In some places Internet access is available only via proxy, which in practice means that you are limited to HTTP and HTTPS protocols only. But if you have external email accounts like Gmail, this is bit limiting, because you cannot access your email via IMAP protocol from your email client.
However there can be a solution – if proxy support HTTPS protocol, it means also that it supports CONNECT method that tunnels a connection to remote server unchanged. This method could be used to tunnel any protocol, so basically it could tunnel also IMAP ( and SMTP for outgoing email).
The only piece that is needed is either support from client (but Thunderbird unfortunately does not support this) or a tunnel program running on local machine + slight change in email account – to use local connection to tunnel proxy instead of direct connection to server. But there is still one small glitch – if your computer is notebook and you come home, there is no proxy, and you want to connect to mail server directly again. To handle this scenario local tunnelling proxy should be smart and fall- back to direct connection to server, if HTTPS proxy is not available. I have not found any program like this, so I’ve written mine own – called ptunnel. Recently I returned to this problem and created new ptunnel in Rust – it’s much faster and less resource intensive, so I recommend this one.
Now how to do this in practice:
- Get ptunnel from links above (old one requires python, new one must be compiled locally first).
- Run it with appropriate parameters – for Gmail it should be something like this:
ptunnel -p proxy_host:proxy_port 9993:imap.gmail.com:993 5587:smtp.gmail.com:587
ptunnel.py -d -p proxy_host:proxy_port 9993:imap.gmail.com:993 5587:smtp.gmail.com:587
You should assure that ptunnel is automatically started, when computer starts – the ways how you can do this are various – I prefer to start it with my desktop (Startup Applications in Gnome, Unity, Cinnamon), you can use /etc/rc.local or some other ways – I believe it may work fine even under other platforms like Win or Mac, even I never tried it.
- You have to reconfigure your email account – IMAP server should be localhost:9993 and smtp server localhost:5587.
- After reconfiguration, when you’ll try to receive or send email, you will get security warning – that’s because SSL certificates are not matching. You now connecting to localhost, but certificates are issued to mail server DNS name – you have to add security exceptions for these certificates.
This tunnelling works for me fine for quite some time ( a year or so). Tunnelling is not limited to IMAP /SMTP only so it can be used for SSH etc.