[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Secure Email While traveling



Am Do, den 21.10.2004 schrieb John Garmany um 18:19:

> I am looking at ways to both send and retrieve email while traveling.  
> Since I use hotel internet connections and public wireless connection, I 
> am looking at a way to secure the connection.  My traveling laptop is 
> windows.
> 
> My idea is this.
> 
> 1.  Connect using ssh to the Linux server with a couple of tunnels from 
> local ports to the mail ports. (25 Sendmail, 143 IMAP, 110 POP3)
> 2.  Point my email programs (Outlook for work, Thunderbird for 
> personnel) to the local ports connected to the tunnel
> 3.  Send and recieve mail.

Yes, that would be a secure way. You only would have to always
reconfigure your mail client to use localhost:port as the mail server
address (SMTP/POP3/IMAP).

> This should encrypt the connection for the mail so that no one could 
> monitor my passwords or read my mail.

Yes, even if the hotel wireless connection is not secured against
sniffing you have secure SSH tunnels.

> Also Sendmail will see me as a local user (I think) and relay out my mail.

Sendmail will see a relay attempt from localhost and will permit it.

> Has anyone else tried this?  Am I missing something.  Is there an easier 
> way.

I did so in the past.

A different way would be to use webmail on your server. Force webmail to
only handle HTTPS and you have encryption too. I am running this with
Horde/IMP and it is very comfortable if you are travelling around. You
just need a browser.

> When I travel I open the mail ports throught the firewall and they get 
> hit pretty hard.  Average about 50 failed attempts a day at logging on 
> as different users  (nobody, guest, etc).  This way I would only need to 
> open the ssh port.

Relay attempts are pretty normal if you run an MTA. I think the nobody,
guest etc. attempts you see are the login attempts with SSH we nearly
all face since some month.

> John

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp 
Serendipity 18:38:05 up 1 day, 15:17, load average: 0.01, 0.11, 0.15 

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]