IMAP and SMTP over HTTP Proxy

The solution that I’m using for allowing Thunderbird (and if you really want, Kmail) to connect to my employer IMAP and SMTP servers, is not straightforward but it simply works…

For this to work you really need an external server where you can connect through ssh. This ssh server must be able to contact and connect to the required mail server, namely accessing their IMAP and SMTP ports.

Right now, I use a Linux VPS, located somewhere in the world ( 🙂 ) that I’ve bought through the lowendbox.com site. Great price per year (around 2€ per month).

I run ssh on this server on a non standard port.

The trick is simple:

Just open up two terminal sessions, and if you have ssh through corkscrew tunnelling working (see my previous posts: https://primalcortex.wordpress.com/2014/02/19/ssh-over-http-proxy/ ), it’s simple as executing this:

On terminal 1 and for IMAP (secure):

ssh -L 1993:imap.server.com:993 -p 12345 mysshserver

where imap.server.com is the name or external IP of the IMAP server and 993 is the secure IMAP port. The 1993 is the port at the local address 127.0.0.1 that is listening to connections from thunderbird. The -p 12345 is the port that my remote ssh server is running on and listening on for connections, and of course, mysshserver is the dns or ip address for the ssh server.

On terminal 2 and for secure SMTP:

ssh -L 1465:smtp.server.com:465 -p 12345 mysshserver.

When this two connections are established, then the local machine ports 1993 and 1465 connect through ssh and corkscrew tunnelling to the mail server… and thunderbird can now work as it should.

Just use as IMAP server the localhost and port 1993, and as SMTP server the localhost and 1465 port.

Of course for thunderbird to work, first is needed to create the tunnels.

Advertisements

SSH over HTTP Proxy

Using SSH to connecting to an host when an HTTP Proxy is between the client and the host, can not be done directly without some configuration.

On Linux based machines the solution is to install and run corkscrew, a program that can tunnel the SSH protocol through an HTTP Proxy.

So how to do the configuration?

1) First install the corkscrew program with your package manager. On Ubuntu family: apt-get install corkscrew

2) Then you need to configure SSH to use corkscrew when connecting to the host that has a http proxy between.

3) Goto to your home directory and change to the hidden directoy .ssh within a command shell window.

4) Create or edit a file named config. The name is just config. No extensions.

5) Add the following lines to the config file

Host <IP_of _remote_host>  
 ProxyCommand corkscrew <IP_of_HTTP_Proxy> <HTTP_Proxy_Port> %h %p <auth_file>

Where the <IP_of_remote_host> is the public ip address of the host where you wish to connect.

The <IP_of_HTTP_Proxy> and <HTTP_Proxy_Port>  are the IP address and Port of you local http proxy server that you wish to go through.

And finally, if your proxy server requires authentication, by username and password, just give a complete path to a file where Proxy credentials are stored, for example /home/primalcortex/.corkscrew_auth

This file content must be something like:

username:password

For example a complete config file example:

Host 78.0.1.3
    ProxyCommand 192.168.1.1 8080 %h %p /home/primalcortex/.corkscrew-auth

and the .corkscrew-auth file:

myproxyuser:rtwertjwe4

6) Just connect now:

ssh myremoteuser@78.0.1.3

or when not using the default ssh port:

ssh -p 12345 myremoteuser@78.0.1.3

7) Done!

So why we need this?

Well, first is of course, to access a remote machine, but ssh can forward local ports to remote ports, and this is important because, with this feature we can use Thunderbird to directly connect to a remote server by using the standard IMAP and SMTP protocols through an HTTP proxy.

KUbuntu Proxy Configuration – Part II

Well after all setting the http_proxy and ftp_proxy environment variables on the /etc/environement file is not really enough because of one KDE small detail… If on the KDE system settings you choose Proxy configuration and then you choose the option “Use the Preset proxy environement variables” you have a NO PROXY field where IP addresses or hostnames are put to circunvent the proxy.

Well it doesn’t work… If you fill it with something when opening again the properties, they are empty.

So the solution is really still to use the environement variables and on KDE use the “Manually specify the proxy settings” where the machines that do not need Proxy can be added.

Kubuntu Proxy configuration

Well Adept has trouble working with the KDE proxy configuration when setting it up explicity, by other other words when you define the proxy by setting up the values on Manually specify proxy settings.

Because it doesn’t work quite well, what I’ve done was the following:

sudo bash

and edit the file /etc/environment

I added the following lines:

export http_proxy=http://10.0.0.1:8080

export ftp_proxy=http://10.0.0.2:8080

Saved the file and executed the following command:

source /etc/environment

After this I went to KDE proxy settings and told it to use “Use preset proxy environment variables”

Well it works now…

Kubuntu behind a proxy server

I’m moving my work computer to Kubuntu, and hit a snag right away… My corporate network has, of course, a proxy server to access the internet. Well setting up on the Network preferences of KDE the network proxy doesn’t work for alot, and I mean alot, of applications, like Adept Manager, Kopet at least. (Well it seems also that kopet doesn’t work through proxys, so I’m using pidgin, and that one has it’s own proxy configuration)

I had to go to a shell session, set up the http_proxy and ftp_proxy variables and start up those applications through command line. C’mon guys! Can we get at least this so simple issue to work????