SSH Tunneling & Apple Mail

by Roger Weeks

I discovered a stupid bug in Apple Mail today.

I have a SSH tunnel set up on my PowerBook back to a Linux machine at work so I can securely check my IMAP mail from open wireless networks. Today in class I found that the wireless network I'm on blocks outbound port 25, so I set up the SSH tunnel to take port 25 traffic back to my SMTP servers. This is a really cool trick, and you can do this all on a single SSH line:
ssh user@some.server.org -L2143:mail.server.org:143 -L2525:mail.server.org:25

This opens an SSH session to some.server.org, and then forwards your local port 2143 to mail.server.org:143, and likewise for port 25. You can chain as many of these ports as you need into a single SSH session.

So I set up the outbound server in Mail to "localhost:25". No luck, Mail was having none of it. I could telnet to localhost 25 from commandline just fine. My IMAP connection is localhost:143 and that works in Mail. Puzzled, I tried 127:0.0.1:25 and THAT works.

How on earth did that happen? These preferences are in the same pane in the Mail Preferences. Someone had to specifically code Mail to allow "localhost" for IMAP, but not for SMTP.

Dumb.

9 Comments

Flip
2006-03-29 17:26:20
Why doesn't your company run mail via SSL externally and use SMTP ports other than 25?
Roger Weeks
2006-03-29 20:21:28
It's in the works. However since we're a service provider we have to be careful. I've set up a test mail system with TLS/SSL for POP3/IMAP and SMTP, and it breaks some older email clients, specifically Eudora. Eudora prior to version 6.1 refuses to check mail or send mail when TLS is enabled on my test system.


So we'd have to intentionally break a number of our customer's email by implmenting TLS, which would be a tech support nightmare.

Ashley Clark
2006-04-01 19:30:23
I've had this happen before too. The problem has to do with IPv6 on your laptop. Specifying localhost in Mail resolves to the IPv6 localhost address, when connecting to the mail server then the EHLO/HELO commands pass in the IPv6 localhost address.


My mail server throws this up when that happens:


rejected HELO from rrcs-xx-xx-xx-xx.sw.biz.rr.com [aaa.bbb.ccc.ddd]: syntactically invalid argument(s): [jb?7)\f?IPv6:::1]


When you specify 127.0.0.1 in your settings then Mail passes that address instead and everything works.


I'm not sure if my mail server should be accepting the value that's passed or if Mail is wrong, but that's the problem as I see it.

Fred
2006-04-03 17:38:28
I assume you entered "localhost:2525" rather than port 25 into your mail application? Otherwise it's quite obvious why it doesn't work.
Roger Weeks
2006-04-03 17:50:55
Fred:
Actually, no. Mail.app has different fields for the SMTP host and port. So I specified localhost in the one field, and 2525 in the other. It didn't work until I switched to 127.0.0.1.
Ashley:
My PowerBook has IPv6 disabled, so that wasn't it either.
Ashley Clark
2006-04-04 13:41:44
Are you sure you've disabled ALL of the IPv6 network addresses that are set up on your laptop?


Even if I disable IPv6 on all my network connections in System Preferences, the IPv6 localhost address still exists.

Roger Weeks
2006-04-04 13:50:15
Ashley: No. The localhost ::1 is still there. I see your point...
sascha brossmann
2006-06-21 10:00:06
maybe a little bit late, but anyway: the ipv6 address is also in /etc/hosts. disabling ipv6 in the system preferences won't change that, you would need to comment it out manually. HTH.
Varmint_za
2006-11-20 07:01:32
Fun fun fun - can confirm that commenting out the "::1 localhost" line in /etc/hosts and then bouncing looukupd seems to work for me.
Sigh, that is such an un-apple bug ....