The smtpd-starttls-proxy-io program

smtpd-starttls-proxy-io is a program that runs in front of a UCSPI-compliant SMTP server (such as qmail-smtpd) and extends it with STARTTLS capability.

smtpd-starttls-proxy-io provides no TLS on its own; instead, it expects to be run under a UCSPI-TLS server, and interfaces with it.


     smtpd-starttls-proxy-io smtpd...

Environment variables

smtpd-starttls-proxy-io expects to be run under a UCSPI-TLS server such as s6-ucspitlsd or sslserver -n. As a consequence, it expects its environment to contain the following variables:

smtpd-starttls-proxy-io will refuse to run if one of these variables is nonexistent or contains invalid data.

Usage example

You can run a STARTTLS-enabled qmail-smtpd mail receiver on address hostip port port with the following steps:

  s6-tcpserver -- hostip port \
  s6-tcpserver-access -Dl0 -t5000 -- \
  s6-ucspitlsd -K30000 -- \
  s6-applyuidgid -Uz -- \
  smtpd-starttls-proxy-io \