diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2026-02-02 18:01:03 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2026-02-02 18:01:03 +0000 |
| commit | 36491e787c8be5b32b93f5c3b20edd9aa9d4c4e9 (patch) | |
| tree | 101b8cf332eb050cda394e11003cb3ee5dc2605b /doc | |
| parent | 541b3256968eae128abd35e762f3e3a81885fa7c (diff) | |
| download | smtpd-starttls-proxy-36491e787c8be5b32b93f5c3b20edd9aa9d4c4e9.tar.gz | |
More qmail-smtpc stuff
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/index.html | 3 | ||||
| -rw-r--r-- | doc/qmail-smtpc.html | 79 | ||||
| -rw-r--r-- | doc/upgrade.html | 1 |
3 files changed, 83 insertions, 0 deletions
diff --git a/doc/index.html b/doc/index.html index fc355d7..8dfae68 100644 --- a/doc/index.html +++ b/doc/index.html @@ -39,6 +39,9 @@ requirement if you link against the shared version of the skalibs library. </li> <li> <a href="//skarnet.org/software/s6/">s6</a> version 2.14.0.1 or later. It's a build-time and run-time requirement. </li> + <li> <a href="//skarnet.org/software/s6-dns/">s6-dns</a> version +2.4.1.1 or later. It's a build-time requirement. It's also a run-time requirement +if you link against the shared version of the s6-dns library. </li> <li> <a href="//skarnet.org/software/s6-networking/">s6-networking</a> version 2.7.2.1 or later. It's a build-time and run-time requirement. </li> </ul> diff --git a/doc/qmail-smtpc.html b/doc/qmail-smtpc.html new file mode 100644 index 0000000..47ee375 --- /dev/null +++ b/doc/qmail-smtpc.html @@ -0,0 +1,79 @@ +<html> + <head> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <meta http-equiv="Content-Language" content="en" /> + <title>smtpd-starttls-proxy: the qmail-smtpc program</title> + <meta name="Description" content="smtpd-starttls-proxy: the qmail-smtpc program" /> + <meta name="Keywords" content="smtp client qmail qmail-remote" /> + <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> --> + </head> +<body> + +<p> +<a href="index.html">smtpd-starttls-proxy</a><br /> +<a href="//skarnet.org/software/">Software</a><br /> +<a href="//skarnet.org/">skarnet.org</a> +</p> + +<h1> The <tt>qmail-smtpc</tt> program </h1> + +<p> +<tt>qmail-smtpc</tt> is an SMTP client, meant to be used as a drop-in +replacement to +<a href="http://qmail.org/man/man8/qmail-remote.html">qmail-remote</a>. +</p> + +<p> + It is not meant to be invoked directly by the user; it only makes sense +in the context of a qmail, netqmail or notqmail installation. +</p> + +<h2> Interface </h2> + +<p> + <tt>qmail-smtpc</tt> follows the exact same interface as +<a href="http://qmail.org/man/man8/qmail-remote.html">qmail-remote</a>. +The binary can literally be renamed <tt>qmail-remote</tt> then dropped +in <tt>/var/qmail/bin</tt> in place of the stock <tt>qmail-remote</tt> +program. With some patches, it can also be used by setting the +QMAILREMOTE environment variable to the path where <tt>qmail-smtpc</tt> +is installed. +</p> + +<h2> Differences with qmail-remote </h2> + +<ul> + <li> If the underlying OS and <a href="//skarnet.org/software/skalibs/">skalibs</a> +support IPv6, then <tt>qmail-smtpc</tt> does as well, and use IPv4 and IPv6 +addresses indiscriminately when connecting to an MX. </li> + <li> It speaks ESMTP and will use STARTTLS if the server supports it. </li> +</ul> + +<h2> Control files </h2> + +<p> + qmail-smtpc uses a few extra control files in <tt>/var/qmail/control</tt>: +<p> + +<dl> + <dt> <tt>trustanchors</tt> </dt> + <dd> Contains the path to the certificates for known trust anchors for X.509 +certificate validation. If the path ends with a slash, like <tt>/etc/ssl/certs/</tt>, +then it is interpreted as a directory containing hashes to the certificates. If +it does not, like <tt>/etc/ssl/cert.pem</tt>, then it is interpreted as a big +PEM file containing all the trust anchors. If the file is nonexistent or empty, +or only contains a newline, then STARTTLS is not attempted. </dd> + <dt> <tt>clientcert</tt> </dt> + <dd> If this file exists and is nonempty, it must contain the path to a client +certificate. This certificate will be sent to the server during a TLS negotiation. +This is useful in certain setups requiring client authentication. </dd> + <dt> <tt>clientkey</tt> </dt> + <dd> This file must be used in conjunction with <tt>clientcert</tt>. It contains +the path to the private key used to sign the client certificate. Note that access +to the private key file should be as restricted as possible, but the <tt>qmailr</tt> +user (or whatever user <tt>qmail-smtpc</tt> runs as) must be able to read it. </dd> +</dl> + +</body> +</html> diff --git a/doc/upgrade.html b/doc/upgrade.html index 7aa6237..1dba5fc 100644 --- a/doc/upgrade.html +++ b/doc/upgrade.html @@ -25,6 +25,7 @@ dependency bumped to 2.14.5.1 </li> <li> <a href="//skarnet.org/software/s6/">s6</a> dependency bumped to 2.14.0.1 </li> + <li> New dependency: <a href="//skarnet.org/software/s6-dns/">s6-dns</a> 2.4.1.1 </li> <li> <a href="//skarnet.org/software/s6-networking/">s6-networking</a> dependency bumped to 2.7.2.1 and made mandatory. </li> </ul> |