[GH-ISSUE #191] Question: More Cypht instances or some IMAP relay? #157

New issue

Closed

opened 2026-02-25 21:34:19 +03:00 by kerem · 2 comments

kerem commented

2026-02-25 21:34:19 +03:00

Owner

Originally created by @dumblob on GitHub (Apr 21, 2017).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/191

Originally assigned to: @jasonmunro on GitHub.

I'm coming more and more across a delicate issue. I'm traveling across countries and I'm using email identities originating in these different countries. Majority of these identities are handled by email infrastructure which runs solely in the country of it's origin (unlike Gmail or Outlook.com). Nearly all of these infrastructures disallow using their SMTP servers from any foreign country. This means I need in each of these "difficult" countries an own VPS with VPN or SSH (used as SOCKS) to connect Thunderbird to the SMTP servers. This is tedious and not a scalable nor maintainable solution. After a basic support for batch sending gets available, I would like to completely switch to Cypht.

The question is how to solve this issue in the least error prone and maintenance-less way. I came up with two basic approaches.

Automated Cypht configuration sharing (triggered by any change in the configuration) among multiple Cypht instances.
Running an IMAP "relay" on a VPS in all countries but one, in which the only Cypht instance will run and connect to local email infrastructures and the relays.

The approach (1) seems problematic (sharing of "live" data always was). The approach (2) sounds probably functional, but also less secure and problematic.

What do you think? Would you recommend me somehing? Do you have any experience with it? @jasonmunro, you're very experienced when it comes to IMAP - is there any secure way of relaying transparently the traffic or would I need to setup a VPN or SSH (SOCKS) on those VPNs and connect from Cypht through them? What would be the easiest solution?

Originally created by @dumblob on GitHub (Apr 21, 2017). Original GitHub issue: https://github.com/cypht-org/cypht/issues/191 Originally assigned to: @jasonmunro on GitHub. I'm coming more and more across a delicate issue. I'm traveling across countries and I'm using email identities originating in these different countries. Majority of these identities are handled by email infrastructure which runs solely in the country of it's origin (unlike Gmail or Outlook.com). Nearly all of these infrastructures disallow using their SMTP servers from any foreign country. This means I need in each of these "difficult" countries an own VPS with VPN or SSH (used as SOCKS) to connect Thunderbird to the SMTP servers. This is tedious and not a scalable nor maintainable solution. After a basic support for [batch sending](https://github.com/jasonmunro/cypht/issues/115 ) gets available, I would like to **completely** switch to Cypht. The question is how to solve this issue in the least error prone and maintenance-less way. I came up with two basic approaches. 1. Automated Cypht configuration sharing (triggered by any change in the configuration) among multiple Cypht instances. 1. Running an IMAP "relay" on a VPS in all countries but one, in which the only Cypht instance will run and connect to local email infrastructures and the relays. The approach (1) seems problematic (sharing of "live" data always was). The approach (2) sounds probably functional, but also less secure and problematic. What do you think? Would you recommend me somehing? Do you have any experience with it? @jasonmunro, you're very experienced when it comes to IMAP - is there any secure way of relaying transparently the traffic or would I need to setup a VPN or SSH (SOCKS) on those VPNs and connect from Cypht through them? What would be the easiest solution?

kerem closed this issue

2026-02-25 21:34:19 +03:00

kerem commented

2026-02-25 21:34:19 +03:00

Author

Owner

@jasonmunro commented on GitHub (May 9, 2017):

@dumblob, I don't have any experience with this type of issue. Just so I understand correctly, is the main problem sending mail via SMTP when not located in the country of that mail system? Or does this restriction also effect reading your mail using IMAP? If the problem is just sending with SMTP, I have an idea. Not sure it's a good idea, but it's an idea :).

While these orgs restrict clients connecting to their SMTP server from other countries (not a terrible idea), I would imagine they still accept mail from other domains not located in the same country. If so, then you could setup your own SMTP server, and use Cypht profiles for each destination domain that all use the same SMTP server.

For example. I run the SMTP server at cypht.org. I can create profiles associated with that SMTP server that have no direct relation to the domain, and I can still send mail as those identities. So the from address and reply to can be anything I want. I ran a test on this to confirm it works.

I sent 2 messages from the cypht.org domain to one of my gmail addresses, sailfrog@gmail.com. The first was with a standard profile associated with the cypht.org domain:

X-Mailer: Cypht
MIME-Version: 1.0
From: "Jason Munro" <jason@cypht.org>
Reply-To: jason@cypht.org
To: <sailfrog@gmail.com>
Subject: test
Date: Tue, 09 May 2017 11:25:50 -0500
Message-Id: <0b81226fe12ca16bb549ecf96f1810a2@shop>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable

test

Then I sent a message with a different profile that I associated with the same SMTP server:

X-Mailer: Cypht
MIME-Version: 1.0
From: "Not Jason Munro" <jason@hastymail.org>
Reply-To: jason@hastymail.org
To: <sailfrog@gmail.com>
Subject: test
Date: Tue, 09 May 2017 11:26:53 -0500
Message-Id: <4f7befb24135427eb82c58d6b94c8dda@shop>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable

test

As you can see, the second message appears to be from hastymail.org, not cypht.org. Keep in mind these raw messages are what are saved in my sent folder, the actual delivered message will have some provisional headers added by SMTP servers indicating that it did not originate locally, but the headers that matter are the ones E-mail clients use, like From: and Reply-to: Also note that you will need to grab the latest master branch since I just fixed a bug related to multiple profiles for the same SMTP server.

@jasonmunro commented on GitHub (May 9, 2017): @dumblob, I don't have any experience with this type of issue. Just so I understand correctly, is the main problem sending mail via SMTP when not located in the country of that mail system? Or does this restriction also effect reading your mail using IMAP? If the problem is just sending with SMTP, I have an idea. Not sure it's a good idea, but it's an idea :). While these orgs restrict clients connecting to their SMTP server from other countries (not a terrible idea), I would imagine they still accept mail from other domains not located in the same country. If so, then you could setup your own SMTP server, and use Cypht profiles for each destination domain that all use the same SMTP server. For example. I run the SMTP server at cypht.org. I can create profiles associated with that SMTP server that have no direct relation to the domain, and I can still send mail as those identities. So the from address and reply to can be anything I want. I ran a test on this to confirm it works. I sent 2 messages from the cypht.org domain to one of my gmail addresses, sailfrog@gmail.com. The first was with a standard profile associated with the cypht.org domain: ``` X-Mailer: Cypht MIME-Version: 1.0 From: "Jason Munro" <jason@cypht.org> Reply-To: jason@cypht.org To: <sailfrog@gmail.com> Subject: test Date: Tue, 09 May 2017 11:25:50 -0500 Message-Id: <0b81226fe12ca16bb549ecf96f1810a2@shop> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable test ``` Then I sent a message with a different profile that I associated with the same SMTP server: ``` X-Mailer: Cypht MIME-Version: 1.0 From: "Not Jason Munro" <jason@hastymail.org> Reply-To: jason@hastymail.org To: <sailfrog@gmail.com> Subject: test Date: Tue, 09 May 2017 11:26:53 -0500 Message-Id: <4f7befb24135427eb82c58d6b94c8dda@shop> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable test ``` As you can see, the second message appears to be from hastymail.org, not cypht.org. Keep in mind these raw messages are what are saved in my sent folder, the actual delivered message will have some provisional headers added by SMTP servers indicating that it did not originate locally, but the headers that matter are the ones E-mail clients use, like From: and Reply-to: Also note that you will need to grab the latest master branch since I just fixed a bug related to multiple profiles for the same SMTP server.

kerem commented

2026-02-25 21:34:19 +03:00

Author

Owner

@dumblob commented on GitHub (May 9, 2017):

@jasonmunro you understood my problem very precisely (yes, it's just about SMTP as IMAP worked fine so far everywhere from anywhere - but I didn't test it properly - especially write operations are untested).

Shame on me, that I did not come up with the solution you proposed (actually I ran the setup you proposed few years ago for few hours with Google SMTP servers, but they modified the emails too much, which was confusing recipients/clients thinking it came from the Google account through which it was relayed and thus replying was screwed etc.).

I bet the SMTP server I'll need to run will need a reverse DNS record as it seems majority of other SMTP servers have a policy to only accept messages from servers "proved" by this. I'll try to find some time to set up a decent SMTP server somewhere (probably in a country generally considered safer than others) with a good domain, and test whether the SMTP servers from foreign countries accept the messages. In case it won't work, I'll probably run a "combined" setup - in the "problematic" countries will be a VPN/SOCKS VPS of mine and for the rest the SMTP relay solution.

Thank you very much!

(I'm closing this as it sounds viable; I'll reopen it in case an obstacle appears)

@dumblob commented on GitHub (May 9, 2017): @jasonmunro you understood my problem very precisely (yes, it's just about SMTP as IMAP worked fine so far everywhere from anywhere - but I didn't test it properly - especially write operations are untested). Shame on me, that I did not come up with the solution you proposed (actually I ran the setup you proposed few years ago for few hours with Google SMTP servers, but they modified the emails too much, which was confusing recipients/clients thinking it came from the Google account through which it was relayed and thus replying was screwed etc.). I bet the SMTP server I'll need to run will need a reverse DNS record as it seems majority of other SMTP servers have a policy to only accept messages from servers "proved" by this. I'll try to find some time to set up a decent SMTP server somewhere (probably in a country generally considered safer than others) with a good domain, and test whether the SMTP servers from foreign countries accept the messages. In case it won't work, I'll probably run a "combined" setup - in the "problematic" countries will be a VPN/SOCKS VPS of mine and for the rest the SMTP relay solution. Thank you very much! (I'm closing this as it sounds viable; I'll reopen it in case an obstacle appears)