----------------------------
Packages needed
----------------
1 .ucspi-tcp -> inetd/xinetd substitute
2 .deamontools -> svcsscan/supervise and management and & logging
3.qmail -> MTA
Login to your server as root
# mkdir qmail
# mkdir/package
# mkdir /var/qmail
# cd qmail
# wget -c http://www.qmail.org/netqmail-1.06.tar.gz
# wget -c http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
# cd /package
# wget -c http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
# cd -
# tar xvzf netqmail-1.06.tar.gz
# cd netqmail-1.06
CREATE FOLLOWING USERS AND GROUPS
----------------------------------
# groupadd nofiles
# useradd -g nofiles -d /var/qmail/alias alias
# useradd -g nofiles -d /var/qmail qmaild
# useradd -g nofiles -d /var/qmail qmaill
# groupadd qmail
# useradd -g nofiles -d /var/qmail qmailp
# useradd -g qmail -d /var/qmail qmailq
# useradd -g qmail -d /var/qmail qmailr
# useradd -g qmail -d /var/qmail qmails
# cd netqmail-1.06
# make setup check
CHECK YOUR FULLY QUALIFIED DOMAIN NAME
--------------------------------------
# hostname
# ./config-fast $hostname
# ls -l /var/qmail (QMAIL DIRECTORY STRUCTURE IS CREATED INSIDE /var/qmail)
PATCHING AND INSTALLINTG UCSPI
------------------------------
Check whether patch utility is presnt in your server
# which patch
# tar xvzf ucspi-tcp-0.88.tar.gz
# cd qmail/ucspi/ucspi-tcp-0.88
# patch < /root/qmail/netqmail-1.06/other-patches/ucspi-tcp-0.88.errno.patch
# make
# make setup check
INSTALLING DAEMONTOOLS
-----------------------
# cd /package
# tar xvzf daemontools-0.76.tar.gz
A directory named admin is created inside /package
# cd admin
# cd daemontools-0.76/
# cd src
# patch < /root/qmail/netqmail-1.06/other-patches/daemontools-0.76.errno.patch
# cd /package/admin/daemontools-0.76/
# package/install (RUN REXACTLY SAME AS POSTED)
Now the deamontools is installed and it creates one entry in /etc/inittab. The Entry is given below.
SV:123456:respawn:/command/svscanboot
CREATING QMAIL STARTING AND STOPPING SCRIPT
-------------------------------------------
# cd /var/qmail
# vi rc
#!/bin/sh
# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by default
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start "`cat /var/qmail/control/defaultdelivery`"
:wq (save the file)
# chmod 755 rc
# mkdir /var/log/qmail
SETTING UP MAILBOX FORMAT
--------------------------
# cd /var/qmail/conrol
# vi defaultdelivery
./Mailbox
:wq
QMAIL CONTROL SCRIPTS
-----------------------
# cd /var/qmail/bin
# wget http://lifewithqmail.org/qmailctl-script-dt70
# mv qmailctl-script-dt70 qmailctl
# chmod 755 /var/qmail/bin/qmailctl
# ln -s /var/qmail/bin/qmailctl /usr/bin
INSTALLATION OF SUPERVISERY SCRIPTS
-----------------------------------
# mkdir -p /var/qmail/supervise/qmail-send/log
# mkdir -p /var/qmail/supervise/qmail-smtpd/log
# cd /var/qmail/supervise/qmail-send/
# vi run
#!/bin/sh
exec /var/qmail/rc
:wq
# vi /var/qmail/supervise/qmail-send/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail
:wq
# vi /var/qmail/supervise/qmail-smtpd/run
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open relay"
exit 1
fi
exec /usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
:wq
# vi /var/qmail/supervise/qmail-smtpd/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd
:wq
# mkdir /var/log/qmail/smtpd
Make the run files executable
-----------------------------
# chmod 755 /var/qmail/supervise/qmail-send/run
# chmod 755 /var/qmail/supervise/qmail-send/log/run
# chmod 755 /var/qmail/supervise/qmail-smtpd/run
# chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
# chown qmaill /var/log/qmail /var/log/qmail/smtpd
Finally, link the supervise directories into /service:
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
# rm -rf /usr/sbin/sendmail
# rm -rf /usr/lib/sendmail
# ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
# ln -s /var/qmail/bin/sendmail /usr/lib
Traditionally sendmail bimary is used in unix and linux systems to inject messages in to the queue
DEFAULT ALIASES FOR MTA
-----------------------
# cd /var/qmail/alias
# echo root > .qmail-root
# echo root > .qmail-postmaster
# ln -s .qmail-postmaster .qmail-maler-daemon
SMTP Access Control
# echo '127.:allow,RELAYCLIENT=""' >>/etc/tcp.smtp
# qmailctl cdb
Now qmail is installed and ready for loacal delivery.
TO CHECK QMAIL STATUS
----------------------
# qmailctl stat
The out put of the above command should be like given below
output:
--------------------------------------------------------
/service/qmail-send: up (pid 18742) 111 seconds
/service/qmail-send/log: up (pid 18741) 111 seconds
/service/qmail-smtpd: up (pid 18745) 111 seconds
/service/qmail-smtpd/log: up (pid 18748) 111 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0
----------------------------------------------------------
# ps -ef | grep qmail
MAIL RELAY
----------
MAil relay is the accepting of mail by MTA which is not for local users or local sender. In mail relaying qmail act as both SMTP server and smtp client.
In the case of qmail domain specified in the message is listed in /var/qmail/control/rcpthosts then message is accepted. If it's not listed in rcpthosts, the message is rejected with the following message.
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
SELECTIVE RELAYING
------------------
There are few way to allow our mail system as relay. They are as follows.
Host-Based Relaying
-------------------
This is accomplished by using tcpserver to set the RELAYCLIENT environment variable, which tells qmail-smtpd to override the rcpthosts file.
To give a client relay access, add an entry to /etc/tcp.smtp like this:
IP address of client:allow,RELAYCLIENT=""
For example, to allow the host with the IP address 192.168.174.100 to relay, add the entry
192.168.174.100:allow,RELAYCLIENT=""
You can use wildcards. To match 192.168.1.anything:
192.168.174.:allow,RELAYCLIENT=""
You can also specify domain names:
=client.example.net:allow,RELAYCLIENT=""
Once you have updated the the file /etc/tcp.smtp run the following command.
# qmailctl cdb
which executes the following commands:
# tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
3 chmod 644 /etc/tcp.smtp*
Authenticated Relaying
----------------------
SMTP authentication
-------------------
SMTp authentication provides authenticated relaying.
I am here using checkpassword program for setting up smtp authentication
# cd qmail
# wget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz
# tar xvzf checkpassword-0.90.tar.gz
# cd checkpassword-0.90
# make
After running make if it returns an error do the following
# vi error.h
remove extern int errno;
and add
#include
:wq
Again run
# make
# make setup check
# which checkpassword
The output should be
/bin/checkpassword
The above binary check the 2 files in our server they are /etc/passwd and /etc/shadow.
NOTE: Refer http://qmail.oamok.com/qmail/top.html#checkpassword
Download the package qmail-smtpd-auth-0.5.10
# cd qmail
# wget http://www.fehcom.de/qmail/auth/qmail-smtpd-auth-0510_tgz.bin
# mv qmail-smtpd-auth-0510_tgz.bin netqmail-1.06
# cd netqmail-1.06
# tar -tzvf qmail-smtpd-auth-0510_tgz.bin
# tar -xvzf qmail-smtpd-auth-0510_tgz.bin
# mv qmail-smtpd-auth-0510_tgz.bin /root/qmail
# qmailctl stop
# ./install_auth.sh
# ls -l qmail-smtpd.c.patch
# vi qmail-smtpd.c.patch
Do
/* +#define CRAM_MD5 */
:wq
# make setup check ( places new binaries in /var/qmail/run)
# cd /var/qmail/supervise/qmail-smtpd
# vi run
