Re^3: [Oberon] SMTP/SSH tunnel

peasthope at cablelan.net peasthope at cablelan.net
Sun Mar 25 21:53:15 MEST 2007 

Bill,

wh> ... hostnames and IP's not just 'H' and 'W' and 'P'.

Sorry.  Here is more info.

P = cablelan.net 
  = ISP machine or cluster.  I do not know 
  the OS for certain.  The Web server appears 
  to be MS, so my first guess is that the mail 
  server is MS also.
 
H = joule.cablelan.net, dynamic IP address on eth0,
    192.168.1.1 on eth1
  = my home Debian server with exim4 and ipmasq.

W1 = heaviside.cablelan.net, local address 
     192.168.1.3 on my home LAN
   = home workstation 
   = ETH Oberon / PC Native 05.01.2003.

W2 = cantor.pathology.ubc.ca, local address 
     192.168.1.7 on my work LAN
   = "work" workstation
   = ETH Oberon / PC Native 05.01.2003.

wh> ... amazed thay accept your relay on port 25.

At a conceptual level: I am a customer of 
cablelan and joule is directly connected to 
their MAN.  Why not accept all my messages 
from joule including messages originating 
from a machine connected to joule?

At a presentation/session/transport(?) 
level: joule runs ipmasq.  For all I know, 
ipmasq is involved for the relay to work.

wh> 'H' can have more than one set of interface ports and protocols, ...

Yes, H has eth0, connected to P, and eth1, 
connected to my LAN.

wh> ... odder still that it fails when you are accessing 
a box back of the relay host from different places ...

Probably simply that exim4 and the tunnel 
are not connected properly.

wh> Oberon will need fixed port numbers at both 
ends, and Exim can 'meet' it there, ...

After reading all the documentation which has 
turned up in the last three weeks, two questions 
still baffle me.

- Encryption and port forwarding are entirely 
distinct concepts.  Why are they implemented 
together in SSH?  Is it just that both are used 
in a tunnel?  (No offense to Guenter.)

- Suppose the Oberon MUA issues a message with 
port = 25 and tunneling is working.  Each SMTP  
packet is wrapped inside a SSH packet (marked 
port 22 according to the list I've seen).  At the 
outlet end of the tunnel, the SSH wrapper is 
removed.  So the unwrapped SMTP packet should be 
just as when it left the MUA.  So how is exim 
aware of the tunnel and why is the packet treated 
differently from a packet from a MUA connected 
without a tunnel?

I am unlikely to progress far with the tech
-nicalities before understanding the elementary 
concepts.  Probably at least a few others are
benefiting from this discussion.

Thanks,       ... Peter E.

Desktops.OpenDoc  http://carnot.pathology.ubc.ca/

More information about the Oberon mailing list