Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Nginx mail proxy times out using IMAPs

  1. #1
    kwisatz is offline Junior Member
    Join Date
    May 2010
    Posts
    7
    Rep Power
    4

    Default Nginx mail proxy times out using IMAPs

    Good day,

    I'm trying to get nginx's imap proxy module to work with zimbra 5.0.18.

    Connecting to a zimbra server without SSL works fine but trying to connect to a server running on port 993 returns the following error in the nginx error log:
    2010/05/10 12:17:25 [info] 20760#0: *16 upstream timed out (110: Connection timed out) while connecting to upstream, client: 212.186.14.47, server: 0.0.0.0:993, login: "d****.*****@student.uibk.ac.at", upstream: 138.232.1.235:993
    I'm at a complete loss on what to do. I've found this post imap deadlock bug in 0.7.65 and patched the suggested line of code, even upgraded nginx to 0.8.36 but to no avail.

    The zimbra log isn't very revealing either:
    2010-05-10 10:35:41,994 INFO [ImapSSLServer-163260] [] imap -
    [138.232.1.168] connected
    2010-05-10 10:36:41,994 INFO [ImapSSLServer-163260] [] ProtocolHandler
    - Exception occurred while handling connection
    2010-05-10 10:36:41,994 INFO [ImapSSLServer-163260] [] ProtocolHandler
    - Handler exiting normally
    Any clues on how to further debug this situation would be much appreciated!
    Last edited by kwisatz; 05-10-2010 at 03:42 AM.

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Welcome to the forums

    Are you using the proxy that comes with Zimbra or have you just installed NGINX and attempting to get it to work ?

  3. #3
    kwisatz is offline Junior Member
    Join Date
    May 2010
    Posts
    7
    Rep Power
    4

    Default

    Quote Originally Posted by uxbod View Post
    Are you using the proxy that comes with Zimbra or have you just installed NGINX and attempting to get it to work ?
    This is a separate installation of nginx on a remote server.
    We would like to use it for a couple of other uses than the version coming with zimbra does.

  4. #4
    veronica is offline Outstanding Member
    Join Date
    Jun 2008
    Posts
    594
    Rep Power
    7

    Default

    You cannot use separate install of nginx as there are lot of config lookups done while processing user request. The nginx has to be part of zimbra setup.

  5. #5
    kwisatz is offline Junior Member
    Join Date
    May 2010
    Posts
    7
    Rep Power
    4

    Default

    Quote Originally Posted by veronica View Post
    You cannot use separate install of nginx as there are lot of config lookups done while processing user request. The nginx has to be part of zimbra setup.
    So you cannot simply forward IMAPs requests, is that correct? I'm not doing any funky stuff, just forwarding the original IMAPs requests (from a thunderbird MUA) to various servers depending on the host part of users' mailing addresses.

    Just plain standard IMAP and SSL.

  6. #6
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,292
    Rep Power
    13

    Default

    Forward IMAP is possible with "standard" ngnix.

    If you want it to forward in a "smart" way (depending on user's email address or anything else), you need to code it and put your code into your ngnix.

  7. #7
    kwisatz is offline Junior Member
    Join Date
    May 2010
    Posts
    7
    Rep Power
    4

    Default

    Quote Originally Posted by Klug View Post
    Forward IMAP is possible with "standard" ngnix.
    Ok, good to know!

    Quote Originally Posted by Klug View Post
    If you want it to forward in a "smart" way (depending on user's email address or anything else), you need to code it and put your code into your ngnix.
    Yes, that is exactly what I did, using a php script to resolve the appropriate host to be queried.
    Similar to this script: NginxImapAuthenticateWithApachePhpScript, but with a few little tweaks.
    That part works flawlessly, it's just the SSL connection that doesn't work (i.e. times out)

  8. #8
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,292
    Rep Power
    13

    Default

    As I asked on the french forum:
    . are you able to connect to the IMAPS daemon on ZCS from the NGNIX server, using CLI ?
    . are you using a selfsigned certificate on ZCS ?

    Edit - Seen the answer on the french forum : no issue with CLI openssl connect and not self-signed cert on ZCS.

    I suppose the issue is not SSL in NGNIX either (it works with https but not imaps) ?
    Last edited by Klug; 05-10-2010 at 05:41 AM.

  9. #9
    kwisatz is offline Junior Member
    Join Date
    May 2010
    Posts
    7
    Rep Power
    4

    Default

    Quote Originally Posted by Klug View Post
    I suppose the issue is not SSL in NGNIX either (it works with https but not imaps) ?
    I haven't tried setting up any http(s) service on the nginx host, other than the one on localhost executing the php script that decides what server to forward to.

    But connecting to the nginx machine, using imaps and port 993 works flawlessly if I direct nginx to forward that request to a mailserver that uses plain authentication, i.e. port 143 and no SSL whatsoever.

    I do really believe that the issue lies at the SSL handshake done between the reverse-proxy and the zimbra server. However, if I were more proficient with tcpdump and maybe other tools, I had better luck debugging this situation.

  10. #10
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,292
    Rep Power
    13

    Default

    Was ngnix compiled with ssl support?

    That's why I was thinking of trying it against something else than imaps (such as https).

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  2. [SOLVED] zimbra 6.0.6 mailbox server stoped
    By kline in forum Administrators
    Replies: 5
    Last Post: 05-03-2010, 07:14 AM
  3. server dropped connection
    By ferra in forum Installation
    Replies: 20
    Last Post: 10-06-2008, 04:32 PM
  4. [SOLVED] Upgraded to 5.0 OSS - Sendmail Problem
    By Chewie71 in forum Installation
    Replies: 11
    Last Post: 12-28-2007, 07:07 PM
  5. fatal: Queue report unavailable - mail system is down
    By zzzzsg in forum Administrators
    Replies: 16
    Last Post: 08-24-2006, 02:31 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •