Best practices for sending email from remote device?

Started by Tim Wescott 7 months ago1 replylatest reply 7 months ago57 views

My Google-fu has failed.  I know a few ways to send an email from a remote device, but I'm looking for the best way to do it, that gives a good compromise between security of the device, a reasonable chance that the mail won't be taken as spam by a spam-trap, and that anything the IT people have to do to make it work on the network to which it is connected aren't difficult and don't poke gaping holes in their security.

"Best practices" doesn't help, although one of my searches did find both sites and software for sending bulk mailings.

(Edit):  Assume a Linux box.

[ - ]
Reply by Bob11March 4, 2018

Good question.

I would think it would depend a lot on the network the remote device finds itself on. There's a huge difference between a remote device sitting on a hilltop somewhere connected to a DSL modem, and a remote device sitting on an internal network in a power substation. The former can be assumed to be exposed to the Internet directly, and will have to harden itself appropriately, while the latter would (should) almost certainly have to work through a gateway device in order to access the Internet at large. It also depends on the recipient: is the email going to any old gmail account, or to a specific server with a dedicated IP?

In either case, once the email leaves the embedded device I wouldn't think it would be any different than any other email traversing the public network. In other words, the best way to get it through to any destination address is to associate it with a valid domain and send it via an authorized mail server, as most large mail services these days no longer allow direct routing. This means registering a domain and finding a mail service the embedded device can re-direct through. (On a power substation I would expect the gateway to handle this.) On the other hand, if the email is going to a specific IP, there shouldn't be many problems routing it directly as the embedded device can talk (and authenticate) directly with the server. Encrypt or not using the appropriate email ports as desired. If the embedded device is on the power station network, the gateway will have to be configured for port forwarding from the device.

In summary, this might be a better question for a Cisco forum :-)