christoph ender's


tuesday the 25th of july, 2023

proxying via ssh

One of the recurring jobs coming up when running mail servers is to get the IPs of your mail servers off various blacklists where they happen to turn up for in part completely unknown reasons. In order to get an IP from a blacklist the list owners have invented various ways to achieve this, and one I recently came across required some confirmation on their website while having my user agent coming from the blocked mail IP in question.

This is when I came to know about ssh's proxy abilities for the first time. It turned out that ssh has complete support for proxying, so the only two things I had to do was to first create the associated ssh tunnel for proxying:

ssh -D 8080 my.mail.server -N -v

Now ssh will forward all connections going to port 8080 on the local machine via the my.mail.server machine. This, of course, only works when on this machine ssh is set up. Now, the only thing left to do is to configure a proxy server in your favorite web browser, pointing to 8080 on localhost, and voilà – your browser's traffic is being forwarded through the mail server.