Directive Reference

proxy_protocol

The proxy_protocol directive enables NGINX to accept PROXY protocol connections for mail servers.

NGINX Mail Core · mailmail server
Syntaxproxy_protocol on | off;
Defaultoff
Contextmail, mail server
Argumentsflag

Description

The proxy_protocol directive, when enabled in the mail context, allows NGINX Mail Core to handle connections that use the PROXY protocol, a standard way to pass client connection information to proxies. This is particularly useful when NGINX is employed as a reverse proxy that terminates SSL or when it is forwarding requests to a backend server that expects to receive the original client's IP address.

When this directive is set to 'on', the SMTP, IMAP, or POP3 servers will be able to read the PROXY protocol header. This allows them to log the correct client IP address instead of seeing the proxy's IP address. It is crucial for scenarios involving load balancers or reverse proxies to ensure correct client information is preserved throughout the request lifecycle.

It is important to note that the directive only accepts a flag value (on or off), and improper configuration may lead to connection errors or incorrect client IP information being logged by the downstream services, particularly if the backend does not understand the PROXY protocol.

Config Example

mail {
    server {
        listen 25;
        proxy_protocol on;
        # Additional mail server settings
    }
}

Make sure the backend server supports the PROXY protocol; otherwise, it will misinterpret the headers.

If the directive is enabled, the mail server should be configured to accept connections only from trusted proxy servers.

Related Directives

listenproxy_pass
← Back to all directives