![]() ![]() ![]() Don’t forget “apt update” as a first step to getting your repos in sync. If you’re not logged in a root, you’ll need to prepend “sudo ” to this line. We don’t need to install much: apt install bsd-mailx msmtp msmtp-mta Let’s get a few things installed, and then we can look at configurations. ![]() It’s secure, small, free, and runs quietly in the background. Sure, all of this sounds like a tall order, but relief is on the way! msmstp is a lightweight (as compared to trying to configure Sendmail) MTA. Think of the protection offered by ssh with SSL–same game! Once we get there, we will also need to authenticate to Gmail, but we can use our existing Gmail account and password, so no big stretch there. We’re going to be using TLS to create an encrypted tunnel connection from the MUA to the mail relay at Gmail. We just need to make sure that our wheel stays in its lane. Luckily, we don’t need to reinvent the wheel to get our email for work. There are facilities for highly secure connections for your enterprise and of course cost, but I want to focus on free, secure, and easy. Gone are the days of a simple SMTP connection on port 25! Today, Gmail requires that your incoming connection be secure. Gmail offers a great relay service but enforces security. But we need to make sure that our MTA has a reliable connection to a relay. Once you get things working, mail will just work. You can configure that MTA on your server once and forget it. The MTA must be configured to get the email out the door, off your Raspberry, and out to a mail relay. It puts the email header and body together and then passes it off to an MTA or “mail transport agent”. Whether it be Sendmail or Nagios, is the MUA or “mail user agent”. There are actually quite a few moving parts to getting a message from your Raspberry to your Gmail account. If you’ve got a Gmail account, there’s a fairly straightforward way to allow your Raspberries access to your Gmail in a fairly secure fashion. But, because of all the spammers in the world, the email relays have gotten much more stringent of who could just dump email messages on their servers for delivery. Back in the day, you could just run Sendmail and pipe some text to your email address. The permissions system is ad hoc, which leads to mistakes.Wouldn’t it be nice to get an occasional email from one of your Raspberries when something is wrong? Maybe your filesystem is filling up or the monitoring you’ve set up needs to alert you that some of the network devices are overheating. Google makes this extremely difficult to do. Nick Santora, CEO of Curricula, said, "The way Dropbox uses folders allows us to segment data by department and only give employees in that department access to those folders. Google Drive lacks cohesive organizational permissions, for example. "If your files are subpoenaed, depending on what Google decides, it might not take a security breach to forfeit your privacy," said Monica Eaton-Cardone, chief operating officer of Chargebacks911.Īnd as is often the case with cloud services, the most significant risks aren't related to the encrypted infrastructure, but with the user, and Google Drive has a number of user-related vulnerabilities. Moreover, Google is subject to governments and law enforcement. This is in contrast to apps like Signal, where not even the company that runs the app can access your data. "They have the power to decrypt files which can make them easier for hackers." ![]() "Because they are in control of these encryption keys, it can lead to vulnerabilities for its users," said Kristen Bolig, founder at SecurityNerd. Encryption keys are tools that let Google (or whoever has the keys) decrypt files, bypassing all their security. Some security experts don't love that Google keeps encryption keys for all the files on Google Drive. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |