> ## Documentation Index > Fetch the complete documentation index at: https://docs.abusix.com/llms.txt > Use this file to discover all available pages before exploring further. # Submitting MTA Transaction Feeds via UDP to Data Channels > A technical guide for configuring and sending real-time SMTP transaction data to Abusix via UDP to enhance Guardian Mail's accuracy and intelligence. ## **Introduction** This article explains how to feed your [MTA](https://abusix.com/glossary/mail-transfer-agent/)’s inbound [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) transaction data in real-time to Abusix, which helps improve the accuracy of our Guardian Mail product. This protocol only applies to the third wizard set-up option, “Send transaction feeds” in [app.abusix.com](https://app.abusix.com/). ## **SMTP Transaction Data** The data we request is simple to retrieve from most [MTAs](https://abusix.com/glossary/mail-transfer-agent/) and, by design, does not include any data that would cause any [privacy](https://abusix.com/glossary/privacy/) issues. Data for each [*SMTP*](https://abusix.com/glossary/simple-mail-transfer-protocol/)\_ transaction,\_ created on every [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) MAIL command, is what is requested. Ideally, this data should be sent immediately after receiving the MAIL command, provided it is only sent once per transaction. The protocol is designed as fire-and-forget [UDP](https://abusix.com/glossary/user-datagram-protocol/) to minimize overhead on your mail system. ### **Format** Each data field must be separated by a line-feed character (LF \n) without a trailing line-feed, and all data must be sent in a single [UDP](https://abusix.com/glossary/user-datagram-protocol/) packet. While all fields are required, they may also be empty if the data is unavailable. The feed receiver will discard data where (a) there are not enough line feeds, (b) the Feed ID is not recognized, or (c) the checksum does not match the checksum we compute on reception. Since this is fire-and-forget [UDP](https://abusix.com/glossary/user-datagram-protocol/), there needs to be feedback on whether the data being sent is valid and in the correct order or any acknowledgment that the data was received. | Data | Description | | :------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Feed ID | This will be provided to you by Abusix and is used to identify which feed the data is coming from and is used as a lookup key to find the shared key used to compute the checksum. | | Timestamp | The UNIX epoch time in seconds that the connection was received. | | Port | The [TCP](https://abusix.com/glossary/transmission-control-protocol/) server port that the connection was received. e.g., 25, 587, 465. This is used to distinguish between MUA->[MTA](https://abusix.com/glossary/mail-transfer-agent/) traffic and MTA->[MTA](https://abusix.com/glossary/mail-transfer-agent/) traffic. | | [IP](https://abusix.com/glossary/internet-protocol-address/) Address | [IPv4](https://abusix.com/glossary/internet-protocol-version-4/) or [IPv6](https://abusix.com/glossary/internet-protocol-version-6/) address of the [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) client. | | [rDNS](https://abusix.com/glossary/reverse-dns/) | [Reverse DNS](https://abusix.com/glossary/reverse-dns/) name of the [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) client; multiple names should be separated by commas. | | HELO | HELO/EHLO sent by the [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) client. | | ESMTP Flag | ‘Y’ if the [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) client sent EHLO, ‘N’ if the client sent ‘HELO’. | | [TLS](https://abusix.com/glossary/transport-layer-security/) Flag | ‘Y’ if the [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) client used [TLS](https://abusix.com/glossary/transport-layer-security/), ‘N’ if the client did not use [TLS](https://abusix.com/glossary/transport-layer-security/). | | AUTH Flag | ‘Y’ if the [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) client is authenticated using [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) AUTH, ‘N’ if not. | | MAIL FROM domain | The right-hand side of the ‘@’ of the [SMTP](https://abusix.com/glossary/simple-mail-transfer-protocol/) MAIL FROM command. In the case of a null-sender or an unqualified user, e.g., MAIL FROM:\ or MAIL FROM:\<>, the full argument can be sent. | | Extended JSON | For future use – this field should be empty. | | Checksum | This is an MD5 hash computed by taking all of the previous data, including the line-feed separators, including a trailing line-feed, along with the shared key supplied to you by Abusix added to this. e.g.  checksum = data + “\n” + shared key Once this is computed, the following is then sent over the [UDP](https://abusix.com/glossary/user-datagram-protocol/) socket to the feed receiver: data + “\n” + checksum |   **Example** Here is an example of the data showing each field and the format. Line feeds are shown as ”\n” for illustration purposes: ``` txnNNN\n 1540299376001\n 25\n 127.0.0.1\n localhost\n this.is.a.test.helo\n N\n N\n N\n test.com\n \n 8c86e0ab24415f726e4def79ce9502c5 ``` ### **Transport** After completing all the Data Channel configuration steps in [app.abusix.com](https://app.abusix.com/), you can send us the data. First, verify connectivity by running the following command: ``` $ nc -v -u -z -w 3 smtp-rttf.abusix.com 12211 Connection to smtp-rttf.abusix.com 12211 port [udp/*] succeeded! ``` ## **Example Code** We provide example code for Exim and a fully functioning [Postfix Policy daemon](https://github.com/abusix/abusix_ppd), written in Node.js, which can be used with any version of Postfix. These examples may also be used to write an integration with any [MTA](https://abusix.com/glossary/mail-transfer-agent/) in any programming language. ### **Exim** Each distro package in Exim is different, so you **will** likely need to customize this appropriately for your installation. This is what I did on **Debian/Ubuntu Linux**. In `/etc/exim4/conf.d/acl/00_exim4-config-header` – I added the following lines to the top (as macros); these must appear before the “`begin acl`” directive: `ABUSIX_HOST=smtp-rttf.abusix.com` `ABUSIX_PORT=12211` `ABUSIX_FEED_ID=` `ABUSIX_FEED_KEY=` Then in `30_exim4_config_check_mail` we want the “`udpsend`” to run for every message, accepted or not: ``` ### acl/30_exim4-config_check_mail ############################## ### # This access control list is used for every MAIL command in an incoming # SMTP message. The tests are run in order until the address is either # accepted or denied. acl_check_mail: accept set acl_m_txnfeedraw = ABUSIX_FEED_ID\n${tod_epoch}\n${received_port}\n${sender_host_address}\n${sender_host_name}\n${sender_helo_name}\n${if eq{${substr{0}{1}{${received_protocol}}}}{e} {Y}{N}}\n${if eq {$tls_in_bits}{0} {N}{Y}}\n${if eq {$authenticated_id}{}{N}{Y}}\n${sender_address_domain}\n\n set acl_m_txnfeedkey = ${acl_m_txnfeedraw}ABUSIX_FEED_KEY set acl_m_txnfeed = ${acl_m_txnfeedraw}${md5:${acl_m_txnfeedkey}} udpsend = ABUSIX_HOST:ABUSIX_PORT:${acl_m_txnfeed} ``` ### **Postfix** The following linked [Postfix Policy daemon](https://github.com/abusix/abusix_ppd) is written in Node.js, is fully functional, and can be used with any version of Postfix. ## **Sending Abusix your “Spamtrap” or “This Is Spam” messages** If you wish to send Abusix, your “Spamtrap” or “This Is [Spam](https://abusix.com/glossary/spam/)” messages, see Submitting data via email to Data Channels and Submitting data via email to Data Channels