SSH tunnel to use other mailserver than localhost

Because I have a lot of virtual machines, laptops, work environments, and so on, I never seem to find the time to setup SMTP authentication everywhere. I typically use Linux for everything except hardcore gaming, so it’s only natural that I have some sort of mail server installed like Postfix. The problem in using that mail server to send e-mail is that I also quite often have dynamic IP addresses on these machines, which doesn’t work well with “e-mail protection” (well..) like SPF.

So instead of making my life very complicated, I have a trusted server on the Internet through which I send e-mail.

If you were looking for something fancy in this article, you can move along now, there’s nothing to see 🙂

To make all my Linux work instances believe they’re talking to an SMTP server locally, I simply setup a tunnel from the given Linux instance to this trusted server on the Internet using the ever so versatile OpenSSH / SSH. I know there are a lot of ways to do this, but this is what works for me:

Local machine or “where I work”

I have a private/public key keypair on all of these machines. The public key is placed in the /root/.ssh/authorized_keys file on the trusted server that is running the mail server.

On this machine, as root, I setup a tunnel that looks like this:

ssh -N -L 25:localhost:25 root@mail.example.org -p 2222

This will create a tunnel from “localhost” port 25 (where I work) to “localhost” port 25 on mail.example.org. It will connect the end point of the tunnel to mail.example.org on port 2222. If the mail.example.org server is running an SSH server on its standard port (22), you can remove the “-p 2222” part.

Mail server

On this server, I only need to put the public key from the local machine “where I work” into /root/.ssh/authorized_keys to allow the tunnel to come up.

When I access port 25 on my local machine “where I work”, it will be sent through the tunnel and then attempt to access “localhost” port 25 on the mail server. The mail server software, Postfix in my case, will never know this connection did not actually originate from “inside” the machine, but rather through the tunnel.

Closing thoughts

You can (obviously) make this somewhat more automated with tools like AutoSSH, init scripts, and what not. The above only intends to show how uncomplicated it is to create useful SSH/SMTP tunnels 🙂

 

Forcing OutOfOffice response to always fire in Zimbra

We had a need to create an e-mail account in Zimbra that would always generate an automated response to incoming e-mails. So we activated the OutOfOffice functionality (or “Vacation Mode” as some people prefer to call it). This is great, and you do have some control from the ZWC (Zimbra Web Client) user interface.

The “problem” with the OOO functionality is that it is designed for human interaction. So, in an attempt to be somewhat “intelligent”, Zimbra will remember to whom it has sent an automated response message, and if a second message is received within nn time, it will not send another one. This makes sense, if I have sent an e-mail to John Doe, and Mr Doe is on vacation, I probably know this to be true even if I send him another message within a few hours or days. So I don’t want a second automated response.

We wanted it to send an automated response every time it received a message, zmprov to the rescue!

As the ‘zimbra’ user, from the CLI prompt, enter:

zmprov ma acct@tobemod.com zimbraPrefOutOfOfficeCacheDuration <value>

 

The default <value> in our installation was 7d, presumably that means seven days. So I set it to ‘1s’ and anyone sending e-mail to acct@tobemod.com now gets an automated response, even if they send several messages within a short period of time.

Opera 11, an awesome e-mail client

Quite a few people know about Opera, “the other browser”. For many years it has been lurking in the shadows of Firefox and others. Opera 11 may put an end to that, or at least shake things up a bit.

I’ve been using Opera since “I don’t know when”, on and off. Quite frequently, when I’ve tried it, I’ve been put off after a few minutes of trying to view fairly simple website that has failed to render properly in Opera.

I have never once in my years of “playing with Opera” actually checked out their e-mail client. I’ve either favored the awesome Ajax-enabled interface of Work2Go (an e-mail solution offered by my company, WebbPlatsen i Sverige AB), or turned to Mozilla’s Thunderbird or Evolution for an “aggregated view of my e-mail hell”.

A few hours ago, I decided to have a quick peek and see how Opera 11 would behave under Ubuntu 10.10 on my Lenovo X301 laptop.  If I had to sum it up in one sentence, it’d be something along the lines of “That’s pretty damn nice!”. Fortunately for you (?) and me (!), I have this blog where I can make my quick review a few words longer.

This is not a scientific review of Opera by any means. As I mentioned earlier, I’ve usually been put off from further testing Opera after it fails to render some fairly basic websites. Not so this time around. This means I kept it running long enough to think of testing the integrated e-mail client.

So I configured an IMAP account with our Work2Go service, and after having entered some account details, I was up and running with an e-mail client that easily matches Thunderbird on a “basic user experience” level. Many things “make sense”, which is something I really appreciate as a programmer. I often think thoughts like “It would be nice to have ‘this’ function here”, and I found ‘this’ function to actually be where I expected it to be quite a few times. Fascinating.

E-mail clients easily becomes a matter of principle, habit, and religion with their users. I’ve played with Eudora, Outlook, Live, theBat, Evolution, and a few that I’ve long since forgotten the name of, and now Opera 11. Each has its pros and cons, but Opera is definitely on to something here. While it won’t provide me with the total integration that I like in Work2Go (Documents, Calendar, synchronized address books, mobile sync with my HTC Wildfire, etc), I’d say I’ll keep this as an alternative.

But don’t take my word for it, try it out for yourself! And don’t go mistaking the full blown version of Opera 11 with Opera Mini available for many mobile and lightweight environments, they’re a world apart (or “fjord” as it might be).

Nice!