Web and Mail Proxy Server Configuration

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Web and Mail Proxy Server Configuration

wld75
Hi All,

My objective is to host a Web server and as a Mail proxy to my internal
Exchange 2010 RPC over HTTPS.

I had compile NGINX open source with --with_mail and SSL.
In my nginx.conf file i saw only "http" directive with any MAIL parameters.

Can anyone help me to start with a workable configuration to achieve my
objective?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,281456,281456#msg-281456

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Web and Mail Proxy Server Configuration

wld75
Hi all,

Based on googling, i found some of the Mail proxy config as per below.
Question is, is that config is valid for both as Web server and Mail proxy?


[root@ns2 conf]# more nginx.conf
worker_processes  1;



events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request"
'
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        server_name  xxx.xxx.com;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;


        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}




mail {
    listen 443;
    ssl                     on;
    ssl_certificate         /etc/ssl/remote.domain.com-unified.crt;
    ssl_certificate_key     /etc/ssl/remote.domain.com.key;
    ssl_session_timeout     5m;

    server_name remote.domain.com autodiscover.domain.com;

   # Set global proxy settings
    proxy_http_version      1.1;
    proxy_connect_timeout   360;
    proxy_read_timeout      360;
    proxy_pass_request_headers  on;
    proxy_pass_header       Date;
    proxy_pass_header       Server;
    proxy_pass_header       Authorization;

    proxy_set_header        Host $host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        Accept-Encoding "";

    location / { proxy_pass https://10.202.1.14; }
    location ~* ^/owa { proxy_pass https://10.202.1.14; }
    location ~* ^/ecp { proxy_pass https://10.202.1.14; }
    location ~* ^/rpc { proxy_pass https://10.202.1.14; }
    location ~* ^/ews { proxy_pass https://10.202.1.14; }
    location ~* ^/exchweb { proxy_pass https://10.202.1.14; }
    location ~* ^/public { proxy_pass https://10.202.1.14; }
    location ~* ^/exchange { proxy_pass https://10.202.1.14; }
    location ~* ^/Microsoft-Server-ActiveSync {
    proxy_set_header X-Forwarded-Proto https;
    proxy_pass https://10.202.1.14;
    }
    location ~* ^/autodiscover { proxy_pass https://10.202.1.14; }

    error_log /usr/local/nginx/logs/owa-ssl-error.log;
    access_log /usr/local/nginx/logs/owa-ssl-access.log;
}

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,281456,281469#msg-281469

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Web and Mail Proxy Server Configuration

wld75
In reply to this post by wld75
Hi All,

BTW, i had compile nginx 1.15.4 from Mainline.

nginx version: nginx/1.15.4
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-28) (GCC)
built with OpenSSL 1.0.2p 14 Aug 2018
TLS SNI support enabled
configure arguments:

--prefix=/usr/local/nginx

--sbin-path=/usr/local/nginx/sbin/nginx

--modules-path=/usr/local/nginx/modules

--conf-path=/usr/local/nginx/conf/nginx.conf

--error-log-path=/usr/local/nginx/logs/error.log

--pid-path=/usr/local/nginx/logs/nginx.pid

--http-log-path=/usr/local/nginx/logs/access.log

--user=nginx

--group=nginx

--with-pcre=/usr/local/src/pcre-8.42

--with-zlib=/usr/local/src/zlib-1.2.11

--with-openssl=/usr/local/src/openssl-1.0.2p

 --with-http_ssl_module

--with-mail --with-mail_ssl_module


This is my NGINX directory lists and i dont see the "Modules" directory. Is
that normal?

client_body_temp

conf fastcgi_temp

html

html.orig

 logs

 proxy_temp

 sbin scgi_temp

 uwsgi_temp

Can anyone share a configuration file with simple HTTP and Mail proxy
settings in nginx.conf?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,281456,281498#msg-281498

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Web and Mail Proxy Server Configuration

wld75
Hi All,

We are using OWA, OA and ActiveSync for internet users. Exchange connection
protocol is RPC over HTTPS.

This forum looks like dead :-(

Any help?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,281456,281499#msg-281499

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

RE: Web and Mail Proxy Server Configuration

Reinis Rozitis
In reply to this post by wld75
> This is my NGINX directory lists and i dont see the "Modules" directory. Is that
> normal?

Yes, that's normal. By default nginx compiles everything into executable so unless you build dynamic modules (--add-dynamic-module) there won't be any .so files.


> Can anyone share a configuration file with simple HTTP and Mail proxy settings
> in nginx.conf?

Would start with this https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-proxy/

rr

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: RE: Web and Mail Proxy Server Configuration

wld75
Hi Reinis,

Thanks for your reply.

Noted on Modules directory.

Yes, i went through the NGINX Admin Guide but talked about SMTP, POP3 and
IMAP protocol.

My internal exchange is 2010 and all outside users accessing email OWA, OA
and ActiveSync via RPC over HTTPS.

Hope you can show me some useful nginx conf files to suite my setup.
Also show me if i need to post my queries on other forum.

Thanks man

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,281456,281515#msg-281515

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: RE: Web and Mail Proxy Server Configuration

wld75
Hi All,



All our outside users uses OWA, OA and ActiveSync. These users will connect
to my internal Exchange 2010 via RPC over HTTPS.One Example, Users will
access OWA by mail.example.com/owa and this should proxy to internal
exchange 2010 server exch01.example.com.

All my previous nginx.conf config, i had create "mail" context. Probably i
was confused as that mail context is for SMTP, POP3 and IMAP protocol.So for
my case, i still have to use HTTP context and add directive for my Web
server page and also to mail proxy any request mail.example.com/owa to my
internal exchange server.The same should go for my other users access OA and
ActiveSync.

Am i correct?
Any help on nginx config for my scenario?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,281456,281516#msg-281516

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx