How to proxy-relay SMTP over squid services with postfix and netcat

I’ve seen a lot of questions asked on some places, how to send SMTP traffic over proxies. Noone – as usual has given a proper answer on this really specific problem. Let me explain.

  • I do have a mailserver, but it is blocked to use SMTP ports. This mailserver is postfix.
  • I also do have access to a squid-proxy.
  • Now, I want to send e-mail over this squid proxy. Can this be done.
  • Now, all questions are just returned with the answer ”Nope, squid is a http/https proxy. No can do!”

I beg to differ. You can send SMTP traffic over a SQUID proxy. You just have to tweak the sending and ports. First of all; we know that squid proxies requires a handshake that very much looks like this:

CONNECT remote.http.server:80 HTTP/1.0

With this done, the SQUID proxy replies like this:

HTTP/1.1 200 Connection established

While playing with the postfix settings, it turns out that postfix ignores that response. So instead, you could just connect to a SMTP-server instead. If the squid proxy is not controlled by you, however, this connectivity will fail on SMTP ports. So this solution is based on the fact that your real SMTP relay server should answer at port 80 or 443, as it was a web service itself.

For several years ago, I configured a postfix to answer on those ports, since port 25 and 587 locally was usually blocked. To make sure I have a relay that can handle the mail service, I therefore configured a VPS specifically to use the default webports to receive e-mail. When received, this postfix service will then make sure that the mail are delivered properly.

So, where does the squid service come in?

Well, I’ve seen a lot of recommendations that includes installations of complex crappy application that needs to be configured to death. I was thinking if this could be handled easier, by for example netcat. A little experimenting I figured out, that the only thing required for this to work was to put up a simple script that handles the proxy link and a inetd-kind-of service. But for systemd. It very much looks like this:



cat <(echo "CONNECT SMTP.SERVER.IP:443 HTTP/1.0"; echo "") -|nc squid.server.host 3128

This little nifty script makes sure we connect to the squid proxy. When connected, it sends the command to the SQUID proxy, necessary to make squid reconnect to the real server. As it probably blocks the regular ports, but allows http/https-traffic, squid will now open a connection to the real server.

With this knowledge, I now need a local service that handles postfix relay connections as it was a real SMTP relay that it connects to, since postfix does not handle proxies. For this example, I’ve been using port 1588 (instead 587). With help from https://mgdm.net/weblog/systemd-socket-activation/ i managed to do the following:


Description=ProxySMTP Socket







Some things that has been pointed out at the site I got inspired from is to take not one the @ in the filename. This is significant as it indicates the service is a template and that a new instance of the service will be run on every connection.

With all this in place, it is time to enable the service and test it. This is done in following steps:

  • systemctl daemon-reload
  • systemctl enable proxysmtp
  • systemctl start proxysmtp.socket
  • systemctl enable proxysmtp.socket

When testing this solution, I will now get the following response when trying to connect to port 1588 as configured above:

my-server:~$ telnet localhost 1588
Trying localhost...
Connected to localhost.
Escape character is '^]'.
HTTP/1.1 200 Connection established

220 my-smtp-server ESMTP Postfix

This is something that is apparently perfectly supported by postfix, so now we’ve configured SMTP-Over-Proxy with very low effort and very high efficiency.

Car barz feat Maddy V & Lady MC Xmas 2019 (Remix)

Added an extra beat as an experiment on this tune from MC Bellyman’s Youtube channel, featuring Maddy V and Lady MC in a Carbarz Xmas Special 2019. This is a re-edit from the first version (in the bottom of this post).

Original video

The first try had some misses in the beatsync…

Retro Mix 2022-05-26 (Retrospection Volume 1)

Firing up the weekend with retro-feelings – with primary focus on the 1990’s!

See tracklist at the end of this post.

Also on soundcloud:

With visualizations at Youtube!


00:00 – Who Da Funk feat. Jessica Eve – Shiny Disco Balls (Main Mix)
00:35 – 1984 vs Talla 2XLC (Flutlicht) – Picture Of You (Tornevall Remix, Enjoy The Silence)
02:56 – Motiv 8 – Rockin’ For Myself
03:39 – Dreamworld – Movin’ Up (Sleaze Sisters Anthem Mix)
06:23 – Technotronic & Global Deejays – Get Up (Tornevall Remix)
08:40 – D-Jastic – Up To No Good (Extended Mix)
09:35 – Club Enforcer – Here To Chill
10:54 – Dj Miko – Rhythm (Factory Team Mix)
13:45 – Melodie MC – Dum Da Dum 2009 (Radio edit)
16:10 – Lutricia McNeal – My Side of Town
17:46 – Gigi D’Agostino – Super (Original Version)
18:19 – Klubbheads – Kickin hard
19:05 – Helena Paparizou – Mambo
21:00 – U.S.U.R.A. – Open Your Mind
22:06 – Quadrophonia – Quadrophonia (United Bass Invaders Remix)
23:21 – Lolitta – Renegade Master (Original mix)
24:25 – 2 House – Go Techno (Tony Humphries Vocal Mix)
25:58 – Azzido Da Bass – Dooms Night (Timo Maas Radio Edit)
27:36 – C&C Music Factory – Gonna Make You Sweat (Everybody Dance Now, KaktuZ Remix)
28:19 – Bob Marley & Funkstar De Luxe – Sun Is Shining
29:53 – Cosmos Funk – Discoteque (Gym X Tonic Remix)
31:47 – Miami Sound Machine – Conga
31:14 – Andy Buchan – Road to Barca
36:10 – Souvlaki – Inferno
37:17 – Spankox – To The Club (Extended Mix)
38:15 – The Grid – Swamp Thing (Radio Mix)
40:44 – Bobina – El Bimbo (Extended Remix)

PrestaShop 1.7.7.x and its unability to have complete configuration file

Stored by emergency below, as it seems that documentation widely spread over the world can’t have a complete, working, config file for prestashop in nginx. Here’s one, that worked perfectly without any weird issues with 404-errors, etc.

Don’t forget to check your hostname and/or eventually SSL configuration for port 443.