Show HN: SMTP Tunnel – A SOCKS5 proxy disguised as email traffic to bypass DPI

https://news.ycombinator.com/rss Hits: 13
Summary

πŸ“§ SMTP Tunnel Proxy A high-speed covert tunnel that disguises TCP traffic as SMTP email communication to bypass Deep Packet Inspection (DPI) firewalls. β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Application │─────▢│ Client │─────▢│ Server │─────▢│ Internet β”‚ β”‚ (Browser) β”‚ TCP β”‚ SOCKS5:1080 β”‚ SMTP β”‚ Port 587 β”‚ TCP β”‚ β”‚ β”‚ │◀─────│ │◀─────│ │◀─────│ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”‚ β”‚ Looks like β”‚ β”‚ Email Traffic β”‚ β–Ό β–Ό β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ DPI Firewall β”‚ β”‚ βœ… Sees: Normal SMTP Session β”‚ β”‚ ❌ Cannot see: Tunnel Data β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ 🎯 Features Feature Description πŸ”’ TLS Encryption All traffic encrypted with TLS 1.2+ after STARTTLS 🎭 DPI Evasion Initial handshake mimics real SMTP servers (Postfix) ⚑ High Speed Binary streaming protocol after handshake - minimal overhead πŸ‘₯ Multi-User Per-user secrets, IP whitelists, and logging settings πŸ”‘ Authentication Per-user pre-shared keys with HMAC-SHA256 🌐 SOCKS5 Proxy Standard proxy interface - works with any application πŸ“‘ Multiplexing Multiple connections over single tunnel πŸ›‘οΈ IP Whitelist Per-user access control by IP address/CIDR πŸ“¦ Easy Install One-liner server installation with systemd service 🎁 Client Packages Auto-generated ZIP files for each user πŸ”„ Auto-Reconnect Client automatically reconnects on connection loss πŸ“š For in-depth technical details, protocol specifications, and security analysis, see TECHNICAL.md. ⚑ Quick Start πŸ“‹ Prerequisites Server : Linux VPS with Python 3.8+, port 587 open : Linux VPS with Python 3.8+, port 587 open Client : Windows/macOS/Linux with Python 3.8+ : Windows/macOS/Linux with Python 3.8+ Domain name: Required for TLS certificate verification (free options: DuckDNS, No-IP, FreeDNS) πŸš€ Server Setup (VPS) Step 1️⃣: Get a Domain Name Get a free domain pointing to your VPS: πŸ¦† DuckDNS - Recommended, simple and free - Recommended, simple and free 🌐 No-IP - Free tier available - Free tier available πŸ†“ FreeDNS - M...

First seen: 2026-01-07 04:42

Last seen: 2026-01-07 16:44

Read Full Article More from this Source
Related News
The Concise TypeScript Book
2026-01-11 Β· 1 hits
'Bandersnatch': The Works That Inspired the 'Black Mirror' Interactive Feature (2019)
2026-01-11 Β· 1 hits
I build products to get "unplugged" from the internet
2026-01-11 Β· 1 hits
CPU Counters on Apple Silicon: article + tool
2026-01-11 Β· 4 hits
Datadog, Thank You for Blocking Us
2026-01-11 Β· 5 hits