GreenArrow Email Software Documentation

SMTP Services

GreenArrow Engine is able to run one or more SMTP services. The default configuration is:

Service IP Address Port Enabled Typical Use
SMTP All 25 Yes Receiving incoming SMTP traffic including bounces and feedback loop complaints
SMTP2 All 587 Yes Receiving relayed messages from SMTP clients
SMTP3 All 901 No Receiving relayed messages from SMTP clients

Configuring the SMTP Service

In most cases, the SMTP service should be enabled, and listening on port 25 of at least one publicly accessible IP address. This is so that incoming mail, including bounces and feedback loop complaints can be received.

  • Specify the IP address for the SMTP service to listen on in the /var/hvmail/control/smtp.ipaddr file. For example, to listen on 1.2.3.4:

    echo 1.2.3.4 > /var/hvmail/control/smtp.ipaddr
    

  • To listen on all IP addresses assigned to the server:

    echo 0 > /var/hvmail/control/smtp.ipaddr
    

  • To view the IP address that the SMTP service is configured to listen on:

    cat /var/hvmail/control/smtp.ipaddr
    

  • Specify the port for the SMTP service to listen on in the /var/hvmail/control/smtp.port file. For example, to listen on port 25:

    echo 25 > /var/hvmail/control/smtp.port
    

  • To enable SMTP AUTH, set /var/hvmail/control/smtp.auth equal to 1:

    echo 1 > /var/hvmail/control/smtp.auth
    

  • To disable SMTP AUTH, set /var/hvmail/control/smtp.auth equal to 0:

    echo 0 > /var/hvmail/control/smtp.auth
    

  • To disable the SMTP service, set the port equal to 0:

    echo 0 > /var/hvmail/control/smtp.port
    

  • To view the port that the SMTP service is currently configured to listen on:

    cat /var/hvmail/control/smtp.port
    

  • Specify how many concurrent connections to allow via the /var/hvmail/control/smtp.concurrency file. The default value of 100 will work in most situations. For example, to increase this value to 200, run:

    echo 200 > /var/hvmail/control/smtp.concurrency
    

  • By default, the SMTP service supports the STARTTLS command. To disable it:

    echo 0 > /var/hvmail/control/smtp.starttls
    

  • To re-enable support for the STARTTLS command:

    echo 1 > /var/hvmail/control/smtp.starttls
    

  • To apply changes:

    svc -tu /service/hvmail-qmail-smtpd
    

Configuring the SMTP2 Service

There are three advantages to relaying mail into the SMTP2 or SMTP3 service, rather than the SMTP service:

  1. The default ports used by the SMTP2 and SMTP3 services are less likely to be blocked by firewalls than the default port used by SMTP.
  2. When troubleshooting problems with SMTP relaying, it’s easier to isolate just SMTP relay traffic, and turn on more verbose logging for it if necessary.
  3. SimpleMH can be turned on by default on the SMTP2 or SMTP3 service if mail is being relayed that should use SimpleMH, but isn’t including SimpleMH-specific headers.

The parameters described in this section are set by editing the configuration file located at /var/hvmail/control/smtp2.

  • The SMTP2 service is enabled by default. To disable it set the ENABLED variable equal to 0:

    ENABLED=0
    

  • To change the IP address that the SMTP2 service listens on, set the IPADDR variable equal to the IP address to listen on, or 0 to listen on all IP addresses assigned to the server:

    IPADDR=0
    

  • To change the port that the SMTP2 service listens on, set the PORT variable equal to the port to listen on:

    PORT=587
    

  • SimpleMH is enabled by default for mail injected into the SMTP2 service. To disable this, set the SIMPLEMH variable equal to 0. To re-enable, set this variable equal to 1:

    SIMPLEMH=1
    

  • To specify how many concurrent connections to allow, update the CONCURRENCY variable:

    CONCURRENCY=200
    

  • To enable verbose logging, which records entire SMTP conversations, set the RECORDIO variable equal to 1. This can be useful for debugging, but does cause a performance impact, so set this variable back to 0 (disabled) when you’re finished:

    RECORDIO=1
    

  • RECORDIO logging is only useful with unencrypted connections. To enable verbose logging for encrypted SMTP connections, set the RECORDIO variable to 0 and add the following lines. This can be useful for debugging, but does cause a performance impact, remove these lines when you’re finished:

    export GREENARROW_LOG_SMTP_COMMANDS=
    export GREENARROW_LOG_SMTP_MESSAGE=
    

  • To prevent inserting the Received header that would normally be inserted into incoming messages:

    export GREENARROW_SMTP_RECEIVED_HIDE=
    

  • SMTP AUTH is enabled by default. To explicitly enable SMTP AUTH, set SMTP_AUTH equal to 1:

    SMTP_AUTH=1
    

  • To disable SMTP AUTH, set SMTP_AUTH equal to 0:

    SMTP_AUTH=0
    

  • By default, the SMTP service supports the STARTTLS command. To disable it:

    GREENARROW_STARTTLS=0
    

  • To re-enable support for the STARTTLS command, you can either remove the line that was added, or set it to 1:

    GREENARROW_STARTTLS=1
    

  • To apply changes:

    svc -tu /service/hvmail-qmail-smtpd2
    

Configuring the SMTP3 Service

The SMTP3 service can be configured in the same manner as the SMTP2 service, if in each step any occurrences of smtp2 are replaced with smtp3.

Authorizing SMTP Clients

SMTP Clients can be authorized in two ways:

  1. By IP address. The IPs Authorized to Relay document contains instructions on how to specify which IP addresses are authorized to relay mail through GreenArrow Engine.
  2. By username and password using SMTP AUTH. SMTP AUTH can be enabled and disabled on a per SMTP service level as described above.

Copyright © 2012–2024 GreenArrow Email