用nginx TCP反向代理作mail邮件代理
用nginx TCP反向代理作mail邮件代理
[TOC]
1. 背景
新版本nginx有TCP反向代理功能,nginx的mail proxy配置认证又太麻烦,于是就想用TCP反向功能作mail代理。
2. Nginx安装(包括nginx_upstream_check_module)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
cd /tmp tar zxf pcre-8.35.tar.gz cd pcre-8.35/ ./configure --prefix=/usr/local/pcre make make install cd /tmp tar zxf openssl-1.0.2g.tar.gz cd openssl-1.0.2g/ ./config enable-tl***t make make install mv -f /usr/bin/openssl /usr/bin/openssl.old mv -f /usr/include/openssl /usr/include/openssl.old ln -sf /usr/local/ssl/bin/openssl /usr/bin/openssl ln -sf /usr/local/ssl/include/openssl /usr/include/openssl cd /tmp git clone git@github.com:yaoweibin/nginx_upstream_check_module.git cd /tmp tar zxf nginx-1.13.4.tar.gz cd nginx-1.13.4/ patch -p1 < ../nginx_upstream_check_module/check_1.12.1+.patch ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-stream=dynamic --with-stream_ssl_module --with-pcre=../pcre-8.35 --with-http_ssl_module --with-openssl=../openssl-1.0.2g --add-module=../nginx_upstream_check_module make make install |
3. Nginx配置
cat nginx.conf
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
user www; worker_processes 8; error_log logs/info.log info; #pid logs/nginx.pid; load_module modules/ngx_stream_module.so; # 此处要添加模块 events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; #设定请求缓冲 server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 300m; #sendfile on; tcp_nopush on; #keepalive_timeout 60; tcp_nodelay on; server_tokens off; client_body_buffer_size 512k; proxy_connect_timeout 20; proxy_send_timeout 60; proxy_read_timeout 20; proxy_buffer_size 16k; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; gzip on;#开启gzip,节省带宽 gzip_min_length 1100; gzip_buffers 4 8k; gzip_types text/plain text/css application/x-javascript image/bmp application/javascript; output_buffers 1 32k; postpone_output 1460; limit_rate_after 3m;#限速模块,前3M下载时不限速 limit_rate 512k; #限速模块 include vhost/*.conf; } stream { include stream/*.conf; } |
cat stream/mail_pro.conf
|
1 2 3 4 5 6 7 8 9 10 11 12 |
######### TCP 反向代理负载均衡设置 ############### upstream mailsmtp_pro { server smtp.mxhichina.com:25; } server { listen 25; # 对外提供服务TCP监听 proxy_connect_timeout 5s; proxy_timeout 5s; proxy_pass mailsmtp_pro; } |
4. 总结
Nginx功能强大,此文也是给想使用TCP反向代理的朋友作个示例参考吧。
微信扫描下方的二维码阅读本文
