OpenSMTPD
   HOME

TheInfoList



OR:

OpenSMTPD (also known as OpenBSD SMTP Server) is a
Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...
daemon Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and mythology and of later Hellenistic religion and philosophy. The word ...
implementing the
Simple Mail Transfer Protocol The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typica ...
to deliver messages on a local machine or to relay them to other SMTP servers. It was publicly released on 17 March 2013 with version number 5.3, after being in development since late 2008. OpenSMTPD is primarily developed by Gilles Chehade, Eric Faurot and Charles Longeau as part of the
OpenBSD OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project em ...
project. Its design goals include
security Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social ...
, reliability, ease of configuration, and support for common
use case In software and systems engineering, the phrase use case is a polyseme with two senses: # A usage scenario for a piece of software; often used in the plural to suggest situations where a piece of software may be useful. # A potential scenario ...
s. The
source code In computing, source code, or simply code, is any collection of code, with or without comments, written using a human-readable programming language, usually as plain text. The source code of a program is specially designed to facilitate the wo ...
is available under the
ISC license The ISC license is a permissive free software license published by the Internet Software Consortium, now called Internet Systems Consortium (ISC). It is functionally equivalent to the simplified BSD and MIT licenses, but without language dee ...
. Its
portable Portable may refer to: General * Portable building, a manufactured structure that is built off site and moved in upon completion of site and utility work * Portable classroom, a temporary building installed on the grounds of a school to provide a ...
version, like that of
OpenSSH OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture. Network Working Gr ...
, is developed as a child project which adds the portability code to the OpenBSD version and releases it separately. The portable version was initiated by Charles Longeau and adds support for multiple operating systems including
NetBSD NetBSD is a free and open-source Unix operating system based on the Berkeley Software Distribution (BSD). It was the first open-source BSD descendant officially released after 386BSD was forked. It continues to be actively developed and is a ...
,
FreeBSD FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular ...
,
DragonFly BSD DragonFly BSD is a free and open-source Unix-like operating system forked from FreeBSD 4.8. Matthew Dillon, an Amiga developer in the late 1980s and early 1990s and FreeBSD developer between 1994 and 2003, began working on DragonFly BSD in Ju ...
, and several
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
distributions.


History

The development of OpenSMTPD was motivated by a combination of issues with current SMTP daemons: difficult configuration, complicated and difficult to audit code, and unsuitable licensing. OpenSMTPD was designed to solve these problems and make mail exchanges accessible to a wider user-base. After a period of development, OpenSMTPD first appeared in OpenBSD 4.6. The first release shipped with OpenBSD 5.3. On 2 October 2015, the results of a
security audit An information security audit is an audit on the level of information security in an organization. It is an independent review and examination of system records, activities and related documents. These audits are intended to improve the level of in ...
were released. Version 5.4.4p1 was audited, and nine issues were found. As a result, OpenSMTPD 5.7.2 was released to address these issues. On 28 January 2020, a vulnerability in OpenSMTPD was disclosed that could be remotely exploited to run arbitrary shell commands as root. OpenSMTPD 6.6.2 was released to fix the vulnerability.


Goals

OpenSMTPD is an attempt by the OpenBSD team to produce an SMTP daemon implementation that is secure, reliable, high performance, simple to security audit and trivial to set up and administer. Code is designed to keep the memory, CPU and disk requirements as low as possible but it is admitted that large mail systems are not intended to be run on low-end machines, and trade-offs are made where higher memory usage would bring indisputable benefits. As such, the design goals for OpenSMTPD are: security, ease of use, and performance. Security in OpenSMTPD is achieved by robust validity check in the network input path, use of bounded buffer operations via
strlcpy The C programming language has a set of functions implementing operations on strings (character strings and byte strings) in its standard library. Various operations, such as copying, concatenation, tokenization and searching are supported. ...
, and
privilege separation In computer programming and computer security, privilege separation is one software-based technique for implementing the principle of least privilege. With privilege separation, a program is divided into parts which are limited to the specific pri ...
to mitigate the effects of possible security bugs exploiting the daemon through
privilege escalation Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The res ...
. In order to simplify the use of SMTP, OpenSMTPD implements a smaller set of functionalities than those available in other SMTP daemons, the objective is to provide enough features to satisfy typical usage at the risk of unsuitability for esoteric or niche requirements.


References


External links

* *
93495 OpenSMTPD TLS Support Socket Exhaustion Remote DoS
{{DEFAULTSORT:Opensmtpd Message transfer agents BSD software SMTPD Email server software for Linux OpenBSD software using the ISC license