1# SMTP & LMTP transparent forwarding23Module that implements transparent forwarding of messages over SMTP.45Use in pipeline configuration:67```8deliver_to smtp tcp://127.0.0.1:53539# or10deliver_to smtp tcp://127.0.0.1:5353 {11 # Other settings, see below.12}13```1415target.lmtp can be used instead of target.smtp to16use LMTP protocol.1718Endpoint addresses use format described in [Configuration files syntax / Address definitions](/reference/config-syntax/#address-definitions).1920## Configuration directives2122```23target.smtp {24 debug no25 tls_client {26 ...27 }28 attempt_starttls yes29 require_tls no30 auth off31 targets tcp://127.0.0.1:252532 connect_timeout 5m33 command_timeout 5m34 submission_timeout 12m35}36```3738### debug _boolean_39Default: global directive value4041Enable verbose logging.4243---4445### tls_client { ... }46Default: not specified4748Advanced TLS client configuration options. See [TLS configuration / Client](/reference/tls/#client) for details.4950---5152### starttls _boolean_53Default: `yes` (`no` for `target.lmtp`)5455Use STARTTLS to enable TLS encryption. If STARTTLS is not supported56by the remote server - connection will fail.5758maddy will use `localhost` as HELO hostname before STARTTLS59and will only send its actual hostname after STARTTLS.6061### attempt_starttls _boolean_62Default: `yes` (`no` for `target.lmtp`)6364DEPRECATED: Equivalent to `starttls`. Plaintext fallback is no longer65supported.6667---6869### require_tls _boolean_70Default: `no`7172DEPRECATED: Ignored. Set `starttls yes` to use STARTLS.7374---7576### auth `off` | `plain` _username_ _password_ | `forward` | `external`77Default: `off`7879Specify the way to authenticate to the remote server.80Valid values:8182- `off` – No authentication.83- `plain` – Authenticate using specified username-password pair.84 **Don't use** this without enforced TLS (`require_tls`).85- `forward` – Forward credentials specified by the client.86 **Don't use** this without enforced TLS (`require_tls`).87- `external` – Request "external" SASL authentication. This is usually used for88 authentication using TLS client certificates. See [TLS configuration / Client](/reference/tls/#client) for details.8990---9192### targets _endpoints..._93**Required.**<br>94Default: not specified9596List of remote server addresses to use. See [Address definitions](/reference/config-syntax/#address-definitions)97for syntax to use. Basically, it is `tcp://ADDRESS:PORT`98for plain SMTP and `tls://ADDRESS:PORT` for SMTPS (aka SMTP with Implicit99TLS).100101Multiple addresses can be specified, they will be tried in order until connection to102one succeeds (including TLS handshake if TLS is required).103104---105106### connect_timeout _duration_107Default: `5m`108109Same as for target.remote.110111---112113### command_timeout _duration_114Default: `5m`115116Same as for target.remote.117118---119120### submission_timeout _duration_121Default: `12m`122123Same as for target.remote.