B4J Question Uattended sending of emails - seeking advice

Chris2

Active Member
Licensed User
I've been working on a Raspberry PI based device that will periodically download data from a data logger (connected via USB), and send the data file (<1MB in size) as an attachment to an email.
It will do this automatically on a daily/weekly/monthly basis, with no user interaction (once configured).

My question relates to the best way to use an email account to send the emails. Remembering the fact that the software needs access to this account's credentials to send the emails, without any user being present at the time.

Currently I am using SMTP with the jNet library, and am I storing the sending email account's credentials (email address, server, password etc) in a KeyValueStore database (KVS2) with kvs.PutEncrypted.
The issue with this is of course that I need to store the password for the KVS somewhere. Currently this is as a global variable which is not entirely secure (although the variable can be obfuscated when the app is built).

To improve this a little, I have thought about providing a new, unique email account for each of these devices that is supplied. So that the user has the option of using an 'in-built' account, rather than having to input their own email account info.
That way, if the device get hacked, it's 'only' an unused email account that is compromised.
I'm aware of the downsides to this option. Not least the fact that each unique email adress would have to be maintained (by me!).

I have also though about using the Gmail API (https://www.b4x.com/android/forum/threads/b4x-sending-emails-with-gmail-rest-api.81736/) but that would leave me subject to the whims of Google, (I think) limit me to a gmail email address, mean that someone has to set it up on their google account (the user or me), and I'm not sure it's any better really than using a unique email account for each device.

So, my questions are;
1. Is there a better way to store a KVS encryption password than in an (obfuscated) global variable.
2. Am I missing an option that would allow an unattended device to send emails more securely?
 

Erel

B4X founder
Staff member
Licensed User
Longtime User
There is no 100% safe way to hide a password inside the app. A skillful hacker can always run your program with a low level debugger and find the key.

Another possible option, is to create a simple http server with jServer and send the mails from your server. This way you will have more control. You can send an id to each user and send this id to the server. If you find that an id is compromised then disable it.
The clients will send a http request (OkHttpUtils2) to your server which will then send the mail.
 
Upvote 0

Chris2

Active Member
Licensed User
There is no 100% safe way to hide a password inside the app. A skillful hacker can always run your program with a low level debugger and find the key.
I thought that was the case. Thanks for confirming.

Another possible option, is to create a simple http server with jServer and send the mails from your server. This way you will have more control. You can send an id to each user and send this id to the server. If you find that an id is compromised then disable it.
The clients will send a http request (OkHttpUtils2) to your server which will then send the mail.
Thanks. I'll look into that option as well.
 
Upvote 0

Chris2

Active Member
Licensed User
Out of interest how do desktop email clients (e.g. Thunderbird, Windows Mail, etc) store email account passwords?
 
Upvote 0

EnriqueGonzalez

Well-Known Member
Licensed User
Longtime User
Out of interest how do desktop email clients (e.g. Thunderbird, Windows Mail, etc) store email account passwords?
it may be hidden for the vast majority of people using a thunderbird email, but if some experienced hacker (or a good googler) access your desktop, be sure he will have access to your account.
 
Upvote 0

tchart

Well-Known Member
Licensed User
Longtime User
I use these guys;


You can restrict sender's by IP address if your PI has a fixed IP.

You can also set up multiple accounts that you could "dispose" of if compromised.

Also, why are you using email? Couldn't you use a web server to accept the logs? I've done something similar with server utilisation. I do this over Https and each client sends a Java Web token to authenticate.
 
Last edited:
Upvote 0

Chris2

Active Member
Licensed User
Thanks for the info guys.

I'll have a look at SMTP2GO, it looks like it might be an ideal service for this application.
But it is unlikely that the PI will have a fixed IP. The data logger in question is portable so is likely to be used in different locations. This new PI based device would be connecting to WiFi or Ethernet where ever it might be.

You can also set up multiple accounts that you could "dispose" of if compromised.
That's the route I'm leaning toward at the moment.

Also, why are you using email? Couldn't you use a web server to accept the logs? I've done something similar with server utilisation. I do this over Https and each client sends a Java Web token to authenticate.
I have considered that. But I'm trying to keep it as simple as possible for the end users (which would not be me or my company), and to limit ongoing costs and our/my involvement.

If the user has to log in to a server somewhere to get the data files, then that's an extra step for them over it just ariving in their inbox.
If we're having to pay for or maintain a web server and the connections to it, then that's more ongoing work for us.
 
Upvote 0
Top