msmtp 1.8.4 is released


This version adds support for the OAUTHBEARER authentication method and fixes a few minor bugs.



The git repository contains new support for the OAUTHBEARER authentication method, formerly known as XOAUTH2, a method pushed mainly by Google.
This means msmtp can now use an OAuth2 token for authentication by setting auth oauthbearer in the configuration file. The token is typically passed to msmtp via the passwordeval command since it changes regularly.
However, msmtp does not provide a way to generate such a token. This depends on your mail provider.
Since I do not use this method myself, it would be great if you could test this feature and maybe document how to generate the necessary token for your mail provider, so that I can add examples to the documentation.
Looking forward to your feedback!

Source code moved


The source code moved to, see the updated download instructions.
The reason is that gitlab vanished from Debian stable and there is no working upgrade path to the version in Debian backports. Sorry for the inconvenience.

msmtp 1.8.3 is released


This version fixes a security problem that affects version 1.8.2 (older versions are not affected): when the new default value system for tls_trust_file is used, the result of certificate verification was not properly checked.

Update 2019-02-14: This problem has been assigned CVE-2019-8337. This is the patch that fixes it (included in version 1.8.3).

msmtp 1.8.2 is released


This version simplifies configuration:

Additionally, there are several code cleanups and updates, and translations are now handled by the Translation Project. Many thanks to the translators!

msmtp 1.8.1 is released


This version fixes a bug that broke TLS 1.3 support.

If you do not want to upgrade to the 1.8 series yet but you need TLS 1.3 support, you can apply this patch to msmtp version 1.6.8 or 1.4.32.

msmtp 1.8.0 is released


This is the first release of the new stable release series. Noteworthy changes since 1.6.8:

msmtp 1.8.0rc1 is released


This is a release candidate for the upcoming 1.8.x stable release series. The following changes were made:

Using msmtp with OpenSSL is discouraged, please use GnuTLS


It is recommended to use msmtp with GnuTLS instead of OpenSSL. The upcoming version of msmtp will not use OpenSSL automatically anymore, and if you choose it manually, you will get a warning.

The reason for this is that the OpenSSL-related code in msmtp is essentially unmaintained. I don't work on it myself anymore, and the last time somebody sent a patch was 8 years ago. As a result, if you use msmtp with OpenSSL today, you don't get support for TLS SNI, --tls-priorities, --tls-crl-file, or --tls-min-dh-prime-bits.

The code is hard to read, maintain, and improve due to severe limitations in the usability and documentation of the OpenSSL API. A few examples:

Complexity is the enemy of security. I have given up on OpenSSL years ago and will not work to improve and update the OpenSSL-related code in msmtp. If someone wants to do that work, I will accept patches, but I will continue to recommend using GnuTLS instead. If the OpenSSL support in msmtp remains in its current state, it will eventually be removed.

New experimental feature: msmtpd, a minimal SMTP server


There is an experimental new feature in the git repository: msmtpd, a minimal SMTP server that listens on a local interface and pipes each incoming mail to msmtp (or a different program).
It is intended to be used with system services that expect an SMTP server on the local host and cannot be configured to use the sendmail interface that msmtp provides.
If you are interested, use configure --with-msmtpd to enable it, and let us know what you think.

msmtp 1.6.8 is released


New in this release:

msmtp 1.6.7 is released


New in this release:

Repository mirror


The main git repository at is now mirrored at

Project moved


After many years, this project moved from Sourceforge to a self-hosted gitlab instance:

Older news are stored in the news archive.