Am 10.09.2011 17:06, schrieb Matthias Andree: > Am 06.09.2011 19:30, schrieb Ansgar Wiechers: >> On 2011-09-06 Matthias Andree wrote: >>> I am in a situation where I would like to achieve either of these >>> solutions: >>> >>> Alternative A: >>> >>> - have Postfix's smtp client talk through a command via stdin/stdout >>> (instead of a TCP stream). >>> >>> That command would be ssh -W mailhub:25, with a user-specified >>> password and possibly some sort of credentials cache (like ssh-agent). >>> >>> - Ideally, I would be able to pass relevant environment variables such >>> as SSH_AUTH_SOCK to the SMTP client somehow, and Postfix's smtp client >>> would run under my own unprivileged user ID if possible (else I need >>> to find a proxy for ssh-agent, too, because it checks the peer user >>> ID). >>> >>> - What I can do, but dislike because it's unreliable and consequently >>> insecure, is: set up a regular ssh tunnel (with local listening TCP >>> stream socket) with "-L" local forwarding and redirect Postfix there. >> >> What makes you believe that an SSH tunnel were any less reliable than >> "ssh -W"? > > The tight coupling (on client side) through stdio is what matters here. > If I put localhost:1234 as my relayhost and someone else grabs that > port, my mail is possibly gone if it's a different SMTP server rather > than the hoped-for SSH tunnel. Not acceptable
if someone else can grab the port you have really bigger problems as that but anyways, you can start the tunnel as root and take a port < 1024 so only root-users can grab the port and if you have not enough trust to root-users really really leave this company :-)
signature.asc
Description: OpenPGP digital signature
