Page 1 of 1

HA Proxy support

Posted: 13 Sep 2016 18:34
by SupportOU
Hi,

As you are all maybe aware, but thought it might be worth mentioning, postfix as of version 2.10 supports the proxy protocol, so the original source IP is sent from the load balancer to postfix. This will make sure spamassassin works with the original source IP instead of the local balancers node IP.

Just add the line below to main.cf
smtpd_upstream_proxy_protocol = haproxy

and set your HAProxy something like this
frontend ft_smtp
bind <load balancer IP>:25
mode tcp
no option http-server-close
timeout client 1m
log global
option tcplog
default_backend bk_postfix

backend bk_postfix
mode tcp
no option http-server-close
log global
option tcplog
timeout server 1m
timeout connect 5s
server postfix <postfix server IP>:25 send-proxy

HAProxy version must be v1.5 and above to make this work.

Cheerz!
Ronald