Just thinking out loud here but because you would want to harden the cloud server in any case, I’m not sure what having a VPN gets you if also using IMAPS and SMTP + SSL between the cloud and the client. I guess one could argue that if you forget to set the SSL on the client side, you’re still covered but not seeing any other benefit.
Please clarify what I am missing if anything… > On Jun 9, 2019, at 3:29 PM, Wietse Venema <wie...@porcupine.org> wrote: > > Wietse Venema: >> Ronald F. Guilmette: >>> >>> I'd very much like to move my (Postfix) mail server, which currently resides >>> on a (static IP) end-luser broadband line, to some VM in the cloud >>> someplace, >>> and then use something like fetchmail to poll that periodically to pull >>> down all mail for my several domains and then have fetchmail re-inject >>> all of those mail messages into the local Postfix. The plan would be to >>> get all this running and then give up my local static IP here, exchanging >>> it for a dynamic one instead. (This will save me a tiny bit of money on >>> my monthy local ISP bill.) >> >> What about setting up a tunnel between home (dynamic IP) and cloud >> (static IP)? Could be a VPN, or SSH. > > Plus a transport_maps setting on the cloud side that routes mail > into the tunnel. > > Wietse
