README.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202

# OpenSMTPD

[![Version](https://img.shields.io/badge/Version-6.7.1p1-brihtgreen.svg)](https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.7.1p1)
[![Coverity Scan analysis](https://scan.coverity.com/projects/278/badge.svg)](https://scan.coverity.com/projects/opensmtpd-opensmtpd)
[![Packaging status](https://repology.org/badge/tiny-repos/opensmtpd.svg)](https://repology.org/project/opensmtpd/versions)
[![License: ISC](https://img.shields.io/badge/License-ISC-blue.svg)](https://www.isc.org/licenses/)


OpenSMTPD is a FREE implementation of the server-side SMTP protocol as
defined by [RFC 5321](https://tools.ietf.org/html/rfc5321), with some
additional standard extensions.

It allows ordinary machines to exchange e-mails with other systems
speaking the SMTP protocol.

OpenSMTPD runs on top of the OpenBSD operating system but also has a
portable version that can build and run on several systems, including:

* Linux
* FreeBSD
* NetBSD
* DragonFly

For more information: http://www.opensmtpd.org/portable.html

People interested about OpenSMTPD are encouraged to subscribe to our
mailing list: http://www.opensmtpd.org/list.html

and to join the IRC channel: #OpenSMTPD @ irc.freenode.net

The manual pages are available online at https://www.opensmtpd.org/manual.html,
which you are encouraged to contribute to.

Cheers!


# How to build, configure and use Portable OpenSMTPD

## Dependencies

Portable OpenSMTPD relies on:
  * autoconf (http://www.gnu.org/software/autoconf/)
  * automake (http://www.gnu.org/software/automake/)
  * bison (http://www.gnu.org/software/bison/)
    or byacc (http://invisible-island.net/byacc/byacc.html)
  * libevent (http://libevent.org/)
  * libtool (http://www.gnu.org/software/libtool/)
  * libressl (https://www.libressl.org/)
    or OpenSSL (https://www.openssl.org/)


By default OpenSMTPD expects latest versions of all dependencies unless noted otherwise.

Note that some distributions have different packages for a same library, you should always use the `-dev` or `-devel` package (for example, `libevent-dev` or `libevent-devel`) if you're going to build OpenSMTPD yourself.


## Get the source

    git clone git://github.com/OpenSMTPD/OpenSMTPD.git opensmtpd


## Build

    cd opensmtpd*
    ./bootstrap  # Only if you build from git sources
    ./configure
    make
    sudo make install

### Special notes for FreeBSD/DragonFlyBSD/Mac OS X:

Please launch configure with special directive about libevent and
libasr directory:

### FreeBSD / DragonFlyBSD:

    ./configure --with-libasr=/usr/local

### MacOS:

    ./configure --with-libevent=/opt/local

Though MacOS includes a copy of bison in the bases system, you will
need to install a more recent version from, e.g., MacPorts.

## Install

    sudo make install


## Setup historical interface

OpenSMTPD provides a single utility `smtpctl` to control the daemon and
the local submission subsystem.

To accomodate systems that require historical interfaces such as `sendmail`,
`newaliases` or `makemap`, the `smtpctl` utility can operate in compatibility
mode if called with the historical name.

On mailwrapper-enabled systems, this is achieved by editing `/etc/mailer.conf`
and adding the following lines:

    sendmail        /usr/sbin/smtpctl
    send-mail       /usr/sbin/smtpctl
    mailq           /usr/sbin/smtpctl
    makemap         /usr/sbin/smtpctl
    newaliases      /usr/sbin/smtpctl


Whereas on systems that don't provide mailwrapper, it can be achieved by
setting the appropriate symbolic links:

    ln -s /usr/sbin/smtpctl sendmail
    ln -s /usr/sbin/smtpctl send-mail
    ln -s /usr/sbin/smtpctl mailq
    ln -s /usr/sbin/smtpctl makemap
    ln -s /usr/sbin/smtpctl newaliases


The OpenSMTPD project leaves it up to the package maintainers to setup the
links in their packages as it is very hard for us to accomodate all systems
with the prefered method in a clean way.


## Configure /etc/smtpd.conf

Please have a look at the complete format description of smtpd.conf
configuration file (https://man.openbsd.org/smtpd.conf)


## Add OpenSMTPD users

To operate, OpenSMTPD requires at least one user, by default `_smtpd`; and
preferably two users, by default `_smtpd` and `_smtpq`.

Using two users instead of one will increase security by a large factor
so... if you want to voluntarily reduce security or you have absolute
more faith in our code than we do, by all means use one.


The instructions below assume the default users however, the configure
script allows overriding these using the options:
`--with-user-smtpd`, `--with-user-queue`, and `--with-group-queue`.


### NetBSD, Linux (Debian, Arch Linux, ...)

    mkdir /var/empty
    useradd -c "SMTP Daemon" -d /var/empty -s /sbin/nologin _smtpd
    useradd -c "SMTPD Queue" -d /var/empty -s /sbin/nologin _smtpq

### DragonFlyBSD, FreeBSD

    pw useradd _smtpd -c "SMTP Daemon" -d /var/empty -s /sbin/nologin
    pw useradd _smtpq -c "SMTPD Queue" -d /var/empty -s /sbin/nologin

### Mac OS X

First we need a group with an unused GID below `500`, list the current
ones used:

	/usr/bin/dscl . -list /Groups PrimaryGroupID | sort -n -k2,2

Add a group - here we have picked `444`:

	/usr/bin/sudo /usr/bin/dscl . -create /Groups/_smtpd
	PrimaryGroupID 444

Then the user. Again we need an unused UID below `500`, list the current
ones used:

	/usr/bin/dscl . -list /Users UniqueID | sort -n -k2,2

Add a user - here we have picked `444`:

	/usr/bin/sudo /usr/bin/dscl . -create /Users/_smtpd UniqueID 444
	/usr/bin/sudo /usr/bin/dscl . -delete /Users/_smtpd AuthenticationAuthority
	/usr/bin/sudo /usr/bin/dscl . -delete /Users/_smtpd PasswordPolicyOptions
	/usr/bin/sudo /usr/bin/dscl . -delete /Users/_smtpd dsAttrTypeNative:KerberosKeys
	/usr/bin/sudo /usr/bin/dscl . -delete /Users/_smtpd dsAttrTypeNative:ShadowHashData
	/usr/bin/sudo /usr/bin/dscl . -create /Users/_smtpd RealName "SMTP Daemon"
	/usr/bin/sudo /usr/bin/dscl . -create /Users/_smtpd Password "*"
	/usr/bin/sudo /usr/bin/dscl . -create /Users/_smtpd PrimaryGroupID 444
	/usr/bin/sudo /usr/bin/dscl . -create /Users/_smtpd NFSHomeDirectory /var/empty
	/usr/bin/sudo /usr/bin/dscl . -create /Users/_smtpd UserShell /usr/bin/false

repeat for the `_smtpq` user.


## Launch smtpd

First, kill any running sendmail/exim/qmail/postfix or other.

Then:

    smtpd

or in debug and verbose mode

    smtpd -dv