Tunnelling your e-mail over SSH

Example using commercial SSH and Outlook Express:

Here is an example of setting up an using an encrypted IMAP and SMTP SSH tunnel using the Commercial version of SSH and Outlook Express.  In this example, I have deliberately used a non-privileged port, although on most Windows machines, a straight port 25/143<-->25/143 tunnel should work.

1. Set up the tunnel using the commercial version of SSH.
    
2. Start the ssh tunnel.
    
3. Set up Outlook Express to use the tunnel.
    

Notes:

Firewall and SSH on imap.maths.ox.ac.uk.

Although the above example works very well while inside the firewall, to get it to work from outside the Institute requires an extra hop.  You will need to set up a tunnel to gate.maths.ox.ac.uk which forwards your unprivileged local pseudo-random SMTP and IMAP ports to unprivileged pseudo-random SMTP and IMAP ports on gate.  You will then need to set up another tunnel to imap.maths.ox.ac.uk from gate with gate's pseudo-random SMTP and IMAP ports pointing to the real IMAP and SMTP ports at imap's end.  Here's how:

Set up the tunnel as explained above, but use gate.maths.ox.ac.uk instead of imap.maths.ox.ac.uk.  When entering the outgoing tunnel Port numbers in the tunnelling section, change the Destination ports to a non-privileged port, e.g. for SMTP, use 2025, for IMAP, use 2143.  Also ensure you turn off Request tunnels only (disable terminal) so you get a prompt to enter the command to start the next tunnel.  Start the session (as explained above) and type in the following command at the UNIX prompt on gate.

ssh -N -l <username> -L 2025:localhost:25 -L 2143:localhost:143 imap.maths.ox.ac.uk

When this command is running, your tunnel should be working, and you should be able to follow exactly the same rules in setting up Outlook Express.