Loading ...
Sorry, an error occurred while loading the content.

297689Postfix smtp via socks5 - SOLVED

Expand Messages
  • Francina Oates
    Jan 25, 2014
      > From: moparisthebest (adminmoparisthebest.com)
      > Just thought I'd mention that I accomplish this (running postfix at home
      > with a residential connection) via a server-to-server OpenVPN tunnel.
      > It gives me an IP on both ends to bind to and route traffic across, and
      > is just as secure as SSH if not more so.


      As moparisthebest pointed out, the solution can be attained without
      socks and instead using smtp_bind_address and a layer 2 tunnel

      smtp_bind_address =
      smtp_tls_security_level = may
      smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
      smtp_tls_loglevel = 1
      smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
      smtp_helo_name = []
      # is the public ip address you will use

      I have kind of done a lot of this:

      # set up tunnel on Postfix machine
      sudo ssh -w 3:3 -o Tunnel=ethernet -o ControlMaster=no root@...
      # there are some ssh sshd setup if you're not using tunnels yet
      # yes tunnels require root ssh
      # If you have/want ipv6 capability, duplicate routing

      # on remotehost
      sudo ifconfig tap3 netmask
      sudo iptables --insert FORWARD 1 --in-interface tap3 --out-interface
      eth0 --jump MARK --set-mark 5
      sudo iptables --table nat --insert POSTROUTING 1 --match mark --mark 5
      --jump MASQUERADE
      echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

      # on postfix host
      sudo ifconfig tap3 netmask
      echo "21 smtpx" | sudo tee --append /etc/iproute2/rt_tables
      sudo ip rule add from table 21
      sudo ip route add dev tap3 src table 21
      sudo ip route add default via dev tap3 table 21

      Send secure email, be happy, use Postfix!

      Thanks for the help!
    • Show all 2 messages in this topic