[kwlug-disc] Postfix on a laptop

Chris Irwin chris at chrisirwin.ca
Sat Jun 12 12:07:34 EDT 2010

On Sat, 2010-06-12 at 08:52 -0400, unsolicited wrote:

> I see your problem / take your point, for sending mail. But (take the 
> current laptop issue out of the mix), how are you dealing with 
> incoming mail? e.g. Computer queries the master e-mail server and 
> reads it? [I guess you're not fetching it down to each machine, just 
> reading it off the server.] By extension, how would you deal with this 
> via laptop when out and about?

Incoming mail is fetched via offlineimap, from cron every 5 minutes. It
fails if I am not logged in (encrypted $HOME, so it can't read the
config). This just throws my mail into nested maildirs, which works
pretty well for my needs.

Sending mail manually (i.e. this one) currently goes directly to
Google's authenticated SMTP. This only works for Evolution, not cron,
logwatch, etc.

I'd much rather have my mailer dump onto a local MTA. Evolution seems to
have trouble clearing it's queue after disconnected operations. If I
don't notice, it may be a day before a mail actually sends, even if I
have been on-line during that time. With postfix I could tell it to
flush the queue as part of the if-up routine.

> Very sorry to say this, but ... sounds like a presentation to me.
> - it has to be handy to do this local smtp thing everywhere. How? [Not 
> to say there aren't disadvantages, too.]

Mostly, I get mail from cron. I can pipe stuff to `sendmail` and have it
send. etc.

> - "gave me CLI 'sendmail'...", and you chose postfix over sendmail 
> because? [No flamewars please, honest question, and everyone would 
> have their own particular preferences for their choice.]

Simply because I'm more familiar with it. I use sendmail at work, but
I've always been more comfortable with postfix. It is a work-alike

> - "currently relays through my google apps account" ... huh? You can 
> do that? (Not relaying, 'google apps')

Yes and no. You need to be authorized to use google SMTP (log in with
your credentials). Then you can only send mail from an authorized
address (you have to configure this via the web). I have a relay@ or
no-reply@ address with google, my server is configured to forward all
mail through there. I had to manually authorize all addresses I wanted
to have as outgoing.

I may just put my server's IP in my SPF rules and allow it to send
direct. I was only concerned I may get flagged as spam since this is a
DSL IP range (albeit a static ip).

> My first blush assumption as to the answer to your problem would be an 
> auto-created ssh tunnel on specific ports to home. I assume you 
> already have ssh set up anyways, using key files. You would read, and 
> send this way, presumably.

I haven't set up auto-created tunnels, but it interests me.

> I would assume, also, that when connectivity isn't present, outgoing 
> mail is kept queued on the device until it does connect some day.

That's what I'm after. msmtp and ssmtp don't appear to offer that.

> And if connectivity isn't present, and you really have to do 
> something, your gmail account is still web accessible. Which begs the 
> question, if you can get to the web, you can ssh home, etc., etc.

I only care about gmail because it provides a stable, external SMTP and
IMAP server for free. I was perfectly happy using my own and only
migrated when I was physically moving house. I'm just too lazy to switch

Their web interface is okay, but I try to not use it as it tends to mess
up what shows up in IMAP (no way to tag a specific message to be kept --
whole thread or nothing).

> - guess this condition hits when you can get to the web but not home, 
> due to firewall, port restrictions. Which is why you have your home 
> ssh server listen on 443.

True. If I went the auto tunnel route, I would probably just tunnel all
traffic through it.... Or I could just go OpenVPN as Paul said. Where
did he go??

Chris Irwin <chris at chrisirwin.ca>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20100612/7792d0c1/attachment.bin>

More information about the kwlug-disc mailing list