i get only:
=== Trying xx.xxx.xxx.166:465...
=== Connected to xxx.xxx.xxx.166.
If i try
swaks --auth LOGIN --server haproxy.domain.ltd --port 465 --to us...@domain.ltd --from us...@domain.ltd --auth-user us...@domain.ltd --auth-password ..... --tlsc (--tls-on-connect)
connect ok end sending e-mail

but not then any smtp klients like thunderbird

and nothing

If I try send e-mail via 465 via thunderbird - trying and trying and nothing

Where i find the problem ? Certyfikat is correct


--

_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

--

_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to