OpenSMTPD

OpenSMTPD is an open-source implementation of the server-side SMTP protocol (RFC 5321) originally developed as part of the OpenBSD project. It provides a minimal, security-focused mail transfer agent with a compact configuration model, extensible table backends and a filters API for mail processing.

Key Features

• Implements SMTP and common extensions with an emphasis on correctness and RFC compliance.
• Small, modular C daemon designed with privilege separation and process isolation to reduce attack surface.
• Declarative smtpd.conf with expressive match/action rules and built-in table support (examples in the codebase include passwd, sqlite and ldap table backends).
• Filters API and external filter/queue helpers allow integration of greylisting, DKIM signing, Rspamd, and other processing as separate components.
• Delivery options include maildir and mbox formats, an MDA helper, and LMTP client support for local delivery.
• TLS support via libtls/libressl with compatibility for OpenSSL builds, and per-listener TLS/cipher configuration options.
• Portable distribution and an "extras" set of table/filter modules allow packaging for non-OpenBSD systems while keeping the core minimal.

Use Cases

• Host SMTP for small organizations or single-host mail services that prioritize a small, auditable codebase.
• Deploy as a mail gateway/relay that enforces policy via filters and external scanners (spam, DKIM, greylisting).
• Integrate with system account stores or directory services using table backends (passwd, sqlite, LDAP) for virtual users and lookups.

Limitations and Considerations

• Advanced features such as DKIM signing, comprehensive anti-spam, or virus scanning are typically provided via external filters or proxies rather than baked into the core; administrators must deploy and configure filter components for those functions.
• Historical security advisories (patched in later releases) demonstrate the need to track upstream security fixes and apply updates promptly for exposed versions.
• The project prefers LibreSSL/libtls but supports OpenSSL; TLS behavior and available cipher/protocol features can vary depending on the TLS library used.

OpenSMTPD is a focused, security-oriented MTA that favors clarity and modularity. It is well suited for administrators who want a small, auditable mail server core and to assemble additional functionality via filters and table backends.