Tunneling SMTP through SSH

Since Dreamhost doesn’t support any sort of secure SMTP, I’ve been tunneling it through ssh for the past month or so.

ssh -f -N -L 9999:mail.myserver.com:25 myserver.com -l user

9999 is the local port, mail.myserver.com is the mail server, 25 is the remote port, myserver.com is where your shell is, user is your username on the server. Then, just tell Thunderbird (or whatever mail app you use) that your smtp server is localhost:9999

I have this run at bootup, so that all I have to do is type in my key when I boot up and all my mail is encrypted (Dreamhost does support IMAPS).

You could, of course, setup your ssh account to have no key, but this is a rather large sacrifice of security (as soon as the attacker acquires your private key, he has access to your ssh account)– especially if your primary computer is a laptop, like mine.

This article was modified 2012-10-12.