> > I was setting up ssmtp but I realized it isn't being maintained and > > there are a couple of alternatives called msmtp and dma. Can anyone > > recommend one of these over the other? > > > > I don't like how ssmtp stores the mail password in clear text in its > > config file. It looks like msmtp can pull the password from gpg: > > > > msmtp --passwordeval 'gpg -d mypwfile.gpg' > > > > I don't have much experience with gpg. Does this mean I can store the > > mail password encrypted on each of my systems so it can be used in an > > automated fashion to get mail onto my mail server? Do I need to start > > gpg-agent and enter a gpg keyring password whenever I reboot each of the > > systems? > > > > Is this the best way to get email alerts from my various systems to my > > email address? > > > > I switched to msmtp when nbsmtp was treecleaned. The switch was > uneventful; it just works, which is high praise. > > You can't encrypt your password unless you're going to be physically > present to decrypt it (with some other password). If your machine is > physically secure, you can just make the msmtp config file read-only to > yourself. If someone can log in as you, they can get your password > anyway. There's only a risk if e.g. you're not root, or someone else can > get root (access to grub) or walk off with the hard drive. > > If you're worried about either of those scenarios, set up a separate > account for your email alerts.
I like the separate account idea. Any tips on locking it down? Maybe that account on the mail server should somehow only be allowed to deliver to a single email address (mine)? Would it need a shell account? Certainly not allowed in sshd_config. - Grant
