Re: use postfix over ssh

Mon, 12 Oct 2020 18:20:20 -0700 

On Mon, Oct 12, 2020 at 08:09:45PM -0500, Ranjan Maitra wrote:

> My apologies: were there any suggestions regarding what i should do?

Find out more about the VPN.  Nobody on this list can do that.  Does it
support port forwarding (learn that means), and will it allow forwarding
of the internal SMTP server's IP:port to your client machine.  Your
IT staff should be able to help you with that.

> > > Your question is not sufficiently detailed/precise for an answer to
> > > be possible.  You need to provide more details about the SSH VPN.
> >
> > I am not sure I know all the answers to your questions, so some suggestions 
> > on how to figure these out would be very helpful (I am on Fedora 32 linux).
> >
> > >     - Does it allow port forwarding?  Or just terminal and perhaps
> > >       X11 sessions?
> >
> > I believe that is allows at least some port forwarding, but I do not know 
> > what all it does. My ssh is to a non-standard port, however.
> >
> > >     - What ports if any can you forward?
> > >     - Any other relevant details...
> >
> > How do I figure this out?
> >
> > cat /etc/services | grep ssh

This is not relevant.

> > > Also:
> > >
> > >     - Do you ever send email to office recipients from your non-office
> > >       email address?  How do you want these to be routed?
> >
> > I use postfix only for my office e-mail address so I do not believe this to 
> > be an issue.
> >
> > >
> > >     - If you do use your office address as a sender address, but a
> > >       message is not deliverable, how should the bounce be routed?
> >
> > I don't know if this is the answer, but I guess that the bounce should be 
> > routed back to my office e-mail address?

In that case all you need to do is set relayhost to the
forwarded SSH port:

    relayhost = [127.0.0.1]:<portnumber>

but that requires your SSH VPN to support port forwarding from the
remote network to your machine, which it may restrict for security
reasons.  You'd then need to run "ssh" with the relevant port
forwarded:

    localport=12345 # Forwarded SMTP service
    relayhost=smtp.example.com
    login=yourloginname
    sshvpnport=22 # Perhaps different in your case
    ssh -Nn -o "ExitOnForwardFailure yes" -l $login -p $vpnport \
        -L"$localport:$relayhost:25" sshvpn.example.com

-- 
    Viktor.

Reply via email to