Kolab behind a NAT

Axel ar at xlrs.de
Sat Jan 17 00:50:28 CET 2015 

Hi, 

Am Freitag, 16. Januar 2015, 22:36:31 schrieb Jan Kowalsky:
> Hi Alex,
> hi Alby,
> 
> how do you deal with the fact that you'll have private IPs in your mta
> preventing that you can use trusted networks on the one hand and any
> spam filter on the other, because all your mails seem to come from only
> one IP (no blacklists, no greylisting etc. possible?)
> 
> We've had this problem once but no solution except a public IP.

You can use another postfix as "mail proxy". A quick search brought up this 
document: http://www.agix.com.au/blog/?p=1996 
it looks okay though i haven't tested that

i did the easy job and created separate rules on my firewall for port 80 / 443 
and 25 / 587. the first point to nginx and the latter to my kolab instance

regards, axel

> 
> Regards
> Jan
> 
> Am 16.01.2015 um 14:51 schrieb Axel:
> > Hi,
> > 
> > I have a similar setup. You have to pass the X-Forwarded-For Header to
> > your
> > kolab server
> > 
> > You need to add
> > 
> >       proxy_set_header     Host              $http_host;
> >       proxy_set_header     X-Real-IP         $remote_addr;
> >       proxy_set_header     X-Forwarded-For   $proxy_add_x_forwarded_for;
> > 
> > regards, Axel
> > 
> > Am Freitag, 16. Januar 2015, 11:24:44 schrieb alby87 at inwind.it:
> >> Hi! Thanks to all your suggestion, my Kolab installation is working fine!
> >> Well, almost :) I've a little problem: Kolab is installed inside a
> >> dedicated (virtual) machine with his own private IP, and is behind a
> >> router. Just natting the correct port to the server, all the service are
> >> working goods, the problem is all about the http services, as they should
> >> share the company website with another machine. I configured a reverse
> >> proxy in Nginx, (and I will put the configuration below) to have the
> >> "normal website" managed by it, and all the things related to Kolab
> >> redirected to the right machine.
> >> 
> >> The problem is: some http service don't work as they should: the "show
> >> calendar URL" use internal IP (192.168.xx.xxx), and if substitute with
> >> myadress.com/webmail/iRony/... it works, but I can't (for example) update
> >> the calendar. Also the preview on webmail didn't work, and also the files
> >> section on Roundcube. What's the correct strategy? I have tought of one,
> >> but I need a confirmation: 1)Create on the main webserver as many reverse
> >> proxies as "directory" used by Kolab (one for roundcube, one for
> >> kolab-admin, etc...) 2)Change the /etc/network/hosts file to connect to
> >> our
> >> public IP
> >> But this would create a 123.123.123.123/iRony/etc... URL, where I would
> >> prefer the myadress.com/iRony
> >> 
> >> Hope I don't have confused you with my request :)
> >> 
> >> My Nginx configuration about the reverse proxy
> >> 
> >> location /webmail {		proxy_pass http://192.168.24.53/;
> > 
> > client_max_body_size
> > 
> >> 40M;	}
> >> 
> >> Many thanks :)
> > 
> > _______________________________________________
> > users mailing list
> > users at lists.kolab.org
> > https://lists.kolab.org/mailman/listinfo/users
> 
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users

More information about the users mailing list