How would it be better to connect home MIAB to public internet to pass port restrictions?
- via VPN server or
- via remote SSH port forwarding or a tunnel to a VPS
Any detailed tutorials on those options?
How would it be better to connect home MIAB to public internet to pass port restrictions?
I’m not sure that your home’s internet connection is best suited to host MIAB. Typically if you would like to bypass port restrictions (which might not be the only restriction because your public IP could be in spamhaus or another spam list) then you should either have your MIAB server hosted in the cloud or sign up for Business Class internet that doesnt have these restrictions.
People have had luck with VULTR, Linode, and AWS. (although you still might need to tell them your hosting a mail server and have ports unblocked)
It must be possible to connect to VPS via Reverse SSH tunnel.
It may also be possible to connect to VPS running VPN server with port forwarding.
I also wonder if SSHuttle could help.
I need someone who already tried.
A quick search on the internet found this result:
What your trying to do is largely outside the scope of MiaB and I’d say honestly most people do not have complicated setups like this.
Personally I’d tell you to keep it simple. Mail is hard enough all by itself (even with the great scripts this project has put together to make it MUCH easier).
If you want your mail to be “reliable” and you can’t get a Static IP from your ISP. I’d look at hosting it elsewhere.
Yes it’s possible and there are people who run MIAB that way.
Get a VPS as normal, set up glue records against that VPS IP as per the normal installation instructions.
Get a reasonably sophisticated router that can do VPN tunnels and policy based routing like EdgeOS, VyOS, pfsense etc.
Create a VPN between the router and VPS using which ever flavour you prefer (ipsec, WireGuard, openvpn). Enable IP forwarding masquerade and NAT on the VPS since it’s going to act as a router for your local MIAB server.
Create a policy route on your local router to send all traffic from your local MIAB server via the VPN. Remember to create port forward rules back to the local server for the ports that MIAB needs to work (25, 53, 443 etc).
Run the MIAB install script on the local server. It should report the IP address of the VPS as its public IP if everything is set up correctly.