how to tunnel an imap connection over ssh

From: Pete Phillips (pete_at_philfam.co.uk)
Date: 05/14/05

  • Next message: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"
    Date: Sat, 14 May 2005 20:39:42 +0100
    
    

    Hi

    I have an IMAP server inside our firewall(call this imap.domain.org).

    I have the firewall set up to port forward ssh to another internal
    machine (call this fileserver.domain.org).

    Looks a bit like this:

         +-----------+
         |HomeMachine|
         +-----------+
               |
               |
          +--------+
          |Firewall|
          +--------+
               | Port forwards all ssh connections to fileserver
               |
          +----------+
          |FileServer|
          +----------+
               |
          +-----------+
          |IMAP Server|
          +-----------+

    I have a login account on fileserver, but IMAP is set up with cyrus imap
    as a black box, no login accounts, using sasl plain.

    I want to set up an ssh tunnel from my local host, through the firewall,
    through the file server so that the last part of the chain forwards to
    IMAP. The idea is that I can then point my mail reader to the localhost
    port and it will be able to authenticate to the imap server.

    I have tried this:

      ssh -v -x -L3333:localhost:4444 firewall.domain.org ssh -x
    -L4444:localhost:143 imap.domain.org -N imap.domain.org

    but it tries to ssh into the imap server (and as I don't have an account
    on it this fails). Clearly I am confused about what is happening here
    (and what I am trying to do!). Any ideas (or putting straight) much
    appreciated.

    I could, if necessary, set up login accounts on the cyrus server, but
    that seems to defeat the object of running it as a black box.

    Thanks in advance,
    Pete


  • Next message: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"

    Relevant Pages

    • ssh versus internal port forwarding
      ... I have a SoHo system with protected by an ipCop firwall system. ... I want to allow access from a few places to an IMAP server on the ... Is there any difference at all between using the port mapping ... ssh access and using ssh to make a tunnel ...
      (comp.security.firewalls)
    • Re: [9fans] using acme/Mail from plan9port in Linux
      ... Perhaps your imap server is doing somthing similar? ... which frankly I don't trust on top of a Unix file system. ... drop the ssh if you trust your local mail installation ...
      (comp.os.plan9)
    • Re: [9fans] using acme/Mail from plan9port in Linux
      ... Perhaps your imap server is doing somthing similar? ... which frankly I don't trust on top of a Unix file system. ... drop the ssh if you trust your local mail installation ...
      (comp.os.plan9)
    • [OT] Re: udev and devfs - The final word
      ... > You can run any tcp/ip service over ssh. ... > prefer to setup some firewall rules and tell your imap server it lives in the ... respawning ssh more than once per 1-2 seconds. ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: Thunderbird not working with Dovecot
      ... It never did this with the IMAP server that I was using on my old ... on port 993 and encrypt the connection. ... connecting to port 143 and was not using any encryption at all. ...
      (Debian-User)