SMTP(8)                                                   SMTP(8)

     NAME
          smtp, smtpd -  mail transport

     SYNOPSIS
          upas/smtp [ -aAdfips ] [ -b busted-mx ] ... [ -g gateway ] [
               -h host ] [ -u user ] [ .domain ] destaddr sender
               rcpt-list

          upas/smtpd [ -aDdEefgpqrs ] [ -c certfile ] [ -h mydom ] [
               -k evilipaddr ] [ -m mailer ] [ -n netdir ]

     DESCRIPTION
          Smtp sends the mail message from standard input to the users
          rcpt-list on the host at network address address using the
          Simple Mail Transfer Protocol.  The options are:

          -a if the server supports PLAIN or LOGIN authentication,
             authenticate to the server using a password from
             factotum(4). See RFCs 3207 and 2554.  This option implies
             -s.

          -A autistic server: don't wait for an SMTP greeting banner
             but immediately send a `NOOP' command to provoke the
             server into responding.

          -b ignore busted-mx when trying MX hosts.  May be repeated.

          -d turn on debugging to standard error.

          -f just filter the converted message to standard output
             rather than sending it.

          -g makes gateway the system to pass the message to if smtp
             can't find an address nor MX entry for the destination
             system.

          -h use host as the local system name; it may be fully-
             qualified or not.  If not specified, it will default to
             the contents of /dev/sysname.

          -i under -a, authenticate even if we can't start TLS.

          -p ping: just verify that the users named in the rcpt-list
             are valid users at destaddr; don't send any mail.

          -s if the server supports the ESMTP extension to use TLS
             encryption, turn it on for this session.  See RFC3207 for
             details.

     Page 1                       Plan 9            (printed 12/30/24)

     SMTP(8)                                                   SMTP(8)

          -u specify a user name to be used in authentication.  The
             default name is the current login id.

          Finally if .domain is given, it is appended to the end of
          any unqualified system names in the envelope or header.

          Smtpd receives a message using the Simple Mail Transfer Pro-
          tocol.  Standard input and output are the protocol connec-
          tion.  SMTP authentication by plain, login and cram-md5 pro-
          tocols is supported; authenticated connections are permitted
          to relay.

          The options are:

          -a requires that all clients authenticate to be able to send
             mail.

          -c specifies a certificate to use for TLS.  Without this
             option, the capability to start TLS will not be adver-
             tised.

          -d turns on debugging output to standard error.

          -D sleeps for 15 seconds usually at the start of the SMTP
             dialogue; this deters some spammers.  Connections from
             Class A networks frequented by spammers will incur a
             longer delay.

          -e disable extra helo checks.  The helo string is otherwised
             required to be a valid domain name to discourage spam.

          -E force authentication, rather than close the connections
             if the client does not pass helo checks.  This option is
             useful for sites with IMAP4 users.

          -f prevents relaying from non-trusted networks.  It also
             tags messages from non-trusted sites when they deliver
             mail from an address in a domain we believe we represent.

          -g turns on grey/white list processing.  All mail is
             rejected (with a retry code) unless the sender's IP
             address is on the whitelist, /mail/grey/whitelist, an
             append only file.  Addresses can be added to the whitel-
             ist by the administrator.  However, the usual way for
             addresses to be added is by smtpd itself.  Whenever a
             message is received and the sender's address isn't on the
             whitelist, smtpd first looks for the file
             /mail/grey/tmp/local/remote/recipient, where local and
             remote are IP addresses of the local and remote systems,
             respectively.  If it exists and was created more than a
             few minutes go, the remote address is added to the

     Page 2                       Plan 9            (printed 12/30/24)

     SMTP(8)                                                   SMTP(8)

             whitelist.  If not, the file is created and the mail is
             rejected with a `try again' code.  The expectation is
             that spammers will not retry for more than a few minutes
             and that others will.

          -h specifies the receiving domain.  If this flag is not
             specified, the receiving domain is inferred from the host
             name.

          -k causes connections from the host at the IP address,
             evilipaddr, to be dropped at program startup.  Multiple
             addresses can be specified with several -k options.  This
             option should be used carefully; it is intended to lessen
             the effects of denial of service attacks or broken mail-
             ers which continually connect.  The connections are not
             logged and the remote system is not notified via the pro-
             tocol.

          -m set the mailer to which smtpd passes a received message.
             The default is /bin/upas/send.

          -n specifies the name of the network directory assigned to
             the incoming connection.  This is used to determine the
             peer IP address.  If this flag is not specified, the peer
             address is determined using standard input.

          -p permits clients to authenticate using protocols which
             transfer the password in the clear, e.g.  login protocol.
             This should only be used if the connection has previously
             encrypted using e.g.  tlssrv(8).

          -q Suppress logging hellos.  -r turns on forward DNS valida-
             tion of non-trusted sender address.

          -s causes copies of blocked messages to be saved in a sub-
             directory of /mail/queue.dump.

          Smtpd is normally run by a network listener such as
          listen(8). Most of the command line options are more conve-
          niently specified in the smtpd configuration file stored in
          /mail/lib/smtpd.conf.

     FILES
          /mail/box/user/nospamfiltering   disable smtpd spam filters.
          /mail/grey/whitelist             greylisting whitelist.
          /mail/grey/tmp/*                 greylist entries.
          /mail/lib/names.blocked          disallowed recepients.
          /mail/lib/smtpd.conf             smtpd filtering and config-
                                           uration.
          /mail/lib/senders                allowed recipient, sender's
                                           DNS pairs.
          /mail/lib/validateaddress        smtpd ping address

     Page 3                       Plan 9            (printed 12/30/24)

     SMTP(8)                                                   SMTP(8)

                                           verification script.
          /mail/lib/validatesender         HELO/EHLO verification
                                           script.

     SOURCE
          /sys/src/cmd/upas/smtp

     SEE ALSO
          aliasmail(8), faces(1), filter(1), mail(1), marshal(1),
          mlmgr(1), nedmail(1), qer(8), rewrite(6), send(8),
          tlssrv(8), upasfs(4)

     Page 4                       Plan 9            (printed 12/30/24)