[Novalug] Allowing limited remote SMTP using Postfix

Michael Henry LUG-user@drmikehenry.com
Sat Oct 6 03:25:36 EDT 2007


Tom Goldsmith wrote:
> Hello all:
> 
> I have a basic Postfix mail server running on a home server. Right now 
> it is set up to allow only machines connected to my local network to 
> send mail, but I'm travelling more and would like to be able to send 
> using my server when I'm on the road. (I've become good at finding 
> workarounds, but they're a pain).
> 
> What are my options?

One more slant on the problem: you can use ssh to setup a port forward 
from your on-the-road machine to your home server.

On my laptop, I have the following in my /etc/hosts file:

   192.168.254.251 mail
   #127.0.0.1 mail

While at home, the name `mail` points to my mail server on my LAN at 
192.168.254.251; on the road, I comment that line out and uncomment the 
following line, which points my laptop to itself (127.0.0.1) for the 
name `mail`.  I then use an invocation of ssh like the following before 
running Thunderbird:

   ssh MyLoginName@MyHomeServer.dyndns.org
     -L 25:192.168.254.251:25
     -L 143:192.168.254.251:143


(Note that the above is actually all one line, but I've broken it 
manually to prevent ugly line wrapping.)

I'm using DynDNS to track my dynamically assigned IP address on my home 
server, so MyHomeServer.dyndns.org is just the machine name that lets me 
ssh into my LAN from the road.  I actually also need to use ``-p 12345`` 
(for some port that isn't blocked) because my ISP won't allow inbound 
ssh via the standard port 22; you may need to do the same work-around.

The ``-L 25:192.168.254.251:25`` option says to accept Local connections 
to port 25 on my laptop and forward them over the ssh connection to 
192.168.254.251 port 25 (which is my mail server on my LAN).  The second 
``-L`` option redirects port 143, the IMAP port.

In Thunderbird, I configure my SMTP and IMAP servers both as ``mail``, 
which points either directly or indirectly to my mail server.  It's 
transparent to Thunderbird whether I'm locally or remotely connected to 
the server.

I'd still like to setup Squirrelmail someday (I've always heard good 
things about it) so I could access my email from a web browser on an 
arbitrary computer; for that purpose, I currently ssh into my mail 
server and run Mutt (usually I can get permission to install PuTTY on 
friends' Windows computers to give me ssh access).  I'd also like to 
learn enough about VLANs to setup a virtual private network between my 
laptop on-the-road and my LAN.  But for now, I'm fairly satisfied with 
the ssh-based solution.

Michael Henry



More information about the Novalug mailing list