Andrew Richards
• The Free Stuff!


On this page: • Introduction   • License   • Status/Warranty   • Documentation   • Pre-requisites   • Download   • Installation   • Setup / Configuration   • Security   • Troubleshooting   • Programming Notes   • Archives


ofmipd is an alternative to qmail-smtpd for email submission in the mess822 package.

ofmipd-plus adds authentication and logging to ofmipd. The authentication is provided by John Levine's auth patch which is included in ofmipd-plus. The logging additions are similar to qmail-logmsg, logging details of the session (commands, results, errors) as well as the username used to authenticate the connection.

make clean and errno tweaks are also included in this patch, no need to apply them separately.

TLS support is provided for installations using sslserver from ucspi-tls. A non-TLS version is also available here.


This patch applies cleanly to mess822-0.58.

If you wish to use TLS functionality, you will require the ucspi-tls TLS-patched sslserver.


Download the patch here (v2.1).


Change into your mess822 source directory and type,

patch < path_to_patch/ofmipd-plus-v2.1.patch

and compile/install mess822 as normal. You'll probably want to be logging using multilog to get the most benefit from this patch.


Assuming you're using daemontools, in your run file you'll need to redirect file descriptor 7 (unfortunately checkpassword gets in the way of using stderr for logging). Thus you might have something like this,


exec env - PATH="/var/qmail/bin:/usr/local/bin:$PATH" \

 softlimit -m 50000000 -f 50000000 \

  tcpserver -v -HR -l0 -c50 0 587 \

   ofmipd "" your.domain.here checkpassword true 2>&1 7>&1

Make sure to adjust the above to suit your particular system, taking particular care with your flavour of checkpassword which may take additional arguments.

If you wish to offer TLS, you will need to use the TLS-patched sslserver from the ucspi-tls package instead, so the above example would look like this instead (you also need to add -e and -n flags, see here for more details,


exec env - PATH="/var/qmail/bin:/usr/local/bin:$PATH" \

 softlimit -m 50000000 -f 50000000 \

  sslserver -e -n -v -HR -l0 -c50 0 587 \

   ofmipd "" your.domain.here checkpassword true 2>&1 7>&1

As well as ofmipd now providing authentication, your ofmipd logs will now be richer in information about incoming connections.

Status / Warranty

No warranty, express or implied is given - USE THIS SOFTWARE ENTIRELY AT YOUR OWN RISK. You will need to satisfy yourself as to the suitability of this software before deploying it in a production environment.


Only one item here so far: If it doesn't work following the instructions above, you may find you need to specify the full path to true, typically /bin/true.

Programming Notes

ofmipd-plus includes the following enhancements to ofmipd:


This link will take you to the newest version (or the top of this page if you're already there).

Version 2.0 includes a logging bug in smtp_rcpt() so should be upgraded to this version. This logging bug was also found in the non-TLS version 1.1 (fixed in version 1.2); version 1.1 also included a completely redundant unused file envset.c, an exact duplicate of env.c; this is removed in later versions.

This page last updated: AR, 19th February 2016.

This gratuitous space at the end ensures that the short-cuts to each section work properly