msmtpd − A minimal SMTP server
msmtpd [option...]
Msmtpd is a
minimal SMTP server that pipes mails to msmtp (or some other
program) for delivery. It can be used with system services
that expect an SMTP server on the local host, or it can be
used by end users as a way to handle outgoing mail via msmtp
with mail clients that insist on using SMTP. The EXAMPLES
section below contains examples for both use cases.
Msmtpd listens on 127.0.0.1 port 25 by default, but can also
run without its own network sockets in inetd mode, where it
handles a single SMTP session on standard input / output.
In the string that defines the command that msmtpd pipes
each mail to, the first occurrence of %F will be replaced
with the envelope from address. Furthermore, all recipients
of the mail will be appended as arguments. The command must
not write to standard output, as that would mess up the SMTP
session.
If the command that the mail is piped to reports an error,
this is typically reported as a permanent failure by msmtpd
(SMTP server return code 554). The command can optionally
signal temporary errors by using return codes defined in
sysexits.h, e.g. 75 for EX_TEMPFAIL. These
will then be reported as temporary failures by msmtpd (SMTP
server return code 451), which means the client should try
again later.
To prevent abuse, msmtpd will allow only a limited number of
concurrent SMTP sessions, and if authentication is active
and an authentication failure occurrs, future authentication
requests in any SMTP session will (for a limited duration)
only be answered after a small delay.
−−version
Print version information
−−help |
Print help |
−−inetd
Start single SMTP session on stdin/stdout
−−interface=ip
Listen on the given IPv6 or IPv4 address instead of 127.0.0.1
−−port=number
Listen on the given port number instead of 25
−−log=none|syslog|filename
Set logging: none (default), syslog, or logging to the given file.
−−command=cmd
Pipe mails to cmd instead of msmtp. Make sure to end this command with −− to separate options from arguments.
−−auth=user[,passwordeval]
Require authentication with this user name. The password will be retrieved from the given passwordeval command (this works just like passwordeval in msmtp) or, if none is given, from the key ring or, if that fails, from a prompt.
Using msmtpd
as a system service
Only use a local interface to listen on. Run msmtpd with
correct user rights and permissions (e.g. use
CAP_NET_BIND_SERVICE to bind to port 25 instead of
running as root, or use systemd with inetd service
capabilities). Be aware that the pipe command will be run as
the same user that msmtpd runs as. Enable logging to syslog
with −−log=syslog.
Example for managing msmtpd with start-stop-daemon:
# start msmtpd
start-stop-daemon −−start −−pidfile
/var/run/msmtpd.pid −−make-pidfile
−−chuid msmtpd −−background
−−exec /usr/local/bin/msmtpd −−
−−command ’/usr/local/bin/msmtp -f %F
−−’
# stop msmtpd
start-stop-daemon −−stop −−pidfile
/var/run/msmtpd.pid −−remove-pidfile
−−quiet −−signal TERM
Using msmtpd to handle outgoing mail for an SMTP-based mail
client
Some mail clients cannot send outgoing mail with a program
like msmtp and instead insist on using an SMTP server. You
can configure msmtpd to be that SMTP server and hand your
outgoing mail over to msmtp.
(Similarly, some mail clients cannot get incoming mail from
a local mailbox and insist on using a POP3 or IMAP server.
You can configure mpopd to be that POP3 server and serve
incoming mail from a local mailbox. See the relevant section
in the mpop manual.)
For this purpose, msmtpd should listen on an unprivileged
port, e.g. 2500. Furthermore, msmtpd should require
authentication because otherwise anyone connecting to it can
send mail using your account, even if it’s just other
users or processes on your local machine.
Let’s use the user name msmtpd-user for this
purpose. You have two options to manage the password:
Store the password in your key ring, e.g. with secret-tool store −−label=msmtpd host localhost service smtp user msmtpd-user. In this case, use the msmtpd option −−auth=msmtpd-user.
Store the password in an encrypted file and use the passwordeval mechanism. Example for gpg: msmtpd ... −−auth=msmtpd−user,’gpg -q -d ˜/.msmtpd−password.gpg’
The complete
command then is (using the keyring): msmtpd
−−port=2500 −−auth=msmtpd-user
−−command=’/path/to/your/msmtp -f %F
−−’
The mail client software must then be configured to use
localhost at port 2500 for outgoing mail via
SMTP, and to use authentication with user msmtpd-user
and the password you chose. The mail client will probably
complain that the SMTP server does not support TLS, but in
this special case that is ok since all communication between
your mail client and msmtpd will stay on the local machine.
This setup also works with multiple mail accounts. Msmtp
will pick the correct one based on the envelope-from address
given to it via -f %F. You do not need multiple
instances of msmtpd for this purpose, and therefore you need
only one SMTP server in your mail client configuration.
msmtp(1)