QmailTheQuickWay 1.2.0

7/24/2019 QmailTheQuickWay 1.2.0

1/12

qmail

the Quick Way

version 1.2.0

November 2002


2/12

Disclaimer:

The procedure defined here is solely the author's way of getting qmail runningquickly and is not a standard. The author cannot be held responsible for anydamage caused.


3/12

IntroductionqmailPurpose of the documentScenarioIntended Audience

Author

InstallationHardware RequirementPackage Requirementqmail Installationcheckpassword Installation

ConfigurationConfiguration FilesMasquerading

Multiple Local NamesVirtual DomainsAliasesRelayingStarting SMTPStarting POPStarting qmail

TestAdd userTest SMTP

Test POP

References


4/12

Introduction

qmail:

qmail is an Internet Mail Transfer Agent (MTA) for Unix like operatingsystems. qmail uses Simple Mail Transfer Protocol (SMTP) to exchangemessages with other MTAs

Purpose of the Document:

This document will guide you through installation and basic configuration ofqmail to get you started as quickly as possible. Hence the name 'qmail theQuick Way'.

The installation and configuration can be done in various ways according to

varying requirements. Different packages and patches are available that can addfeatures and flexibility to the default qmail. This document will not go intodetails of such packages and will use only basic packages required to get qmailrunning in a secure way.

This document defines installation and configuration for a typical scenario.

Scenario:

As my experience is with Red Hat Linux system, the installation andconfiguration described in the document will be based on it though it should

work with other flavors of Linux/Unix as well. xinetd is packaged with Red HatLinux so we will be using it instead of tcpserver to get the server up andrunning quickly.

All users will reside in /home directory and will be created with system tool'useradd'. The authentication system used will be flat file based using/etc/passwd.

/etc/passwdbased system may not be scalable, but speaking out of experience itcan easily handle 5000 users on a system with 128MB RAM and normal IDEdrive.

This setup is suitable for small to medium sized organizations.

Intended Audience:

System administrators and people with knowledge of Linux/Unix systemsinterested in setting up a qmail based mail server for their personal ororganizational use.

Author:

Aadish [email protected]


5/12

Installation

Hardware Requirement:

128MB RAMPII 450 MHzNormal IDE HDD (space as per requirement)Normal Motherboard with 100+ Bus speed.

Package Requirement:

A complete, functioning C development system including a compiler, systemheader files, and libraries.

qmail (ftp://cr.yp.to/software/qmail-1.03.tar.gz)

checkpassword (http://cr.yp.to/checkpwd.html)

qmail Installation:

Unpack the source archive qmail-1.03.tar.gz in /usr/local/src. We will use/usr/local/src directory to unpack any source archive through out this document.

mv qmail-1.03.tar.gz /usr/local/srccd /usr/local/srctar zxvf qmail-1.03.tar.gzcd qmail-1.03

By default qmail is installed in /var/qmail. The directory needs to be createdbefore proceeding.

mkdir /var/qmail

qmail does not run as root for security reasons. Users and groups have to becreated to run qmail. The source comes with a file INSTALL.ids the filecontains the commands to create necessary users and groups. Open the file inan editor and remove all lines except the ones required to create users for yourplatform. Execute the file creating required users and groups.

sh INSTALL.ids

Compile the qmail source and install the binaries. Execute ./config if you have aDNS server configured else run the later command, ./config-fast replacingshrestha.net.np with your domain.

make setup check./config or./config-fastshrestha.net.np


6/12

checkpassword Installation:

During a POP session a user is authenticated using 'checkpassword'. It providesa simple password verification interface. The program checkpassword is run byqmail-popup , reads the username and password handed to the POP3 daemon,

looks them up in /etc/passwd, verifies them, switches to the user's homedirectory and runs qmail-pop3d.

Unpack the source archive checkpassword-0.90.tar.gz and follow the installationsteps.

mv checkpassword-0.90.tar.gz /usr/local/srccd /usr/local/srctar zxvf checkpassword-0.90.tar.gzcd /usr/local/src/checkpassword-0.90makemake install

Note:' make install'has to be executed as root user.


7/12

Configuration

Configuration Files:

The configuration or control files reside in /var/qmail/control directory. Below isa list of most used configuration files along with their purpose.

Control File Purpose

defaulthost Default domain name

locals Domains that we deliver locally

me Default for many configuration files

rcpthosts Domains that we accept mails for

virtualdomains Virtual domains and users

Masquerading:

Assuming that the FQDN (Fully Qualified Domain Name) of your mail server is

mail.shrestha.net.np all outgoing mails of the users will appear [email protected] where mail is the hostname of the server andshrestha.net.np is the domain. To have outgoing mails of the [email protected] host masquerading is done.

Host masquerading can be performed by using the defaulthost control file.

Considering the above case the defaulthost would contain shrestha.net.np. Bydefault the content will be the content of methat is FQDN.

Multiple Local Names:

If your system is known by more than one name, e.g., all addresses of the [email protected] can also be written as [email protected] [email protected], then you need to tell qmail this so it'll know whichaddresses it should deliver locally and which messages it should accept fromremote systems.

To do this, just add all of the names to two control files: rcpthosts, which tells qmail-smtpd to accept mail addressed to these hosts, and

locals, which tells qmail-send that addresses on these hosts are to be deliveredlocally.

Virtual Domains:

Virtual domains are similar to the multiple local names, but there are someimportant differences. With qmail, virtual domains are configured in the

virtualdomains file, which consists of one or more entries of the form:

user@domain:prepend qmail converts user@domain to prepend-user@domainand treats the result as if domain was local. The user@ part is optional. If it's


8/12

omitted, the entry matches all @domain addresses. If the mail administrator ofthe domain shrestha.net.np wanted to create a virtual domain, aadish.com.np,under the administrative control of user aadish, the virtualdomains wouldcontains aadish.com.np:aadish

An incoming message to [email protected] would be rewritten as [email protected] and delivered locally .

Note: Domains listed in virtualdomainshave to be present in rcpthostsas well.

Aliases:

qmail's standard aliasing mechanism is a natural outgrowth of qmail's localdelivery mechanism. qmail local attempts to deliver a message addressed tolocalpart@host to a local user named localpart. If no matching user is found,the message is delivered to the alias user, a pseudo user on all qmail systems

whose home directory is /var/qmail/alias. For example, say you want to createan [email protected] alias that forwards messages to user aadish onshrestha.net.npdo, as user root:

echo aadish > /var/qmail/alias/.qmail-info

The following aliases need to be created for a smooth functioning of the mailsystem:

cd /var/qmail/aliasecho admin> .qmail-rootecho admin> .qmail-postmasterecho admin> .qmail-mailer-daemon

The User admin is a system user who will be receiving mails for root,postmaster and mailer-daemon. Some applications send mails to root so the aliasneeds to be created. When a bounced email bounces again the mail is sent topostmaster so the above alias will send such mails to admin. Sometimes peopletend to reply to messages generated by mailer daemon so creating the alias willforward mail to admin rather than sending a bounce mail to the user whoreplied to mailer daemon. The user adminis usually the mail administrator .

Note: Because of the way aliases are implemented in qmail, an alias can never

override a valid user's deliveries. E.g., if aadish is a normal user,~alias/.qmail-aadish will not be used.

Relaying:

An MTA that accepts mail from anyone for anyone is said to be a relayingserver. Relaying can be categorized into two types: open relay and selectiverelay. An open relay server accepts mail from anyone and and forwards it toanyone, whereas with selective relaying, only selected group of users areallowed to relay.

We will use tcpwrappers to control relaying. We will configure our server as aselective relay server allowing relay from our network only.


9/12

Create an SMTP wrapper:

cd /usr/local/bincat > smtpd#!/bin/sh

exec /var/qmail/bin/tcp-env /var/qmail/bin/qmail-smtpd

Now edit /etc/hosts.allow and all the follwing lines to allow selective relay:

# allow realy from my networksmtpd: 10.1.1.0/255.255.255.0 : setenv RELAYCLIENT : allow# allow SMTP connection from others.smtpd: ALL : allow

Note:Replace 10.1.1.0/255.255.255.0with your network/mask .

Starting SMTP:

SMTP server ill be run through xinetd. Following file should be created in/etc/xinetd.dfor SMTP:

service smtp{ disable = no socket_type = stream protocol = tcp wait = no flags = NAMEINARGS umask = 022

user = qmaild server = /usr/sbin/tcpd server_args = /usr/local/bin/smtpd instances = 30}

Starting POP:

Create a file pop3 with the following content in /etc/xinetd.d to run POP serverthrough xinetd:

service pop3{ disable = no socket_type = stream protocol = tcp wait = no server = /var/qmail/bin/qmail-popup server_args =mail.shrestha.net.np\ /usr/local/bin/checkpassword \ /var/qmail/bin/qmail-pop3d Maildir instances = 20 log_type = FILE /var/log/pop3.log log_on_success = HOST

log_on_failure = HOST RECORD}


10/12

Note:Replace mail.shrestha.net.npwith your FQDN.

After creating the files restart xinetd server

/etc/rc.d/init.d/xinetd restart

Starting qmail:

Open file /var/qmail/boot/home in an editor and replace Mailbox with Maildir/then copy the file from qmail boot directory to qmail directory as rc and createa script qmailin /etc/rc.d/init.d.

cp /var/qmail/boot/home /var/qmail/rccd /etc/rc.d/init.dvi qmail

The content of the script qmail:

#!/bin/bash## Startup script for qmail## chkconfig: 12 85 15# description: qmail the Quick Way# config: /var/qmail/control

start() { echo $"Starting qmail Service: "

/var/qmail/rc &}stop() {

echo $"Stopping qmail Service: "

killall qmail-send}restart() {

echo $"Restarting qmail Service: "killall -HUP qmail-send

}

wakeup() {echo $"Waking up qmail Service: "killall -ALRM qmail-send

}

# See how we were called.case "$1" in start)

start;;

stop)stop;;

restart)stopstart;;

wakeup)wakeup;;

*)echo $"Usage: qmail {start|stop|restart|wakeup}"exit 1

esac


11/12

Test

Add user:

Create Maildir in skeleton directory so that whenever a new user is added theMaildir is present. Follow the steps below to accomplish Maildir creation:

cd /etc/skelmkdir Maildirmkdir Maildir/newmkdir Maildir/curmkdir Maildir/tmp

Now we can add a test user to test the mail server. We will use the systemcommand userddto create users

useradd -s /bin/false tuserpasswd tuser

Test SMTP:

Now we can test SMTP sever. Telnet to port 25, SMTP port, on localhost andcheck the response. Below is an example SMTP session:

telnet localhost 25Trying 127.0.0.1Escape character is '^]'.220 mail.shrestha.net.np ESMTP

helo me250 mail.shrestha.net.npmail from: [email protected] okrcpt to: [email protected] okdata354 go aheadtest mail.250 ok 1026582995 qp 32385quit221 mail.shrestha.net.np

Connection closed by foreign host.


12/12

Test POP:

Telnet to port 110 on localhost to test POP server. Below is an example POPsession:

telnet localhost 110Trying 127.0.0.1Connected to mail.shrestha.net.npEscape character is '^]'.+OK user tuser+OKpass mypass+OKstat+OK 1 200quit+OK

Connection closed by foreign host.

References:

http://www.qmail.org http://www.lifewtihqmail.org qmail mailing list http://www.xinetd.org

Date post:	23-Feb-2018
Category:	Documents
Upload:	gnana-prakash
View:	225 times
Download:	0 times

QmailTheQuickWay 1.2.0

Documents