From c3552689f5a453d3a4c753dc9841396709ed8cde Mon Sep 17 00:00:00 2001 From: Fabio Date: Fri, 4 Nov 2022 11:34:29 -0300 Subject: [PATCH] Implemented no auth smtp proxy pass --- .../mailproxy/v0.1.0/templates/nginx-configmap.yaml | 9 +++++++++ .../v0.1.0/templates/nginx-mailhosts-conf.yaml | 12 ++++++++++++ charts/mailproxy/v0.1.0/values.yaml | 4 ++++ 3 files changed, 25 insertions(+) diff --git a/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml b/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml index a7b829c..cb090a0 100644 --- a/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml +++ b/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml @@ -70,6 +70,15 @@ data: fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } + + {{ if .Values.nginx.noAuthSmtpServerIP -}} + location = /noauth { + add_header Auth-Status OK; + add_header Auth-Server {{ .Values.nginx.noAuthSmtpServerIP }}; + add_header Auth-Port 25; + return 204; + } + {{- end }} } \ No newline at end of file diff --git a/charts/mailproxy/v0.1.0/templates/nginx-mailhosts-conf.yaml b/charts/mailproxy/v0.1.0/templates/nginx-mailhosts-conf.yaml index 933bc60..2557f32 100644 --- a/charts/mailproxy/v0.1.0/templates/nginx-mailhosts-conf.yaml +++ b/charts/mailproxy/v0.1.0/templates/nginx-mailhosts-conf.yaml @@ -33,6 +33,18 @@ data: xclient on; proxy_pass_error_message on; } + {{ if .Values.nginx.noAuthSmtpServerIP -}} + noauthsmtp.conf: |- + server { + listen 25; + server_name localhost; + protocol smtp; + smtp_auth none; + smtp_capabilities none; + auth_http localhost:8080/noauth; + xclient on; + } + {{- end }} ssl.conf: |- ssl_certificate /etc/nginx/ssl/tls.crt; ssl_certificate_key /etc/nginx/ssl/tls.key; diff --git a/charts/mailproxy/v0.1.0/values.yaml b/charts/mailproxy/v0.1.0/values.yaml index 8eb543e..be9c38a 100644 --- a/charts/mailproxy/v0.1.0/values.yaml +++ b/charts/mailproxy/v0.1.0/values.yaml @@ -20,8 +20,12 @@ nginx: - name: smtp number: 587 protocol: TCP + - name: noauthsmtp + number: 25 + protocol: TCP annotations: {} loadBalancerIP: "" + noAuthSmtpServerIP: "" certificate: issuer: letsencrypt-staging issuerKind: ClusterIssuer