I don’t know how many of you have encountered this annoyance: You’re using an SMTP server to send your e-mail, but the server is accessible only from within its local network, so you can’t use it if you wander around with your laptop. It was a real problem for me, since I use the CS dept. SMTP sever, which is accessible only from the campus network. When I go home and take my laptop, I can’t use this server to send mail. My previous solution was to send mail through the ISP’s SMTP server, but it requires selecting the outgoing server according my location – and that’s annoying.
It’s probably not a very common problem any more, when more and more people use gmail. I personally don’t like using webmail account – I don’t find them convenient.
But this is not a ranting post: Here’s how to do this.
The trick is to open an SSH tunnel to a public server inside the SMTP server’s local network. The command to do so, in a nutshell, is (replace the mock server names and ports with real ones):
ssh -q -2 -n -N -L 8025:smtp.some.net:25 public.server.some.net
After doing so, set in your mail application the outgoing mail server to “localhost:8025″.
That’s, however, only half of the story. To make it run smoothly, you still need a couple of tweaks:
- Make SSH connect automatically to the public server, without typing a password
- Start the SSH session in the background when you connect to the net, and stop it when you disconnect
The first item, opening a SSH session without typing a password, is discussed in many manuals. This is one manual, and you can google up many others.
The other item is a bit more tricky. Linux distros run all scripts under “/etc/network/if-up.d/” immediately after connecting to the net, and the ones in “/etc/network/if-down.d/” after disconnecting. You can put a script with the above command in if-up.d to get the desired effect. However, these scripts are run by the root user, not the current user. Therefore, all your SSH settings become unavailable. This modified command solves a part of the problem (replace “user” with the real username):
ssh -q -2 -l user -i /home/user/.ssh/id_rsa -n -N -L 8025:smtp.some.net:25 public.server.some.net
The only remaining issue is to copy the public server’s entry from “~/.ssh/known_hosts” to “/etc/ssh/ssh_known_hosts” to make it available to the root user. Otherwise, SSH asks for confirmation to connect to the public server, and make the whole process stuck.
Killing the SSH session on disconnection is rather straightforward. Put something like this under if-down.d:
kill `ps -eF | grep ssh | grep smtp.some.net | awk '{print $2}'`
È voilla! You have an STMP tunnel available when you’re connected to the net.
Of course, the more common solution is to use gmail, but I don’t like webmail accounts, and a real hacker should not compromise! I hope you find this information useful.
Your attitude towards gmail isn’t fully justified. Web is just an interface, you can always use gmail with /*insert your favorite email client here*/
Moreover, I’m afraid that implementing the gmail solution would be faster and less error-prone – although admittedly it wouldn’t be a nice hack that way.