Limozine
asked on
How to send email remotely using SSH tunnel
I frequently use a public library in my town, and the firewall there prevents outgoing email from Outlook Express. I am trying to work around this using an SSH tunnel. I was able to configure the tunnel and can connect with no problems, but when I attempt to use OE to send I get "Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Account: 'Home', Server: 'localhost', Protocol: SMTP, Port: 2525, Secure(SSL): No, Error Number: 0x800CCC0F". I have configured OE with server localhost and SMTP port 2525 (my tunnel is configured to forward local port 2525 to my mail server port 25) . I connect to the tunnel, then launch OE, but the message above is what I get. Help please...
ASKER
Ok..I ran the "telnet localhost 2525" command and got: "Unable to connect to remote host: Connection refused".
If it helps, my mail server host has enabled jailed shell. Is that sufficient to open the tunnel correctly?
If it helps, my mail server host has enabled jailed shell. Is that sufficient to open the tunnel correctly?
No, the fact that you can't connect from the beginning of the tunnel means your tunnel is not working.
How do you open it ? or think you open it ?
putty ? command-line openssh ?
How do you open it ? or think you open it ?
putty ? command-line openssh ?
ASKER
Oops, forgot to mention that I'm not connecting to the internet via proxy, in IE or otherwise.
ASKER
I've been connecting (or attempting to connect) using Putty. When I get "connected" it says
"Using username "myusername".
Authenticating with public key "imported-openssh-key"
Last login: Thu Oct 2 08:19:51 2008 from xx.xxx.xx.xxx
[myusername@hostname ~]$
"Using username "myusername".
Authenticating with public key "imported-openssh-key"
Last login: Thu Oct 2 08:19:51 2008 from xx.xxx.xx.xxx
[myusername@hostname ~]$
> .. to work around this using an SSH tunnel.
wher do you issue the ssh command?
Do you use local or remote port forwarding?
wher do you issue the ssh command?
Do you use local or remote port forwarding?
How did you declare your port forwarding in putty ? send a screenshot
ASKER
Screenshot from Putty SSH forwarding screen attached.
putty.jpg
putty.jpg
It looks good.
I guess you entered the right thing in the "proxy" sub-menu because you're able to connect to the ssh server.
By the way (but I doubt this will be the solution), you can forward to 127.0.0.1 as I guess 74.5... is your ssh server and mail server. 127.0.0.1 means in this context "localhost from the end of tunnel's point of view". Try this - just in case.
Let's sum up:
- putty can connect
- the port mapping is correctly written (try with 127.0.0.1)
- no proxy misconfiguration
- BUT : telnet localhost 2525 doesn't reach anything
Maybe your local port 2525 is already bound to something before you start the ssh/tunnel.
1) check your bound ports before starting the tunnel (netstat, sysinternals - probably the one named "tcpview")
2) Try something else, not 2525
3) Just in case, you're not trying to reach your 2525 port from another computer ? (as it's bound to localhost unless you check "local ports accept conn.... from other hosts")
I'm running out of ideas after that...
4) does the POP mapping work ?
5) mmm, I read again your 1st post : talking about SSL SMTP. You're not messing up with port 465 ?
I guess you entered the right thing in the "proxy" sub-menu because you're able to connect to the ssh server.
By the way (but I doubt this will be the solution), you can forward to 127.0.0.1 as I guess 74.5... is your ssh server and mail server. 127.0.0.1 means in this context "localhost from the end of tunnel's point of view". Try this - just in case.
Let's sum up:
- putty can connect
- the port mapping is correctly written (try with 127.0.0.1)
- no proxy misconfiguration
- BUT : telnet localhost 2525 doesn't reach anything
Maybe your local port 2525 is already bound to something before you start the ssh/tunnel.
1) check your bound ports before starting the tunnel (netstat, sysinternals - probably the one named "tcpview")
2) Try something else, not 2525
3) Just in case, you're not trying to reach your 2525 port from another computer ? (as it's bound to localhost unless you check "local ports accept conn.... from other hosts")
I'm running out of ideas after that...
4) does the POP mapping work ?
5) mmm, I read again your 1st post : talking about SSL SMTP. You're not messing up with port 465 ?
ASKER
Thanks for all of the suggestions. I couldn't get it working, but I did find an acceptable workaround:
Since I use about ten different email addresses to send/receive, going to ten webmail interfaces just wasn't an option for me. I wanted all of my mail in one place, hence the need to use Outlook Express. So...went to my Google mail (gmail) help center and realized gmail could be set up as an IMAP account in OE. I followed the instructions, and now I can send email straight from OE! The only negative is that I have to use my Gmail account for any sending I do, but at least I can finally get it all in one place and send from one centralized interface.
I'd still like to know how to get the tunnel working, though...
Since I use about ten different email addresses to send/receive, going to ten webmail interfaces just wasn't an option for me. I wanted all of my mail in one place, hence the need to use Outlook Express. So...went to my Google mail (gmail) help center and realized gmail could be set up as an IMAP account in OE. I followed the instructions, and now I can send email straight from OE! The only negative is that I have to use my Gmail account for any sending I do, but at least I can finally get it all in one place and send from one centralized interface.
I'd still like to know how to get the tunnel working, though...
> Ok..I ran the "telnet localhost 2525" command and got:
silly question: you did that on the remote site within the putty session?
As you opend a connection to 74.x.x.x on the remote site, did your remote site allow this connection?
Or in short words: which computer should make the connection to 74.x.x.x and which one runs OE, which one runs putty?
silly question: you did that on the remote site within the putty session?
As you opend a connection to 74.x.x.x on the remote site, did your remote site allow this connection?
Or in short words: which computer should make the connection to 74.x.x.x and which one runs OE, which one runs putty?
ASKER
Not a silly question at all...I'm new to this ssh/putty stuff, so I'm quite capable of running things backwards.
I ran the telnet localhost 2525 command on the remote site from within the active putty session, yes. Should I be running it from a DOS prompt on my laptop?
74.x.x.x is the IP address for my mail server (which I am identifying as the remote computer), which is a shared host but my hosting company has supposedly configured to allow jailed ssh access. My laptop is the local computer and the one running both putty and OE, and the one from which I'm attempting to launch the tunnel.
I ran the telnet localhost 2525 command on the remote site from within the active putty session, yes. Should I be running it from a DOS prompt on my laptop?
74.x.x.x is the IP address for my mail server (which I am identifying as the remote computer), which is a shared host but my hosting company has supposedly configured to allow jailed ssh access. My laptop is the local computer and the one running both putty and OE, and the one from which I'm attempting to launch the tunnel.
> I ran the telnet localhost 2525 command on the remote site from within the active putty session
then you need to configure "remote" instead of "local" port forwarding
then you need to configure "remote" instead of "local" port forwarding
> Ok..I ran the "telnet localhost 2525" command and got:
start this from your client computer, not inside ssh the session (ie, at the end of the tunnel)
start this from your client computer, not inside ssh the session (ie, at the end of the tunnel)
ASKER
>> Ok..I ran the "telnet localhost 2525" command and got:
>start this from your client computer, not inside ssh the session (ie, at the end of the tunnel)
Ok, I started the Putty ssh session, then attempted the "telnet localhost 2525" command from a DOS command prompt (via Start, Run) on the client computer (my laptop). Here's what I got:
Connecting to localhost...Could not open connection to the host on port 2525: Connect failed"
>start this from your client computer, not inside ssh the session (ie, at the end of the tunnel)
Ok, I started the Putty ssh session, then attempted the "telnet localhost 2525" command from a DOS command prompt (via Start, Run) on the client computer (my laptop). Here's what I got:
Connecting to localhost...Could not open connection to the host on port 2525: Connect failed"
try&error, try&error, try&error, ....
can you please describe unambigious which computer can connect to 74.... port 25 for sue (please test before answering) and which computer needs to connect to it using your ssh tunnel.
can you please describe unambigious which computer can connect to 74.... port 25 for sue (please test before answering) and which computer needs to connect to it using your ssh tunnel.
ASKER
Ok...here is my scenario. I'm sitting in the library, using my laptop to connect to the internet. I can receive email from any of my mail accounts using Outlook Express, but I can't reply or send. I'm assuming the library's ISP or firewall is preventing this. I've heard I can create an SSH tunnel to my mail server to work around this. My mail server IP is the 74.xxx number above.
I found instructions on the internet for creating an SSH tunnel using Putty. I followed the instructions, and you can see the configuration I used in the image posted on 10/3 (above). When I open Putty and load this connection, it appears to create the tunnel. I get a confirmation that the public key has been accepted and I'm logged in. To what, I'm not sure...I don't understand port forwarding. I only followed the instructions on the web site I found.
Regardless of whether I run the telnet localhost 2525 command in the SSH shell after connecting or in a DOS prompt locally, it fails.
I found instructions on the internet for creating an SSH tunnel using Putty. I followed the instructions, and you can see the configuration I used in the image posted on 10/3 (above). When I open Putty and load this connection, it appears to create the tunnel. I get a confirmation that the public key has been accepted and I'm logged in. To what, I'm not sure...I don't understand port forwarding. I only followed the instructions on the web site I found.
Regardless of whether I run the telnet localhost 2525 command in the SSH shell after connecting or in a DOS prompt locally, it fails.
> I've heard I can create an SSH tunnel to my mail server ..
do you have access to the mail server other than port 25 (SMTP)?
> .. and you can see the configuration ..
please reread my questions http:#22662014
in short:
- which computer has full access to the mail server
- which computer runs putty
- which computer do you connect to with putty
- which computer does not have full access to mail server
- which computer runs your MUA
do you have access to the mail server other than port 25 (SMTP)?
> .. and you can see the configuration ..
please reread my questions http:#22662014
in short:
- which computer has full access to the mail server
- which computer runs putty
- which computer do you connect to with putty
- which computer does not have full access to mail server
- which computer runs your MUA
ASKER
>do you have access to the mail server other than port 25 (SMTP)?
I don't know if I have access to the mail server other than port 25. My hosting provider gave me jailed shell access and told me to use port 2222 to connect to the mail server, so I configured the first page of Putty this way (under basic options).
> which computer has full access to the mail server
the laptop has jailed shell access
>which computer runs putty
the laptop
> which computer do you connect to with putty
I am connecting to the mail server by double-clicking on the putty icon (on the laptop) and loading the ssh tunnel session.
>which computer does not have full access to mail server
I suppose the laptop, since I can connect to the server through the tunnel but I still can't send email through OE once connected
>which computer runs your MUA
laptop
The laptop is running both putty and OE. When I speak of establishing an SSH tunnel, I am referring to double-clicking on the putty icon on the laptop and loading the session i've pre-configured.
I don't know if I have access to the mail server other than port 25. My hosting provider gave me jailed shell access and told me to use port 2222 to connect to the mail server, so I configured the first page of Putty this way (under basic options).
> which computer has full access to the mail server
the laptop has jailed shell access
>which computer runs putty
the laptop
> which computer do you connect to with putty
I am connecting to the mail server by double-clicking on the putty icon (on the laptop) and loading the ssh tunnel session.
>which computer does not have full access to mail server
I suppose the laptop, since I can connect to the server through the tunnel but I still can't send email through OE once connected
>which computer runs your MUA
laptop
The laptop is running both putty and OE. When I speak of establishing an SSH tunnel, I am referring to double-clicking on the putty icon on the laptop and loading the session i've pre-configured.
> > which computer has full access to the mail server
> the laptop has jailed shell access
and
> >which computer does not have full access to mail server
> I suppose the laptop, since I can connect to the server through the tunnel but I still can't send email through OE once connected
hmm, could you please make a decission which one is the truth, as these 2 questions are alternate, obviously
may be I still missunderstand something, but these questions are alternate, so far ...
> the laptop has jailed shell access
and
> >which computer does not have full access to mail server
> I suppose the laptop, since I can connect to the server through the tunnel but I still can't send email through OE once connected
hmm, could you please make a decission which one is the truth, as these 2 questions are alternate, obviously
may be I still missunderstand something, but these questions are alternate, so far ...
ASKER
I have been told by my hosting company that I have jailed shell access on port 2222. I can only assume this is true. I know I can double-click on putty (on my laptop) and load the tunnel and I get a terminal window telling me it is authenticating the public key. Then I get a $ prompt. Does this mean I have "full" access? I have no idea. If I have full access, I would think I could send email via OE, but I can't. That is as much truth as I know.
> .. told by my hosting company that I have jailed shell access on port 2222
ok, seems to be hard for you to describe your environment and where your keying in what ....
So I assume following:
1. you are somewhere (connected to a network somehow) with your laptop
2. you successfully connect with putty to your mail server's jailed shell account
3. from within putty's remote shell (that on the mail server) you can successfully send and
receive mails from 74.xxx
4. you can receive mails wherever you're with your laptop from 74.xxx
5. you want to send mail wherever you're with your laptop's OE
then you need to have configured local forwarding for example on port 2525 to the remote IP 74.xxx port 25,
then point OE to use localhost port 2525 for sending mails
If that does not work, most likeley one of the assumption 1. - 5. (see above) are not true.
ok, seems to be hard for you to describe your environment and where your keying in what ....
So I assume following:
1. you are somewhere (connected to a network somehow) with your laptop
2. you successfully connect with putty to your mail server's jailed shell account
3. from within putty's remote shell (that on the mail server) you can successfully send and
receive mails from 74.xxx
4. you can receive mails wherever you're with your laptop from 74.xxx
5. you want to send mail wherever you're with your laptop's OE
then you need to have configured local forwarding for example on port 2525 to the remote IP 74.xxx port 25,
then point OE to use localhost port 2525 for sending mails
If that does not work, most likeley one of the assumption 1. - 5. (see above) are not true.
ASKER
> ok, seems to be hard for you to describe your environment and where your keying in what ....
Sorry, I've tried to be as specific as I can. I don't know how else to express my scenario.
>So I assume following:
> 1. you are somewhere (connected to a network somehow) with your laptop
true
>2. you successfully connect with putty to your mail server's jailed shell account
true
>3. from within putty's remote shell (that on the mail server) you can successfully send and
receive mails from 74.xxx
I don't know how to do this...I've never attempted to send/receive from within the shell itself
> 4. you can receive mails wherever you're with your laptop from 74.xxx
true
> 5. you want to send mail wherever you're with your laptop's OE
yes
Sorry, I've tried to be as specific as I can. I don't know how else to express my scenario.
>So I assume following:
> 1. you are somewhere (connected to a network somehow) with your laptop
true
>2. you successfully connect with putty to your mail server's jailed shell account
true
>3. from within putty's remote shell (that on the mail server) you can successfully send and
receive mails from 74.xxx
I don't know how to do this...I've never attempted to send/receive from within the shell itself
> 4. you can receive mails wherever you're with your laptop from 74.xxx
true
> 5. you want to send mail wherever you're with your laptop's OE
yes
now we need to verify 3. from my assumtion first.
please login to you mail server and issue following commands:
uname -n
remeber the name you get and use it for FQDN below
now key in following:
telnet 74.xxx 25 <
please login to you mail server and issue following commands:
uname -n
remeber the name you get and use it for FQDN below
now key in following:
telnet 74.xxx 25 <
ASKER
I tried it...what is it supposed to do? I was left with a > prompt.
damn, I missed the final EoMail,
please add following right behind the line with the quit command:
EoMail
Anyway, it should have work and send a mail to you, does it?
please add following right behind the line with the quit command:
EoMail
Anyway, it should have work and send a mail to you, does it?
ASKER
Ok, I got:
Trying 74.xx.xx.xx...
Connected to FQDN (74.xx.xx.xx).
Escape character is '^]'.
220-FQDN ESMTP Exim 4.68 #1 Wed, 08 Oct 2008 13:56:55 -0500
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
Connection closed by foreign host.
Trying 74.xx.xx.xx...
Connected to FQDN (74.xx.xx.xx).
Escape character is '^]'.
220-FQDN ESMTP Exim 4.68 #1 Wed, 08 Oct 2008 13:56:55 -0500
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
Connection closed by foreign host.
does this mean that the connection was closed immediately after it prints the 220 messages?
ASKER
Yes
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
When your tunnel is up, open a "cmd" terminal and write "telnet localhost 2525"
If no answer, we have to fix your tunnel
If you get an answer like:
220 mail.yourhost.org ESMTP Postfix (Debian/GNU)
Then a server responded, so the problem is with outlook express.
(I think about something else : OE might be using your proxy setting, even for localhost connections ? To be sure, remove from IE your proxy configuration to prevent OE from using this setting silently)