I have several mail servers which host different domains (e.g. domain1.com is served by mail.domain1.com, while domain2.com is served by mail.domain2.com). I try to set up a single point to access these domains' mails so I set up a VM with Nginx server as mail reverse proxy.
Each of the domains uses different TLS certificate so I decided to set up different server blocks with different server_name and ssl_certificate specified (just like I used to do with http server's), like this:
mail {
...
server {
listen 25;
protocol smtp;
server_name mail.domain1.com;
ssl_certificate ...;
ssl_certificate_key ...;
starttls on;
proxy on;
xclient off;
}
server {
listen 25;
protocol smtp;
server_name mail.domain2.com;
ssl_certificate ...;
ssl_certificate_key ...;
starttls on;
proxy on;
xclient off;
}
}
but this suddenly won't work, nginx can't run saying "nginx: [emerg] duplicate "0.0.0.0:25" address and port pair in nginx.conf"
I expect server blocks will be checked for exact server_name and this very block will be used to set up TLS/SSL connection, but I was wrong with that. At the same time, I can't join two domain certs into a single file and use it on a single (joined) server block.
So to say, above is only an example, I used to host many more mail domains, so this problem is huge for me. I can surely proxy IMAP/SMTP with Dovecot's proxy feature while proxy SMTP with some other software (which one?) but Nginx looked like a good universal approach.
Please advice, if I can archive my goals with Nginx, or how can I do that without many bits of different software?
Thank you in advance!
0 Answers