You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "ouvtam (Jira)" <se...@james.apache.org> on 2022/08/17 12:29:00 UTC
[jira] [Updated] (JAMES-3788) Support for HAProxy Proxy Protocol
[ https://issues.apache.org/jira/browse/JAMES-3788?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ouvtam updated JAMES-3788:
--------------------------
Description:
As proposed in the gitter channel I would like to add support for HAProxy's PROXY protocol ([https://www.haproxy.org/download/2.7/doc/proxy-protocol.txt|https://www.haproxy.org/download/2.7/doc/proxy-protocol.txt]).
This allows to run James behind HAProxy (i.e. load balancing multiple James instances). In order to properly support the proxy protocol James needs to parse the provided PROXY arguments from HAProxy (remote ip address, remote port etc.) and store it in the SMTPSession for further processing (e.g. DNSRBL check, Authorized Networks etc.). Otherwise James uses HAProxy's address (e.g. localhost) as remote address.
For instance, HAProxy sends following line after connecting:
{code:java}
"PROXY TCP4 255.255.255.255 255.255.255.255 65535 65535\r\n" {code}
Netty already provides a codec for HAProxy's protocol (io.netty.handler.codec.haproxy), so this can be implemented in the transport layer of James.
was:
As proposed in the gitter channel I would like to add support for HAProxy's PROXY protocol ([https://www.haproxy.org/download/2.7/doc/proxy-protocol.txt|https://www.haproxy.org/download/2.7/doc/proxy-protocol.txt).]).
This allows to run James behind HAProxy (i.e. load balancing multiple James instances). In order to properly support the proxy protocol James needs to parse the provided PROXY arguments from HAProxy (remote ip address, remote port etc.) and store it in the SMTPSession for further processing (e.g. DNSRBL check, Authorized Networks etc.). Otherwise James uses HAProxy's address (e.g. localhost) as remote address.
For instance, HAProxy sends following line after connecting:
{code:java}
"PROXY TCP4 255.255.255.255 255.255.255.255 65535 65535\r\n" {code}
Netty already provides a codec for HAProxy's protocol (io.netty.handler.codec.haproxy), so this can be implemented in the transport layer of James.
> Support for HAProxy Proxy Protocol
> ----------------------------------
>
> Key: JAMES-3788
> URL: https://issues.apache.org/jira/browse/JAMES-3788
> Project: James Server
> Issue Type: New Feature
> Components: protocols
> Reporter: ouvtam
> Priority: Minor
> Time Spent: 2h 40m
> Remaining Estimate: 0h
>
> As proposed in the gitter channel I would like to add support for HAProxy's PROXY protocol ([https://www.haproxy.org/download/2.7/doc/proxy-protocol.txt|https://www.haproxy.org/download/2.7/doc/proxy-protocol.txt]).
> This allows to run James behind HAProxy (i.e. load balancing multiple James instances). In order to properly support the proxy protocol James needs to parse the provided PROXY arguments from HAProxy (remote ip address, remote port etc.) and store it in the SMTPSession for further processing (e.g. DNSRBL check, Authorized Networks etc.). Otherwise James uses HAProxy's address (e.g. localhost) as remote address.
> For instance, HAProxy sends following line after connecting:
> {code:java}
> "PROXY TCP4 255.255.255.255 255.255.255.255 65535 65535\r\n" {code}
> Netty already provides a codec for HAProxy's protocol (io.netty.handler.codec.haproxy), so this can be implemented in the transport layer of James.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org