On 14/11/16 07:51, Joris Vanhecke wrote:
> Right now I'm thinking of renting a cheap VPS and using it as a proxy
> for my home server which would use a dynamic DNS.
> I don't really want a copy of the email on the VPS so I was planning to
> use relayd or socat to route incoming traffic to my local OpenSMTPD
> server.
>
> But I don't really see a way to proxy outgoing connections from smtpd...
socat could do the job… provided you've got something to daemonise it.
(e.g. supervisord)
Another one to look at would be xinetd (isn't in ports, so that'll have
to be hand compiled/installed) which amongst other things, can proxy a
service. Something like:
> service https_port_forward
> {
> flags = IPv6 # Use AF_INET6 as the protocol family
> disable = no # Enable this service
> type = UNLISTED # Not listed in standard system file
> socket_type = stream # Use "stream" socket (aka TCP)
> protocol = tcp # Protocol used by the service
> user = nobody # Run proxy as user 'nobody'
> wait = no # Do not wait for close, spawn a thread instead
> redirect = yourhost.dynamicdns.service 65025 # Your OpenSMTPD server port
> only_from = ::/0 0.0.0.0/0 # Allow world + dog
> port = 25 # Listen on port 25
> }
The 'yourhost.dynamicdns.service' could also be an entry in /etc/hosts
too, since it's only the VPS that needs to know about it.
I used something similar to work-around OpenVPN being unable to listen
to a dual-stack TCP socket for port-sharing with HTTPS.
https://stuartl.longlandclan.id.au/blog/2016/11/06/dual-stack-openvpn-port-sharing-with-https/
nginx also has a SMTP proxy feature:
https://www.nginx.com/resources/admin-guide/mail-proxy/
Or you can go the whole hog and have your host VPN in to the VPS and
have the VPS do firewall-level port forwarding, which side-steps what
the ISP might do nicely.
Hadn't heard of relayd though, I might have a look at it.
--
Stuart Longland (aka Redhatter, VK4MSL)
I haven't lost my mind...
...it's backed up on a tape somewhere.
