Need email server aid

Alvin Thompson alvin at thompsonlogic.com
Fri Apr 23 00:49:00 UTC 2010 

On 04/22/2010 08:39 PM, Chuck Kuecker wrote:
> Ultimately, this will be a wireless product that will be out in the
> wild, and will need the capability to connect anywhere, assuming the
> user has an email account on the network, somewhere in the world. At
> present, I'm just playing with basics using the built-in Ethernet port
> included with the development system.

In that case, you will need to configure things differently.  You have 3 
choices, from worst to best:

1. Include one of the tiny SMTP servers out there on the device, and 
have the device connect directly to destination SMTP server.  This is 
the simplest solution because you will need to include an SMTP server on 
the device no matter what (explained below), but this is also 
problematic because there are ISPs out that will not accept mail from 
'untrusted' IP addresses.  If the device is mobile, you can make no 
guarantees on what network or IP address the device will be using.

2. Use a password stored on the device to relay mail through your mail 
server (using TLS, of course).  If the device gets hacked, the hacker 
has your password and can relay mail through your system.

3. The best option.  On each device, include a unique public/private key 
pair and use that to authenticate, encrypt, and relay mail though your 
mail server.  If a device gets hacked, you just have to disable the key 
for that specific device on your server.  Better yet, if you're also 
charging a service fee and the client doesn't pay the bill on time, you 
can simply disable email (and other services for the device) until they 
bring their account current.

Option #3 is even better if this is an "always on" device.  If that's 
the case, you can provide a pass-phrase to the private key, to be 
entered by you (or your henchmen) when the device starts up for the 
first time.  When you do that, you can guarantee 3 things (I like 3's):

1. Messages that claim to be from the device are indeed from the device.

2. Messages cannot be read by anyone except authorized parties.

3. Messages cannot be altered in any way in transit.  What is sent is 
what you get.

The only thing you can't guarantee with this method is that sent 
messages will actually be received.  This is how iPhones work (I think), 
and that's why you need to connect iPhones to iTunes on order to 
activate them (it's getting the pass-phrase for your private key-- at 
least I think so).  It's about as secure as things get.

Anyway, you will always need an SMTP server on the device to queue sent 
messages if an internet connection or your server isn't available at the 
moment.  Otherwise, you risk unnecessarily losing sent messages.

Hope this helps,
Alvin

More information about the ubuntu-users mailing list