M-Labs/it-infra
M-Labs
/
it-infra
8
0
Fork 6
Code Issues 11 Pull Requests Releases Wiki Activity

Use postfix options for routing mails through tunnel #45

Closed
esavkin wants to merge 15 commits from enable-mail-proxy-and-tunnel into master
pull from: enable-mail-proxy-and-tunnel
merge into: M-Labs:master
Conversation 7 Commits 15 Files Changed 1 +18 -1

15 Commits

Author SHA1 Message Date
Egor Savkin 785777eb0e Optimize new fw rules and tweak postfix 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 12:01:25 +08:00
Egor Savkin 7131a54bb6 Rebase and add intl interface to exceptions 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin bbfee50b53 Fix postfix settings so it should load successfully and accept and send messages through tunnel 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin 4c300688d9 Fix postfix settings so it should load successfully 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin 45b53991d1 Add virtual ips for the gre tunnel 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin 5a408bdb63 Return swan into the zoo 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin 2f1c794ac0 Use IPv6 for WG transport to decrease latency by 20% 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin 8068eb96b3 Ip rules instead of iptables tracking 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin 7b98b49fcd Apply tested client configuration 
Adds an additional route, but doesn't enforce it so other apps will remain the same, but smtp can use tunnel for sending. Also sends replies through the tunnel if connection arrives on the tunnel.
Better have something tested and working before I start doing "perfect".

Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:28 +08:00
Egor Savkin 367d5a8c4c Use wireguard instead of strongswan since its in the kernel 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:55:27 +08:00
Egor Savkin 5fb951ba3c WIP: Use gre/ipsec instead of proxy 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:54:57 +08:00
Egor Savkin 6832725535 Use proxychains-ng instead of tsocks 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:53:44 +08:00
Egor Savkin 4c9dff8d95 Use tsocks to wrap socks and add sock transport type 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:53:44 +08:00
Egor Savkin f909cd71a3 Use wildcard instead of explicit specification 
As in example at https://www.postfix.org/transport.5.html

Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:53:44 +08:00
Egor Savkin 3959250f0b Use postfix options for routing mails through ssh tunnel 
Signed-off-by: Egor Savkin <es@m-labs.hk>
 2024-10-17 11:53:44 +08:00