[Novalug] Allowing limited remote SMTP using Postfix
Michael Henry
LUG-user@drmikehenry.com
Sat Oct 6 03:25:36 EDT 2007
Tom Goldsmith wrote:
> Hello all:
>
> I have a basic Postfix mail server running on a home server. Right now
> it is set up to allow only machines connected to my local network to
> send mail, but I'm travelling more and would like to be able to send
> using my server when I'm on the road. (I've become good at finding
> workarounds, but they're a pain).
>
> What are my options?
One more slant on the problem: you can use ssh to setup a port forward
from your on-the-road machine to your home server.
On my laptop, I have the following in my /etc/hosts file:
192.168.254.251 mail
#127.0.0.1 mail
While at home, the name `mail` points to my mail server on my LAN at
192.168.254.251; on the road, I comment that line out and uncomment the
following line, which points my laptop to itself (127.0.0.1) for the
name `mail`. I then use an invocation of ssh like the following before
running Thunderbird:
ssh MyLoginName@MyHomeServer.dyndns.org
-L 25:192.168.254.251:25
-L 143:192.168.254.251:143
(Note that the above is actually all one line, but I've broken it
manually to prevent ugly line wrapping.)
I'm using DynDNS to track my dynamically assigned IP address on my home
server, so MyHomeServer.dyndns.org is just the machine name that lets me
ssh into my LAN from the road. I actually also need to use ``-p 12345``
(for some port that isn't blocked) because my ISP won't allow inbound
ssh via the standard port 22; you may need to do the same work-around.
The ``-L 25:192.168.254.251:25`` option says to accept Local connections
to port 25 on my laptop and forward them over the ssh connection to
192.168.254.251 port 25 (which is my mail server on my LAN). The second
``-L`` option redirects port 143, the IMAP port.
In Thunderbird, I configure my SMTP and IMAP servers both as ``mail``,
which points either directly or indirectly to my mail server. It's
transparent to Thunderbird whether I'm locally or remotely connected to
the server.
I'd still like to setup Squirrelmail someday (I've always heard good
things about it) so I could access my email from a web browser on an
arbitrary computer; for that purpose, I currently ssh into my mail
server and run Mutt (usually I can get permission to install PuTTY on
friends' Windows computers to give me ssh access). I'd also like to
learn enough about VLANs to setup a virtual private network between my
laptop on-the-road and my LAN. But for now, I'm fairly satisfied with
the ssh-based solution.
Michael Henry
More information about the Novalug
mailing list