On 2016-11-13, Joris Vanhecke <jo...@jorisvanhecke.be> wrote: > Hey all, > > I'd like to pull my emails out of the cloud and run them on a local > server (pcengines APU2 looks good). > My ISP blocks tcp ports below 1024 and sending email from a residential > (dynamic) IP might mark my email as spam. > > Right now I'm thinking of renting a cheap VPS and using it as a proxy > for my home server which would use a dynamic DNS. > I don't really want a copy of the email on the VPS so I was planning to > use relayd or socat to route incoming traffic to my local OpenSMTPD > server. > > But I don't really see a way to proxy outgoing connections from smtpd... > > Any ideas? > > Thanks, > Joris > >
You'll lose the source IP address by doing this using socat/relayd/etc, potentially opening yourself up to running an open relay, and at best making it harder to detect spam. If you don't really trust the VPS (or the network it's on) at all then you are lost, because somebody could just intercept the traffic on the way in (possibly even MITMing TLS connections because certificate are rarely checked for email). If you're not overly concerned about that (which is a problem for relayd/etc as well as a standard SMTP relay), but you don't really want mail written in the clear to disk, you could use smtpd with queue encryption and start it manually so you can enter the key each time, or you could use bioctl to create an encrypted partition which would work with any MTA which you mount manually after a reboot. Then the easiest way to get mail to/from your home server is probably to set up a VPN, giving you a simple fixed (non-internet-routable) IP address, configure the MTA on the VPS (smtpd or whatever else) to allow relay from that address, and configure it to send all incoming mail for your domain on to that address.