Very recently, Gilles Chehade (gilles@) imported his smtpd into OpenBSD base. Since then, there's been some activity around the code in cvs. To give users some insight into the reasons for writing smtpd and the design behind it, Gilles writes in with a developer blog on smtpd.

I had been running Postfix for four or five years when I decided to switch to sendmail. Postfix had a license that prevented it from getting commited into base, which meant it would not get audited and would force me to go through more work to keep it updated and reinstalled after each OpenBSD reinstall ... twice a year. I had rather simple needs so the stock sendmail would do just fine.

A few months ago, I had to dive into the configuration of sendmail to make a very small change. It turns out I spent almost an hour trying to make sense out of a maze of files that were plain unreadable. Even the slightest changes would cause me to stand a couple minutes thinking, just trying to make sure I really wanted to make that change.

It pissed me off enough that I grabbed my laptop and a copy of rfc2821 with me to the pub where I started writing the first bricks of a very simple smtp server. After two or three hours, I had a little piece of code which would understand a simple smtp session, with no protocol error checking, and would deliver it to my mailbox in both Maildir and mbox formats. It was not THAT great, but it was just enough to keep me motivated ;-)

The next days I studied imsg and started making use of it while I implemented privilege separation, privilege dropping and chrooting into smtpd. I commited all the code to the private cvs repository that I was using, and showed it to chl@ so he could tell me what he thought about it. chl@ started reading the code and sending more and more diffs, the smtpd soon got basic support for aliases, mailer daemons and relaying.

After a couple weeks of hard work and late commits, I contacted pyr@ and told him about smtpd while showing him the code and a proof of concept running on one of my servers. I was a bit nervous about his reaction but he was quite motivated as he had ... ideas ;-)

pyr@ was ok with most of the code except that it wasn't doing things in the OpenBSD way and he wanted smtpd to be fully asynchronous. We decided that the best idea would be to create a separate cvs module where he would basically put the infrastructure for smtpd. Infrastructure contained mostly code that does not know anything about the smtp protocol but was rather aimed at providing an OpenBSD look and feel to the code and config.

He did an amazing job, the new parse.y replaced my named-like syntax with a pf-like one which turned something like:

listener 127.0.0.1:25 { hostname mx1.poolp.org domain poolp.og { store to mbox } }

into the almost final:

listen on 127.0.0.1 port 25 hostname mx1.poolp.org accept domain "poolp.org" store to mbox

His code also simplified the setup and use of imsg through the entire project. Smtpd has several processes and setting up the pipes correctly is not as easy as it looks. He came up with an elegant solution which is likely to be adapted elsewhere later.

Work continued at a slower pace until I was able to go to Slackathon, where I had a lot of free time to fix broken code and implement new features. The smtp trafic was limited which made me run into bugs which would trigger in weird situations (i.e. being able to resolve a remote MX but not being able to connect to it) but also forced me into coding features such as the "relay via" which I would use to redirect smtp trafic and bypass a MX resolution to perform a direct connection to another host. During Slackathon, I made a lot of progress on supporting aliases and virtual users, implemented forward files so that it became possible to run applications like vacation(1), improved support for grey listing and made various changes to the queue so that it would be simpler and would not consume as much memory under heavy load.

Since I came back from Sweden, I spent most of my hacking time trying to clean up, make code simpler and fixing all bugs I've been made aware of. smtpd has been running on my own server for several weeks, allowing me to spot "live" bugs and fixing them.

Recently, I started implementing very basic and limited support for SMTP AUTH, which is one of the features I need and has been requested the most, the goal being to have this support work out of the box.

The current state of smtpd is basically "don't use it live unless you want to help test and spot bugs", but out of the box it currently supports:

IPv6 fully, it accepts, resolves and connects to IPv6 enabled hosts

SSL/TLS if a certificate is found in /etc/mail/certs/

aliases/virtual users/forward files

using external MDA such as procmail

There is still a loooooot of work to do though ...

A lot of developers have provided very helpful comments and testing, they know who they are and they deserve a HUGE thanks ;-)