Re: Tunneling smtp with exim4
> I normally use exim4 with the "smarthost-configuration", i.e. I relay all
> email to the mail server of my ISP. In the file
> /etc/exim4/update-exim4.conf.conf i thus have a line saying:
>
> dc_smarthost='mail.my.isp.se'
>
> Now I would like to tunnel my outgoing email over ssh, and I have started
> up an ssh tunnel with:
>
> ssh -l jesper -L 1369:mail.my.isp.se:25 -N shell.my.isp.se
I had the same problem reaching a relaying mail server through a tunnel. I
found http://www.jfranken.de/homepages/johannes/vortraege/ssh2.en.html. The
solution is to make exim talk smtp to a pipe. ssh takes this smtp dialog on
stdin and netcat on the remote machine feeds that to the mail server.
In the transports section I put:
# Transport, which tunnels mails over ssh to my smarthost
ssh:
driver = pipe
# talk regular smtp to the pipe (qmail approved :-) )
bsmtp = all
bsmtp_helo = true
use_crlf = true
prefix = ""
suffix = ""
# connect to my mail server's smtp port.
# must authenticate without password
command = ssh -l <user> <host> 'nc -w 1 <smtp server> smtp'
user = <local user>
# ssh failure handling: kill hanging sessions,
# retry and tell me on failures
timeout = 300s
temp_errors = 1
return_fail_output = true
And in the routers section there is
sshpipe:
driver = domainlist
transport = ssh
route_list = "*"
Important to note is that you need to enable ssh's public key authentication
to not have it ask for a password. Key authentication has to work for
user = <local user> in the line after the ssh command.
BTW, I use exin 3.36, I believe this has to work with other versions, too.
No experiences there, sorry
HTH,
Chris
Reply to: