Haraka (software)

Last updated
Haraka
Developer(s) Matt Sergeant
Initial releaseMay 2011
Stable release
3.0.2 [1]   OOjs UI icon edit-ltr-progressive.svg / 16 June 2023;2 months ago (16 June 2023)
Repository github.com/haraka/Haraka
Written in Node.js, JavaScript
Operating system Unix-like, Windows
Type Mail transfer agent
License MIT License
Website haraka.github.io

Haraka is an open source [2] SMTP server. Its architecture is plugin-oriented [3] and event-driven. The server and its plugins are written in JavaScript [4] using the Node.js framework. [5]

Contents

Haraka follows a plugin model, implementing a very lightweight SMTP core and providing developers hooks into the mail flow. [6] Almost all of Haraka's functionality is built as plugins.

Through its use of the V8 JavaScript engine and asynchronous I/O, the author claims the server is capable of handling thousands of messages per second. [7]

Bounce.io announced that they regularly handle 2 to 5 thousand simultaneous SMTP connections [8] with Haraka.

Typical Usage

Haraka is frequently used as a filtering MTA in front of other MTAs that lack the performance and/or filtering capabilities of Haraka. Craigslist uses Haraka [9] to handle inbound and then forward validated connections to Postfix. [10] Bounce.io similarly uses Haraka to accept incoming messages and deliver them to their application engine. Mail Toaster 6 uses Haraka [11] similarly to accept incoming mail and forward to a qmail based message store.

Features

See also

Related Research Articles

The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.

<span class="mw-page-title-main">Email client</span> Computer program used to access and manage a users email

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

A mail exchanger record specifies the mail server responsible for accepting email messages on behalf of a domain name. It is a resource record in the Domain Name System (DNS). It is possible to configure several MX records, typically pointing to an array of mail servers for load balancing and redundancy.

qmail is a mail transfer agent (MTA) that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure alternative to the popular Sendmail program. Originally license-free software, qmail's source code was later dedicated in the public domain by the author.

An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by RFC 5322 and 6854. The term email address in this article refers to just the addr-spec in Section 3.4 of RFC 5322. The RFC defines address more broadly as either a mailbox or group. A mailbox value can be either a name-addr, which contains a display-name and addr-spec, or the more common addr-spec alone.

Various anti-spam techniques are used to prevent email spam.

Sender Policy Framework (SPF) is an email authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain. This authentication only applies to the email sender listed in the "envelope from" field during the initial SMTP connection. If the email is bounced, a message is sent to this address, and for downstream transmission it typically appears in the "Return-Path" header. To authenticate the email address which is actually visible to recipients on the "To:" line, other technologies such as DMARC must be used. Forgery of this address is known as email spoofing, and is often used in phishing and email spam.

Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again after a delay, and if sufficient time has elapsed, the email will be accepted.

A bounce message or just "bounce" is an automated message from an email system, informing the sender of a previous message that the message has not been delivered. The original message is said to have "bounced".

qpsmtpd is an SMTP daemon written in Perl. It was originally designed to be a drop-in replacement for qmail-smtpd, the SMTP component of qmail, and it is now also compatible with Postfix, Exim, sendmail and virtually any software that "speaks SMTP". It has a flexible plugin system, making it easy to interoperate with other pieces in a mail system.

Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the domain ownership of any message transfer agents (MTA) who participated in transferring and possibly modifying a message.

The Sender Rewriting Scheme (SRS) is a scheme for bypassing the Sender Policy Framework's (SPF) methods of preventing forged sender addresses. Forging a sender address is also known as email spoofing.

Variable envelope return path (VERP) is a technique used by some electronic mailing list software to enable automatic detection and removal of undeliverable e-mail addresses. It works by using a different return path for each recipient of a message.

In computing, Bounce Address Tag Validation (BATV) is a method, defined in an Internet Draft, for determining whether the bounce address specified in an E-mail message is valid. It is designed to reject backscatter, that is, bounce messages to forged return addresses.

Email forwarding generically refers to the operation of re-sending a previously delivered email to an email address to one or more different email addresses.

Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546.

Backscatter is incorrectly automated bounce messages sent by mail servers, typically as a side effect of incoming spam.

A bounce address is an email address to which bounce messages are delivered. There are many variants of the name, none of them used universally, including return path, reverse path, envelope from, envelope sender, MAIL FROM, 5321-FROM, return address, From_, Errors-to, etc. It is not uncommon for a single document to use several of these names.

SMTP Authentication, often abbreviated SMTP AUTH, is an extension of the Simple Mail Transfer Protocol (SMTP) whereby a client may log in using any authentication mechanism supported by the server. It is mainly used by submission servers, where authentication is mandatory.

References

  1. "Release 3.0.2". 16 June 2023. Retrieved 3 July 2023.
  2. "Haraka License". GitHub. Retrieved 14 February 2015.
  3. "Haraka Plugins". Haraka Source Code. GitHub. Retrieved 15 February 2015.
  4. "Haraka Language Statistics". Haraka Source Repository. GitHub. Retrieved 15 February 2015.
  5. "Haraka Manual » README". Archived from the original on 2017-10-28. Retrieved 2017-11-01.
  6. "Writing Haraka Plugins". Haraka Docs. GitHub. Archived from the original on 14 February 2015. Retrieved 15 February 2015.
  7. "Haraka Readme". Haraka. GitHub. Archived from the original on 28 October 2017. Retrieved 15 February 2015.
  8. "Tech Shoutout - Haraka at bounce.io". Bounce.io. Archived from the original on 15 February 2015. Retrieved 15 February 2015.
  9. "Craigslist Uses Haraka". Matt Sergeant. Archived from the original on 15 February 2015. Retrieved 15 February 2015.
  10. "About, Thanks". Craigslist. Retrieved 15 February 2015.
  11. "SMTP Haraka". Mail Toaster 6. tnpi.net. Archived from the original on 19 October 2014. Retrieved 15 February 2015.
  12. "auth_ldap". Haraka. Archived from the original on 15 February 2015. Retrieved 15 February 2015.
  13. "auth_vpopmaild". Haraka. Retrieved 15 February 2015.
  14. "access". Haraka. Retrieved 15 February 2015.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.