Loading ...
Sorry, an error occurred while loading the content.

297689Postfix smtp via socks5 - SOLVED

Expand Messages
  • Francina Oates
    Jan 25, 2014
    • 0 Attachment
      > From: moparisthebest (adminmoparisthebest.com)
      >
      > Just thought I'd mention that I accomplish this (running postfix at home
      > with a residential connection) via a server-to-server OpenVPN tunnel.
      > It gives me an IP on both ends to bind to and route traffic across, and
      > is just as secure as SSH if not more so.



      SOLVED

      As moparisthebest pointed out, the solution can be attained without
      socks and instead using smtp_bind_address and a layer 2 tunnel

      /etc/postfix/main.cf:
      smtp_bind_address = 192.168.4.1
      smtp_tls_security_level = may
      smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
      smtp_tls_loglevel = 1
      smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
      smtp_helo_name = [1.2.3.4]
      # 1.2.3.4 is the public ip address you will use

      I have kind of done a lot of this:

      # set up tunnel on Postfix machine
      sudo ssh -w 3:3 -o Tunnel=ethernet -o ControlMaster=no root@...
      # there are some ssh sshd setup if you're not using tunnels yet
      # yes tunnels require root ssh
      # If you have/want ipv6 capability, duplicate routing

      # on remotehost
      sudo ifconfig tap3 192.168.4.2 netmask 255.255.255.0
      sudo iptables --insert FORWARD 1 --in-interface tap3 --out-interface
      eth0 --jump MARK --set-mark 5
      sudo iptables --table nat --insert POSTROUTING 1 --match mark --mark 5
      --jump MASQUERADE
      echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

      # on postfix host
      sudo ifconfig tap3 192.168.4.1 netmask 255.255.255.0
      echo "21 smtpx" | sudo tee --append /etc/iproute2/rt_tables
      sudo ip rule add from 192.168.4.1/32 table 21
      sudo ip route add 192.168.4.0/24 dev tap3 src 192.168.4.1 table 21
      sudo ip route add default via 192.168.4.2 dev tap3 table 21

      Send secure email, be happy, use Postfix!

      Thanks for the help!
    • Show all 2 messages in this topic