to email server thru a firewall or proxy ?

Re: POP and SMTP through HTTP

You sound like a bloke who knows what he's on about.

I wouldn't bet on that :rollin . I think you are missing a winking smiley on the end there .

I assume you are talking about a Virtual Private Network.

Basically a remote user will dial up directly to a VPN Server and create a link.
All comms will be to and from that VPN Server.
The remote user will package up data into a datagram with some IP header info. All of this datagram (including the IP header) is encrypted in some way (probably using asymmetrical encryption). This encrpyted datagram is then placed as the payload inside another datagram "wrapper" which has it's own header. The wrapper header contains the address of the VPN Server as the destination. The datagram is then sent to the VPN Server which removes the encrpyted payload and decrypts it. The decrpyted payload contains the address of the internal target machine which the remote user is trying to connect to.
Because the entire IP address is encrypted, no-one outside the VPN Server can read the address of the target and therefore the target is effectively invisible to the outside world.

The VPN server MIGHT be either outside the firewall or might allow SMTP access itself.
Either that or he is only able to access WebMail on his ISP.

I'd be surprised if he was able to run MS Outlook through that method.

Re: POP and SMTP through HTTP

Vetran came up with some buzzwords I remember him mentioning.

He certainly had full telnet to his home server and the ISP server. I'm still in occasional contact with him (all my sites run on his server - and most of them were setup on that server during the working day from his desk). He used to have a webcam at his house on his work desktop. Not sure what he was actually supposed to be doing - probably the same as me - filling a seat for the greater glory of a manager.

I know I couldn't get VNC working through the firewall even when I set it to port 80. It's hardly critical to me so I gave up. If it did become important I'd dig deeper.

Re: POP and SMTP through HTTP

ok here goes.

to get out of your network you have to go via a proxy server that is only configured for httpand https. Assumption

You have no control over the firewalls or the ports that are open so cant simply open the required ports.
There is no socks proxy available for either.

Then you would have to use a method that can be proxied such as web mail if available.

Basically a proxy does what it says . It will terminate the connection from the client and then create a connection to the server on the clients behalf and start a new one to the server. All connections through a proxy are done like this. And an httpproxy will only proxy connections for applications that it understands such as http.A socks proxy can handle most applications but requires client side software to direct the packets to the socks proxy.


Now httpstunneling takes advantage of the fact that a proxy server cant look at the data stream for encrypted traffic , it is encrypted from the client to the server all the proxy does is forward the packets. Overly simple but thats the basic affect. Anyway this means that you can effectively tunnel any protocol throught https, security nightmare. Such as exchange 2003 which has rpc over https, thats a full mapi client straight throught the proxy servers.

Some clever people have written software that utilises this and the fact that most if not all corporate networks only allow normal users proxy access to the internet, to write remote control software that allows you to take over your home machines desktop via an httpsstream. That httpstunneling as the underlying protocol is not http.

Re: POP and SMTP through HTTP

Hi Folks,
Thanks for all the replies! Very complete also, I might add.

I have finally established that the proxy server won't accept SOCKS, that's why my attempt with SocksCap and Proxifier are not working. Httpstunnelling should be accepted. But as pointed out, the traffic between the proxy and my remote server would then be on the wrong port. My POP or SMTP packets would end up trying to connect on the httpsport, and not be accepted by my email server. So that would not work.

web-based mail: yes indeed that works nicely, with the catch that like having my mail saved onto my PC, so I can keep it all. I can't do that with the web-mail.

Final verdict- web-mail it is !

Re: POP and SMTP through HTTP

IMAP?

Re: POP and SMTP through HTTP

IMAP will encounter the same problems as SMTP ... it just uses a different port.

Re: POP and SMTP through HTTP

yes but its an outgoing port, rather than an incoming port.