Back to Community Threads
2
Windows X-Forwarded-For support
Question asked by Elazar Broad - 12/18/2024 at 10:48 PM
Unanswered
Hello -
 Do the Windows builds support X-Forwarded-For and X-Real-IP? I have Apache in front of SmarterMail on Windows, with Apache proxying requests directly to Kestrel, however, SmarterMail does not recognize these headers and still shows the IP of my proxy as the source IP. I will note that the Windows server running SmarterMail is running a dual IPv4/IPv6 stack, so the IP shows ::ffff:1.2.3.4. Please advise.

Thanks! 

3 Replies

Reply to Thread
0
Elazar Broad Replied
12/27/2024 at 1:37 AM
Bump
0
Elazar Broad Replied
12/30/2024 at 11:36 PM
After some testing, I've confirmed that the headers are only honored when the proxied request comes from localhost. This is likely due to SmarterMail using the defaults for KnownProxies (see https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-8.0#forwarded-headers-middleware-options) or explicitly setting localhost/loopback in KnownProxies.

Would it be possible to add an option to make this configurable? i.e. add additional trusted proxies via appsettings.json?

Thanks,
 Elazar
0
Matt Petty Replied
12/31/2024 at 1:35 PM
Employee Post
Hmm interesting, thanks for looking into this. I tried looking at appsettings.json to see if it'd be possible with no changes on our end, but I looks like we have to still manually set some things in code. I'll add a task to discuss this with the team.
Matt Petty Senior Software Developer SmarterTools Inc. www.smartertools.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

TLS 1.0/1.1 Deprecation InformationGeneral Topics
Add to Outlook LimitationsSmarterMail > Desktop and Mobile Synchronization
Autodiscover and OutlookSmarterMail > Desktop and Mobile Synchronization
SmarterMail and OAuth 2.0SmarterMail > Server Configuration and Management
SmarterMail Servers and TLS SupportSmarterMail > Installation and Configuration