NAME
smtp, smtpd – mail transport

SYNOPSIS
upas/smtp [ –aAdfipst ] [ –b busted–mx ] ... [ –g gateway ] [ –h host ] [ –u user ] [ .domain ] destaddr sender rcpt–list

upas/smtpd [ –adDeEfqrg ] [ –c certfile ] [ –h mydom ] [ –k evilipaddr ] [ –m mailer ] [ –n netdir ]

DESCRIPTION
Smtp sends the mail message from standard input to the users rcpt–list on the host at network address address using the Simple Mail Transfer Protocol. The options are:
aif the server supports PLAIN or LOGIN authentication, authenticate to the server using a password from factotum(4). See RFCs 3207 and 2554. This option implies –s.
Aautistic server: don't wait for an SMTP greeting banner but immediately send a NOOP command to provoke the server into responding.
bignore busted–mx when trying MX hosts. May be repeated.
dturn on debugging to standard error.
fjust filter the converted message to standard output rather than sending it.
gmakes gateway the system to pass the message to if smtp can't find an address nor MX entry for the destination system.
huse host as the local system name; it may be fully–qualified or not. If not specified, it will default to the contents of /dev/sysname.
iunder –a, authenticate even if we can't start TLS.
pping: just verify that the users named in the rcpt–list are valid users at destaddr; don't send any mail.
sif the server supports the ESMTP extension to use TLS encryption, turn it on for this session. See RFC3207 for details.
tpreemtively establish TLS connection before SMTP handshake (SMTPS).
uspecify a user name to be used in authentication. The default name is the current login id.

Finally if .domain is given, it is appended to the end of any unqualified system names in the envelope or header.

Smtpd receives a message using the Simple Mail Transfer Protocol. Standard input and output are the protocol connection. SMTP authentication by login and cram–md5 protocols is supported; authenticated connections are permitted to relay.

The options are:
arequires that all clients authenticate to be able to send mail.
cspecifies a certificate to use for TLS. Without this option, the capability to start TLS will not be advertised.
dturns on debugging output, with each connection's output going to a uniquely–named file in /sys/log/smtpdb.
Dsleeps for 15 seconds usually at the start of the SMTP dialogue; this deters some spammers. Connections from Class A networks frequented by spammers will incur a longer delay.
edisable extra HELO checks. See RFC 7208 for details.
Erequire authentication if extra HELO checks fail.
fprevents relaying from non–trusted networks. It also tags messages from non–trusted sites when they deliver mail from an address in a domain we believe we represent.
gturns on grey/white list processing. All mail is rejected (with a retry code) unless the sender's IP address is on the whitelist, /mail/grey/whitelist, an append only file. Addresses can be added to the whitelist by the administrator. However, the usual way for addresses to be added is by smtpd itself.
Whenever a message is received and the sender's address isn't on the whitelist, smtpd first looks for the file /mail/grey/tmp/local/remote/recipient, where local and remote are IP addresses of the local and remote systems, respectively. If it exists and was created more than a few minutes go, the remote address is added to the whitelist. If not, the file is created and the mail is rejected with a `try again' code. The expectation is that spammers will not retry for more than a few minutes and that others will.
hspecifies the receiving domain. If this flag is not specified, the receiving domain is inferred from the host name.
kcauses connections from the host at the IP address, evilipaddr, to be dropped at program startup. Multiple addresses can be specified with several –k options. This option should be used carefully; it is intended to lessen the effects of denial of service attacks or broken mailers which continually connect. The
connections are not logged and the remote system is not notified via the protocol.
mset the mailer to which smtpd passes a received message. The default is /bin/upas/send.
nspecifies the name of the network directory assigned to the incoming connection. This is used to determine the peer IP address. If this flag is not specified, the peer address is determined using standard input.
ppermits clients to authenticate using protocols which transfer the password in the clear, e.g. login protocol. This should only be used if the connection has previously encrypted using e.g. tlssrv(8).
qdon't log invalid HELO checks.
rturns on forward DNS validation of non–trusted sender address.
scauses copies of blocked messages to be saved in a sub–directory of /mail/queue.dump.

Smtpd is normally run by a network listener such as listen(8). Most of the command line options are more conveniently specified in the smtpd configuration file stored in /mail/lib/smtpd.conf.

SOURCE
/sys/src/cmd/upas/smtp

SEE ALSO
aliasmail(8), faces(1), filter(1), mail(1), marshal(1), mlmgr(1), nedmail(1), qer(8), rewrite(6), send(8), tlssrv(8), upasfs(4)