The abundance of small networked boards running Linux — like the Raspberry Pi — is a boon for developers. It is easy enough to put a small cheap computer on the network. The fact that Linux has a lot of software is a double-edged sword. On the one hand, it is a good bet that anything you want to do has been done. On the other hand, some of the solutions are a bit large for a tiny embedded system.
Take, for example, e-mail. Historically, Linux hosts operate as mail transfer agents that can send and receive mail for all their users and possibly even relay mail to others. In today’s world, that’s usually overkill, but the capability is there. It is possible to install big mail transfer agents into a Raspberry Pi. The question is: should you?
What Do You Want?
The answer, of course, depends on what you want to do. If you have a dedicated board sending out text and maybe even files using an external mail server (like, say, Gmail), then the answer is no. You don’t need a piece of software listening for incoming connections, sorting through multiple users, and so on.
Luckily, there are some simple solutions if you know how to set up and configure them. The key is to avoid the big mail programs that do everything you don’t need.
Mail Front Ends
Let’s tackle sending mail first. If you try to grab the mailutils package, you’ll see it drags along a lot of stuff including mysql. Keep in mind, none of this will actually send mail. It just gives you some tools to get mail ready to send.
Luckily, the bsd-mailx package has a lot less overhead and will do the job. Look at the man page to see what options you have with mailx; you can do things like attach files, set a subject, and specify addresses.
It is a little difficult to set up for Gmail, though, thanks to Google’s security. You’ll need the certutil tool from the libnss3-tools package. You’ll need to create a certificate store, import Google’s certificate, and then set up a lot of options to mailx. I don’t suggest it. If you insist, though, you can find directions on the Web.
SSMTP
By default, programs like mailx and other Linux mail commands rely on a backend (often sendmail). Not only does that drag around too much overhead, it is also a full mail system, sending and receiving and relaying–overkill for our little Pi computers.
Luckily, SSMTP is available which only sends mail and is relatively lightweight. You need a configuration file to point it to your mail server. For Gmail, it would look like this:
# # Config file for sSMTP sendmail # # The person who gets all mail for userids < 1000 # Make this empty to disable rewriting. root=postmaster # The place where the mail goes. The actual machine name is required no # MX records are consulted. Commonly mailhosts are named mail.domain.com mailhub=smtp.gmail.com:587 # Where will the mail seem to come from? rewriteDomain=yourdomain.com # The full hostname hostname=yourhostname AuthUser=YourGmailUserID AuthPass=YourGmailPassword UseTLS=Yes UseSTARTTLS=YES # Are users allowed to set their own From: address? # YES - Allow the user to specify their own From: address # NO - Use the system generated From: address FromLineOverride=YES
You can use a mail agent like mailx or you can just use ssmtp directly:
ssmtp someone@somewhere.com
Enter a message on the standard input and end it with a Control+D (standard end of file for Linux).
Google Authentication
There’s only one catch. If you are using Gmail, you’ll find that Google wants you to use stronger authentication. If you are using two-factor (that is, Google Authenticator), this isn’t going to work at all. You’ll need to generate an app password. Even if you aren’t, you will probably need to relax Google’s fear of spammers on your account. You need to turn on the “Access for less secure apps” setting. If you don’t want to do this on your primary e-mail account, considering making an account that you only use for sending data from the Pi.
Sending Files
Depending on the mail software you use, there are a few ways you can attach a file. However, the mpack program makes it very easy:
mpack -a -s 'Data File' datafile.csv me@hackaday.com
The above command will send datafile.csv as an attachment with the subject “Data File.” Pretty simple.
Receiving Mail
What if you want to reverse the process and receive mail on the Pi? There is a program called fetchmail that can grab e-mails from an IMAP or POP3 server. It is possible to make it only read the first unread message and send it to a script or program of your choosing.
You have to build a configuration file (or use the fetchmailconf program to build it). For example, here’s a simple .fetchmailrc file:
poll imap.gmail.com protocol IMAP user "user@gmail.com" with password "yourpassword" mda "/home/pi/mailscript.sh" folder 'INBOX' fetchlimit 1 keep ssl
You can leave the “keep” line out if you don’t mind fetchmail deleting the mail after processing. The file should be in your home directory (unless you specify with the -f option) and it needs to not be readable and writable by other users (e.g., chmod 600 .fetchmailrc). According to the fetchmail FAQ, there are some issues with Gmail, so you might want to consider some of the suggestions provided. However, for simple tasks like this, you should be able to work it all out.
In particular, the mailscript.sh file is where you can process the e-mail. You might, for example, look for certain keyword commands and take some action (perhaps replying using ssmtp).
Special Delivery
You might not think of the Raspberry Pi as an e-mail machine. However, the fact that it is a pretty vanilla Linux setup means you can use all sorts of interesting tools meant for bigger computers. You just have to know they exist.
Plain text passwords stored in text files? Wow! Just don’t be surprised that your Gmail account gets pawned and/or Google blacklists your device.
You obviously need access control on the file. Also it is very easy to create a throw away address just for this purpose.
Yes, plain text password on a device that is intended to run inside your home, running Linux with properly file access configured, where you are the only user (or you trust all other users), on a file that only you have read access, accessing a mail account that only you knows about and will be used only to communicate with the Pi.
It’s not a problem.
The point I was trying to make is that “security by assumption” is probably an even worse strategy than “security by obscurity”. (The latter does rhyme better though.)
Al assumed you’d obviously apply proper access control to the filers without mentioning what that might be. He also assumed you’d use a throw away Gmail account since they’re easy to create. My assumption would be that 75% of the people who try this will first use their real account info and that 50% of them will forget that they wrote down their password in a plain text file that they didn’t do ‘chmod’ on.
‘thoriumber” assumes that the Linux distro he downloaded off the net is secure and properly configured out of the box. He also assumes his LAN is secure. (I have no idea whether his particular LAN is or is not secure.) I assume mine is too although I don’t regularly do a security audit on it. I find it too big a PITA and too confusing to decypher the log files. And I should know better!
And then there’s my wife’s favorite security assumption: “Why would anyone want to hack my machine/confidential information? I’m don’t have anything worth bothering about.”
I’m sure the router guys (http://hackaday.com/2016/09/26/extra-large-denial-of-service-attack-uses-dvrs-webcams/) assumed the users would change the password to a “good” one. The DVR guys probably assumed the test accoutn would be removed before the product shipped.
Anyway, I’m not trying to pick on Al and ‘thoriumber” specifically. We all, including me!, keep assuming our systems are secure and build upon that assumption even though there’s been ample evidence that that assumption is most likely false.
But there’s also “Meh, good enough.”
There’s always away to criticise, like “Oh, I see you have a fence round 4 sides of the property, what about overhead?”
Or a tunneling protocol?
General feedback:
Are HAD authors commonly forgetting to put in article read-more-after-the-break tags? Over the past 6 months this has been happening and it’s getting rather annoying.
agree, verry annoying.
Why is this such an issue? Is it device specific or something?
It happens if you are reading the blog entries at hackaday.com/blog/ . I see you commenting in many posts, so I guess you don’t accumulate a lot of posts to read. I also read HaD frequently. However I can imagine if you are browsing all the posts or even by using the search box must be really annoying.
Okay I get it, sorry if my question sounded off base. You are right I didn’t realize how much room it takes on the /blog page.
Good article Al. I check the logs on my devices approximately once every decade but I check my email dozens of times each day. For me there’s no better way to know what’s up with my embedded devices.
Having several Beaglebones and PIs running around the house I wrote a simple SMTP/POP3 server in Python to get email notifications from the devices without having to deal with setting up accounts and passwords. It’s only useful on a LAN or VPN but pretty much any device that can open a TCP connection can submit an email with a just a bit of code.
The code is available at https://github.com/medic15/baremail
There’s very little setup other than getting it to run as a daemon or service on your particular OS.
I have a question for the pi guys and gals, could this cheap little computer be used as a server for a flex LM license? We have some older software that we use from time to time, and it requires the software to phone home to the license server in order to use.
I think we’ve been trolled by a goatse image. Not necessarily the whole image at the top of the main article, but the cropped image on http://hackaday.com/blog/
The colours are perfect, the circuit nubs… even the wavy stamp lines indicate aroma. Is that a polyp I see? Al, I’m not sure whether to high five you or vomit on my keyboard. Impressive.
Here’s what I saw…
https://s11.postimg.org/mbzg138dv/screenshot_hackaday_com_2016_10_04_16_36_38.png
Read twice. Did not get it. Setting up smtp on any Linux box is trivial, what does it have to do with HW or at least SW hacking? What is next? How to change your Windows password?
It might not be as trivial as it seems, since it’s the first exercise for <a href="http://eudyptula-challenge.org/">The Eudyptula Challenge</a>.
On a big box I’d run something like Exim. That would eat up at least 2/3s of my Pi, I think.If you think of something like the Pi as just a big Linux box write to post card size, you will be very frustrated.
As for concerns about security, you can go a long way by setting up a throw-away gmail account and using that as a destination. Then in that gmail account set up rules/filters that forward the email to your real one. You could even make the filters sophisticated and make different forwardings based on received content.
Just to let you know, your content is being plagiarised on here
https://bash-and-so.blogspot.co.uk/2016/10/raspberry-pi-send-me-letter.html