On Sat, 2006-04-22 at 20:55 +0100, Magnus Therning wrote:
> On Fri, Apr 21, 2006 at 01:58:45PM -0400, Roberto C. Sanchez wrote:
> >You could try `ssh -L 25:localhost:25 [EMAIL PROTECTED]
> >
> >Of course, that requires that you be root. If that will not work, use
> >port 2525 on the first part of the tunnel specification and then
> >configure your MUA to use port 2525 on localhost.
>
> Yes, I've tried that and it works fine, now I want to automate it.
> Ideally the tunnel would be created on demand, when postfix needs to
> flush its spool. Can I do that?
I'm not familiar with Postfix, but in Exim, you can create a simple
router that does this. You'll need to set up public-key authentication
for password-less logins to the remote box. This needs to be somewhere
before the primary router configuration in the exim config:
# ------------------------
ssh_remote:
debug_print = "R: ssh_remote for [EMAIL PROTECTED]"
driver = redirect
domains = ! +local_domains
senders = [EMAIL PROTECTED]
pipe_transport = address_pipe
user = local_user
data = "| ssh -C -l remote_user /usr/sbin/sendmail -bm
[EMAIL PROTECTED]"
no_more
#-------------------------
The following values need to be replaced with their appropriate values:
mydomain : the real domain (example.com)
local_user : the user on the local machine that will be running the ssh
machine (this is the user whose public key will need to be on the remote
account's ~/.ssh/authorized_keys)
remote_user : the user on the remote machine
The line "senders = [EMAIL PROTECTED]" is optional. It qualifies this router
is used only if the sender address has the domain mydomain. If you wish
to relay for all senders, then you can comment it out.
Casey
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
