GNU/Linux Desktop Survival Guide by Graham Williams |
|||||
The fetchmail package will retrieve email from remote hosts (via POP or IMAP, for example) and have it delivered locally.
The following scenario for user kayon with the following .fetchmailrc will use ssh to tunnel to POP to avoid sending clear text passwords, and to also encrypt all the communications.
poll localhost with proto POP3 and port 5110: user 'kayon' there with password 'XXXX' is 'kayon' here preconnect "ssh -2 -f -a -C -L 5110:pophost:110 lynx sleep 5" keep |
A similar example using IMAP instead and some other options:
set postmaster "kayon" set bouncemail set no spambounce set properties "" poll localhost with proto IMAP and port 5143: user 'kayon@NEXUS' there with password 'XXXXX' is 'kayon' here preconnect "ssh -2 -f -a -C -L 5143:imaphost:143 merak sleep 20s" fetchall |
This gives user kayon access from their desktop Linux machine to the host lynx () which might be inside the company firewall and which has access to the mail server imaphost (). Kayon's email comes from an MS Exchange server (called imaphost ()) on the same company network with IMAP enabled. But for security reasons the company network does not allow IMAP access externally.
Then start fetchmail with one of the following:
$ fetchmail $ fetchmail -v (Show what it does) $ fetchmail -d30 (Run fetchmail every 30 seconds) |
An alternative is to have a tunnel up all the time:
altrop$ ssh -2 -N -f -a -C -L 5143:mailhost:143 lynx |
The -N indicates that no command should be run on the remote host, which is suited to tunnelling where the connection is required to simply sit there.
This will link localhost:5143 to mailhost:143. You can confirm connection by trying:
$ telnet localhost 5143 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK Microsoft Exchange IMAP4rev1 server version 5.5.2655.37 (saab-bt.togaware.com) ready |
Now run fetchmail with something like the following in .fetchmailrc:
poll localhost with proto IMAP and port 5143: user 'kayon@NEXUS' there with password 'XXXX' is 'kayon' here |
The fetchmail-ssl package is SSL-enabled for POP3, APOP, IMAP. Perhaps this is a better solution, but does it require SSL support from the POP3 server?