diff --git a/content/momentum/4/modules/ha-proxy-client.md b/content/momentum/4/modules/ha-proxy-client.md index 4ba958ca..9690fbab 100644 --- a/content/momentum/4/modules/ha-proxy-client.md +++ b/content/momentum/4/modules/ha-proxy-client.md @@ -1,5 +1,5 @@ --- -lastUpdated: "10/05/2021" +lastUpdated: "05/20/2026" title: "ha_proxy_client - HAProxy protocol client module" description: "The ha_proxy_client module is used to configure Momentum to use HAProxy's PROXY protocol version 2 for outbound connections (see https://github.com/haproxy/haproxy/blob/master/doc/proxy-protocol.txt). This can be leveraged in cases where your sending IPs are deployed on a different machine than Momentum." --- @@ -7,6 +7,7 @@ description: "The ha_proxy_client module is used to configure Momentum to use HA ## Configuration * When configured for a binding or binding group Momentum will connect to the given `ha_proxy_server` and prefix the SMTP session with a PROXY protocol version 2 header. +* `ha_proxy_server` accepts either a literal `IP:port` or a `hostname:port`. When a hostname is used, Momentum resolves it at configuration load and then re-checks DNS during each [health check](#health-check): if the resolved address leaves the answer set (for example, the backend was redeployed with a new IP) Momentum will switch new connections to the updated address automatically, with no restart or configuration reload required. Detection happens through Momentum's DNS cache, so the [`resolv_conf`](/momentum/4/config/ref-resolv-conf) setting and DNS TTLs apply; expect a delay of up to one health check interval plus the record TTL before the switch. * The `dst_addr` and `dst_port` will be filled in with the resolved MX, the `src_addr` will be filled in with the configured value of `ha_proxy_src_addr` if the destination family is IPV4, or `ha_proxy_ipv6_src_addr` if the destination family is IPV6. If you need to deliver to both IPV4 and IPV6 destinations then you must configure both options for the binding or binding_group. * The `ha_proxy_bypass` option allows you to bypass the proxy and follow the normal delivery method on a domain by domain basis. * It is the customers responsibility to configure a listener at `ha_proxy_server` that listens for PROXY protocol and forwards traffic based on `dst_addr:dst_port`. diff --git a/content/momentum/changelog/5/5-3-0.md b/content/momentum/changelog/5/5-3-0.md index 66b1633f..5766ca0b 100644 --- a/content/momentum/changelog/5/5-3-0.md +++ b/content/momentum/changelog/5/5-3-0.md @@ -12,3 +12,4 @@ This section will list all of the major changes that happened with the release o | --- | --- | --- | | Feature | I-1064 | Added support for [license](/momentum/4/before-you-begin#momentum-license) signatures using ECDSA P-256 with SHA-256. | | Feature | I-1214 | Removed `msys-nodejs` RPM from the Momentum bundle, to be replaced with the 3rd-party `nodejs` package. Node.js LTS 24+ must be installed separately from the system or a vendor repository. | +| Fix | TASK-227757 | [`ha_proxy_client`](/momentum/4/modules/ha-proxy-client) now re-resolves a hostname-based `ha_proxy_server` during each health check, so backend IP changes are picked up automatically without restart. |