OpenBSD Journal

OpenSMTPD 5.3 released

Contributed by jj on from the can-I-have-cheese-with-my-spam dept.

At AsiaBSDCon, Eric Faurot (eric@) has announced the release of OpenSMTPD 5.3 which is the first stable and production-ready release of OpenSMTPD.

It will also be shipping with OpenBSD 5.3.

We would like to thank the OpenBSD/OpenSMTPD community for their help in testing the snapshots, reporting bugs, contributing code and packaging for other systems.

Features

  • HUMAN READABLE CONFIGURATION
  • IPv4 and IPv6 support
  • STARTTLS and SMTPS support for both incoming and outgoing sessions
  • AUTH support: bsd_auth(3) and crypt(3)
  • SIZE support: limit the size of client-submitted messages
  • Listener-specific banner hostname
  • Listener-specific sessions tagging
  • Support for global and per-domain expiry for messages
  • Support for customizable delays for bounces
  • Support for primary and virtual domains
  • Support for alternate user database: db(3), file or smtpd.conf
  • Support for aliases and ~/.forward mappings
  • Delivery to mbox, maildir or third-party MDA
  • Support for LMTP relaying
  • Support for smarthost
  • Support for sending certificate when connecting to remote host
  • Support for backup MX
  • Support for relay source address override
  • Support for relay HELO override
  • Support for SMTP-level sender override
  • Support for connections reuse and optimization
  • Support for queue backends: filesystem and ram
  • Support for lookup backends: db(3), static
  • Run-time statistics through "smtpctl show stats"
  • Run-time tracing through "smtpctl trace "
  • Run-time monitoring through "smtpctl monitor"

Experimental

  • SQLite lookup backend
  • LDAP lookup backend

Portable

  • Support for PAM authentication
  • Known to build and work on FreeBSD, NetBSD, DragonFlyBSD and Linux

Limitations

  • No filters support yet (work in progress)
  • No masquerading or address rewrite yet

Checksums

  SHA256 (opensmtpd-5.3.tar.gz) = 05efe80755e7fa01e79e6bba1a4e89244849406acb1152995d2c1da5e9e3a596
  SHA256 (opensmtpd-5.3p1.tar.gz) = 618092f1f0b5aba5f8d4c933536a76d3a5a8e45c28b599a6420321cd4478f3d9

Support

You are encouraged to register to our general purpose mailing-list: http://www.opensmtpd.org/list.html

The "Official" IRC channel for the project is at: #OpenSMTPD @ irc.freenode.net

Reporting Bugs

Please read http://www.opensmtpd.org/report.html Security bugs should be reported directly to security@opensmtpd.org Other bugs may be reported to bugs@opensmtpd.org

OpenSMTPD is brought to you by Gilles Chehade (gilles@), Eric Faurot (eric@) and Charles Longeau (chl@).

(Comments are closed)


Comments
  1. By Renaud Allard (renaud) renaud@allard.it on

    I am wondering if it shouldn't be the default MTA for a base install. I mean, the features are now enough to support most common server installs.
    Of course if you want to install a dedicated mail server with spam filtering, antivirus and the like, it may not be appropriate yet. But to replace the default sendmail in OpenBSD, it is more than appropriate.

    Comments
    1. By thomasw_ (thomasw_) on http://www.flickr.com/photos/thomasw_/

      > I am wondering if it shouldn't be the default MTA for a base install. I mean, the features are now enough to support most common server installs.
      > Of course if you want to install a dedicated mail server with spam filtering, antivirus and the like, it may not be appropriate yet. But to replace the default sendmail in OpenBSD, it is more than appropriate.

      I think so, too. but perhaps it's too late into the 5.3 release cycle?

      Comments
      1. By Tim (213.125.10.114) on

        > > I am wondering if it shouldn't be the default MTA for a base install. I mean, the features are now enough to support most common server installs.
        > > Of course if you want to install a dedicated mail server with spam filtering, antivirus and the like, it may not be appropriate yet. But to replace the default sendmail in OpenBSD, it is more than appropriate.
        >
        > I think so, too. but perhaps it's too late into the 5.3 release cycle?

        OpenBSD takes a conservative/stable approach so new production ready software will never replace anything in base at the same time it is introduced. Same goes for Apache vs. nginx and Bind vs. NSD. This gives the whole ecosystem time to test and update docs etc.

        Comments
        1. By Anonymous Coward (156.35.97.35) on

          > OpenBSD takes a conservative/stable approach so new production ready software will never replace anything in base at the same time it is introduced. Same goes for Apache vs. nginx and Bind vs. NSD. This gives the whole ecosystem time to test and update docs etc.

          I understand NSD alone cannot replace BIND. OpenBSD needs Unbound to act as a validating, recursive, and caching DNS resolver too.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]