1SWAKS(1)              User Contributed Perl Documentation             SWAKS(1)
2
3
4

NAME

6       Swaks - Swiss Army Knife SMTP, the all-purpose SMTP transaction tester
7

DESCRIPTION

9       Swaks' primary design goal is to be a flexible, scriptable,
10       transaction-oriented SMTP test tool.  It handles SMTP features and
11       extensions such as TLS, authentication, and pipelining; multiple
12       version of the SMTP protocol including SMTP, ESMTP, and LMTP; and
13       multiple transport methods including UNIX-domain sockets, internet-
14       domain sockets, and pipes to spawned processes.  Options can be
15       specified in environment variables, configuration files, and the
16       command line allowing maximum configurability and ease of use for
17       operators and scripters.
18

QUICK START

20       Deliver a standard test email to user@example.com on port 25 of
21       test-server.example.net:
22
23        swaks --to user@example.com --server test-server.example.net
24
25       Deliver a standard test email, requiring CRAM-MD5 authentication as
26       user me@example.com.  An "X-Test" header will be added to the email
27       body.  The authentication password will be prompted for.
28
29        swaks --to user@example.com --from me@example.com --auth CRAM-MD5 --auth-user me@example.com --header-X-Test "test email"
30
31       Test a virus scanner using EICAR in an attachment.  Don't show the
32       message DATA part.:
33
34        swaks -t user@example.com --attach - --server test-server.example.com --suppress-data </path/to/eicar.txt
35
36       Test a spam scanner using GTUBE in the body of an email, routed via the
37       MX records for example.com:
38
39        swaks --to user@example.com --body /path/to/gtube/file
40
41       Deliver a standard test email to user@example.com using the LMTP
42       protocol via a UNIX domain socket file
43
44        swaks --to user@example.com --socket /var/lda.sock --protocol LMTP
45
46       Report all the recipients in a text file that are non-verifiable on a
47       test server:
48
49        for E in `cat /path/to/email/file`
50        do
51            swaks --to $E --server test-server.example.com --quit-after RCPT --hide-all
52            [ $? -ne 0 ] && echo $E
53        done
54

TERMS AND CONVENTIONS

56       This document tries to be consistent and specific in its use of the
57       following terms to reduce confusion.
58
59       Transaction
60           A transaction is the opening of a connection over a transport to a
61           target and using a messaging protocol to attempt to deliver a
62           message.
63
64       Target
65           The target of a transaction is the thing that Swaks connects to.
66           This generic term is used throughout the documentation because most
67           other terms improperly imply something about the transport being
68           used.
69
70       Transport
71           The transport is the underlying method used to connect to the
72           target.
73
74       Protocol
75           The protocol is the application language used to communicate with
76           the target.  This document uses SMTP to speak generically of all
77           three supported protocols unless it states that it is speaking of
78           the specific 'SMTP' protocol and excluding the others.
79
80       Message
81           SMTP protocols exist to transfer messages, a set of bytes in an
82           agreed-upon format that has a sender and a recipient.
83
84       Envelope
85           A message's envelope contains the "true" sender and receiver of a
86           message.  It can also be referred to as its components, envelope-
87           sender and envelope-recipients.  It is important to note that a
88           messages envelope does not have to match its To: and From: headers.
89
90       DATA
91           The DATA portion of an SMTP transaction is the actual message that
92           is being transported.  It consists of both the message's headers
93           and its body.  DATA and body are sometimes use synonymously, but
94           they are always two distinct things in this document.
95
96       Headers
97           A message's headers are defined as all the lines in the message's
98           DATA section before the first blank line.  They contain information
99           about the email that will be displayed to the recipient such as
100           To:, From:, Subject:, etc.  In this document headers will always be
101           written with a capitalized first letter and a trailing colon.
102
103       Body
104           A message's body is the portion of its DATA section following the
105           first blank line.
106

OPTION PROCESSING

108       To prevent potential confusion in this document a flag to Swaks is
109       always referred to as an "option".  If the option takes additional
110       data, that additional data is referred to as an argument to the option.
111       For example, "--from fred@example.com" might be provided to Swaks on
112       the command line, with "--from" being the option and "fred@example.com"
113       being --from's argument.
114
115       Options can be given to Swaks in three ways.  They can be specified in
116       a configuration file, in environment variables, and on the command
117       line.  Depending on the specific option and whether an argument is
118       given to it, Swaks may prompt the user for the argument.
119
120       When Swaks evaluates its options, it first looks for a configuration
121       file (either in a default location or specified with --config).  Then
122       it evaluates any options in environment variables.  Finally, it
123       evaluates command line options.  At each round of processing, any
124       options set earlier will be overridden.  Additionally, any option can
125       be prefixed with "no-" to cause Swaks to forget that the variable had
126       previously been set.  This capability is necessary because many options
127       treat defined-but-no-argument differently than not-defined.
128
129       The exact mechanism and format for using each of the types is listed
130       below.
131
132       CONFIGURATION FILE
133           A configuration file can be used to set commonly-used or abnormally
134           verbose options.  By default, Swaks looks in order for
135           $SWAKS_HOME/.swaksrc, $HOME/.swaksrc, and $LOGDIR/.swaksrc.  If one
136           of those is found to exist (and --config has not been used) that
137           file is used as the configuration file.
138
139           Additionally, a configuration file in a non-default location can be
140           specified using --config.  If this is set and not given an argument
141           Swaks will not use any configuration file, including any default
142           file.  If --config points to a readable file, it is used as the
143           configuration file, overriding any default that may exist.  If it
144           points to a non-readable file and error will be shown and Swaks
145           will exit.
146
147           A set of "portable" defaults can also be created by adding options
148           to the end of the Swaks program file.  As distributed, the last
149           line of Swaks should be "__END__".  Any lines added after __END__
150           will be treated as the contents of a configuration file.  This
151           allows a set of user preferences to be automatically copied from
152           server to server in a single file.
153
154           If present and configuration files have not been explicitly turned
155           off, the __END__ config is always read.  Only one other
156           configuration file will ever be used per single invocation of
157           Swaks, even if multiple configuration files are specified.
158           Specifying the --config option with no argument turns off the
159           processing of both the __END__ config and any actual config files.
160
161           In a configuration file lines beginning with a hash (#) are
162           ignored.  All other lines are assumed to be an option to Swaks,
163           with the leading dash or dashes optional.  Everything after a
164           option line's first space is assumed to be the option's argument
165           and is not shell processed.  Therefore, quoting is usually unneeded
166           and will be included literally in the argument.  Here is an example
167           of the contents of a configuration file:
168
169               # always use this sender, no matter server or logged in user
170               --from fred@example.com
171               # I prefer my test emails have a pretty from header.  Note
172               # the lack of dashes on option and lack of quotes around
173               # entire argument.
174               h-From: "Fred Example" <fred@example.com>
175
176       ENVIRONMENT VARIABLES
177           Options can be supplied via environment variables.  The variables
178           are in the form $SWAKS_OPT_name, where name is the name of the
179           option that would be specified on the command line.  Because dashes
180           aren't allowed in environment variable names in most UNIX-ish
181           shells, no leading dashes should be used and any dashes inside the
182           option's name should be replaced with underscores.  The following
183           would create the same options shown in the configuration file
184           example:
185
186               $ SWAKS_OPT_from='fred@example.com'
187               $ SWAKS_OPT_h_From='"Fred Example" <fred@example.com>'
188
189           Setting a variable to an empty value is the same as specifying it
190           on the command line with no argument.  For instance, setting
191           SWAKS_OPT_server="" would cause Swaks to prompt the use for the
192           server to which to connect at each invocation.
193
194           In addition to setting the equivalent of command line options,
195           SWAKS_HOME can be set to a directory containing the default
196           .swaksrc to be used.
197
198       COMMAND LINE OPTIONS
199           The final method of supplying options to Swaks is via the command
200           line.  The options behave in a manner consistent with most UNIX-ish
201           command line programs.  Many options have both a short and long
202           form (for instance -s and --server).  By convention short options
203           are specified with a single dash and long options are specified
204           with a double-dash.  This is only a convention and either prefix
205           will work with either type.
206
207           The following demonstrates the example shown in the configuration
208           file and environment variable sections:
209
210               $ swaks --from fred@example.com --h-From: '"Fred Example" <fred@example.com>'
211

TRANSPORTS

213       Swaks can connect to a target via UNIX pipes ("pipes"), UNIX domain
214       sockets ("UNIX sockets"), or internet domain sockets ("network
215       sockets").  Connecting via network sockets is the default behavior.
216       Because of the singular nature of the transport used, each set of
217       options in the following section is mutually exclusive.  Specifying
218       more than one of --server, --pipe, or --socket will result in an error.
219       Mixing other options between transport types will only result in the
220       irrelevant options being ignored.  Below is a brief description of each
221       type of transport and the options that are specific to that transport
222       type.
223
224       NETWORK SOCKETS
225           This transport attempts to deliver a message via TCP/IP, the
226           standard method for delivering SMTP.  This is the default transport
227           for Swaks.  If none of --server, --pipe, or --socket are given then
228           this transport is used and the target server is determined from the
229           recipient's domain (see --server below for more details).
230
231           This transport requires the IO::Socket module which is part of the
232           standard Perl distribution.  If this module is not loadable,
233           attempting to use this transport will result in an error and
234           program termination.
235
236           IPv6 is supported when the IO::Socket::INET6 module is present.
237
238           -s, --server [target mail server[:port]]
239               Explicitly tell Swaks to use network sockets and specify the
240               hostname or IP address to which to connect, or prompt if no
241               argument is given.  If this option is not given and no other
242               transport option is given, the target mail server is determined
243               from the appropriate DNS records for the domain of the
244               recipient email address using the Net::DNS module.  If Net::DNS
245               is not available Swaks will attempt to connect to localhost to
246               deliver.  The target port can optionally be set here.
247               Supported formats for this include SERVER:PORT (supporting
248               names and IPv4 addresses); [SERVER]:PORT and SERVER/PORT
249               (supporting names, IPv4 and IPv6 addresses).  See also
250               --copy-routing.
251
252           -p, --port [port]
253               Specify which TCP port on the target is to be used, or prompt
254               if no argument is listed.  The argument can be a service name
255               (as retrieved by getservbyname(3)) or a port number.  The
256               default port is determined by the --protocol option.  See
257               --protocol for more details.
258
259           -li, --local-interface [IP or hostname[:port]]
260               Use argument as the local interface for the outgoing SMTP
261               connection, or prompt user if no argument given.  Argument can
262               be an IP address or a hostname.  Default action is to let the
263               operating system choose the local interface.  See --server for
264               additional comments on :port format.
265
266           -lp, --local-port, --lport [port]
267               Specify the outgoing port to originate the transaction from.
268               If this option is not specified the system will pick an
269               ephemeral port.  Note that regular users cannot specify some
270               ports.
271
272           --copy-routing [domain]
273               The argument is interpreted as the domain part of an email
274               address and it is used to find the target server using the same
275               logic that would be used to look up the target server for a
276               recipient email address.  See  --to option for more details on
277               how the target is determined from the email domain.
278
279           -4, -6
280               Force IPv4 or IPv6.
281
282       UNIX SOCKETS
283           This transport method attempts to deliver messages via a UNIX-
284           domain socket file.  This is useful for testing MTA/MDAs that
285           listen on socket files (for instance, testing LMTP delivery to
286           Cyrus).  This transport requires the IO::Socket module which is
287           part of the standard Perl distribution.  If this module is not
288           loadable, attempting to use this transport will result in an error
289           and program termination.
290
291           --socket [/path/to/socket/file]
292               This option takes as its argument a UNIX-domain socket file.
293               If Swaks is unable to open this socket it will display an error
294               and exit.
295
296       PIPES
297           This transport attempts to spawn a process and communicate with it
298           via pipes.  The spawned program must be prepared to behave as a
299           mail server over STDIN/STDOUT.  Any MTA designed to operate from
300           inet/xinet should support this.  In addition, some MTAs provide
301           testing modes that can be communicated with via STDIN/STDOUT.  This
302           transport can be used to automate that testing.  For example, if
303           you implemented DNSBL checking with Exim and you wanted to make
304           sure it was working, you could run 'swaks --pipe "exim -bh
305           127.0.0.2"'.  Ideally, the process you are talking to should behave
306           exactly like an SMTP server on STDIN and STDOUT.  Any debugging
307           should be sent to STDERR, which will be directed to your terminal.
308           In practice, Swaks can generally handle some debug on the child's
309           STDOUT, but there are no guarantees on how much it can handle.
310
311           This transport requires the IPC::Open2 module which is part of the
312           standard Perl distribution.  If this module is not loadable,
313           attempting to use this transport will result in an error and
314           program termination.
315
316           --pipe [/path/to/command and arguments]
317               Provide a process name and arguments to the process.  Swaks
318               will attempt to spawn the process and communicate with it via
319               pipes.  If the argument is not an executable Swaks will display
320               an error and exit.
321

PROTOCOL OPTIONS

323       These options are related to the protocol layer.
324
325       -t, --to [email-address[,email-address,...]]
326           Tells Swaks to use argument(s) as the envelope-recipient for the
327           email, or prompt for recipient if no argument provided.  If
328           multiple recipients are provided and the recipient domain is needed
329           to determine routing the domain of the last recipient provided is
330           used.
331
332           There is no default value for this option.  If no recipients are
333           provided via any means, user will be prompted to provide one
334           interactively.  The only exception to this is if a --quit-after
335           value is provided which will cause the SMTP transaction to be
336           terminated before the recipient is needed.
337
338       -f, --from [email-address]
339           Use argument as envelope-sender for email, or prompt user if no
340           argument specified.  The string <> can be supplied to mean the null
341           sender.  If user does not specify a sender address a default value
342           is used.  The domain-part of the default sender is a best guess at
343           the fully-qualified domain name of the local host.  The method of
344           determining the local-part varies.  On Windows, Win32::LoginName()
345           is used.  On UNIX-ish platforms, the $LOGNAME environment variable
346           is used if it is set.  Otherwise getpwuid(3) is used.  See also
347           --force-getpwuid.
348
349       --ehlo, --lhlo, -h, --helo [helo-string]
350           String to use as argument to HELO/EHLO/LHLO command, or prompt use
351           if no argument is specified.  If this option is not used a best
352           guess at the fully-qualified domain name of the local host is used.
353           If the Sys::Hostname module, which is part of the base
354           distribution, is not available the user will be prompted for a HELO
355           value.  Note that Sys::Hostname has been observed to not be able to
356           find the local hostname in certain circumstances.  This has the
357           same effect as if Sys::Hostname were unavailable.
358
359       -q, --quit, --quit-after [stop-point]
360           Point at which the transaction should be stopped.  When the
361           requested stopping point is reached in the transaction, and
362           provided that Swaks has not errored out prior to reaching it, Swaks
363           will send "QUIT" and attempt to close the connection cleanly.
364           These are the valid arguments and notes about their meaning.
365
366           CONNECT, BANNER
367               Terminate the session after receiving the greeting banner from
368               the target.
369
370           FIRST-HELO, FIRST-EHLO, FIRST-LHLO
371               In a STARTTLS (but not tls-on-connect) session, terminate the
372               transaction after the first of two HELOs.  In a non-STARTTLS
373               transaction, behaves the same as HELO (see below).
374
375           XCLIENT
376               Quit after XCLIENT is sent
377
378           TLS Quit the transaction immediately following TLS negotiation.
379               Note that this happens in different places depending on whether
380               STARTTLS or tls-on-connect are used.  This always quits after
381               the point where TLS would have been negotiated, regardless of
382               whether it was attempted.
383
384           HELO, EHLO, LHLO
385               In a STARTTLS or XCLIENT session, quit after the second HELO.
386               Otherwise quit after the first and only HELO.
387
388           AUTH
389               Quit after authentication.  This always quits after the point
390               where authentication would have been negotiated, regardless of
391               whether it was attempted.
392
393           MAIL, FROM
394               Quit after MAIL FROM: is sent.
395
396           RCPT, TO
397               Quit after RCPT TO: is sent.
398
399       --da, --drop-after [stop-point]
400           The option is similar to --quit-after, but instead of trying to
401           cleanly shut down the session it simply terminates the session.
402           This option accepts the same stop-points as --quit-after.
403
404       --das, --drop-after-send [stop-point]
405           This option is similar to --drop-after, but instead of dropping the
406           connection after reading a response to the stop-point, it drops the
407           connection immediately after sending stop-point.
408
409       --timeout [time]
410           Use argument as the SMTP transaction timeout, or prompt user if no
411           argument given.  Argument can either be a pure digit, which will be
412           interpreted as seconds, or can have a specifier s or m (5s = 5
413           seconds, 3m = 180 seconds).  As a special case, 0 means don't
414           timeout the transactions.  Default value is 30s.
415
416       --protocol [protocol]
417           Specify which protocol to use in the transaction.  Valid options
418           are shown in the table below.  Currently the 'core' protocols are
419           SMTP, ESMTP, and LMTP.  By using variations of these protocol types
420           one can tersely specify default ports, whether authentication
421           should be attempted, and the type of TLS connection that should be
422           attempted.  The default protocol is ESMTP.  This table demonstrates
423           the available arguments to --protocol and the options each sets as
424           a side effect:
425
426           SMTP
427               HELO, "-p 25"
428
429           SSMTP
430               EHLO->HELO, "-tlsc -p 465"
431
432           SSMTPA
433               EHLO->HELO, "-a -tlsc -p 465"
434
435           SMTPS
436               HELO, "-tlsc -p 465"
437
438           ESMTP
439               EHLO->HELO, "-p 25"
440
441           ESMTPA
442               EHLO->HELO, "-a -p 25"
443
444           ESMTPS
445               EHLO->HELO, "-tls -p 25"
446
447           ESMTPSA
448               EHLO->HELO, "-a -tls -p 25"
449
450           LMTP
451               LHLO, "-p 24"
452
453           LMTPA
454               LHLO, "-a -p 24"
455
456           LMTPS
457               LHLO, "-tls -p 24"
458
459           LMTPSA
460               LHLO, "-a -tls -p 24"
461
462       --pipeline
463           If the remote server supports it, attempt SMTP PIPELINING (RFC
464           2920).
465
466       --prdr
467           If the server supports it, attempt Per-Recipient Data Response
468           (PRDR) (https://tools.ietf.org/html/draft-hall-prdr-00.txt).  PRDR
469           is not yet standardized, but MTAs have begun implementing the
470           proposal.
471
472       --force-getpwuid
473           Tell Swaks to use the getpwuid method of finding the default sender
474           local-part instead of trying $LOGNAME first.
475

TLS / ENCRYPTION

477       These are options related to encrypting the transaction.  These have
478       been tested and confirmed to work with all three transport methods.
479       The Net::SSLeay module is used to perform encryption when it is
480       requested.  If this module is not loadable Swaks will either ignore the
481       TLS request or error out, depending on whether the request was
482       optional.  STARTTLS is defined as an extension in the ESMTP protocol
483       and will be unavailable if --protocol is set to a variation of SMTP.
484       Because it is not defined in the protocol itself, --tls-on-connect is
485       available for any protocol type if the target supports it.
486
487       A local certificate is not required for a TLS connection to be
488       negotiated.  However, some servers use client certificate checking to
489       verify that the client is allowed to connect.  Swaks can be told to use
490       a specific local certificate using the --tls-cert and --tls-key
491       options.
492
493       -tls
494           Require connection to use STARTTLS.  Exit if TLS not available for
495           any reason (not advertised, negotiations failed, etc).
496
497       -tlso, --tls-optional
498           Attempt to use STARTTLS if available, continue with normal
499           transaction if TLS was unable to be negotiated for any reason.
500           Note that this is a semi-useless option as currently implemented
501           because after a negotiation failure the state of the connection is
502           unknown.  In some cases, like a version mismatch, the connection
503           should be left as plaintext.  In others, like a verification
504           failure, the server-side may think that it should continue speaking
505           TLS while the client thinks it is plaintext.  There may be an
506           attempt to add more granular state detection in the future, but for
507           now just be aware that odd things may happen with this option if
508           the TLS negotiation is attempted and fails.
509
510       -tlsos, --tls-optional-strict
511           Attempt to use STARTTLS if available.  Proceed with transaction if
512           TLS is negotiated successfully or STARTTLS not advertised.  If
513           STARTTLS is advertised but TLS negotiations fail, treat as an error
514           and abort transaction.  Due to the caveat noted above, this is a
515           much saner option than --tls-optional.
516
517       --tlsc, --tls-on-connect
518           Initiate a TLS connection immediately on connection.  Following
519           common convention, if this option is specified the default port
520           changes from 25 to 465, though this can still be overridden with
521           the --port option.
522
523       -tlsp, --tls-protocol SPECIFICATION
524           Specify which protocols to use (or not use) when negotiating TLS.
525           At the time of this writing, the available protocols are sslv2,
526           sslv3, tlsv1, tlsv1_1, tlsv1_2, and tlsv1_3.  The availability of
527           these protocols is dependent on your underlying OpenSSL library, so
528           not all of these may be available.  The list of available protocols
529           is shown in the output of --dump (assuming TLS is available at
530           all).
531
532           The specification string is a comma-delimited list of protocols
533           that can be used or not used.  For instance 'tlsv1,tlsv1_1' will
534           only succeed if one of those two protocols is available on both the
535           client and the server.  Conversely, 'no_sslv2,no_sslv3' will
536           attempt to negotiate any protocol except sslv2 and sslv3.  The two
537           forms of specification cannot be mixed.
538
539       -tls-cipher CIPHER_STRING
540           The argument to this option is passed to the underlying OpenSSL
541           library to set the list of acceptable ciphers to the be used for
542           the connection.  The format of this string is opaque to Swaks and
543           is defined in
544           http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT.
545           A brief example would be --tls-cipher '3DES:+RSA'.
546
547       --tls-verify
548           Tell Swaks to attempt to verify the server's certificate.  If this
549           option is set and the server's certificate is not verifiable
550           (either using the system-default CA information, or custom CA
551           information (see --tls-ca-path)) TLS negotiation will not succeed.
552           By default, Swaks does not attempt certificate verification.
553
554       --tls-ca-path [ /path/to/CAfile | /path/to/CAdir/ ]
555           Specify an alternate location for CA information for verifying
556           server certificates.  The default behavior is to use the underlying
557           OpenSSL library's default information.
558
559       --tls-cert /path/to/file
560           Provide a path to a file containing the local certificate Swaks
561           should use if TLS is negotiated.  The file path argument is
562           required.  As currently implemented the certificate in the file
563           must be in PEM format.  Contact the author if there's a compelling
564           need for ASN1.  If this option is set, --tls-key is also required.
565
566       --tls-key /path/to/file
567           Provide a path to a file containing the local private key Swaks
568           should use if TLS is negotiated.  The file path argument is
569           required.  As currently implemented the certificate in the file
570           must be in PEM format.  Contact the author if there's a compelling
571           need for ASN1.  If this option is set, --tls-cert is also required.
572
573       --tls-get-peer-cert [/path/to/file]
574           Get a copy of the TLS peer's certificate.  If no argument is given,
575           it will be displayed to STDOUT.  If an argument is given it is
576           assumed to be a filesystem path specifying where the certificate
577           should be written.  The saved certificate can then be examined
578           using standard tools such as the openssl command.  If a file is
579           specified its contents will be overwritten.
580

AUTHENTICATION

582       Swaks will attempt to authenticate to the target mail server if
583       instructed to do so.  This section details available authentication
584       types, requirements, options and their interactions, and other fine
585       points in authentication usage.  Because authentication is defined as
586       an extension in the ESMTP protocol it will be unavailable if --protocol
587       is set to a variation of SMTP.
588
589       All authentication methods require base64 encoding.  If the
590       MIME::Base64 Perl module is loadable Swaks attempts to use it to
591       perform these encodings.  If MIME::Base64 is not available Swaks will
592       use its own onboard base64 routines.  These are slower than the
593       MIME::Base64 routines and less reviewed, though they have been tested
594       thoroughly.  Using the MIME::Base64 module is encouraged.
595
596       If authentication is required (see options below for when it is and
597       isn't required) and the requirements aren't met for the authentication
598       type available, Swaks displays an error and exits.  Two ways this can
599       happen include forcing Swaks to use a specific authentication type that
600       Swaks can't use due to missing requirements, or allowing Swaks to use
601       any authentication type, but the server only advertises types Swaks
602       can't support.  In the former case Swaks errors out at option
603       processing time since it knows up front it won't be able to
604       authenticate.  In the latter case Swaks will error out at the
605       authentication stage of the SMTP transaction since Swaks will not be
606       aware that it will not be able to authenticate until that point.
607
608       Following are the supported authentication types including any
609       individual notes and requirements.
610
611       The following options affect Swaks' use of authentication.  These
612       options are all inter-related.  For instance, specifying --auth-user
613       implies --auth and --auth-password.  Specifying --auth-optional implies
614       --auth-user and --auth-password, etc.
615
616       -a, --auth [auth-type[,auth-type,...]]
617           Require Swaks to authenticate.  If no argument is given, any
618           supported auth-types advertised by the server are tried until one
619           succeeds or all fail.  If one or more auth-types are specified as
620           an argument, each that the server also supports is tried in order
621           until one succeeds or all fail.  This option requires Swaks to
622           authenticate, so if no common auth-types are found or no
623           credentials succeed, Swaks displays an error and exits.
624
625           The following tables lists the valid auth-types
626
627           LOGIN, PLAIN
628               These basic authentication types are fully supported and tested
629               and have no additional requirements
630
631           CRAM-MD5
632               The CRAM-MD5 authenticator requires the Digest::MD5 module.  It
633               is fully tested and believed to work against any server that
634               implements it.
635
636           DIGEST-MD5
637               The DIGEST-MD5 authenticator (RFC2831) requires the
638               Authen::SASL module.  Version 20100211.0 and earlier used
639               Authen::DigestMD5 which had some protocol level errors which
640               prevented it from working with some servers.  Authen::SASL's
641               DIGEST-MD5 handling is much more robust.
642
643               The DIGEST-MD5 implementation in Swaks is fairly immature.  It
644               currently supports only the "auth" qop type, for instance.  If
645               you have DIGEST-MD5 experience and would like to help Swaks
646               support DIGEST-MD5 better, please get in touch with me.
647
648               The DIGEST-MD5 protocol's "realm" value can be set using the
649               --auth-extra "realm" keyword.  If no realm is given, a
650               reasonable default will be used.
651
652               The DIGEST-MD5 protocol's "digest-uri" values can be set using
653               the --auth-extra option.  For instance, you could create the
654               digest-uri-value of "lmtp/mail.example.com/example.com" with
655               the option "--auth-extra
656               dmd5-serv-type=lmtp,dmd5-host=mail.example.com,dmd5-serv-name=example.com".
657               The "digest-uri-value" string and its components is defined in
658               RFC2831.  If none of these values are given, reasonable
659               defaults will be used.
660
661           CRAM-SHA1
662               The CRAM-SHA1 authenticator requires the Digest::SHA module.
663               This type has only been tested against a non-standard
664               implementation on an Exim server and may therefore have some
665               implementation deficiencies.
666
667           NTLM/SPA/MSN
668               These authenticators require the Authen::NTLM module.  Note
669               that there are two modules using the Authen::NTLM namespace on
670               CPAN.  The Mark Bush implementation (Authen/NTLM-1.03.tar.gz)
671               is the version required by Swaks.  This type has been tested
672               against Exim, Communigate, and Exchange 2007.
673
674               In addition to the standard username and password, this
675               authentication type can also recognize a "domain".  The domain
676               can be set using the --auth-extra "domain" keyword.  Note that
677               this has never been tested with a mail server that doesn't
678               ignore DOMAIN so this may be implemented incorrectly.
679
680       -ao, --auth-optional [auth-type[,auth-type,...]]
681           This option behaves identically to --auth except that it requests
682           authentication rather than requiring it.  If no common auth-types
683           are found or no credentials succeed, Swaks proceeds as if
684           authentication had not been requested.
685
686       -aos, --auth-optional-strict [auth-type[,auth-type,...]]
687           This option is a compromise between --auth and --auth-optional.  If
688           no common auth-types are found, Swaks behaves as if --auth-optional
689           were specified and proceeds with the transaction.  If Swaks can't
690           support requested auth-type, the server doesn't advertise any
691           common auth-types, or if no credentials succeed, Swaks behaves as
692           if --auth were used and exits with an error.
693
694       -au, --auth-user [username]
695           Provide the username to be used for authentication, or prompt the
696           user for it if no argument is provided.  The string <> can be
697           supplied to mean an empty username.
698
699       -ap, --auth-password [password]
700           Provide the password to be used for authentication, or prompt the
701           user for it if no argument is provided.  The string <> can be
702           supplied to mean an empty password.
703
704       -ae, --auth-extra [KEYWORD=value[,...]]
705           Some of the authentication types allow extra information to be
706           included in the authentication process.  Rather than add a new
707           option for every nook and cranny of each authenticator, the
708           --auth-extra option allows this information to be supplied.
709
710           The following table lists the currently recognized keywords and the
711           authenticators that use them
712
713           realm, domain
714               The realm and domain keywords are synonymous.  Using either
715               will set the "domain" option in NTLM/MSN/SPA and the "realm"
716               option in DIGEST-MD5
717
718           dmd5-serv-type
719               The dmd5-serv-type keyword is used by the DIGEST-MD5
720               authenticator and is used, in part, to build the digest-uri-
721               value string (see RFC2831)
722
723           dmd5-host
724               The dmd5-host keyword is used by the DIGEST-MD5 authenticator
725               and is used, in part, to build the digest-uri-value string (see
726               RFC2831)
727
728           dmd5-serv-name
729               The dmd5-serv-name keyword is used by the DIGEST-MD5
730               authenticator and is used, in part, to build the digest-uri-
731               value string (see RFC2831)
732
733       -am, --auth-map [auth-alias=auth-type[,...]]
734           Provides a way to map alternate names onto base authentication
735           types.  Useful for any sites that use alternate names for common
736           types.  This functionality is actually used internally to map types
737           SPA and MSN onto the base type NTLM.  The command line argument to
738           simulate this would be "--auth-map SPA=NTLM,MSN=NTLM".  All of the
739           auth-types listed above are valid targets for mapping except SPA
740           and MSN.
741
742       -apt, --auth-plaintext
743           Instead of showing AUTH strings base64 encoded as they are
744           transmitted, translate them to plaintext before printing on screen.
745
746       -ahp, --auth-hide-password [replacement string]
747           If this option is specified, any time a readable password would be
748           printed to the terminal (specifically AUTH PLAIN and AUTH LOGIN)
749           the password is replaced with the string 'PROVIDED_BUT_REMOVED' (or
750           the contents of "replacement string" if provided).  The dummy
751           string may or may not be base64 encoded, contingent on the
752           --auth-plaintext option.
753
754           Note that --auth-hide-password is similar, but not identical, to
755           the --protect-prompt option.  The former protects passwords from
756           being displayed in the SMTP transaction regardless of how they are
757           entered.  The latter protects sensitive strings when the user types
758           them at the terminal, regardless of how the string would be used.
759

XCLIENT OPTIONS

761       XCLIENT is an SMTP extension introduced by the Postfix project.
762       XCLIENT allows a (properly-authorized) client to tell a server to use
763       alternate information, such as IP address or hostname, for the client.
764       This allows much easier paths for testing mail server configurations.
765       Full details on the protocol are available at
766       http://www.postfix.org/XCLIENT_README.html.
767
768       The XCLIENT verb can be passed to the server multiple times per SMTP
769       session with different attributes.  For instance, HELO and PROTO might
770       be passed in one call and NAME and ADDR passed in a second. Because it
771       can be useful for testing, Swaks exposes some control over how the
772       attributes are grouped and in what order they are passed to the server.
773       The different options attempt to expose simplicity for those using
774       Swaks as a client, and complexity for those using Swaks to test
775       installs.
776
777       --xclient-addr [VALUE]
778       --xclient-name [VALUE]
779       --xclient-port [VALUE]
780       --xclient-proto [VALUE]
781       --xclient-destaddr [VALUE]
782       --xclient-destport [VALUE]
783       --xclient-helo [VALUE]
784       --xclient-login [VALUE]
785       --xclient-reverse-name [VALUE]
786           These options specify XCLIENT attributes that should be sent to the
787           target server.  If [VALUE] is not provided, Swaks will prompt and
788           read the value on STDIN.  See
789           http://www.postfix.org/XCLIENT_README.html for official
790           documentation for what the attributes mean and their possible
791           values, including the special "[UNAVAILABLE]" and "[TEMPUNAVAIL]"
792           values.
793
794           By way of simple example, setting "--xclient-name foo.example.com
795           --xclient-addr 192.168.1.1" will cause Swaks to send the SMTP
796           command "XCLIENT NAME=foo.example.com ADDR=192.168.1.1".
797
798           Note that the "REVERSE_NAME" attribute doesn't seem to appear in
799           the official documentation.  There is a mailing list thread that
800           documents it, viewable at
801           http://comments.gmane.org/gmane.mail.postfix.user/192623.
802
803           These options can all be mixed with each other, and can be mixed
804           with the --xclient option (see below). By default all attributes
805           will be combined into one XCLIENT call, but see --xclient-delim.
806
807       --xclient-delim
808           When this option is specified, it indicates a break in XCLIENT
809           attributes to be sent.  For instance, setting "--xclient-helo 'helo
810           string' --xclient-delim --xclient-name foo.example.com
811           --xclient-addr 192.168.1.1" will cause Swaks to send two XCLIENT
812           calls, "XCLIENT HELO=helo+20string" and "XCLIENT
813           NAME=foo.example.com ADDR=192.168.1.1".  This option is ignored
814           where it doesn't make sense (at the start or end of XCLIENT
815           options, by itself, consecutively, etc).
816
817       --xclient [XCLIENT_STRING]
818           This is the "free form" XCLIENT option.  Whatever value is provided
819           for XCLIENT_STRING will be sent verbatim as the argument to the
820           XCLIENT SMTP command.  For example, if "--xclient 'NAME=
821           ADDR=192.168.1.1 FOO=bar'" is used, Swaks will send the SMTP
822           command "XCLIENT NAME= ADDR=192.168.1.1 FOO=bar".  If no
823           XCLIENT_STRING is passed on command line, Swaks will prompt and
824           read the value on STDIN.
825
826           The primary advantage to this over the more specific options above
827           is that there is no XCLIENT syntax validation here.  This allows
828           you to send invalid XCLIENT to the target server for testing.
829           Additionally, at least one MTA (Message Systems' Momentum, formerly
830           ecelerity) implements XCLIENT without advertising supported
831           attributes.  The --xclient option allows you to skip the "supported
832           attributes" check when communicating with this type of MTA (though
833           see also --xclient-no-verify).
834
835           The --xclient option can be mixed freely with the --xclient-*
836           options above.  If "--xclient-addr 192.168.0.1 --xclient 'FOO=bar
837           NAME=wind'" is given to Swaks, "XCLIENT ADDR=192.168.0.1 FOO=bar
838           NAME=wind" will be sent to the target server.
839
840       --xclient-no-verify
841           Do not enforce the requirement that an XCLIENT attribute must be
842           advertised by the server in order for Swaks to send it in an
843           XCLIENT command.  This is to support servers which don't advertise
844           the attributes but still support them.
845
846       --xclient-before-starttls
847           If Swaks is configured to attempt both XCLIENT and STARTTLS, it
848           will do STARTTLS first.  If this option is specified it will
849           attempt XCLIENT first.
850
851       --xclient-optional
852       --xclient-optional-strict
853           In normal operation, setting one of the --xclient* options will
854           require a successful XCLIENT transaction to take place in order to
855           proceed (that is, XCLIENT needs to be advertised, all the user-
856           requested attributes need to have been advertised, and the server
857           needs to have accepted Swaks' XCLIENT request).  These options
858           change that behavior.  --xclient-optional tells Swaks to proceed
859           unconditionally past the XCLIENT stage of the SMTP transaction,
860           regardless of whether it was successful.  --xclient-optional-strict
861           is similar but more granular.  The strict version will continue to
862           XCLIENT was not advertised, but will fail if XCLIENT was attempted
863           but did not succeed.
864

PROXY OPTIONS

866       Swaks implements the Proxy protocol as defined in
867       http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt.  Proxy
868       allows an application load balancer, such as HAProxy, to be used in
869       front of an MTA while still allowing the MTA access to the originating
870       host information.  Proxy support in Swaks allows direct testing of an
871       MTA configured to expect requests from a proxy, bypassing the proxy
872       itself during testing.
873
874       Swaks makes no effort to ensure that the Proxy options used are
875       internally consistent.  For instance, --proxy-family (in version 1) is
876       expected to be one of "TCP4" or "TCP6".  While it will likely not make
877       sense to the target server, Swaks makes no attempt to ensure that
878       --proxy-source and --proxy-dest are in the same protocol family as
879       --proxy-family or each other.
880
881       The --proxy option is mutually exclusive with all other --proxy-*
882       options except --proxy-version.
883
884       When --proxy is not used, all of --proxy-family, --proxy-source,
885       --proxy-source-port, --proxy-dest, and --proxy-dest-port are required.
886       Additionally, when --proxy-version is 2, --proxy-protocol and
887       --proxy-command are optional.
888
889       --proxy-version [ 1 | 2 ]
890           Whether to use version 1 (human readable) or version 2 (binary) of
891           the Proxy protocol.  Version 1 is the default.  Version 2 is only
892           implemented through the "address block", and is roughly on par with
893           the information provided in version 1.
894
895       --proxy [VALUE]
896           If this option is used, its argument is passed unchanged after the
897           "PROXY " portion (or the 12-byte protocol header for version 2) of
898           the Proxy exchange.  This option allows sending incomplete or
899           malformed Proxy strings to a target server for testing.  No attempt
900           to translate or modify this string is made, so if used with
901           "--proxy-version 2" the argument should be in the appropriate
902           binary format.  This option is mutually exclusive with all other
903           --proxy-* options which provide granular proxy information.
904
905       --proxy-family [VALUE]
906           For version 1, specifies both the address family and transport
907           protocol.  The protocol defines TCP4 and TCP6.
908
909           For version 2, specifies only the address family.  The protocol
910           defines AF_UNSPEC, AF_INET, AF_INET6, and AF_UNIX.
911
912       --proxy-protocol [VALUE]
913           For version 2, specifies the transport protocol.  The protocol
914           defines UNSPEC, STREAM, and DGRAM.  The default is STREAM.  This
915           option is unused in version 1
916
917       --proxy-command [VALUE]
918           For version 2, specifies the transport protocol.  The protocol
919           defines LOCAL and PROXY.  The default is PROXY.  This option is
920           unused in version 1
921
922       --proxy-source [VALUE]
923           Specify the source address of the proxied connection.
924
925       --proxy-source-port [VALUE]
926           Specify the source port of the proxied connection.
927
928       --proxy-dest [VALUE]
929           Specify the destination address of the proxied connection.
930
931       --proxy-dest-port [VALUE]
932           Specify the destination port of the proxied connection.
933

DATA OPTIONS

935       These options pertain to the contents for the DATA portion of the SMTP
936       transaction.
937
938       -d, --data [data-portion]
939           Use argument as the entire contents of DATA, or prompt user if no
940           argument specified.  If the argument '-' is provided the data will
941           be read from STDIN.  If any other argument is provided and it
942           represents the name of an open-able file, the contents of the file
943           will be used.  Any other argument will be itself for the DATA
944           contents.
945
946           The value can be on one single line, with \n (ASCII 0x5c, 0x6e)
947           representing where line breaks should be placed.  Leading dots will
948           be quoted.  Closing dot is not required but is allowed.  The
949           default value for this option is "Date: %DATE%\nTo:
950           %TO_ADDRESS%\nFrom: %FROM_ADDRESS%\nSubject: test
951           %DATE%\nMessage-Id: <%MESSAGEID%>\nX-Mailer: swaks v%SWAKS_VERSION
952           jetmore.org/john/code/swaks/\n%NEW_HEADERS%\n%BODY%\n".
953
954           Very basic token parsing is performed on the DATA portion.  The
955           following table shows the recognized tokens and their replacement
956           values:
957
958           %FROM_ADDRESS%
959               Replaced with the envelope-sender.
960
961           %TO_ADDRESS%
962               Replaced with the envelope-recipient(s).
963
964           %DATE%
965               Replaced with the current time in a format suitable for
966               inclusion in the Date: header.  Note this attempts to use the
967               standard module Time::Local for timezone calculations.  If this
968               module is unavailable the date string will be in GMT.
969
970           %MESSAGEID%
971               Replaced with a message ID string suitable for use in a
972               Message-Id header.  The value for this token will remain
973               consistent for the life of the process.
974
975           %SWAKS_VERSION%
976               Replaced with the version of the currently-running Swaks
977               process.
978
979           %NEW_HEADERS%
980               Replaced with the contents of the --add-header option.  If
981               --add-header is not specified this token is simply removed.
982
983           %BODY%
984               Replaced with the value specified by the --body option.  See
985               --body for default.
986
987       -dab, --dump-as-body [section[,section]]
988           If --dump-as-body is used and no other option is used to change the
989           default body of the message, the body is replaced with output
990           similar to the output of what is provided by --dump.  --dump's
991           initial program capability stanza is not displayed, and the "data"
992           section is not included.  Additionally, --dump always includes
993           passwords.  By default --dump-as-body does not include passwords,
994           though this can be changed with --dump-as-body-shows-password.
995           --dump-as-body takes the same arguments as --dump except the
996           SUPPORT and DATA arguments are not supported.
997
998       -dabsp, --dump-as-body-shows-password
999           Cause --dump-as-body to include plaintext passwords.  This option
1000           is not recommended.  This option implies --dump-as-body.
1001
1002       --body [body-specification]
1003           Specify the body of the email.  The default is "This is a test
1004           mailing".  If no argument to --body is given, prompt to supply one
1005           interactively.  If '-' is supplied, the body will be read from
1006           standard input.  If any other text is provided and the text
1007           represents an open-able file, the content of that file is used as
1008           the body.  If it does not represent an open-able file, the text
1009           itself is used as the body.
1010
1011           If the message is forced to MIME format (see --attach) the argument
1012           to this option will be included unencoded as the first MIME part.
1013           Its content-type will always be text/plain.
1014
1015       --attach [attachment-specification]
1016           When one or more --attach option is supplied, the message is
1017           changed into a multipart/mixed MIME message.  The arguments to
1018           --attach are processed the same as --body with respect to STDIN,
1019           file contents, etc.  --attach can be supplied multiple times to
1020           create multiple attachments.  By default, each attachment is
1021           attached as an application/octet-stream file.  See --attach-type
1022           for changing this behavior.
1023
1024           If a filename is specified, the MIME encoding will include that
1025           file name.  See --attach-name for more detail on file naming.
1026
1027           It is legal for '-' (STDIN) to be specified as an argument multiple
1028           times (once for --body and multiple times for --attach).  In this
1029           case, the same content will be attached each time it is specified.
1030           This is useful for attaching the same content with multiple MIME
1031           types.
1032
1033       --attach-type [mime-type]
1034           By default, content that gets MIME attached to a message with the
1035           --attach option is encoded as application/octet-stream.
1036           --attach-type changes the mime type for every --attach option which
1037           follows it.  It can be specified multiple times.
1038
1039       --attach-name [name]
1040           This option sets the filename that will be included in the MIME
1041           part created for the next --attach option.  If no argument is set
1042           for this option, it causes no filename information to be included
1043           for the next MIME part, even if Swaks could generate it from the
1044           local file name.
1045
1046       -ah, --add-header [header]
1047           This option allows headers to be added to the DATA.  If %H is
1048           present in the DATA it is replaced with the argument to this
1049           option.  If %H is not present, the argument is inserted between the
1050           first two consecutive newlines in the DATA (that is, it is inserted
1051           at the end of the existing headers).
1052
1053           The option can either be specified multiple times or a single time
1054           with multiple headers separated by a literal '\n' string.  So,
1055           "--add-header 'Foo: bar' --add-header 'Baz: foo'" and "--add-header
1056           'Foo: bar\nBaz: foo'" end up adding the same two headers.
1057
1058       --header [header-and-data], --h-Header [data]
1059           These options allow a way to change headers that already exist in
1060           the DATA.  '--header "Subject: foo"' and '--h-Subject foo' are
1061           equivalent.  If the header does not already exist in the data then
1062           this argument behaves identically to --add-header.  However, if the
1063           header already exists it is replaced with the one specified.
1064
1065       -g  If specified, Swaks will read the DATA value for the mail from
1066           STDIN.  This is equivalent to "--data -".  If there is a From_ line
1067           in the email, it will be removed (but see -nsf option).  Useful for
1068           delivering real message (stored in files) instead of using example
1069           messages.
1070
1071       --no-data-fixup, -ndf
1072           This option forces Swaks to do no massaging of the DATA portion of
1073           the email.  This includes token replacement, From_ stripping,
1074           trailing-dot addition, --body/attachment inclusion, and any header
1075           additions.  This option is only useful when used with --data, since
1076           the internal default DATA portion uses tokens.
1077
1078       --no-strip-from, -nsf
1079           Don't strip the From_ line from the DATA portion, if present.
1080

OUTPUT OPTIONS

1082       Swaks provides a transcript of its transactions to its caller
1083       (STDOUT/STDERR) by default.  This transcript aims to be as faithful a
1084       representation as possible of the transaction though it does modify
1085       this output by adding informational prefixes to lines and by providing
1086       plaintext versions of TLS transactions
1087
1088       The "informational prefixes" are referred to as transaction hints.
1089       These hints are initially composed of those marking lines that are
1090       output of Swaks itself, either informational or error messages, and
1091       those that indicate a line of data actually sent or received in a
1092       transaction.  This table indicates the hints and their meanings:
1093
1094       "==="
1095           Indicates an informational line generated by Swaks
1096
1097       "***"
1098           Indicates an error generated within Swaks
1099
1100       " ->"
1101           Indicates an expected line sent by Swaks to target server
1102
1103       " ~>"
1104           Indicates a TLS-encrypted, expected line sent by Swaks to target
1105           server
1106
1107       "**>"
1108           Indicates an unexpected line sent by Swaks to the target server
1109
1110       "*~>"
1111           Indicates a TLS-encrypted, unexpected line sent by Swaks to target
1112           server
1113
1114       "  >"
1115           Indicates a raw chunk of text sent by Swaks to a target server (see
1116           --show-raw-text).  There is no concept of "expected" or
1117           "unexpected" at this level.
1118
1119       "<- "
1120           Indicates an expected line sent by target server to Swaks
1121
1122       "<~ "
1123           Indicates a TLS-encrypted, expected line sent by target server to
1124           Swaks
1125
1126       "<**"
1127           Indicates an unexpected line sent by target server to Swaks
1128
1129       "<~*"
1130           Indicates a TLS-encrypted, unexpected line sent by target server to
1131           Swaks
1132
1133       "<  "
1134           Indicates a raw chunk of text received by Swaks from a target
1135           server (see --show-raw-text).  There is no concept of "expected" or
1136           "unexpected" at this level.
1137
1138       The following options control what and how output is displayed to the
1139       caller.
1140
1141       -n, --suppress-data
1142           Summarizes the DATA portion of the SMTP transaction instead of
1143           printing every line.  This option is very helpful, bordering on
1144           required, when using Swaks to send certain test emails.  Emails
1145           with attachments, for instance, will quickly overwhelm a terminal
1146           if the DATA is not suppressed.
1147
1148       -stl, --show-time-lapse [i]
1149           Display time lapse between send/receive pairs.  This option is most
1150           useful when Time::HiRes is available, in which case the time lapse
1151           will be displayed in thousandths of a second.  If Time::HiRes is
1152           unavailable or "i" is given as an argument the lapse will be
1153           displayed in integer seconds only.
1154
1155       -nih, --no-info-hints
1156           Don't display the transaction hint for informational transactions.
1157           This is most useful when needing to copy some portion of the
1158           informational lines, for instance the certificate output from
1159           --tls-get-peer-cert.
1160
1161       -nsh, --no-send-hints
1162       -nrh, --no-receive-hints
1163       -nth, --no-hints
1164           --no-send-hints and --no-receive-hints suppress the transaction
1165           prefix from send and receive lines, respectively.  This is often
1166           useful when copying some portion of the transaction for use
1167           elsewhere (for instance, "--no-send-hints --hide-receive
1168           --hide-informational" is a useful way to get only the client-side
1169           commands for a given transaction).  --no-hints is identical to
1170           specifying both --no-send-hints and --no-receive-hints.
1171
1172           Don't show transaction hints (useful in conjunction with -hr to
1173           create copy/paste-able transactions).
1174
1175       -raw, --show-raw-text
1176           This option will print a hex dump of raw data sent and received by
1177           Swaks.  Each hex dump is the contents of a single read or write on
1178           the network.  This should be identical to what is already being
1179           displayed (with the exception of the \r characters being removed).
1180           This option is useful in seeing details when servers are sending
1181           lots of data in single packets, or breaking up individual lines
1182           into multiple packets.  If you really need to go in depth in that
1183           area you're probably better with a packet sniffer, but this option
1184           is a good first step to seeing odd connection issues.
1185
1186       --output, --output-file </path/to/file>
1187       --output-file-stdout </path/to/file>
1188       --output-file-stderr </path/to/file>
1189           These options allow the user to send output to files instead of
1190           STDOUT/STDERR.  The first option sends both to the same file.  The
1191           arguments of &STDOUT and &STDERR are treated specially, referring
1192           to the "normal" file handles, so "--output-file-stderr '&STDOUT'"
1193           would redirect STDERR to STDOUT.  These options are honored for all
1194           output except --help and --version.
1195
1196       -pp, --protect-prompt
1197           Don't echo user input on prompts that are potentially sensitive
1198           (right now only authentication password).  See also
1199           --auth-hide-password
1200
1201       -hr, --hide-receive
1202           Don't display lines sent from the remote server being received by
1203           Swaks
1204
1205       -hs, --hide-send
1206           Don't display lines being sent by Swaks to the remote server
1207
1208       -hi, --hide-informational
1209           Don't display non-error informational lines from Swaks itself.
1210
1211       -ha, --hide-all
1212           Do not display any content to the terminal.
1213
1214       -S, --silent [level]
1215           Cause Swaks to be silent.  If no argument is given or if an
1216           argument of "1" is given, print no output unless/until an error
1217           occurs, after which all output is shown.  If an argument of "2" is
1218           given, only print errors.  If "3" is given, show no output ever.
1219           --silent affects most output but not all.  For instance, --help,
1220           --version, --dump, and --dump-mail are not affected.
1221
1222       --support
1223           Print capabilities and exit.  Certain features require non-standard
1224           Perl modules.  This option evaluates whether these modules are
1225           present and displays which functionality is available and which
1226           isn't, and which modules would need to be added to gain the missing
1227           functionality.
1228
1229       --dump-mail
1230           Cause Swaks to process all options to generate the message it would
1231           send, then print that message to STDOUT instead of sending it.
1232           This output is identical to the "data" section of --dump, except
1233           without the trailing dot.
1234
1235       --dump [section[,section]]
1236           This option causes Swaks to print the results of option processing,
1237           immediately before mail would have been sent.  No mail will be sent
1238           when --dump is used.  Note that --dump is a pure self-diagnosis
1239           tool and no effort is made or will ever be made to mask passwords
1240           in the --dump output. If a section is provided as an argument to
1241           this option, only the requested section will be shown.  Currently
1242           supported arguments are SUPPORT, APP, OUTPUT, TRANSPORT, PROTOCOL,
1243           XCLIENT, PROXY, TLS, AUTH, DATA, and ALL.  If no argument is
1244           provided, all sections are displayed
1245
1246       --help
1247           Display this help information.
1248
1249       --version
1250           Display version information.
1251

PORTABILITY

1253       OPERATING SYSTEMS
1254           This program was primarily intended for use on UNIX-like operating
1255           systems, and it should work on any reasonable version thereof.  It
1256           has been developed and tested on Solaris, Linux, and Mac OS X and
1257           is feature complete on all of these.
1258
1259           This program is known to demonstrate basic functionality on Windows
1260           using ActiveState's Perl.  It has not been fully tested.  Known to
1261           work are basic SMTP functionality and the LOGIN, PLAIN, and
1262           CRAM-MD5 auth types.  Unknown is any TLS functionality and the
1263           NTLM/SPA and DIGEST-MD5 auth types.
1264
1265           Because this program should work anywhere Perl works, I would
1266           appreciate knowing about any new operating systems you've
1267           thoroughly used Swaks on as well as any problems encountered on a
1268           new OS.
1269
1270       MAIL SERVERS
1271           This program was almost exclusively developed against Exim mail
1272           servers.  It has been used casually by the author, though not
1273           thoroughly tested, with Sendmail, Smail, Exchange, Oracle
1274           Collaboration Suite, qpsmtpd, and Communigate.  Because all
1275           functionality in Swaks is based on known standards it should work
1276           with any fairly modern mail server.  If a problem is found, please
1277           alert the author at the address below.
1278

EXIT CODES

1280       0   no errors occurred
1281
1282       1   error parsing command line options
1283
1284       2   error connecting to remote server
1285
1286       3   unknown connection type
1287
1288       4   while running with connection type of "pipe", fatal problem writing
1289           to or reading from the child process
1290
1291       5   while running with connection type of "pipe", child process died
1292           unexpectedly.  This can mean that the program specified with --pipe
1293           doesn't exist.
1294
1295       6   Connection closed unexpectedly.  If the close is detected in
1296           response to the 'QUIT' Swaks sends following an unexpected
1297           response, the error code for that unexpected response is used
1298           instead.  For instance, if a mail server returns a 550 response to
1299           a MAIL FROM: and then immediately closes the connection, Swaks
1300           detects that the connection is closed, but uses the more specific
1301           exit code 23 to detail the nature of the failure.  If instead the
1302           server return a 250 code and then immediately closes the
1303           connection, Swaks will use the exit code 6 because there is not a
1304           more specific exit code.
1305
1306       10  error in prerequisites (needed module not available)
1307
1308       21  error reading initial banner from server
1309
1310       22  error in HELO transaction
1311
1312       23  error in MAIL transaction
1313
1314       24  no RCPTs accepted
1315
1316       25  server returned error to DATA request
1317
1318       26  server did not accept mail following data
1319
1320       27  server returned error after normal-session quit request
1321
1322       28  error in AUTH transaction
1323
1324       29  error in TLS transaction
1325
1326       30  PRDR requested/required but not advertised
1327
1328       32  error in EHLO following TLS negotiation
1329
1330       33  error in XCLIENT transaction
1331
1332       34  error in EHLO following XCLIENT
1333
1334       35  error in PROXY option processing
1335
1336       36  error sending PROXY banner
1337

ABOUT THE NAME

1339       The name "Swaks" is a (sort-of) acronym for "SWiss Army Knife SMTP".
1340       It was chosen to be fairly distinct and pronounceable.  While "Swaks"
1341       is unique as the name of a software package, it has some other, non-
1342       software meanings.  Please send in other uses of "swak" or "swaks" for
1343       inclusion.
1344
1345       "Sealed With A Kiss"
1346           SWAK/SWAKs turns up occasionally on the internet with the meaning
1347           "with love".
1348
1349       bad / poor / ill (Afrikaans)
1350           Seen in the headline "SA se bes en swaks gekledes in 2011", which
1351           was translated as "best and worst dressed" by native speakers.
1352           Google Translate doesn't like "swaks gekledes", but it will
1353           translate "swak" as "poor" and "swak geklede" as "ill-dressed".
1354

LICENSE

1356       This program is free software; you can redistribute it and/or modify it
1357       under the terms of the GNU General Public License as published by the
1358       Free Software Foundation; either version 2 of the License, or (at your
1359       option) any later version.
1360
1361       This program is distributed in the hope that it will be useful, but
1362       WITHOUT ANY WARRANTY; without even the implied warranty of
1363       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
1364       General Public License for more details.
1365
1366       You should have received a copy of the GNU General Public License along
1367       with this program; if not, write to the Free Software Foundation, Inc.,
1368       51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
1369

CONTACT INFORMATION

1371       General contact, questions, patches, requests, etc to
1372       proj-swaks@jetmore.net.
1373
1374       Change logs, this help, and the latest version are found at
1375       http://www.jetmore.org/john/code/swaks/.
1376
1377       Swaks is crafted with love by John Jetmore from the cornfields of
1378       Indiana, United States of America.
1379

NOTIFICATIONS

1381       Email
1382           updates-swaks@jetmore.net
1383
1384           If you would like to be put on a list to receive notifications when
1385           a new version of Swaks is released, please send an email to this
1386           address.  There will not be a response to your email.
1387
1388       Website
1389           http://www.jetmore.org/john/blog/c/swaks/
1390
1391       RSS Feed
1392           http://www.jetmore.org/john/blog/c/swaks/feed/
1393
1394       Twitter
1395           http://twitter.com/SwaksSMTP
1396
1397
1398
1399perl v5.28.1                      2018-11-04                          SWAKS(1)
Impressum