SMTP(8zm) SMTP(8zm)
NAME
smtp - zmailer SMTP client transport agent
SYNOPSIS
smtp [-1678deEHMrPsVxXW] [-A /path/to/smtp-auth-secrets.txt] [-c chan-
nel] [-h heloname] [-l logfile] [-O options] [-p remote-port]
[-T timeouts] [-w sockwbufsize] [-S /path/to/smtp-tls.conf]
[-F forcedest] [-L localidentity] host
DESCRIPTION
The smtp(8zm) is a ZMailer transport agent which is usually only run by
the scheduler(8zm) to transfer messages to a remote Internet host using
the SMTP protocol. The smtp(8zm) program must be run with the same
current directory as the scheduler(8zm), namely POSTOFFICE/transport.
The program scans the message control files named on stdin for
addresses destined for its channel and the host given on the command
line. If any are found, all matching addresses and messages are trans-
ferred in a single SMTP conversation. The destination host might in
fact be served by any available mail exchanger for that host.
OPTIONS
-1 Worsen system performance, send only one message per connection
to given target system. (That is, reopen the connection for
each messge.)
-6 Prefer IPv6 type socket and addresses, if available.
-7 forces SMTP channel to be 7-bit, and thus forcing all 8-bit
texts to be MIME-QP-encoded for the transport.
-77
This does same as -7 but also blocks of all ESMTP extensions
from use.
This ``double-7'' option can be followed by ``-8'' option to
force the channel to be 8-bit transparent, and even to decode
MIME-QP TEXT/PLAIN, but to do it without any ESMTP.
-8 forces SMTP channel to be 8-bit-clean, and as such, to decode
the message while transporting it (is it is MIME QP encoded).
-A /path/to/smtp-auth-secrets.txt
Defined file with application specific authentication secrets
for use against some LMTP target systems.
-c channel
specifies which channel name should be keyed on. The default is
smtp.
-d turns on debugging output.
-e asks that for every destination address specification with a
matching channel name, an MX lookup is done on the hostname to
see whether the currently connected host can provide service for
that destination. The default is to just do a textual name com-
parison with the destination hostname as given on the command
line.
-E use the "EHLO"-greeting only if the remote server initial banner
reports "ESMTP" on it.
-h host
specifies the hostname for the SMTP HELO greeting. The default
is the hostname of the local system, as returned by gethost-
name(2) or uname(2).
-F forcedest
overrides delivery destination by forceing all email to be sent
to given forcedest.
Understood formats for the forcedest are:
UNIX:/path/to/socket
Connects to named UNIX-domain socket in local
system.
[ipv6.1111:2222:3333:...]
Literal IPv6 address for IPv6 system
[1.2.3.4]
Literal IPv4 address for non-IPv6 system
some.host.name
DNS/hosts data registered name
-H Disable the per default active forced 8-bit headers conversion
into MIME-2-format.
-L localident
specifies (for multi-homed machines) that they should use speci-
fied identity when connecting to the destination. Think of
server with multiple IP numbers due to virtual hosting, for
example. At such systems there may be situation when virtual
identity needs to be used for reaching the destination system.
Understood formats for local identity are:
iface:eth0
(eth0 device in the system)
[ipv6.1111:2222:3333:...]
Literal IPv6 address for IPv6 system
[1.2.3.4]
Literal IPv4 address for non-IPv6 system
some.host.name
DNS/hosts data registered name
-l logfile
specifies a log file where the complete SMTP command transaction
will be copied. Each line in the log will be prefixed with the
process id of the transport agent process, so the same log file
can be used by all SMTP clients.
-M
specifies that system shall run in RFC 2033 specified LMTP mode
when contacting remote systems.
Usage of this option requires also that destination port is
defined, and is not the SMTP default of 25. Preferrably even
running in "punt" mode (-F option).
Alternate is to use "punt" mode (-F option) to a UNIX-socket.
-r Asks to set up SMTP connections using a source TCP port number
under 1024. This is in the range of port numbers only available
to a privileged process on some UNIX systems, which has led to
some misguided attempts at mail security based on this mecha-
nism.
-s asks to report the progress of the SMTP conversation and data
transfer on the command line in a way that will be visible to
ps(1).
-x Turns off MX lookups on delivery connections. This may be used
ignore public MX knowledge and do exactly what the router says
in cases where delivering to an explicit IP address is inappro-
priate.
-X Allow connection to local address. This may be used in conjunc-
tion with -x option only, if no -x option present, -X is
silently ignored.
-O
Generic text-keyword option interface.
ignore-ezmlm
Even when distributing lists in EZMLM-mode, ignore any
such. Useful in cases where EZMLM-mode results message
count multiplication to leading to delivery slowdown...
-P disable SMTP-PIPELINING usage (ESMTP keyword: PIPELINING)
-S /path/to/smtp-tls.conf
Transport-Layer-Security (a.k.a. Secure-Socket-Layer) feature
configuration file. When this is supplied, and system is com-
piled to possibly use it, and the remote system reports EHLO
capability of STARTTLS, this client attempts to turn on the
encryption on the socket. There exists also a posssibility of
demanding TLS mode of the connection - if so has been demand,
but it is not available, email is not sent over the connection.
-T timeouts
specifies the timeouts when waiting for various things. Possi-
ble submodes are:
conn=3m
Timeout to wait for the TCP connection establishment.
The default is 3 minutes.
tcpw=3m
Timeout to wait at lowlevel TCP socket write() routines
for the socket to accept some more input. The default is
5 minutes.
cmd=5m (or plain value)
Waiting for command replies (e.g. MAIL FROM, et.al.) The
default is 5 minutes.
data=2m
From "DATA" verb issuance until "354" responce. The
default is 2 minutes.
dot=10m
From "DATA" phase ending "." issuance until "250 OK"
report reception (this is after the TCP write pipeline
has completed). The default is 20 minutes. (RFC 1123
gives 10 minutes.)
-V prints a version message and exits.
-w sockwbufsize
Sets the local socket write buffer size to non-default value.
Some Win-NT systems seem to want to have unbelievably low val-
ues, like 2000 bytes which appears as acceptance of two first
TCP frames, and discard of all the rest which high-performance
systems usually send. Some Solaris versions then go to "lost
packet retry backoff" from which they never really recover.
-W turns on the DNS WKS checking, and if the remote system does not
have SMTP in its WKS-bits, email delivery to such address is
aborted with an error message.
INTERFACE
This program reads in processable file names relative to the current
working directory of the scheduler (namely: $POSTIOFFICE/transport/).
Optionally on the same line the scheduler may tell which host is to be
looked for from the recipients of the message.
relative-spool-path [ <TAB> hostname ]
This program produces diagnostic output on the standard output. Normal
diagnostic output is of the form:
id/offset<TAB>notify-data<TAB>status message
where id is the inode number of the message file, offset is a byte off-
set within its control file where the address being reported on is
kept, status is one of ok, error, or deferred, and the message is
descriptive text associated with the report. The text is terminated by
a linefeed. Any other format (as might be produced by subprocesses) is
passed to standard output for logging in the scheduler log.
The exit status is a code from <sysexits.h>.
EXTENDED SMTP
When user sends out 8-bit mail with proper headers, this module can
send it out to conforming servers either in 8-bit transparent manner,
or down-converting Content-Transfer-Encoding: 8BIT to Content-Transfer-
Encoding: 7BIT or Content-Transfer-Encoding: QUOTED-PRINTABLE depending
on what is the mail contents.
This works only with Content-Type: text/plain thus no fancy mul-
tipart/alternate et.al. schemes..
When ``Content-Transfer-Encoding:''-header is not present in the head-
ers, and recipient has not declared 8-bit SMTP capability, mail con-
tents are treated with old 7-bit stripping method.
SECURE SOCKET LAYER SUPPORT
If you are using a version which has been made to use OpenSSL 0.9.4, or
later version, you are able to encrypt the SMTP protocol session in
case the remote end supports RFC 2487 defined STARTTLS facility.
Possible example of the smtp-tls.conf file is given below:
#|
#| This is example configuration file for TLS support at the SMTP TA
#| programs, e.g. SMTP Client.
#|
#| NO "$ZENV" SUBSTITUTIONS ARE SUPPORTED IN THIS FILE!
tls-cert-file /opt/mail/db/smtpserver-cert.pem
tls-key-file /opt/mail/db/smtpserver-key.pem
tls-CAfile /opt/mail/db/smtpserver-CAcert.pem
#tls-CApath /path/to/CAdir/
#tls-loglevel 0 # Value from 0 thru 4
#tls-random-source dev:/dev/urandom
#tls-random-source egd:/var/run/egd-pool
#|
#| If the TLS mode is MANDATED for a session, copy this file to
#| e.g. "smtp-tls-mandatory.conf", uncomment following line, and
#| point those channels to use that new file.
#|
#demand-tls-mode
SMTP-AUTH AND SMTP-AUTH-SECRETS.TXT FILE
The code is doing this in application specific, and in a very sloppy
manner! Following interaction is presumed to happen and be valid for
this use:
C: AUTH LOGIN
S: 334 VXNlcm5hbWU6 base64 "Username:"
C: bXluYW1l base64 "myname"
S: 334 Uc2VjcmV0 base64 "Password:"
C: GFzc3dvcmQ6 base64 "secret"
S: 235 Authentication successful
Where 'myname' and 'secret' are those of CYRUS IMAP server system...
(or whatever is applicable to your case) Possibly this shall happen
under TLS encryption.
The SMTP-AUTH-SECRETS.TXT file has authentication secrets for remote
hosts, keep the file well protected!
Any empty line, or mere whitespace line, is ignored. Lines with first
non-whitespace char being '#' are comments.
Other lines are presumed to be whitespace separated quads:
channel remotehost remoteuser remotesecret
• The 'channel' can be either "*" matching any runtime channel parame-
ter, or literal something, like: "smtp-lmtp". (Without quotes in
the file, though.) Matching is done case sensitive.
• The 'remotehost' is remote host name on which the connection has
gone to (e.g. by MXes, or whatever means). Matching is done case
insensitive.
• The 'remoteuser' is BASE64 encoded string to be sent to the remote
system in SMTP-auth transaction.
• The 'remotesecret' is BASE64 encoded string to be sent to the remote
system in SMTP-auth transaction.
ENVIRONMENT VARIABLES
ZCONFIG
This environment variable is expected to be inherited from the
scheduler(8zm), and it tells where scheduler's idea of ZENV-
variables are located at.
Z-ENVIRONMENT VARIABLES
TBW: many variables!
FILES
/opt/mail/zmailer.conf (ZCONFIG)
/var/spool/postoffice (POSTOFFICE)
SEE ALSO
router(8zm), scheduler(8zm), zmailer.conf(5zm).
RFC 821 The basic SMTP specification
RFC 822 Mail header format
RFC 974 MX routing
RFC 1123 Various 821 parameter clarifications
Several extended SMTP facilities are implemented:
RFC 1341/1521/2045 MIME specification (body, formats)
RFC 1342/1522/2047 MIME specification (headers)
RFC 1425/1651/1869 ESMTP EHLO framework
RFC 1426/1652 ESMTP 8BITMIME
RFC 1427/1653/1870 ESMTP SIZE
RFC 1428 Basic MIME conversion rules
RFC 1830/3030 ESMTP CHUNKING
RFC 1854/2197/2920 ESMTP PIPELINING
RFC 1891/3461 ESMTP DSN
RFC 1893/2034 ESMTP ENHANCEDSTATUSCODES
RFC 1893/3463 Enhanced Mail System Status Codes
RFC 1985 ESMTP ETRN
RFC 2033 LMTP client mode
RFC 2487 ESMTP STARTTLS
RFC 2554+M$ Exchange ESMTP AUTH LOGIN
RFC 2554+NetScape ESMTP AUTH=LOGIN
RFC 2852 ESMTP DELIVERBY
AUTHOR
This program authored and copyright by:
Rayan Zachariassen <no address>
Heaps of extended SMTP facilities by:
Matti Aarnio <mea@nic.funet.fi>
2005-Mar-24 SMTP(8zm)