<!-- review: finished -->

<a id="mail-smtp"></a>

# SMTP

The module enables support for the SMTP mail protocol, allowing the server to
proxy outgoing email traffic between clients and mail servers. It
establishes connections to SMTP servers, supports secure authentication using
LOGIN or PLAIN methods, provides STARTTLS and SSL/TLS encryption, and routes
client requests based on authentication results.

<a id="directives-62"></a>

## Directives

<a id="index-0"></a>

<a id="m-smtp-auth"></a>

### smtp_auth

| [Syntax](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)   | `smtp_auth` method ...;   |
|------------------------------------------------------------------------------------------|---------------------------|
| Default                                                                                  | `smtp_auth plain login;`  |
| [Context](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)  | mail, server              |

Sets permitted methods of [SASL authentication](https://datatracker.ietf.org/doc/html/rfc2554) for SMTP clients. Supported methods are:

| `plain`       | [AUTH PLAIN](https://datatracker.ietf.org/doc/html/rfc4616)                                                                                |
|---------------|--------------------------------------------------------------------------------------------------------------------------------------------|
| `login`       | [AUTH LOGIN](https://datatracker.ietf.org/doc/html/draft-murchison-sasl-login-00)                                                          |
| `cram-md5`    | [AUTH CRAM-MD5](https://datatracker.ietf.org/doc/html/rfc2195). In order for this method to work, the password must be stored unencrypted. |
| `external`    | [AUTH EXTERNAL](https://datatracker.ietf.org/doc/html/rfc4422)                                                                             |
| `xoauth2`     | [AUTH XOAUTH2](https://developers.google.com/gmail/imap/xoauth2-protocol)                                                                  |
| `oauthbearer` | [AUTH OAUTHBEARER](https://datatracker.ietf.org/doc/html/rfc7628)                                                                          |
| `none`        | Authentication is not required                                                                                                             |

Plain text authentication methods (`AUTH PLAIN` and `AUTH LOGIN`)
are always enabled, though if the `plain` and `login` methods are not specified,
`AUTH PLAIN` and `AUTH LOGIN` will not be automatically included in
[smtp_capabilities](#m-smtp-capabilities).

<a id="index-1"></a>

<a id="m-smtp-capabilities"></a>

### smtp_capabilities

| [Syntax](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)   | `smtp_capabilities` extension ...;   |
|------------------------------------------------------------------------------------------|--------------------------------------|
| Default                                                                                  | —                                    |
| [Context](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)  | mail, server                         |

Sets the SMTP protocol extensions list that is passed to the client in response to the EHLO command. The authentication methods specified in the [smtp_auth](#m-smtp-auth) directive and [STARTTLS](https://datatracker.ietf.org/doc/html/rfc3207) are automatically added to this list depending on the [starttls](https://en.angie.software//angie/docs/configuration/modules/mail/mail_ssl.md#m-starttls) directive value.

It makes sense to specify the extensions supported by the MTA to which the clients are proxied (if these extensions are related to commands used after authentication, when Angie transparently proxies the client connection to the backend).

<a id="index-2"></a>

<a id="m-smtp-client-buffer"></a>

### smtp_client_buffer

| [Syntax](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)   | `smtp_client_buffer` size;   |
|------------------------------------------------------------------------------------------|------------------------------|
| Default                                                                                  | `smtp_client_buffer 4k|8k;`  |
| [Context](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)  | mail, server                 |

Sets the size of the buffer used for reading SMTP commands. By default, the buffer size is equal to one memory page. This is either 4K or 8K, depending on the platform.

<a id="index-3"></a>

<a id="m-smtp-greeting-delay"></a>

### smtp_greeting_delay

| [Syntax](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)   | `smtp_greeting_delay` time;   |
|------------------------------------------------------------------------------------------|-------------------------------|
| Default                                                                                  | `smtp_greeting_delay 0;`      |
| [Context](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)  | mail, server                  |

Allows setting a delay before sending an SMTP greeting in order to reject clients who fail to wait for the greeting before sending SMTP commands.