OpenSMTPD
{{Short description|SMTP server}}
{{Use dmy dates|date=June 2016}}
{{Infobox software
| name = OpenBSD SMTP Server
| logo = OpenSMTPD.png
| logo size = 300px
| logo caption = "We deliver"
| logo alt = Puffy, the mascot of OpenBSD, delivering mail to three fishbowls behind a fence.
| screenshot =
| caption =
| screenshot alt =
| collapsible =
| author =
| developer = The OpenBSD Project
| released = 5.3 / {{Release date and age|2013|03|17|df=yes}}
| repo = {{URL|http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/}}
| discontinued =
| latest release version = 7.5.0p0
| latest release date = {{Start date and age|2024|04|10|df=yes}}{{cite mailing list|url=https://marc.info/?l=openbsd-announce&m=171273834612858&w=2|mailing-list=openbsd-announce|title=OpenSMTPD 7.5.0p0 Released|access-date=2024-09-27|date=2024-04-10|last=Polo|first=Omar}}
| latest preview version =
| latest preview date =
| programming language = C
| operating system = OpenBSD, FreeBSD, NetBSD, Linux, macOS{{Cite web| title=OpenSMTPD Portable Release |url=https://www.opensmtpd.org/portable.html |publisher=OpenBSD |access-date=15 October 2015}}
| platform = Cross-platform
| size =
| language =
| language count =
| language footnote =
| genre = Mail transfer agent
| license = ISC
| alexa =
| standard = RFC 5321
| AsOf = July 2016
}}
OpenSMTPD (also known as OpenBSD SMTP Server) is a Unix daemon implementing the Simple Mail Transfer Protocol to deliver messages on a local machine or to relay them to other SMTP servers. It was publicly released on 17 March 2013 with version number 5.3, after being in development since late 2008.
OpenSMTPD is primarily developed by Gilles Chehade, Eric Faurot and Charles Longeau as part of the OpenBSD project. Its design goals include security, reliability, ease of configuration, and support for common use cases. The source code is available under the ISC license.
Its portable version, like that of OpenSSH, is developed as a child project which adds the portability code to the OpenBSD version and releases it separately. The portable version was initiated by Charles Longeau and adds support for multiple operating systems including NetBSD, FreeBSD, DragonFly BSD, and several Linux distributions.
History
The development of OpenSMTPD was motivated by a combination of issues with current SMTP daemons: difficult configuration, complicated and difficult to audit code, and unsuitable licensing.{{cite web|url=http://www.opensmtpd.org/goals.html|title=OpenSMTPD Goals|work=opensmtpd.org}}{{cite web
| last =Corbet
| first =Jonathan
| title =Coming soon: OpenSMTPD
| work = Linux Weekly News (LWN)
| date =27 May 2009
| url = https://lwn.net/Articles/334866/
| access-date = 6 April 2012}}
OpenSMTPD was designed to solve these problems and make mail exchanges accessible to a wider user-base. After a period of development, OpenSMTPD first appeared in OpenBSD 4.6.{{cite web|url=http://www.openbsd.org/46.html|title=OpenBSD 4.6|work=openbsd.org}} The first release shipped with OpenBSD 5.3.{{cite web|url=http://www.h-online.com/open/news/item/OpenBSD-5-3-introduces-stable-SMTPD-1854169.html|title=OpenBSD 5.3 introduces stable SMTPD|date=1 May 2013|work=h-online.com}}{{cite web|url=https://poolp.org/posts/2013-03-17/opensmtpd-5.3-released/|title=OpenSMTPD 5.3 released|work=poolp.org|date=2013-03-17|access-date=2024-09-27}}{{cite web|url=http://www.openbsd.org/53.html|title=OpenBSD 5.3|work=openbsd.org}}
On 2 October 2015, the results of a security audit were released. Version 5.4.4p1 was audited, and nine issues were found.{{cite web|url=https://www.qualys.com/2015/10/02/opensmtpd-audit-report.txt|title=OpenSMTPD Audit Report|publisher=Qualys|date=2 October 2015|access-date=11 October 2015}} As a result, OpenSMTPD 5.7.2 was released to address these issues.{{cite web|url=https://www.opensmtpd.org/announces/release-5.7.2.txt|title=Announce: OpenSMTPD 5.7.2 released|access-date=11 October 2015}}
On 28 January 2020, a vulnerability in OpenSMTPD was disclosed that could be remotely exploited to run arbitrary shell commands as root. OpenSMTPD 6.6.2 was released to fix the vulnerability.{{cite web |title=Unpleasant vulnerability in OpenSMTPD |url=https://lwn.net/Articles/810882/ |website=LWN.net |access-date=30 January 2020}}
Goals
OpenSMTPD is an attempt by the OpenBSD team to produce an SMTP daemon implementation that is secure, reliable, high performance, simple to security audit and trivial to set up and administer. Code is designed to keep the memory, CPU and disk requirements as low as possible but it is admitted that large mail systems are not intended to be run on low-end machines, and trade-offs are made where higher memory usage would bring indisputable benefits.{{cite web|url=https://www.opensmtpd.org/goals.html|title=OpenSMTPD Goals|work=opensmtpd.org}}
As such, the design goals for OpenSMTPD are: security, ease of use, and performance. Security in OpenSMTPD is achieved by robust validity check in the network input path, use of bounded buffer operations via strlcpy, and privilege separation to mitigate the effects of possible security bugs exploiting the daemon through privilege escalation. In order to simplify the use of SMTP, OpenSMTPD implements a smaller set of functionalities than those available in other SMTP daemons, the objective is to provide enough features to satisfy typical usage at the risk of unsuitability for esoteric or niche requirements.
References
{{Reflist}}
External links
{{Portal|Free and open-source software}}
- {{Official website}}
- {{man|8|smtpd|OpenBSD}}
{{OpenBSD}}
{{Email servers}}
{{DEFAULTSORT:Opensmtpd}}
Category:Message transfer agents