Smtp

Haproxy 負載平衡 IMAP、POP3、SMTP:無法使用錯誤模式的代理“imap”,需要:http,有:tcp

  • July 4, 2017

我嘗試通過 haproxy 將所有傳入的電子郵件流量反向代理到 我的 debian 伺服器中的mailcow-dockerized解決方案:

配置haproxy.cfg是:

global
   log /dev/log    local0
   log /dev/log    local1 notice
   chroot /var/lib/haproxy
   stats socket /run/haproxy/admin.sock mode 660 level admin
   stats timeout 30s
   user haproxy
   group haproxy
   daemon

   # Default SSL material locations
   ca-base /etc/ssl/certs
   crt-base /etc/ssl/private

   # Default ciphers to use on SSL-enabled listening sockets.
   # For more information, see ciphers(1SSL). This list is from:
   #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
   ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
   ssl-default-bind-options no-sslv3

defaults
   log global
   mode    http
   option  httplog
   option  dontlognull
       timeout connect 5000
       timeout client  50000
       timeout server  50000
   errorfile 400 /etc/haproxy/errors/400.http
   errorfile 403 /etc/haproxy/errors/403.http
   errorfile 408 /etc/haproxy/errors/408.http
   errorfile 500 /etc/haproxy/errors/500.http
   errorfile 502 /etc/haproxy/errors/502.http
   errorfile 503 /etc/haproxy/errors/503.http
   errorfile 504 /etc/haproxy/errors/504.http


frontnend smtp
  bind *:25
  default_backend smtp_public

frontend submission
 bind *:587
 default_backend smtp_submission

frontend smtp_ssl
  bind *:449
  default_backend smtp_ssl

frontend pop3
 bind *:995
 default_backend pop3_

frontend imap
 bind *:993
 default_backend imap

backend smtp_public 
  mode tcp
  option tcplog
  server docker 127.0.0.1:2525 check

backend smtp_ssl
  mode tcp
  option tcplog
  server docker 127.0.0.1:2465

backend smtp_submission
  mode tcp
  option tcplog
  server docker 127.0.0.1:2587

backend pop3_
  mode tcp
  option tcplog
  server docker 127.0.0.1:2995

backend imap
  mode tcp
  option tcplog
  server docker 127.0.0.1:2993

執行的圖像是:

ec79939443d4        mailcow/acme:1.3        "/srv/docker-entry..."   46 hours ago        Up 46 hours                                                           
29c295d44767        mailcow/rspamd:1.1      "/docker-entrypoin..."   46 hours ago        Up 46 hours                                                           
2d09fd009c39        nginx:mainline-alpine   "/bin/sh -c 'envsu..."   46 hours ago        Up 46 hours (healthy)   80/tcp, 0.0.0.0:8080->8080/tcp                
a00d9477c464        mailcow/fail2ban:1.0    "python2 -u /logwa..."   46 hours ago        Up 46 hours                                                           
6fdf54789459        mailcow/phpfpm:1.0      "/docker-entrypoin..."   46 hours ago        Up 46 hours             9000/tcp                                      
091d621123aa        mailcow/sogo:1.0        "/bin/sh -c 'exec ..."   46 hours ago        Up 46 hours                                                           
1028c60923a0        redis:alpine            "docker-entrypoint..."   46 hours ago        Up 46 hours             6379/tcp                                      
827c20cee898        mailcow/dovecot:1.0     "/docker-entrypoin..."   46 hours ago        Up 46 hours             24/tcp, 10001/tcp, 0.0.0.0:2110->110/tcp, 0.0.
76a977a8064e        mailcow/postfix:1.0     "/bin/sh -c 'exec ..."   46 hours ago        Up 46 hours             588/tcp, 0.0.0.0:2525->25/tcp, 0.0.0.0:2465->4
2299076f475f        memcached:alpine        "docker-entrypoint..."   46 hours ago        Up 46 hours             11211/tcp                                     
03b56dcc1563        mailcow/unbound:1.0     "/docker-entrypoin..."   46 hours ago        Up 46 hours (healthy)   53/tcp, 53/udp                                
21f5a3673f3f        mariadb:10.1            "docker-entrypoint..."   46 hours ago        Up 46 hours (healthy)   3306/tcp                                      
e2af96428a94        robbertkl/ipv6nat       "/docker-ipv6nat -..."   46 hours ago        Up 46 hours                                                           
97fcf9ad82ad        mailcow/clamd:1.0       "/bootstrap.sh"          46 hours ago        Up 46 hours             3310/tcp 

但我收到以下錯誤:

Ιούλ 04 17:28:51 DockerMailserver haproxy[58310]: [ALERT] 184/172851 (58310) : Unable to use proxy 'imap' with wrong mode, required: http, has: tcp.
Ιούλ 04 17:28:51 DockerMailserver haproxy[58310]: [ALERT] 184/172851 (58310) : You may want to use 'mode http'.
Ιούλ 04 17:28:51 DockerMailserver haproxy[58310]: [ALERT] 184/172851 (58310) : Proxy 'imap': unable to find required default_backend: 'imap'.
Ιούλ 04 17:28:51 DockerMailserver haproxy[58310]: [ALERT] 184/172851 (58310) : Fatal errors found in configuration.
Ιούλ 04 17:28:51 DockerMailserver systemd[1]: haproxy.service holdoff time over, scheduling restart.
Ιούλ 04 17:28:51 DockerMailserver systemd[1]: Stopping HAProxy Load Balancer...
Ιούλ 04 17:28:51 DockerMailserver systemd[1]: Starting HAProxy Load Balancer...
Ιούλ 04 17:28:51 DockerMailserver systemd[1]: haproxy.service start request repeated too quickly, refusing to start.
Ιούλ 04 17:28:51 DockerMailserver systemd[1]: Failed to start HAProxy Load Balancer.
Ιούλ 04 17:28:51 DockerMailserver systemd[1]: Unit haproxy.service entered failed state.

各位大俠知道如何解決這個錯誤嗎?

根據文件,mode可以在所有部分(backend、、、、frontenddefaults上設置listen。你有一個defaults部分mode http。這是否適用於frontend未指定模式的部分?

嘗試mode tcp為使用後端的前端指定mode tcp.

引用自:https://serverfault.com/questions/859339