Simple Linux to Linux(Debian) email
- Date: Mon, 8 Apr 2019 21:33:03 +0900
- From: Mark Fletcher <mark27q1@xxxxxxxxx>
- Subject: Simple Linux to Linux(Debian) email
As I wrote this I began to consider this is slightly OT for this list;
my apologies for not putting OT in the subject line but mutt won't let
me go back and edit the subject line.
Short version: Is it reasonable to expect a piece of software to exist
that establishes a direct connection to a "remote" MTA and delivers mail
there for delivery, without also offering up mail reception
capabilities? If it is, what would that software be? Or alternatively,
is there a failsafe way to configure one of the MTAs (I have no strong
allegiance to any MTA, although the only one I have experience with is
exim4) such that even if I miss a configuration step it won't be
contactable from outside? To be clear, I only wish to be able to send
mail in one direction in this scenario...
The more detailed background:
My ISP has recently developed the unfortunate habit of changing my IP
address moderately frequently. They're allowed -- I'm cheap so I haven't
paid for a fixed IP. I'm shortly going to be moving so now really isn't
a good time to reconsider that position.
They still aren't changing it crazily frequently, but I now run an
OpenVPN server at home and it is a bit inconvenient when they change my
home IP and I don't notice before going on a business trip or something.
I'd like to set up an alert that lets me know when my external IP
address has changed.
The box that is in a position to notice that the IP address has changed
is on the outer edge of my network connected directly to the internet.
It runs LFS.
Deeper inside my network, accessible from the LFS box via the VPN, is a
Debian Stretch machine where I do most of my work.
I've created a very simple script that is capable of parsing the output
of "ip addr" and comparing the returned ip address for the relevant
interface to a stored ip address, and thus being able to tell if the IP
address has changed. What I'd like to do now is make a means for the LFS
box to be able to notify me of the fact that the external-facing IP
address has changed.
My Debian machine runs exim4 and has a reasonably basic setup that
allows it to accept mails from other machines on the network (although I
may need to fiddle around with getting mail to come through the VPN) and
deliver it either locally or using a friendly mail provider as a
smarthost. I've successfully sent and received mail between this machine
and a Buster machine on the same network, those two machines can see
each other without the VPN. The Buster machine was also running exim4.
The LFS machine is, by design, very sparsely configured with only
software I truly needed installed. I am willing to add software but wish
to minimise the risk of installing something that opens up
external-facing vulnerabilities as much as possible. What I'd really
like is a piece of software that can reach out to my Stretch machine
through the VPN to present an email for delivery without offering a
local MTA that, improperly configured, might end up listening to the
outside world and thus present a security risk.
I've looked at sendmail, postfix and of course exim4, and these are MTAs
which could certainly do the job but which also present the risk of
listening to the internet, especially if I do something stupid in the
configuration which is entirely feasible. And from some basic tests I
did on my Stretch machine I think the mail command expects there to be a
local MTA for it to talk to...
My image of an ideal solution is a piece of software that can present
email to a remote MTA (ie an MTA not on the local machine) for delivery,
but is not itself an MTA, and certainly has no capability to listen for
Thanks in advance