Enjoy Slackware 15.0!

Welcome to the Slackware Documentation Project

Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
howtos:misc:proxying_smtp [2015/11/27 23:01 (UTC)]
louigi600 [Scenario 2] 		howtos:misc:proxying_smtp [2016/04/28 07:38 (UTC)]
louigi600 [Scenario 3]
Line 6: Line 6:
 Here are some scenarios with examples on how you could go about working around the problem. Here are some scenarios with examples on how you could go about working around the problem.
  
-Throughout the scenarios we will be referring so 3 machines:+Throughout the scenarios we will be referring to 3 machines:
  
-Machine A with IP address 192.168.0.2 (cannot send meils directly via internet and cannot use Local Mail Relay) +  * Machine A with IP address 192.168.0.2 (cannot send mails directly via internet and cannot relay on Local Mail Relay) 
- +  Machine B with IP address 192.168.1.2  
-Machine B with IP address 192.168.1.2  +  Local Mail Relay (LMR) with IP address 192.168.2.2
- +
-Local Mail Relay (LMR) with IP address 192.168.2.2+
  
  
 ===== Scenario 1 ===== ===== Scenario 1 =====
-Machine A cannot send mails directly (has no local MTA and cannot access directly any other RELAY) +  * Machine A cannot relay on any local or internet MTA 
-but Machine A has access to machine and Machine B can access LMR's port 25 and is allowed to use LMR for relaying mails.+  Machine A can reach Machine on some unused port (1234 in the example below) 
 +  * Machine B can relay thought LMR 
 +  * Machine B can reach LMR's port 25
  
-We can use nc to proxy mail from A to LMR+We can use nc on Machine B to proxy mail from A to LMR. In this example it will appear to LMR as if it was Machine B that is sending the email.
  
 On machine B On machine B
Line 55: Line 55:
  
 ===== Scenario 2 ===== ===== Scenario 2 =====
-Let'suppose that Machine A can reach the LMR but only on port 22 +  * Machine A cannot reach LMR'port 25 
-can we use a ssh tunnel between A and LMR to do the job for us ?+  * Machine A is allowed to relay thought LMR but firewall is preventing it from reaching port 25 on LMR 
 +  * Machine A can reach the LMR but only on port 22. 
 + 
 +We use a ssh tunnel between A and LMR to do the job for us. In this example we are bypassing firewall by using ssh to forward traffic trough a encrypted tunnel. For this to work properly the ssh client that is going to be forwarding needs to be executed by an administrative account.
  
 <note important>This time we will be working exclusively on machine A</note> <note important>This time we will be working exclusively on machine A</note>
Line 71: Line 74:
   DATA   DATA
   354 End data with <CR><LF>.<CR><LF>   354 End data with <CR><LF>.<CR><LF>
-  FROM:drao@invallee.it +  FROM:me@localnet.com 
-  TO:drao@invallee.it+  TO:dude@localnet.com
   SUBJECT:test using ssh tunnel   SUBJECT:test using ssh tunnel
   if you get this sending email trough ssh tunnel worked   if you get this sending email trough ssh tunnel worked
Line 82: Line 85:
  
  
- +===== Scenario 3 =====
-This method may or may not work depending on whether MTA on LMR is configured to allow Machine A to relay trought it. This leads to yet another scenario (see Scenario 3) or an alternative method provided the following conditions are met:+
   * Machine B can relay emails trough LMR    * Machine B can relay emails trough LMR 
 +  * Machine B cannot reach LMR's port 25
 +  * Machine B can access LMR via ssh
   * Machine A has access to Machine B on whatever port we choose to let ssh listen on for forwarding (1024 in the exaple).    * Machine A has access to Machine B on whatever port we choose to let ssh listen on for forwarding (1024 in the exaple). 
  
Line 91: Line 95:
 We can then start the ssh socks proxy on Machine B listening on a port Machine A can access: We can then start the ssh socks proxy on Machine B listening on a port Machine A can access:
  
-On machine B+On machine B with a privileged user
   ssh -2 -D 192.168.1.2:1024 -N  192.168.2.2 &   ssh -2 -D 192.168.1.2:1024 -N  192.168.2.2 &
  
Line 105: Line 109:
   DATA   DATA
   354 End data with <CR><LF>.<CR><LF>   354 End data with <CR><LF>.<CR><LF>
-  FROM:drao@invallee.it +  FROM:me@localnet.com 
-  TO:drao@invallee.it+  TO:dude@localnet.com
   SUBJECT:test using ssh tunnel   SUBJECT:test using ssh tunnel
   if you get this sending email trough ssh tunnel worked   if you get this sending email trough ssh tunnel worked
Line 116: Line 120:
  
  
-===== Scenario ===== +===== Scenario ===== 
-Mostly like Scenario 2 but Machine A is not allowed to relay on LMR dew to MTA configuration.+  * Machine A cannot reach LMR's port 25 
 +  * Machine A is not allowed to relay thought LMR  
 +  * Machine A cannot proxy on any other machine that is allowed to relay trough LMR 
 +  * Machine A can reach the LMR but only on port 22. 
 We can still get the whole command to run on the LMR via ssh: We can still get the whole command to run on the LMR via ssh:
 +
 +<note important>This time we will be working exclusively on machine A</note> 
  
   cat << EOF > send_this_mail   cat << EOF > send_this_mail
Line 132: Line 142:
   quit   quit
   exit   exit
-  EOF" | curl telnet://localhost:25+  " | curl telnet://localhost:25 
 +  EOF
   cat send_this_mail |ssh 192.168.2.2   cat send_this_mail |ssh 192.168.2.2
  

In Other Languages
QR Code
QR Code howtos:misc:proxying_smtp (generated for current page)