You might check out sSMTP[1] [1] https://wiki.debian.org/sSMTP
On Mon, Apr 08, 2019 at 09:33:03PM +0900, Mark Fletcher wrote: > Hello all > > As I wrote this I began to consider this is slightly OT for this list; > my apologies for not putting OT in the subject line but mutt won't let > me go back and edit the subject line. > > Short version: Is it reasonable to expect a piece of software to exist > that establishes a direct connection to a "remote" MTA and delivers mail > there for delivery, without also offering up mail reception > capabilities? If it is, what would that software be? Or alternatively, > is there a failsafe way to configure one of the MTAs (I have no strong > allegiance to any MTA, although the only one I have experience with is > exim4) such that even if I miss a configuration step it won't be > contactable from outside? To be clear, I only wish to be able to send > mail in one direction in this scenario... > > The more detailed background: > > My ISP has recently developed the unfortunate habit of changing my IP > address moderately frequently. They're allowed -- I'm cheap so I haven't > paid for a fixed IP. I'm shortly going to be moving so now really isn't > a good time to reconsider that position. > > They still aren't changing it crazily frequently, but I now run an > OpenVPN server at home and it is a bit inconvenient when they change my > home IP and I don't notice before going on a business trip or something. > > I'd like to set up an alert that lets me know when my external IP > address has changed. > > The box that is in a position to notice that the IP address has changed > is on the outer edge of my network connected directly to the internet. > It runs LFS. > > Deeper inside my network, accessible from the LFS box via the VPN, is a > Debian Stretch machine where I do most of my work. > > I've created a very simple script that is capable of parsing the output > of "ip addr" and comparing the returned ip address for the relevant > interface to a stored ip address, and thus being able to tell if the IP > address has changed. What I'd like to do now is make a means for the LFS > box to be able to notify me of the fact that the external-facing IP > address has changed. > > My Debian machine runs exim4 and has a reasonably basic setup that > allows it to accept mails from other machines on the network (although I > may need to fiddle around with getting mail to come through the VPN) and > deliver it either locally or using a friendly mail provider as a > smarthost. I've successfully sent and received mail between this machine > and a Buster machine on the same network, those two machines can see > each other without the VPN. The Buster machine was also running exim4. > > The LFS machine is, by design, very sparsely configured with only > software I truly needed installed. I am willing to add software but wish > to minimise the risk of installing something that opens up > external-facing vulnerabilities as much as possible. What I'd really > like is a piece of software that can reach out to my Stretch machine > through the VPN to present an email for delivery without offering a > local MTA that, improperly configured, might end up listening to the > outside world and thus present a security risk. > > I've looked at sendmail, postfix and of course exim4, and these are MTAs > which could certainly do the job but which also present the risk of > listening to the internet, especially if I do something stupid in the > configuration which is entirely feasible. And from some basic tests I > did on my Stretch machine I think the mail command expects there to be a > local MTA for it to talk to... > > My image of an ideal solution is a piece of software that can present > email to a remote MTA (ie an MTA not on the local machine) for delivery, > but is not itself an MTA, and certainly has no capability to listen for > incoming mail. > > Thanks in advance > > Mark >
