how to tunnel an imap connection over ssh

From: Pete Phillips (pete_at_philfam.co.uk)
Date: 05/14/05

Next message: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"

Previous message: wideangle_at_gmail.com: "Re: O'Reilly SSH book published"
Next in thread: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"
Reply: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"
Reply: Dimitri Maziuk: "Re: how to tunnel an imap connection over ssh"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 14 May 2005 20:39:42 +0100

I have an IMAP server inside our firewall(call this imap.domain.org).

I have the firewall set up to port forward ssh to another internal
machine (call this fileserver.domain.org).

Looks a bit like this:

     +-----------+
     |HomeMachine|
     +-----------+
           |
           |
      +--------+
      |Firewall|
      +--------+
           | Port forwards all ssh connections to fileserver
           |
      +----------+
      |FileServer|
      +----------+
           |
      +-----------+
      |IMAP Server|
      +-----------+

I have a login account on fileserver, but IMAP is set up with cyrus imap
as a black box, no login accounts, using sasl plain.

I want to set up an ssh tunnel from my local host, through the firewall,
through the file server so that the last part of the chain forwards to
IMAP. The idea is that I can then point my mail reader to the localhost
port and it will be able to authenticate to the imap server.

I have tried this:

ssh -v -x -L3333:localhost:4444 firewall.domain.org ssh -x
-L4444:localhost:143 imap.domain.org -N imap.domain.org

but it tries to ssh into the imap server (and as I don't have an account
on it this fails). Clearly I am confused about what is happening here
(and what I am trying to do!). Any ideas (or putting straight) much
appreciated.

I could, if necessary, set up login accounts on the cyrus server, but
that seems to defeat the object of running it as a black box.

Thanks in advance,
Pete

Next message: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"

Previous message: wideangle_at_gmail.com: "Re: O'Reilly SSH book published"
Next in thread: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"
Reply: Richard E. Silverman: "Re: how to tunnel an imap connection over ssh"
Reply: Dimitri Maziuk: "Re: how to tunnel an imap connection over ssh"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

ssh versus internal port forwarding
... I have a SoHo system with protected by an ipCop firwall system. ... I want to allow access from a few places to an IMAP server on the ... Is there any difference at all between using the port mapping ... ssh access and using ssh to make a tunnel ...
(comp.security.firewalls)
Re: [9fans] using acme/Mail from plan9port in Linux
... Perhaps your imap server is doing somthing similar? ... which frankly I don't trust on top of a Unix file system. ... drop the ssh if you trust your local mail installation ...
(comp.os.plan9)
Re: [9fans] using acme/Mail from plan9port in Linux
... Perhaps your imap server is doing somthing similar? ... which frankly I don't trust on top of a Unix file system. ... drop the ssh if you trust your local mail installation ...
(comp.os.plan9)
[OT] Re: udev and devfs - The final word
... > You can run any tcp/ip service over ssh. ... > prefer to setup some firewall rules and tell your imap server it lives in the ... respawning ssh more than once per 1-2 seconds. ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: Thunderbird not working with Dovecot
... It never did this with the IMAP server that I was using on my old ... on port 993 and encrypt the connection. ... connecting to port 143 and was not using any encryption at all. ...
(Debian-User)