ucspi-tcp is djb's implementation of UNIX Client-Server Program Interface using TCP.

ucspi-tcp is djb's implementation of UNIX Client-Server Program Interface using TCP. It's used on our server to manage what IPs are allowed to connect to the SMTP service(s) as well as passing any environment variables that those IPs might want to use.

Download the source tarball:

cd /package
wget https://www.fehcom.de/ipnet/ucspi-tcp6/ucspi-tcp6-1.06a.tgz
tar xzf ucspi-tcp6-1.06a.tgz
cd host/ucspi-tcp6-1.06

This version of ucspi-tcp6 included a greetdelay patch for rblsmtpd. Since that functionality is added to qmail-smtpd later (in John Simpson's Combined Patch), there's a potential doubling up of the greetdelay. (See http://notes.sagredo.eu/node/128). However, since John's smtp run script doesn't call rblsmtpd with the "-W" flag,
Install it:


Make the directory to hold the tcpserver access rules:

mkdir /etc/tcp

Configuration for SMTP server
Edit /etc/tcp/smtp and add some rules:


Make the cdb file from the text file:

tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp
chmod 644 /etc/tcp/smtp.cdb

Rather than having to remember how to do this every time, create /etc/tcp/Makefile with (NOTE: The spacing before the "tcprules" command should be a TAB!!!!):

      tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp

Then, to recreate compile the CDB file, you simply have to run:


For Centos 7, used ucspi-ssl 0.99 from http://www.fehcom.de/ipnet/ucspi-ssl.html.

cd /package
wget http://www.fehcom.de/ipnet/ucspi-ssl/ucspi-ssl-0.99e.tgz
tar zxf ucspi-ssl-0.99e.tgz
cd host/superscript.com/net/ucspi-ssl-0.99e
package/install base



Various bits of code, scripts, and procedures were put together with information from John Simpson's qmail.jms1.net website. It's an excellent resource on managing and setting up a Qmail server.

Recent Updates

  • 11 months 3 weeks ago
  • 11 months 3 weeks ago
    Removed original versions of ucspi-tcp and ucspi-ssl and replaced them with upgraded versions. The old ones were failing PCI compliance tests by Security Metrics. ucspi-ssl also had issues installing on CentOS 7 - new version installed without issues.
  • 11 months 3 weeks ago
    1.3.7 update
  • 11 months 3 weeks ago
  • 1 year 1 hour ago