OpenSMTPD

OpenSMTPD

Puffy, the mascot of OpenBSD, delivering mail to three fishbowls behind a fence.

"We deliver"
Developer(s) The OpenBSD Project
Initial release 5.3 / 17 March 2013 (2013-03-17)[1][2]
Stable release 5.7.3 / 5 October 2015 (2015-10-05)[3]
Development status Active
Written in C
Operating system BSD, Linux, OS X[4]
Platform Cross-platform[4]
Type Mail transfer agent
License ISC
Website www.opensmtpd.org
Standard(s) RFC 5321
As of October 2015

OpenSMTPD is a Unix system daemon implementing the Simple Mail Transfer Protocol to deliver messages on a local machine or to relay them to other SMTP servers. It has been released on the 17 March 2013 with version number 5.3 after being in development since late 2008.

OpenSMTPD is primarily developed by Gilles Chehade, Eric Faurot and Charles Longeau as part of the OpenBSD project. Its design goals include being secure, reliable, easy to configure, supporting the most common use-cases and with source code that can be distributed under an ISC license. Its portable version, like that of OpenSSH, is developed as a child project which adds the portability code to the OpenBSD version and releases it separately. The portable version was initiated by Charles Longeau and adds supports for multiple operating systems including NetBSD, FreeBSD, DragonFlyBSD and several Linux distributions.

History

The development of OpenSMTPD was motivated by a combination of issues with current SMTP daemons: difficult configuration, complicated and difficult to audit code, and unsuitable licensing.[5][6] OpenSMTPD was designed to solve these problems and make mail exchanges accessible to a wider user-base. After a period of development, OpenSMTPD first appeared in OpenBSD 4.6.[7] The first release shipped with OpenBSD 5.3.[1][2][8]

On October 2nd, 2015, the results of a security audit were released. Version 5.4.4p1 was audited, and nine issues were found.[9] As a result, OpenSMTPD 5.7.2 was released to address these issues.[10]

Goals

OpenSMTPD is an attempt by the OpenBSD team to produce an SMTP daemon implementation that is secure, reliable, performant, simple to security audit and trivial to set up and administer. Code is designed to keep the memory, CPU and disk requirements as low as possible but it is admitted that large mail systems are not intended to be run on low-end machines, and trade-offs are made where higher memory usage would bring indisputable benefits.[11]

As such, the design goals for OpenSMTPD are: security, ease of use, and performance. Security in OpenSMTPD is achieved by robust validity check in the network input path, use of bounded buffer operations via strlcpy, and privilege separation to mitigate the effects of possible security bugs exploiting the daemon through privilege escalation. In order to simplify the use of SMTP, OpenSMTPD implements a smaller set of functionalities than those available in other SMTP daemons, the objective is to provide enough features to satisfy typical usage at the risk of unsuitability for esoteric or niche requirements.

References

  1. 1 2 "OpenBSD 5.3 introduces stable SMTPD". h-online.com. 1 May 2013.
  2. 1 2 "OpenSMTPD 5.3 released". poolp.org.
  3. https://www.opensmtpd.org/announces/release-5.7.3.txt
  4. 1 2 "OpenSMTPD Portable Release". OpenBSD. Retrieved 15 October 2015.
  5. "OpenSMTPD Goals". opensmtpd.org.
  6. Corbet, Jonathan (May 27, 2009). "Coming soon: OpenSMTPD". Linux Weekly News (LWN). Retrieved April 6, 2012.
  7. "OpenBSD 4.6". openbsd.org.
  8. "OpenBSD 5.3". openbsd.org.
  9. "OpenSMTPD Audit Report". Qualys. 2015-10-02. Retrieved 2015-10-11.
  10. "Announce: OpenSMTPD 5.7.2 released". Retrieved 2015-10-11.
  11. "OpenSMTPD Goals". opensmtpd.org.

External links

This article is issued from Wikipedia - version of the Monday, March 28, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.