Proxy protocol support

Kent Oyer kent at
Thu Oct 30 20:16:29 CET 2014

The messages come into Postfix first and Postfix creates a Received header with the IP address of the originating server. Then Postfix sends the message to localhost:10024 which is normally an instance of amavis but in my case it's an instance of haproxy which load balances between multiple amavis servers.

-----Original Message-----
From: Tom Sommer [mailto:mail at] 
Sent: Thursday, October 30, 2014 3:07 PM
To: Tom Johnson
Cc: Kent Oyer; amavis-users at
Subject: Re: Proxy protocol support

So how do you make sure the postfix and amavis instances see the IP of the mailserver and not of the haproxy server?

Tom Sommer

On 2014-10-30 19:59, Tom Johnson wrote:
> We just run postfix and amavisd-new on all our servers, and those sit 
> behind haproxy.
>> On Oct 30, 2014, at 11:53 AM, Kent Oyer <kent at> wrote:
>> Hi Tom,
>> I don't know if amavis supports the PROXY protocol but I kinda doubt 
>> it. I've solved the problem by putting haproxy in between postfix and 
>> amavis like this
>> --> Postfix (ingress) --> haproxy --> amavisd --> Postfix (egress) 
>> --> -->
>> The ingress Postfix server does all the SPF and RBL checks. Then it 
>> sends the messages to haproxy which divides the load between several 
>> amavis servers to do the heavy lifting. You should add the IP address 
>> of the haproxy server to the trusted_networks list in Spamassassin. 
>> In my case, I'm running haproxy on the same machine as the ingress 
>> Postfix server. So I have 2 Postfix/haproxy servers and 6 amavisd 
>> servers followed by 2 Postfix egress servers. It been working great 
>> so far.
>> Thanks
>> Kent
>> -----Original Message-----
>> From: Tom Sommer [mailto:mail at]
>> Sent: Monday, October 27, 2014 8:42 AM
>> To: amavis-users at
>> Subject: Proxy protocol support
>> Hi
>> Does amavis support the PROXY protocol?
>> I want to create an amavis cluster with a load-balancer in front of 
>> all the nodes, I was thinking haproxy.
>> I need the source IP in amavis to be the mailserver and not the load 
>> balancer (to support forward_method=*), the PROXY protocol seem to 
>> fix this?
>> Thanks
>> --
>> Tom Sommer

More information about the amavis-users mailing list