[NBLUG/talk] Remote mail access

Lincoln Peters sampln at sbcglobal.net
Wed Feb 1 15:28:21 PST 2006


On Wednesday 01 February 2006 01:43, Aaron Grattafiori wrote:
> Lincoln Peters wrote
>
> >My idea for remotely accessing my e-mail consists of:
> >1. Set up fetchmail so that my SBC mail is "fetched" to a local mailbox.
> >2. Set up a secure IMAP server to provide access to fetched mail.
> >3. Enable port forwarding on the router, so I can access the IMAPS server
> > over the Internet.  Maybe also enable port forwarding for SSH while I'm
> > at it. 4. Set up DynDNS, so I don't have to keep track of my IP address
> > manually. 5. (Optional) Configure eGroupware to access that same IMAPS
> > service.
> >
> >If this all works, I could then use the Mail application on my laptop to
> >access my e-mail no matter where I am.  And in case I find myself stranded
> >without my laptop but with access to a public terminal (e.g. a library
> >computer), I could use eGroupware (currently installed but not configured)
> > on the primary computer to access my e-mail via a web browser. 
> > Furthermore, I could SSH from my laptop into the desktop computer at any
> > time and from anywhere.
> >
> >
> >What would be the EASIEST* way to do all of this that doesn't compromise
> > on security?
>
> I think if your going to setup fetchmail, you might as well setup mutt
> on your box. You could just ssh into it and check/send mail from there...
> That solves almost all your security issues right there. (except for
> when it leaves your desktop ;-P )

So the options seem to be, in order from most secure to least secure:

* Use ssh/mutt from my own laptop
* Use ssh/mutt from a public terminal that I've booted from a Knoppix CD
* Use ssh/mutt from a public terminal running Linux
* Use ssh/mutt from a public terminal running MacOS X
* Use ssh/mutt from a public terminal running Windows

I'm not sure where Mac Mail and IMAPS or eGroupware over HTTPS would fit into 
that scheme, but the same security progression (from my own laptop to a 
public terminal running Windows) should still apply.  And I suppose that, if 
a critical security patch was to come out for any of the programs in 
question, I could SSH into the computer and quickly apt-get the updated 
packages.

> You could take additional steps to secure ssh such as restricting only
> your user name(esp root), using keys not passwords and/or running it on
> a non standard >1024 port.

Sounds godo.

>
> Setting up mutt is easy, as well as using it. Its very fast and very
> flexible. It has coloring support, threading, gnupg support, folders,
> etc...

How would it compare to KMail?

>
> If you go with a web server or email server solution, thats going to be
> a lot of configuration and a lot of security issues. (esp running a
> email server). DynDNS is cheap, or.. SBC is pretty good about keeping
> your 'dynamic' IP quite static... at least thats what i hear.

I haven't experimented with this a whole lot, but on the occasions that I 
have, the results have not been promising (although I'm not sure that it 
wasn't due to an error on my part).

>
> I vote SSH and mutt.

It looks like this would be the easiest solution, at least to start out, since 
the only requirements that I haven't fulfilled are fetchmail and DynDNS.  If 
I want to do a webmail kind of thing later, I would have fewer things to 
worry about then.

>
> VNC/NX soulution is kinda... overkill... if all your looking for is just
> email. This you can use on 56k and it'll still be quite fast.

Agreed. I suppose I could find a practical use for VNC/NX access to my home 
computer, but this is not it.

>
> good luck (with those 19 units too...yikes!).... maybe post your end
> result setup here?

If it works, I'll do that.


-- 
Lincoln Peters
<sampln at sbcglobal.net>

But scientists, who ought to know
Assure us that it must be so.
Oh, let us never, never doubt
What nobody is sure about.
		-- Hilaire Belloc

/~\  The ASCII Ribbon Campaign
\ /    No HTML/RTF in email
 X     No Word docs in email
/ \  Respect for open standards



More information about the talk mailing list