Create a SSH Tunnel through a HTTP Proxy for Mail.app

A

atod


Joined
Nov 10, 2016
Messages
2
Reaction score
0
Points
1
Has anyone successfully tunneled IMAP and SMTP from Mac's Mail.app through an HTTP proxy to a remote host and onto Gmail?

I desire this setup so I can use Mail.app, FaceTime and Messenger Apps while behind a firewall. So far, I've been able to tunnel the IMAP connection, however SMTP isn't working. I used Wireshark and it looks like Mail.app isn't accessing standard smtp.gmail.com and is using some IPv6 addressing.

My setup so far is...

Home Mac:
  • ddns.net publishing dynamic IP
  • sshd enabled and port forwarded via router

Remote system behind firewall:
  • sudo ./ptunnel.py -d -p www-proxy.company.com:80 993:imap.gmail.com:993 587:smtp.gmail.com:587 25:smtp.gmail.com:25
  • /etc/hosts as follows
    imap.gmail.com localhost
    smtp.gmail.com localhost

I tested using 'telnet localhost 993' and 'telnet localhost 587' and validated that IMAP and SMTP are correctly tunneled by viewing output of the session. Unfortunately, when sending SMTP mail, a connection can't be established and Wireshark doesn't see any activity on port 587 for localhost. I noticed other activity on 587, however for an IPv6 address.

Appreciate any insight folks may have here on making this work. I'd like to do it for the FaceTime and iMessenger ports as well.

Thanks so much!
 
E

Ember1205


Joined
Apr 16, 2016
Messages
1,096
Reaction score
51
Points
48
Location
CT
Your Mac's Specs
MacBook Air Mid-2012 / iMac Retina 5K Late-2014
IMAP and SMTP are protocols. HTTP is also a protocol. By definition, a proxy designed for HTTP will not typically work for other protocols. You may well be connecting to the proxy, but the proxy doesn't understand how to handle the "other side" of the connection.

As for your title, using a remote SSH host that supports port tunneling (NOT proxying) would potentially work. However, it seems that you're purposefully trying to circumvent security restrictions that are imposed -for a reason-, and you absolutely should not. If you're attempting to do this at work, you could be terminated for it if you are caught. If you want your mail that badly, get a smartphone and access your mail on that only.
 
OP
A

atod


Joined
Nov 10, 2016
Messages
2
Reaction score
0
Points
1
Ember1205 said:
IMAP and SMTP are protocols. HTTP is also a protocol. By definition, a proxy designed for HTTP will not typically work for other protocols. You may well be connecting to the proxy, but the proxy doesn't understand how to handle the "other side" of the connection.

As for your title, using a remote SSH host that supports port tunneling (NOT proxying) would potentially work. However, it seems that you're purposefully trying to circumvent security restrictions that are imposed -for a reason-, and you absolutely should not. If you're attempting to do this at work, you could be terminated for it if you are caught. If you want your mail that badly, get a smartphone and access your mail on that only.
Click to expand...

Thanks for the general response. I know this is technically possible and looking for more insight into the technical issue here in making this work.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top