Nosocks, socksnoauth, socksuserpassword Channel Options

SOCKS connections
SOCKS connections (see RFC 1928 and RFC 1929) can be used to traverse a firewall that would not normally permit outbound SMTP message traffic. If the firewall offers a SOCKS service, then one can connect to the firewall&#x27;s SOCKS server and authenticate, pass over the remote host name and remote port to which one wishes to make an SMTP connection, and then the SOCKS server on the firewall will make the remote connection and transform the SOCKS connection into the desired SMTP connection. The  and   channel options control whether a TCP/IP channel uses a SOCKS connection, rather than attempting a normal, direct SMTP connection. , the default, specifies that no SOCKS connection will be used. tells the channel to attempt a SOCKS connection (using the username/password method of SOCKS authentication), rather than attempting a direct SMTP connection.

To achieve a SOCKS connection, one must set additional options. In legacy configuration, one must set TCP/IP-channel-specific options specifying the SOCKS host and port to which to connect, and the username and password with which to authenticate the SOCKS connection; see the SOCKS_HOST, SOCKS_PORT, SOCKS_USERNAME, and SOCKS_PASSWORD channel settings. In Unified Configuration, one must instead set channel options,  ,  , and.

Note that the SOCKS protocol is a general protocol for TCP/IP-based applications (e.g., SMTP), and makes no provision for application-specific issues such as, in the case of SMTP, MX host name DNS lookups. Thus when using a  channel, one must be sure that the host names that the channel is attempting to send messages to are all fully resolved hostnames (A record names). As such,  channels are all, in effect,   channels, and hence should only be used for special, point-to-point connections to known, specific remote systems where the proper mail host name is "known" (need not be looked up as a possible MX record in the DNS). In particular, any rewrite rules that direct domains to a  channel should output only domain names that are proper mail destination host systems (fully resolved domain names, with any MX references already taken into account).

See also:
 * sockshost Option
 * socksport Option
 * socksusername Option
 * sockspassword Option
 * TCPIP channels
 * TCPIP connections and DNS lookups channel options
 * Channel options