proxy_smtp_auth
The `proxy_smtp_auth` directive enables or disables SMTP authentication proxying in the NGINX Mail Core module.
Description
The proxy_smtp_auth directive is a Boolean flag that determines whether SMTP authentication information should be proxied from NGINX to the upstream mail server. When set to 'on', NGINX will pass SMTP authentication credentials provided by clients through to the backend server, which is essential for maintaining user sessions and ensuring secure communications. If this directive is set to 'off', NGINX will not send the authentication details, potentially causing authentication failures when clients attempt to connect.
This directive is particularly useful when NGINX is used as a reverse proxy in front of a mail server, allowing it to handle SSL termination and other functions while still facilitating user authentication. If clients authenticate successfully to NGINX, these credentials for authentication will be forwarded to the upstream SMTP server as designated.
The permitted contexts for this directive include the mail context and within server blocks, allowing for granular control over authentication behavior per server configuration. Proper use of this directive is essential for applications that require authentication data to be passed through the proxy to function correctly.
Config Example
mail {
server {
listen 25;
proxy_smtp_auth on;
proxy_pass backend_smtp_server;
}
}Ensure that the upstream SMTP server supports the same authentication methods as the clients.
Setting this directive to 'off' can lead to failures in user authentication depending on the mail server configuration.
Be cautious with SSL/TLS configurations to avoid exposing sensitive credential data through insecure channels.