Qsmtp is a drop in replacement for the qmail SMTP programs qmail-smtpd and qmail-remote. That means you just change your startup scripts to use Qsmtpd instead of qmail-smtpd and most things will work as before. The main difference (beyond the new features) is that Qsmtpd does only look at the custom tcpserver environment variables one may configure in the rules file, therefore setting RELAYCLIENT will not work. You can use /var/qmail/control/relayclients and /var/qmail/control/relayclients6 to get the same behaviour. Use the addipbl command to add addresses to these files. If you want to use Qremote instead of qmail-remote just move your qmail-remote binary out of the way and create a symlink from Qremote to qmail-remote.
The initial point was a heavily patched qmail-smtpd to get some decent antispam features. This was then rewritten from scratch into a new binary that was designed to allow easy extension to new mail filters. Another design goal was to be 100% IPv6 clean.
As usual there is no guarantee for this software. But bad things became unlikely with it. I have some hosts running Qsmtp (both Qsmtpd and Qremote) since 2005. The last time Qsmtpd started eating up my CPU time has been fixed with version 0.4 (released 2005). These are "real" hosts, receiving at least 300 mails per day each from the internet. The total amount of mail connections is at least 100,000 per month where the mayority is blocked for one or the other reason.
Qsmtp is released under GNU GPL version 2.
You may ask: why should I use it? The benefits are:
These are the requirements to your system and your installed software to run Qsmtpd:
The latest version is Qsmtp 0.38. You can always get the latest snapshot of the development from the git repository mirror at https://github.com/DerDakon/Qsmtp/. New releases will be announced on the qsmtp-announce mailing list. You can subscribe by sending an empty mail to qsmtp-announce-subscribe@opensource.sf-tec.de. The installation instructions will help you to get it running.
Security: users of versions 0.21 and before or of the svn version before r1378 are vulnerable to CVE-2011-1431 if they are using Qsmtpd with STARTTLS. An upgrade is strongly recommended.
Versions before 0.35 can affected by an endless loop when long network replies without spaces are about to be send. This has been observed in combination with SPF explanation strings. This can result in a DoS.
These are the things I would like to see in Qsmtp sometime. They are in no particular order. If you would like to see them quickly feel free to send money or patches.