On Tuesday 10 June 2003 06:16 pm, Joey Kelly wrote:
> On a related note, perhaps some of you remember the story on slashdot about
> the freeswan project being able to do opportunistic encryption. I know
> several ppl that have set this up, and I plan on doing so as well, as time
> permits. IPsec operated on layer 3, whereas specific ports live on layer 4.
> If you encrypt all traffic for a given session, no one (Cox or otherwise)
> would be able to detect nor block your mail and web servers on ports 25 and
> 80. You would be able to send email to anyone also running said encryption.
Yep. IPSEC gets around this issue fine. though you'll need someone with
outbound 25 access and the ablility to relay through them.
Another way to do this is a simple ssh tunnel:
ssh -f -N -L 2500:localhost:25 remote.mx.server
Then tell your mail client to connect to localhost 2500 for SMTP. (If you
need to 25 on the local side, you'll have to do the ssh as root) What this
says is that connections on port 2500 are tunnelled via ssh to port 25 on
'localhost' which is the localhost on the remote end (ie remote.mx.server).
If you do "telnet localhost 2500" you'lll get the smtp banner from the remote
side.
-- Scott Harney <scotth@scottharney.com> "...and one script to rule them all." gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5
___________________
Nolug mailing list
nolug@nolug.org
This archive was generated by hypermail 2.2.0 : 12/19/08 EST