Comparison of different SMTP clients

Hi all, I'm looking at adding an SMTP client to my router so that it can send me email notifications about various things (configure a cron job to check for updates and send me an email when updates are available, for example). I see on this page there are a few choices - https://openwrt.org/docs/guide-user/services/email/smtp.client and I'm wondering if there is a "best" one or a preferred one among the community?

They all look easy enough to configure and all look like they would serve my purposes just fine, but I would like to know if one has any advantages (or disadvantages) over the others so that I don't just end up arbitrarily choosing a client.

pretty much comes down to what you need to send?, server authtype?. and how much resources you have?...

1 Like

Well, at the moment I am only considering sending text emails with no attachments (though I may find attachments useful in the future). For server authtype, I want to be as secure as I can, so I would like to use SSL/TLS. And I'm using a Linksys WRT32X, so I think I should have sufficient resources.

1 Like

Take msmtp, it's quite easy to configure and it's actively maintained (ssmtp is unmaintained in debian repo).

1 Like

The option I use, which doesn’t require mail credentials on the machine, is mosquitto to send the body only over MQTT over TLS. The subscriber to that message on a “trusted” machine sends the email to a controlled set of destinations, if needed. Subscription to the MQTT alone may be enough in many situations.

Edit: I use Python on the trusted host for both the MQTT subscriber as well as the mail sender.

2 Likes

Interesting, I'm not familiar with MQTT but it looks like a good option. I assume the trusted host in this case would need to be a server of some sort? I don't currently have any always-on devices at the moment, but could a Raspberry Pi serve this purpose?

1 Like

Good to know about ssmtp, I'll remove it from consideration.

More than enough processing capability, as well as a full-featured install of Python, Mosquitto, and your choice of TLS and SMTP tooling.

One of the valuable features of MQTT, at least for me, is guaranteed delivery -- if the server isn't available, the client will queue QoS 1 (at least once) and 2 (exactly once) messages until it can reconnect (or runs out of memory for them).

1 Like

Good to know. I have a few more questions. Is it a security risk to have mail credentials on your OpenWRT router? If so, is this because the router is the Internet-facing device and therefore the most vulnerable? And did you opt for MQTT and handle the emailing from a separate device simply for this improved security or do you use it for other things as well?

I don't know what I don't know and am trying to learn as much as I can and see what other cool things I can do with OpenWRT!

In my opinion, yes, credentials on a router are poor security practice. Encrypting them doesn’t accomplish anything as they are programmatically unlocked.

I use MQTT for all kinds of monitoring and control, both with an “inside” server (“broker”) as well as one on a VPS in the cloud (in case my network is down, or unexpectedly changes its public IP).

2 Likes

To add to that... if you wanted to say pull those messages into another transport ... say pop-up notifications on your mobile... mqqt would pretty much scale in any direction you choose....

2 Likes