[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Safe, secure mail relay



On Sat, May 25, 2002 at 01:19:21PM -0300, Carlos A P Gomes wrote:
| * dman <dman@dman.ddts.net> [25-05-2002 13:03]:
| > It's possible.  What are you trying?
| > 
| > I think there are 2 ways of doing this :
| >     1)  ssh to the box and run a mua there.  This is no different from
| >         sitting at the machine's console.  (this is what I do since I
| >         use a curses MUA in the first place)
| > 
| >     2)  use an ssh to tunnel SMTP traffic and thus the MTA sees a TCP
| >         connection from the loopback interface.
| 
| I use my notebook everywhere and sometimes connect it to internet with
| dial up or non trusted LAN.

| I'd like to let exim queue every mail I
| write and only try to send them when I bring the ssh-tunnel up and
| execute something like exim -q.

Set 'queue_only' in /etc/exim/exim.conf and exim will only queue
messages.  You can then tell it to flush the queue on the command
line.  (also tweak /etc/cron.d/exim to your liking)

| My problem is that I couldn't make exim
| believe that a local port is the remote relay host. I tryied to
| configure exim with the option 2 at eximconfig (remote relay host) and use
| localhost:ssh_redirected_port as my smart host but It sends me a mail
| saying that localhost is a local address and doesn't deliver the message :(

Yeah, exim won't kill itself by trying to deliver remote messages to
itself.  (inifinte recursion)
Some versions of Lotus Domino would do that, though :-)
(http://cert.uni-stuttgart.de/archive/bugtraq/2001/08/msg00289.html).

I'm not 100% positive, but I don't think you can force exim to make a
remote SMTP connection to the local machine.  You can setup exim to
use SMTP TLS, though.  Install the 'exim-tls' package, generate a
certificate for your site, and check out chapter 38 (Encrypted SMTP
connections using TLS/SSL) in spec.txt (found in the doc directory).

HTH,
-D

-- 

Who can say, "I have kept my heart pure;
I am clean and without sin"?
        Proverbs 20:9
 
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

Attachment: pgpZzd2HtXUJ_.pgp
Description: PGP signature


Reply to: