Re: mbsync tunnel example

Niko Wed, 10 Apr 2013 07:39:24 -0700

Oswald Buddenhagen <ossi <at> kde.org> writes:

> 
> On Wed, Apr 10, 2013 at 02:56:25PM +0200, Oswald Buddenhagen wrote:
> > On Wed, Apr 10, 2013 at 12:04:57PM +0000, Niko wrote:
> > > IMAPAccount my-mail-provider
> > > # Host my-mail-provider
> > > Host localhost
> > > Port 10993
> > > User my-email-user
> > > UseIMAPS yes
> > > CertificateFile ~/.ssl/my-mail-provider.crt
> > > Tunnel "ssh -N -L  10993:my-mail-provider:993 my-own-server"
> > > ---------------------------------
> > > 
> > > I'm not sure which kind oy "tunnel command" mbsync expects.
> > > 
> > the Tunnel command is the connection itself, not a pre-connect command.
> > the closest to your requirements would be
> > 
> >   Tunnel "ssh my-own-server s_client my-mail-provider:993"
> >   UseIMAPS no
> > 
> alternatively (probably a better idea):
> 
>   Tunnel "ssh my-own-server tcpconnect my-mail-provider 993"
>   # ignored for the connection, but used for the ssl host name
>   # verification ... hopefully ...
>   Host my-mail-provider
>   UseIMAPS yes


I couldn't use tcpconnect (my "own" server isn't really mine and
tcpconnect isn't installed).

This configuration worked for me:

UseIMAPS no
RequireSSL no
Tunnel "ssh my-server openssl s_client -connect
    my-mail-provider:993 -CApath .ssl -quiet"

The downside is, now the imap traffic isn't encrypted between
my-server and my-mail-provider. 
What I'v done instead is this:

Port 10993
UseIMAPS yes
CertificateFile certfile

And then:

ssh -L 10993:my-mail-provider:993 my-server sleep 20 &
sleep 5 && mbsync ID

The trick here is: "sleep 5" causes mbsync to wait until the tunnel is opened.
"sleep 20" is executed on "my" server and keeps the tunnel open until mbsync
takes use of the tunnel. Once mbsync finishes the tunnel closes by itself.

Thanks for the help.

Niko.


------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
isync-devel mailing list
isync-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/isync-devel

Re: mbsync tunnel example

Reply via email to