I am connecting to “smtp.domain.io” through HAProxy. In HAProxy, I am directing traffic to multiple hosts like ‘smtp-1.domain.io’ and ‘smtp-2.domain.io’. Here is my HAProxy configuration:
`frontend kumo_mta_587
mode tcp
maxconn 30000
bind *:587
stick-table type ip size 1m expire 5m store conn_rate(1m) # Track connection rate per source IP for 60 seconds
tcp-request connection reject if { sc_conn_rate(0) gt 100 } # Reject connections if more than 100 in the last minute
default_backend backend_kumo_mta
backend backend_kumo_mta
mode tcp
stick-table type ip size 1m expire 30m
stick on src
server nodeA 10.10.10.3:587 maxconn 15000 check port 587`
I intended to redirect all requests from HAProxy to kumomta, but I encountered an error related to the certificate:
kumo.start_esmtp_listener { listen = '0.0.0.0:587', hostname = 'smtp.domain.io', tls_certificate = '/opt/kumomta/etc/ssl/domain.cert.pem', tls_private_key = '/opt/kumomta/etc/ssl/domain.key.pem', }
Is there an option to resolve this issue?
I need to send 25,000 emails per minute, but currently, a single host isn’t capable of handling this volume. Therefore, I am using HAProxy to achieve this.In our use case, HAProxy is the only solution to achieve this
I’m using port 25 but am still encountering this issue. I am hosted on Kumomta, but it doesn’t support this. That’s why I’m using HAProxy for load balancing