POP3 and SMTP via SSH Tunnels

Published: ← 2015-10-05 →
Category: ← Code →
Tags: ← email  → privacy ssh tunnel

I use Fetchmail to retrieve my email. I have an account that still doesn’t support SSL, but at least I also have an SSH account that on the same network. Here’s the fetchmailrc config to optionally tear down, then build and use an SSH tunnel:

poll "mail.insecure.example.org" via localhost port 6301 proto pop3 user "username@example.org" pass "foo" preconnect "kill `lsof -t -b -i @localhost:6301` > /dev/null 2>/dev/null; ssh -q -f -C -L 6301:mail.insecure.example.org:110 username@example.org sleep 20 < /dev/null > /dev/null" {lang=”fetchmailrc”}

It took quite a bit of tinkering over a long time to get that working reliably, so I hope it’s of some use to someone.

Along the same lines, I’d prefer my SMTP server not leak my home computer’s IP address in emails, so I tunnel to the SMTP server’s network to send email. This script replaces sendmail -t:

#!/bin/bash

/usr/bin/ssh -f -q -L 8587:mail.example.com:587 username@example.com ‘sleep 5’ && msmtp -t --read-envelope-from exit $?