Accept all mail from specific ip/host without authentication

I’d like to get email health alerts from my HAproxy instance, but unfortunately HAproxy doesn’t handle email authentication at all.

My first thought was to make manual edits to the postfix config to accept all email from my HAproxy hostname and/or IP address, but I don’t believe that would survive a MIB upgrade.

Is there a better way?

Why can’t the OS with HAProxy send emails? What is it installed to?

The OS can (in my case pfSense). That doesn’t solve for my use case, though; my OS doesn’t act as a mail server or local relay.

There is an option in pfSense to use authenticated servers for logging into for notifications. I know I used it for Gmail and I’m pretty sure I used it with MiaB.

Sorry, I’m not being clear. I don’t have a problem sending email from pfSense, that works fine. However, HAproxy’s email configuration is entirely independent of the OS’.

There isn’t going to be a way to resolve this issue through MiaB. I suspect pfSense simply doesn’t support the standard calls for sending mail (e.g., sendmail). The obvious solution seems to be to install an MTA to pfSense, but I’m not sure if that’s possible or even advisable.

An alternative could be to take some old computer and configure it as a local relay.

That said, it’s hard for me to believe that with all the admins running pfSense, none have figured out a way to deal with this.

True that sendmail doesn’t exist on pfSense, at least not in the traditional sense. I believe they use a PHP PEAR implementation. And I agree it’s not a good idea to install a MTA there. I can spin up a VM to handle local relay if I can’t come up with a better way.

I suspect people running both pfSense and the HAProxy package on pfSense are a relatively small subset of the user base.

By sendmail, I really meant sendmail-compliant MTA. Most (all?) popular projects call sendmail for sending mail.

So what is wrong with using PHP PEAR?

Writing some sort of custom LUA script for HAProxy to utilize PHP for an email notification seems like it would be much more difficult than manually adding a line to MiaB’s once an upgrade. Assuming such a thing is even possible.

I don’t know for certain, but you may have luck with adding the local IP to

mynetworks = [::ffff:]/104 [::1]/128


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.