I set up an Nginx mail proxy server and configured it to distribute to several mail servers as a front-end server. However, I need to open port 25 in the configuration; otherwise, I cannot receive mail. When I open port 25, I have to enable the smtp_auth plain login feature; otherwise, if someone knows my email address, they can send mail without a password.
When I enable the smtp_auth feature, I can't receive emails when someone sends an email to my address from outside.
For example, when I try to send an email from Gmail to my server, the message returned by Gmail mail delivery is as follows:
The remote server's response was: 530 5.7.1 Authentication required
How can I resolve this issue?
/etc/nginx/nginx.conf (mail {} partition)
mail {
server_name mail.proxyserver.com;
auth_http localhost/auth/auth.php;
pop3_capabilities "TOP" "USER" "UIDL" "PIPELINING" "SASL";
imap_capabilities "IMAP4rev1" "UIDPLUS" "IDLE" "LITERAL+" "QUOTA";
smtp_capabilities "SIZE 53477376" "8BITMIME" "ENHANCEDSTATUSCODES" "PIPELINING" "DSN";
proxy on;
proxy_pass_error_message on;
proxy_timeout 300s;
starttls on;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSL:16m;
ssl_session_timeout 10m;
ssl_certificate /etc/letsencrypt/live/mail.proxyserver.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mail.proxyserver.com/privkey.pem;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
server {
listen 25;
listen [::]:25;
protocol smtp;
starttls only;
smtp_auth none; # my problem :(
xclient off;
}
server {
listen 465 ssl;
listen [::]:465 ssl;
protocol smtp;
}
server {
listen 587;
listen [::]:587;
protocol smtp;
starttls only;
}
server {
listen 110;
listen [::]:110;
protocol pop3;
starttls only;
}
server {
listen 995 ssl;
listen [::]:995 ssl;
protocol pop3;
}
server {
listen 143;
listen [::]:143;
protocol imap;
starttls only;
}
server {
listen 993 ssl;
listen [::]:993 ssl;
protocol imap;
}
}
