KutuKupret

It’s been a long times since i wrote my last article, i’ve been bussy with real life things.
As usual, I’ll get right to the subject of how to configure nginx as POP3/IMAP proxy server.

Nginx IP                 = 192.168.1.1
Postfix User Database IP = 192.168.1.5 (postfix + courier server + apache backend)

nginx server configuration

mail {
    server_name mail-proxy.example.com;
    # apache external backend
    auth_http  192.168.1.5:8081/auth.php;
    proxy  on;
    proxy_pass_error_message on;

    imap_capabilities "IMAP4rev1" "UIDPLUS" "IDLE" "LITERAL +" "QUOTA";

    pop3_auth plain apop cram-md5;
    pop3_capabilities "LAST" "TOP" "USER" "PIPELINING" "UIDL";

    ssl_certificate /etc/nginx/ssl_keys/db.mail-proxy.crt;
    ssl_certificate_key /etc/nginx/ssl_keys/db.mail-proxy.key;
    ssl_session_timeout 5m;
    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;

    server {
      listen      143;
      protocol    imap;
      starttls    on;
      auth_http_header X-Auth-Port 143;
      auth_http_header User-Agent "Nginx POP3/IMAP4 proxy";
    }

    server {
      protocol    pop3;
      listen      110;
      starttls    on;
      pop3_auth   plain;
      auth_http_header X-Auth-Port 110;
      auth_http_header User-Agent "Nginx POP3/IMAP4 proxy";
    }

    server {
      listen      993;
      ssl         on;
      protocol    imap;
      auth_http_header X-Auth-Port 993;
      auth_http_header User-Agent "Nginx POP3/IMAP4 proxy";
    }

    server {
      protocol    pop3;
      listen      995;
      ssl         on;
      pop3_auth   plain;
      auth_http_header X-Auth-Port 995;
      auth_http_header User-Agent "Nginx POP3/IMAP4 proxy";
    }
}

Continue reading »