Web Tool Bag  
Home · Articles · Downloads · Discussion Forum · Web Links · News Categories · Synonyms DatabaseNovember 27 2022 02:00:19
Discussion Forum
Web Links
News Categories
Synonyms Database
Users Online
Guests Online: 2
No Members Online

Registered Members: 856
Unactivated Members: 118
Newest Member: lakim
Forum Threads
Newest Threads
Error: Cannot find m...
Uncaught Error: _reg...
Module build failed:...
mochi script questions
Hottest Threads
Installation [12]
Any questions and... [5]
Captcha picture d... [4]
Integrate with Vi... [4]
Mods: Sucess/Than... [4]
Latest Articles
Ubuntu: the vpn conn...
Howto Install HP Pri...
ReactJS progress met...
QMAIL + Vpopmail + courier-imap + Qmailadmin + MySql + Spamassassin + clamav + Squirrelmail + stats (Isoqlog, qms-analog, qmailanalog & qmail MRTG) under Linux

1. Qmail install

1.1 Creating Users & Groups for Qmail & Vpopmail
We add groups and users with special gid (group id) and uid (user id). It is necessary for the security.
Group and user should be set to "89" under Redhat.
Group/user 98 is in use by ident

mkdir /var/qmail
groupadd -g 98 vchkpw
useradd -u 98 -g 98 -c Vpopmail-Master -d /home/vpopmail -s /bin/false vpopmail
groupadd -g 91 nofiles
groupadd -g 92 qmail

useradd -u 91 -g 91 -d /var/qmail/alias -s /bin/false alias
useradd -u 92 -g 91 -d /var/qmail -s /bin/false qmaild
useradd -u 93 -g 91 -d /var/qmail -s /bin/false qmaill
useradd -u 94 -g 91 -d /var/qmail -s /bin/false qmailp
useradd -u 95 -g 92 -d /var/qmail -s /bin/false qmailq
useradd -u 96 -g 92 -d /var/qmail -s /bin/false qmailr
useradd -u 97 -g 92 -d /var/qmail -s /bin/false qmails Under redhat/fedora change the uid(97) to 90, because the dovecot programs used it.

echo "/bin/false" >> /etc/shells Only if you don't have this line in /etc/shells

1.2 Make directories for Logging and Special Modules

mkdir /var/log/qmail
mkdir /var/log/qmail/qmail-send
mkdir /var/log/qmail/qmail-smtpd
mkdir /var/log/qmail/qmail-pop3d
chown -R qmaill.root /var/log/qmail
chmod -R 750 /var/log/qmail

1.3 Install of qmail / netqmail
Now, I use netqmail which is a *version* of qmail with a lot of patch (http://qmail.agarik.com/netqmail/CHANGES).
Why qmail does not include all that stuff ?
Because of the licence used by djb.

wget http://qmail.agarik.com/netqmail-1.05.tar.gz
tar -zxvf netqmail-1.05.tar.gz
cd netqmail-1.05/
cd netqmail-1.05

You should get something like : You should see 7 lines of text below. If you see anything
else, then something might be wrong.
[1] Extracting qmail-1.03...
tar: Read 1024 bytes from -
[2] Patching qmail-1.03 into netqmail-1.05. Look for errors below:
[4] The previous line should say 24 if you used GNU patch.
[5] Renaming qmail-1.03 to netqmail-1.05...
[6] Continue installing qmail using the instructions found at:
[7] http://www.lifewithqmail.org/lwq.html#installation
Edit the file conf-split (it will increase the queue subdirectory split) If the queue will be stored on ReiserFS, set conf-split to 1.

;replace 23 with 199

then conf-spawn It is the silent concurrency limit control file

;replace 120 with 255

Compile qmail :

wget http://www.qmail.org/qmail-1.03-mfcheck.3.patch
wget http://sylvestre.ledru.info/howto/qmail/netqmail-maildir++.patch
patch -p1 < qmail-1.03-mfcheck.3.patch
patch -p1 < netqmail-maildir++.patch Enable the quota for maildir
make WITH_QMAILQUEUE_PATCH=yes setup check WITH_QMAILQUEUE_PATCH is set to specify that we will use qmail-scanner

./config-fast tractopel.ecranbleu.orgChange it for your host

echo 255 > /var/qmail/control/concurrencyremote
chmod 644 /var/qmail/control/concurrencyremote
echo 1 > /var/qmail/control/mfcheck Only if you want to do a dns check immediatly at the smtp connexion

2. Daemon tools

You may have to patch daemontools in order to compile it with the Glib v. 2.3.1

mkdir /package
chmod 1755 /package
cd /package
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
tar -zxvf daemontools-0.76.tar.gz
mv admin/daemontools-0.76/ daemontools-0.76
rmdir admin/
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/daemontools-0.76.errno.patch
patch -p0 < daemontools-0.76.errno.patch
cd daemontools-0.76/
cd ..
rm daemontools-0.76.tar.gz daemontools-0.76.errno.patch

You may want to remove the respawn of qmail (it is a very borring option when you have to shutdown qmail). To do that, you have to edit /etc/inittab andcomment the last line (SV:123456:respawn:/command/svscanboot) and kill -HUP 1. -- remove other smtp if you already have one installed
for example, comment smtp/pop/imap stuff in /etc/inetd.conf or /etc/xinetd.conf
remove exim in /etc/rc2.d/

If you want to check if it works or not, check if you have links in this directory /command/ pointing to /package/daemontools/command/.

2.1 Maildrop

wget http://mesh.dl.sourceforge.net/sourceforge/courier/maildrop-2.0.2.tar.bz2
tar -jxvf maildrop-2.0.2.tar.bz2
cd maildrop-2.0.2/
make install
cd ..

You may have to insall pcre (apt-get install libpcre3-dev under Debian)
Check :
if the file /usr/local/bin/maildrop exists

3. TCPServer

TCPserver is used to manage network connexions and also the roaming (POP/IMAP before SMTP, allow a user to use the SMTP once he checked his emails).
Here, for the roaming, there is two solutions :
- the classical way with the famous ~vpopmail/etc/tcp.smtp
- store all the relay in the Mysql database (more info)
Which one is the best ?
Well, it really depends want you need. If you want to configure a multiserver mail server, the Mysql solution is very good. This solution has also the advantage to be quite easy to maintaint (I had a few times troubles with the tcp.smtp file: I had to rehash the file by hand which is a bit borring).

Common part :

wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
tar -zxvf ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.a_record.patch
patch -p1 < ucspi-tcp-0.88.a_record.patch
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.errno.patch
patch -p1 < ucspi-tcp-0.88.errno.patch
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.nobase.patch
patch -p1 < ucspi-tcp-0.88.nobase.patch

All the three patches here are used to fix a compilation issue with a recent glibc.

Classical way (~vpopmail/tcp.smtp) : -- relay permissions
edit /home/vpopmail/etc/tcp.smtp,RELAYCLIENT=""
198.168.1.:allow,RELAYCLIENT="" Change this address to your network

/usr/local/bin/tcprules /home/vpopmail/etc/tcp.smtp.cdb /home/vpopmail/etc/tcp.smtp.tmp < /home/vpopmail/etc/tcp.smtp
chmod 644 /home/vpopmail/etc/tcp.smtp.cdb

The MySQL way : First, under fedora, you have to edit the conf-ld file in order to add the path to the mysql lib.

wget http://sylvestre.ledru.info/howto/qmail/ucspi-tcp-0.88-mysql.patch
patch -p0 < ucspi-tcp-0.88-mysql.patch

For this part, you will need the mysql developement library. apt-get install libmysqlclient10-dev (debian)
Then, you need to create the configuration in order to access to the mysql database. Edit the /var/qmail/control/sql file and change the values to match your configuration.

server sql.mailserver.com
port 3306
database vpopmail
table relay
user vpopmail_edit
pass vpass
time 1800

The table structure is :

ip_addr char(18) NOT NULL default '',
timestamp char(12) default NULL,
PRIMARY KEY (ip_addr)

For the mysql configuration, just look few lines under.
If you want to had an "always authorized ip address" for the SMTP, you have to insert an record by hand. For example, you may (will) want to authorized to use the smtp server all the time :

mysql> insert into relay (ip_addr) values ('');

mysql> select * from relay;
|62.210.141.XX |1094032768|
|217.167.120. |NULL|
|80.201.115.XX |1094032739|
|212.239.131.XX |1094027678|
| |NULL|
5 rows in set (0.00 sec)

Common :

make setup check
mkdir -p /home/vpopmail/etc/

4. vpopmail

Vpopmail is used as virtual POP server (ie it is not at all linked with the /etc/passwd file).
Create a vpopmail database and two users. The first one who can access and the other one who can modify the database. For example, connect to mysql (mysql -u root -p) and :

mysql> create database vpopmail;
mysql> grant update, create, delete, insert, select on vpopmail.* to vpopmail_edit@localhost identified by "vpass"; Change localhost to the vpopmail host and the password
mysql> flush privileges;

If the following line works, the vpopmail database should work.

[sly@reloaded] ~$ mysql -h localhost -u vpopmail_edit -pvpass vpopmail

If you get problems, you should look the mysql documentation With vpopmail 5.4.X, which is the lastest version of vpopmail (release as stable the 1 february 2004)

wget http://heanet.dl.sourceforge.net/sourceforge/vpopmail/vpopmail-5.4.17.tar.gz
tar -zxvf vpopmail-5.4.17.tar.gz
mkdir -p ~vpopmail/etc/
cd vpopmail-5.4.17/
echo "localhost|0|vpopmail_edit|vpass|vpopmail" > ~vpopmail/etc/vpopmail.mysql
Change your informations
chown vpopmail.vchkpw ~vpopmail/etc/vpopmail.mysql
chmod 640 ~vpopmail/etc/vpopmail.mysql
apt-get install libmysqlclient10-dev      If you are under debian, otherwise, you must have the mysql sources available
apt-get install zlib1g-dev     If you are under debian, otherwise, you must have these sources available (Thanks to Ken MacFerrin).
./configure --enable-roaming-users=y --enable-logging=y --enable-ip-alias-domains=y --enable-auth-module=mysql --enable-clear-passwd=n --enable-libdir=/usr/include/mysql/ --enable-tcpserver-path=/home/vpopmail/etc/ --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-qmail-ext --enable-logging=e --enable-tcprules-prog=/usr/local/bin/tcprules --enable-rebuild-tcpserver-file --enable-domainquotas For redhat/fedora, change /usr/include/mysql to /usr/lib/mysql
If you use the mysql relay solution for tcpserver, remove --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp
make install-strip

The roaming option means that if a user check his email, it will open the smtp just for this user.
Now, edit the crontab with :

crontab -e

and add this inside :

40 * * * * /home/vpopmail/bin/clearopensmtp 2>&1 > /dev/null

Every time clearopensmtp is run, list of IP's which can relay through the smtp server is checked for time stamps which are older than the --enable-relay-clear-minutes option (The default is 3 hours). And it will delete too old "connections".
If you want to check if it works or not, try /home/vpopmail/bin/vadddomain if you get some "vmysql: sql error[c]: MySQL server has gone away" or "Failed while attempting to add user to auth backend", you may have some trouble with your mysql account configuration. (If you don't get anything, that works !)

5. Autorespond

It is an autoresponder which allows an automatic return email to be sent to the original sender.

wget http://www.inter7.com/devel/autorespond-2.0.2.tar.gz
tar -zxvf autorespond-2.0.2.tar.gz
cd autorespond-2.0.2
make install

6. gdbm (database routine)

wget ftp://mirrors.kernel.org/gnu/gdbm/gdbm-1.8.3.tar.gz
tar -zxvf gdbm-1.8.3.tar.gz
cd gdbm-1.8.3/
make install

7. Ezmlm (Easy Mailing List manager)

Ezmlm is the mailing list manager.

wget http://sylvestre.ledru.info/howto/qmail/ezmlm-idx-0.40.tar.gz
wget http://cr.yp.to/software/ezmlm-0.53.tar.gz
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ezmlm-idx-0.53.400.unified_41.patch
tar -zxvf ezmlm-0.53.tar.gz
tar -zxvf ezmlm-idx-0.40.tar.gz
mv ezmlm-idx-0.40/* ezmlm-0.53/
cd ezmlm-0.53
patch < idx.patch
patch < ../ezmlm-idx-0.53.400.unified_41.patch

edit sub_mysql/conf-sqlld

-L/usr/lib/mysql -lmysqlclient -lnsl -lm
-L/usr/local/lib/mysql -lmysqlclient -lm

make clean
make man
make setup

8. Spamassassin

I wrote some bit about spamassassin with qmail, it is almost the same thing...
Spamassassin is a very powerfull program which checks if the receveid email is a spam or not. The analys is based on a list of mark. If the sum of all the mark exceed a specified amount (for example 5), the email will be tagged (****SPAM**** in the topic).
With this, it is very easy to create a rule which will move all emails into a specific directory (i.e. trash:).

apt-get install spamassassin If you use debian sarge (ie testing)
wget http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz
tar -zxvf Mail-SpamAssassin-2.64.tar.gz
cd Mail-SpamAssassin-2.64
perl Makefile.PL
make install
cp spamd/debian-rc-script.sh /etc/init.d/spamassassin You can replace debian by redhat, solaris, netbsd, suse ...
chmod +x /etc/init.d/spamassassin

Edit /etc/init.d/spamassassin

change DAEMON=/usr/sbin/spamd to :

Create the file /etc/default/spamassassin with this 2 lines :

OPTIONS="-v -m 50 --auto-whitelist"

With that stuff, you can launch spamd which is bascilly a spamassassin deamon (provides great performances).
-m 50 : 50 childs
-v : vpopmail config
--auto-whitelist : Use auto whitelist (friend list)
Then, edit /etc/mail/spamassassin/local.cf (for more details)

required_hits 5.0
add_header all Report _REPORT_
rewrite_header Subject 1
add_header spam Flag _YESNOCAPS_
add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_
add_header all Level _STARS(*)_
add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_
dns_available yes
dcc_add_header 0
skip_rbl_checks 0
bayes_auto_learn 1
use_bayes 1
bayes_path /var/qmail/spamassassin/
auto_whitelist_path /var/qmail/spamassassin/auto_whitelist
use_pyzor 1 (Only if you have installed pyzor)
use_razor2 1 (Only if you have installed razor2)

Then start the spamassassin server and test it :

/etc/init.d/spamassassin start
spamc < sample-spam.txt It will produce the test spam result
spamc < sample-nonspam.txt It should return the original email
For the spam, you should get :
X-Spam-Level: **************************************************
X-Spam-Status: Yes, hits=1000.0 required=6.0 tests=GTUBE autolearn=no version=2.60

This should be enough to use SpamAssassin on the whole system.

9. Clamav - Antivirus

Before the clamav installation, you have to install unzoo, unrar, lha, arj and unzip (in order to unpack email attachements).

Under debian : apt-get install clamav
groupadd clamav
useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav

[ Install the source version of clamav ]

In the file /etc/clamav/clamd.conf, change the line :

User clamav


User qscand

Then, change the property of the running directory :

chown -R qscand. /var/run/clamav/

And the restart clamav

10. qmail-scanner
http://qmail-scanner.sourceforge.net/, http://www.qms-analog.teel.ws/ (which already includes :http://toribio.apollinare.org/qmail-scanner/)

Qmail-scanner is an email parser (like Amavis) which means that qmail-scanner will parse the email and call spamassassin and/or clamav in order to check what they have to check.
I now use a patched version a qmail-scanner which enabled great features like auto delete/reject/quarantine spam over a specified score but also to select which scanners will be used for a domain and even for a user, then, it is possible to configure the spamassassin / antivirus just for one domain/user.
You need perl-suid. (apt-get install perl-suid)

wget http://heanet.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-2.01.tgz
wget http://toribio.apollinare.org/qmail-scanner/download/q-s-2.01st-20060626.patch.gz
tar -zxvf qmail-scanner-2.01.tgz If you are updating your system, don't forget to delete the old source tree
gunzip q-s-2.01st-20060626.patch.gz
cd qmail-scanner-2.01
patch -p1 < ../q-s-2.01st-20060626.patch
groupadd qscand
useradd -c "Qmail-Scanner Account" -g qscand -s /bin/false qscand

./configure --domain trunks.ecranbleu.org \
--admin postmaster \
--local-domains "`cat /var/qmail/control/rcpthosts | tr "\n" ","`" \
--add-dscr-hdrs yes \
--dscr-hdrs-text "X-Antivirus-ecranbleu" \
--ignore-eol-check yes \
--sa-quarantine 0 \
--admin-fromname "Mail admin" \
--settings-per-domain yes \ In a recent version qmail-scanner st, the name of this parameter changed from scanners-per-domain to settings-per-domain. You have also to rename your scanners_per_domain.txt file to settings-per-domain.txt
--sa-delete 5 \
--sa-reject no \
--sa-subject "*****SPAM*****" \
--sa-alt no \
--sa-debug no \
--notify sender,recips \
--redundant yes
cp qmail-scanner-queue.pl /var/qmail/bin/

If you are updating qmail-scanner, rename /var/spool/qmailscan to /var/spool/qscan/
If you want to enable/disable some scanners, edit the /var/spool/qmailscan/settings_per_domain.txt
To rehash the scanner per domain file : /var/qmail/bin/qmail-scanner-queue.pl -p
To rehash the quarantine attachement file : /var/qmail/bin/qmail-scanner-queue.pl -g
Since the version 4.4 of qms-analog, this file can be customise more deeply. It is possible to change sa_subject, sa_delete... for each address/domain which can be very useful and avoid "global configuration".
Here is the syntax of this file (for more information : have a look to this url):

tizio@domain.com:sa,ps'** SPAM **'2.5''3.9'0

# sa = spamassassin
# ps = perl scanner
# clamdscan_scanner

Thanks to this solution, it is possible to produce daily/weekly/monthly total stats about the email traffic. In order to use it,edit this two line in this file : /var/qmail/bin/qmailstats

echo "To: myaddr@domain.org" > $EMAILMSG echo "From: admin@server.com" >> $EMAILMSG

Uncomment the echo/cat lines if you want to display weekly/mothly stats. be carreful, the mail can be huge :

#### Last 7 days
#echo "" >> $EMAILMSG
#echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG
#echo "~~~~~~~~~~~~~~~~~~~~~~~~~~ L a s t 7 D a y s ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG
#cat /var/spool/qmailscan/qms-events.log | qms-analog 168 >> $EMAILMSG

#### Last 30 days
#echo "" >> $EMAILMSG
#echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG
#echo "~~~~~~~~~~~~~~~~~~~~~~~~~~ L a s t 3 0 D a y s ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG
#cat /var/spool/qmailscan/qms-events.log | qms-analog 5040 >> $EMAILMSG

If you want to launch it every night (5:00) :
crontab -e

0 5 * * * /var/qmail/bin/qmailstats &>/dev/null

It will produce this kind of stats : mailstats.txt

11. Scripts and directories

11.1 Alias and default directories

mkdir ~alias
chown alias.qmail ~alias
echo "address@email.com" > /var/qmail/alias/.qmail-root
echo "address@email.com" > /var/qmail/alias/.qmail-postmaster
echo "address@email.com" > /var/qmail/alias/.qmail-mailer-daemon
chmod 2755 ~alias
chmod 644 ~alias/.qmail*

edit /var/qmail/users/assign

+ecranbleu.org-:ecranbleu.org:98:98:/home/vpopmail/domains/ecranbleu.org:-:: Change the domain here

Don't forget the final .
11.2 Supervise/Svscan Startup

mkdir /service
chmod 755 /service
mkdir /var/qmail/supervise
chmod 755 /var/qmail/supervise

mkdir /var/qmail/supervise/qmail-smtpd
mkdir /var/qmail/supervise/qmail-smtpd/log
chmod +t /var/qmail/supervise/qmail-smtpd

mkdir /var/qmail/supervise/qmail-send
mkdir /var/qmail/supervise/qmail-send/log
chmod +t /var/qmail/supervise/qmail-send

mkdir /var/qmail/supervise/qmail-pop3d
mkdir /var/qmail/supervise/qmail-pop3d/log
chmod +t /var/qmail/supervise/qmail-pop3d

ln -s /var/qmail/supervise/* /service/

edit /var/qmail/rc

exec env - PATH="/var/qmail/bin:/usr/local/bin" \
qmail-start ./Maildir/

then :

chmod 700 /var/qmail/rc

11.3 pop3
edit /var/qmail/supervise/qmail-pop3d/run

exec /usr/local/bin/tcpserver -H -R -v -c100 0 pop3 /var/qmail/bin/qmail-popup tractopel.ecranbleu.org /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1 Change tractopel.ecranbleu.org your server

Call the pop server throught tcpserver with username/password check (with qmail-popup and vchkpw).
-R : don't try to get $TCPREMOTEINFO
-H : don't look up the hostname
-v : verbose
-c : number of simultaneous handled connections
0 : the ip address of the server (0 means allow connections to any local IP address)
pop3 : the port used (here, defined in /etc/services but can be an integer ie 110)
qmail-popup : this program reads a POP username and password and call a program (here vchkpw)
vchkpw : this program authenticates a POP user and grant him access to his pop directory
qmail-pop3d : this program distributes email via POP3

then :

chmod 755 /var/qmail/supervise/qmail-pop3d/run

edit /var/qmail/supervise/qmail-pop3d/log/run

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-pop3d 2>&1

Call the multilog program under the uid (user id) and gid (group id) which will call the qmail-pop3d program.
The t option means that the log file will have a timestamp on the beginning of the line (tai64n format).
s100000 : is the size of a log file (here 100 000 bytes). It is between 4096 and 16777215.
n20 : is the number of log file (here 20). At least 2.
then :

chmod 755 /var/qmail/supervise/qmail-pop3d/log
chmod 755 /var/qmail/supervise/qmail-pop3d/log/run

11.4 smtp
edit /var/qmail/supervise/qmail-smtpd/run

export QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" If you use the TCP server mysql solution
exec /usr/local/bin/tcpserver -p -R -x /home/vpopmail/etc/tcp.smtp.cdb -u92 -g91 -v -c100 0 smtp /usr/local/bin/rblsmtpd -r relays.ordb.org /var/qmail/bin/qmail-smtpd 2>&1
If you use the mysql relay solution for tcpserver, replace -x /home/vpopmail/etc/tcp.smtp.cdb by -S

Call the smtp server throught tcpserver with a rbl check.
-u : user id which will be used by qmail-smtpd
-g : group id which will be used by qmail-smtpd
-p : paranoid mode (check if the remote host in the DNS matches with the client address)
-R : don't try to get $TCPREMOTEINFO
-v : verbose
-c : number of simultaneous handled connections
0 : the ip address of the server (0 means allow connections to any local IP address)
smtp : the port used (here, defined in /etc/services but can be an integer)
rblsmtpd : this program blocks mail from RBL-listed sites (I use relays.ordb.org) and call a program (here qmail-smtpd)

chmod 755 /var/qmail/supervise/qmail-smtpd/run

edit /var/qmail/supervise/qmail-smtpd/log/run

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-smtpd 2>&1

Call the multilog program under the uid (user id) and gid (group id) which will call the qmail-smtpd program.
The t option means that the log file will have a timestamp on the beginning of the line (tai64n format).
s100000 : is the size of a log file (here 100 000 bytes). It is between 4096 and 16777215.
n20 : is the number of log file (here 20). At least 2.
then :

chmod 755 /var/qmail/supervise/qmail-smtpd/log
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run

edit /var/qmail/supervise/qmail-send/run

exec env - PATH="/var/qmail/bin:/usr/local/bin" \
qmail-start ./Maildir/

then :

chmod 755 /var/qmail/supervise/qmail-send/run

edit /var/qmail/supervise/qmail-send/log/run

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-send 2>&1

then :

chmod 755 /var/qmail/supervise/qmail-send/log
chmod 755 /var/qmail/supervise/qmail-send/log/run

With the command, you can generate a generic Maildir (ie when you create a new user, it will copy the Maildir dir automatically) :

/var/qmail/bin/maildirmake /etc/skel/Maildir This can depend the linux distribution

Finally, you must create a startup script.
Under debian, it will be in the /etc/init.d/. So, it will be /etc/init.d/qmail.


case "$1" in
echo -n "Starting qmail: svscan"
if cd /var/qmail/supervise; then
env - PATH="/var/qmail/bin:/usr/local/bin:/usr/bin:/bin" svscan &
echo $! > /var/run/svscan.pid
echo "."
echo -n "Stopping qmail: svscan"
kill `cat /var/run/svscan.pid`
echo -n " qmail"
svc -dx /var/qmail/supervise/*
echo -n " logging"
svc -dx /var/qmail/supervise/*/log
echo "."
cd /var/qmail/supervise
svstat * */log
echo "Sending ALRM signal to qmail-send."
svc -a /var/qmail/supervise/qmail-send
echo "Sending HUP signal to qmail-send."
svc -h /var/qmail/supervise/qmail-send
echo "Sending HUP signal to qmail-pop3d."
svc -h /var/qmail/supervise/qmail-pop3d
echo "Pausing qmail-send"
svc -p /var/qmail/supervise/qmail-send
echo "Pausing qmail-smtpd"
svc -p /var/qmail/supervise/qmail-smtpd
echo "Pausing qmail-pop3d"
svc -p /var/qmail/supervise/qmail-pop3d
echo "Continuing qmail-send"
svc -c /var/qmail/supervise/qmail-send
echo "Continuing qmail-smtpd"
svc -c /var/qmail/supervise/qmail-smtpd
echo "Continuing qmail-pop3d"
svc -c /var/qmail/supervise/qmail-pop3d
echo "Restarting qmail:"
echo "* Stopping qmail-smtpd."
svc -d /var/qmail/supervise/qmail-smtpd
echo "* Sending qmail-send SIGTERM and restarting."
svc -t /var/qmail/supervise/qmail-send
echo "* Restarting qmail-smtpd."
svc -u /var/qmail/supervise/qmail-smtpd
echo "* Sending qmail-pop3d SIGTERM and restarting."
svc -t /var/qmail/supervise/qmail-pop3d
tcprules /home/vpopmail/etc/tcp.smtp.cdb /home/vpopmail/etc/tcp.smtp.tmp < /home/vpopmail/etc/tcp.smtp
chmod 644 /home/vpopmail/etc/tcp.smtp*
echo "Reloaded /home/vpopmail/etc/tcp.smtp."
echo "Usage: $0
exit 1
exit 0

chmod 750 /etc/init.d/qmail
rm -f /usr/lib/sendmail
rm -f /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail

12. Qmailadmin

QmailAdmin is the web administration which enables the management of a domain by an lambda user.

wget http://heanet.dl.sourceforge.net/sourceforge/qmailadmin/qmailadmin-1.2.9.tar.gz
tar -zxvf qmailadmin-1.2.9.tar.gz
cd qmailadmin-1.2.9/
./configure --enable-htmldir=/var/www/qmailadminhtml --enable-imagedir=/var/www/images --enable-imageurl=/images --enable-cgibindir=/var/www/cgi-bin/ --enable-autoresponder-bin=/usr/local/bin --enable-vpopuser=vpopmail --enable-ezmlmdir=/usr/local/bin/ezmlm/ --enable-ezmlmidx=y --enable-modify-quota --disable-ipauth --enable-help
Change directories to adapt to your webserver configuration
make install-strip

If you get that stuff when you compile qmailadmin :
gcc -I. -g -O2 -c qmailadmin.c
qmailadmin.c:29:22: vpopmail.h: No such file or directory
qmailadmin.c:30:19: vauth.h: No such file or directory
Try this command :

echo "-I/home/vpopmail/include" >> /home/vpopmail/etc/inc_deps

If you get qmailadmin.o(.text+0xc6): In function `main':
/package/qmailadmin-1.0.6/qmailadmin.c:240: undefined reference to `vclose'
qmailadmin.o(.text+0x17b):/package/qmailadmin-1.0.6/qmailadmin.c:199: undefined reference to `vget_assign'
qmailadmin.o(.text+0x1cd):/package/qmailadmin-1.0.6/qmailadmin.c:210: undefined reference to `vauth_user'
Check if /home/vpopmail/etc/lib_deps contains :
-L/home/vpopmail/lib -lvpopmail -L/usr/include/mysql/ -lmysqlclient -lz
Now, configure your webserver in order to activate cgi-bin for qmailadmin. For example, for Apache :

    ServerAdmin sylvestre-howto@ecranbleu.org
    DocumentRoot /var/www/
    ServerName qmailadmin.ecranbleu.org
    ErrorLog logs/qmailadmin.ecranbleu.org-error.log
    CustomLog logs/qmailadmin.ecranbleu.org-access.log combined
    <Directory /var/www/>
         AllowOverride AuthConfig Limit
         Options SymLinksIfOwnerMatch Includes
    ScriptAlias /cgi-bin/ /var/www/cgi-bin/
    ScriptAlias /global-cgi/ /usr/lib/cgi-bin/

If you get an error like : [Tue Aug 10 18:10:23 2004] [error] [client xx.xx.xx.xx] Premature end of script headers: /var/www/cgi-bin/qmailadmin in the apache error logfile, it should be linked with your apache configuration. I met some problems with suexec which was enabled : comment the User/Group lines should be enough (Thanks Julien Lefevre).
By default, the apache configuration file (httpd.conf) includes an alias directory which is images/. This directory overrides the default of qmailadmin. Don't forget to comment it is you want images.

13. Vqadmin

Vqadmin a virtual domains manager. Basically, with this program, it is possible to manage email domains.

wget http://www.inter7.com/vqadmin/vqadmin-2.3.2.tar.gz
tar -zxvf vqadmin-2.3.2.tar.gz
cd vqadmin-2.3.2
./configure --enable-cgibindir=/var/www/cgi-bin
make install-strip

Add the following directives to the apache configuration, httpd.conf (for example, the qmailadmin virtualhost) :

<Directory "/var/www/cgi-bin/vqadmin">
    deny from all
    Options ExecCGI
    AllowOverride AuthConfig
    Order deny,allow

You must add a htaccess in order to securise these pages.
Edit /var/www/cgi-bin/vqadmin/.htaccess

AuthType Basic
AuthUserFile /etc/apache/vqadmin.passwd
AuthName vQadmin
require valid-user
satisfy any

chown www-data:www-data /var/www/cgi-bin/vqadmin/.htaccess The user/group will be nobody/nogroup under Redhat
chmod 600 /var/www/cgi-bin/vqadmin/.htaccess
htpasswd -bc /etc/apache/vqadmin.passwd admin adminpass

14. Courier

courier is used here for the IMAP server. Since the version 4.X, they split courier to a thirdparty library called authlib which contains authentication stuffs.
But it may cause some issue with the pop-before-smtp system. If it the case, don't hesitate to switch to the version 3.X. (however, don't hesitate to send me a fix for this issue).
PROCEDURE FOR COURIER 3.X (only use if courier 4.X is not working)

wget http://unc.dl.sourceforge.net/sourceforge/courier/courier-imap-3.0.8.tar.bz2
tar -jxvf courier-imap-3.0.8.tar.bz2
cd courier-imap-3.0.8
./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl [ Go for a walk ]
make install
make install-configure


wget http://unc.dl.sourceforge.net/sourceforge/courier/courier-authlib-0.55.tar.bz2
tar -jxvf courier-authlib-0.55.tar.bz2
cd courier-authlib-0.55
./configure --prefix=/usr/local/courier-authlib --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-mailuser=vpopmail --with-mailgroup=vchkpw
make install
make install-configure

wget http://unc.dl.sourceforge.net/sourceforge/courier/courier-imap-4.0.2.tar.bz2
tar -jxvf courier-imap-4.0.2.tar.bz2
cd courier-imap-4.0.2
export COURIERAUTHCONFIG=/usr/local/courier-authlib/bin/courierauthconfig
export CPPFLAGS=-I/usr/local/courier-authlib/include
./configure --prefix=/usr/local/courier-imap --disable-root-check --with-ssl [ Go grab a pizza/beer, this will take some time ]
make install
make install-configure

Common part :

cp courier-imap.sysvinit /etc/init.d/courier-imap
chmod +x /etc/init.d/courier-imap
mkdir -p /var/lock/subsys/
Once the server is launched :
chown vpopmail:vchkpw /usr/local/courier-imap/share/imapd.pem

If you get this error :
tlspasswordcache.c:9:25: openssl/ssl.h: No such file or directory
tlspasswordcache.c:10:25: openssl/err.h: No such file or directory
tlspasswordcache.c:11:26: openssl/rand.h: No such file or directory
install the ssl development library (apt-get install libssl-dev under Debian)

If you get some errors about vpopmail libs, type this 2 commands : [ thank to Alberto Manzoni ]

echo "-I/home/vpopmail/include/" > /home/vpopmail/etc/inc_deps
echo "-L/home/vpopmail/lib -lvpopmail" > /home/vpopmail/etc/lib_deps

But if you get errors about include with vpopmail and stuff like :
/home/vpopmail/lib/libvpopmail.a(vauth.o) in function `vauth_open_update': check if the /home/vpopmail/etc/lib_deps file looks like :

-L/home/vpopmail/lib -lvpopmail -L/usr/include/mysql/ -lmysqlclient -lz -lcrypt

After the installation, you must edit some configuration files.
Rename /usr/local/courier-imap/etc/imapd.dist to /usr/local/courier-imap/etc/imapd and in /usr/local/courier-imap/etc/imapd, change the TCPDOPTS / AUTHMODULES lines to :

TCPDOPTS="-nodnslookup -noidentlookup -user=vpopmail -group=vchkpw"

Finally, don't forget to change this line (at the end of the file)



For the imap-ssl, rename /usr/local/courier-imap/etc/imapd-ssl.dist to /usr/local/courier-imap/etc/imapd-ssl and in /usr/local/courier-imap/etc/imapd-ssl


and /usr/local/courier-imap/etc/imapd.cnf for the ssl certificat :

[ req_dn ]
O=Courier Mail Server
OU=Automatically-generated IMAP SSL key

For the pop3d-ssl, rename /usr/local/courier-imap/etc/pop3d-ssl.dist to /usr/local/courier-imap/etc/pop3d-ssl and in /usr/local/courier-imap/etc/pop3d-ssl


If you want to start the IMAP server :

/etc/init.d/courier-imap start Can take a little while the first time

After the first start, you may get stuff like :
Dec 23 13:01:59 nw-tel2-mail-2 imapd: couriertls: /usr/local/courier-imap/var/couriersslcache: Permission denied
Dec 23 13:01:59 nw-tel2-mail-2 imapd: couriertls: /usr/local/courier-imap/share/imapd.pem: error:0200100D:system library:fopen:Permission denied

chown vpopmail:vchkpw /usr/local/courier-imap/var/
chown vpopmail:vchkpw /usr/local/courier-imap/share/imapd.pem
chown vpopmail:vchkpw /usr/local/courier-imap/share/pop3d.pem

If you want to rebuild the certificat, you have to use the commands (after deleting the pem file) :


You may need the package openssl

15. IMAP Proxy

We use an imapproxy in order to decrease the time of the connection between the imap client and the server (IMAP Proxy)

wget http://www.imapproxy.org/downloads/up-imapproxy-1.2.3.tar.gz
tar -zxvf up-imapproxy-1.2.3.tar.gz
cd up-imapproxy-1.2.3
make install
make install-conf
make install-init

To compile imapproxy, you need the lib ncurses 5 dev (apt-get install libncurses5-dev).
If you try to start the program and if you get this :
/etc/init.d/imapproxy: line 1: /bin/basename: No such file or directory
: Starting IMAP proxy server.
Edit /etc/init.d/imapproxy and change the line 58 (Pgm=`/bin/basename $0`) to Pgm=`/usr/bin/basename $0` (maybe it is only necessary under debian)
Edit /etc/imapproxy.conf to adapt everything to your configuration. Most of the time, change only this :

server_hostname tractopel.ecranbleu.org Change it to your host
proc_groupname nobody Under debian, it is "nogroup"
listen_port 144 If the proxy is running on the same server as courier-imap, change this line (ie not 143, the IMAP port) otherwise the proxy won't work

16. Squirrelmail

wget http://heanet.dl.sourceforge.net/sourceforge/squirrelmail/squirrelmail-1.4.3a.tar.gz
tar xzvf squirrelmail-1.4.3a.tar.gz
cd squirrelmail-1.4.3a
mkdir attachments
chown -R www-data data attachments
chmod go-w data attachments
chgrp www-data data attachments
cd config

Change the following options (you can also add great plugins to squirremail with the program):
   Change name.
   Change Domain
   Change IMAP server Don't forget to set the ip/port of the IMAP Proxy set before (otherwise the proxy will lose his interest)
   Change SMTP server
   Change Data Directory, (optional).
   Change Attachment Directory
Set pre-defined settings for specific IMAP servers
   Select courier = Courier IMAP server

Add a virtual host to your webserver configuration and restart it :

   ServerAdmin sylvestre-howto@ecranbleu.org
   DocumentRoot /var/www/webmail.avence.info
   ServerName webmail.avence.info
   ServerAlias mail.avence.info
   ErrorLog logs/webmail.avence.info-error.log
   CustomLog logs/webmail.avence.info-access.log combined

The webmail install should be ok. Test it on http://webmail.xxxxxxxxxxxxx.xxx/.

17. Isoqlog
http://www.enderunix.org/isoqlog/ Here is a sample result

wget http://www.enderunix.org/isoqlog/isoqlog-2.2.1.tar.gz
tar -zxvf isoqlog-2.2.1.tar.gz
cd isoqlog-2.2.1
make install
ln -s /var/qmail/control/rcpthosts /usr/local/etc/isoqlog.domains
mkdir -p /var/www/qmail-stats/isoqlog

Here is my /usr/local/etc/isoqlog.conf file :

logtype = "qmail-multilog"
logstore = "/var/log/qmail/qmail-send"
domainsfile = "/usr/local/etc/isoqlog.domains"
outputdir = "/var/www/qmail-stats/isoqlog"
htmldir = "/usr/local/share/isoqlog/htmltemp"
langfile = "/usr/local/share/isoqlog/lang/french"
hostname = "tractopel.ecranbleu.org" Change this to your host

maxsender = 100
maxreceiver = 100
maxtotal = 100

maxbyte = 100

Edit your crontab and put the following line in it (it will run the isoqlog stat generation every 58 minutes) :

58 * * * * /usr/local/bin/isoqlog 1>/dev/null 2>/dev/null

Check out the graphs : http://yourhost/qmail-stats/isoqlog/

18. QmailMrtg
http://www.inter7.com/?page=qmailmrtg7 Here is a sample result

First, you have to install mrtg if you don't have it.

wget http://www.inter7.com/qmailmrtg7/qmailmrtg7-4.2.tar.gz
tar -zxvf qmailmrtg7-4.2.tar.gz
cd qmailmrtg7-4.2
make install
mkdir -p /var/www/qmail-stats/mrtg/
cp index.html /var/www/qmail-stats/mrtg/

Get this file and save it into /etc/ It is the modified configuration file with the good path to the log files. Change paths to your configuration.
Run this command 3 times:

/usr/bin/mrtg /etc/qmail.mrtg.cfg

You should get some error messages. Don't worry. Anyway, you can check if the new files exist in /var/www/qmail-stats/mrtg/
Edit your crontab and put that into

2-57/5 * * * * /usr/bin/mrtg /etc/qmail.mrtg.cfg > /dev/null

Check out the graphs : http://yourhost/qmail-stats/mrtg/

19. Tools

Here is a tool which can read the qmail queue to see who send the email to who. It is called qmhandle

wget http://cesnet.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.2.0.tar.gz
tar -zxvf qmhandle-1.2.0.tar.gz

It produces this kind of result when you call the program with the -l parameter (qmHandle -l) :

109816 (167, R)
Return-path: 294drowzow@sentry33221.com
From: "Johnny Champion" <294drowzow@sentry33221.com>
To: at@choum.com
Subject: *****SPAM***** A platinum card who cares? dpplo
Date: Sun, 04 Jan 04 08:41:16 GMT
Size: 8009 bytes

You can also alter the queue with this program :

-a : try to send queued messages now (qmail must be running)
-l : list message queues
-L : list local message queue
-R : list remote message queue
-s : show some statistics
-mN : display message number N
-dN : delete message number N
-Stext : delete all messages that have/contain text as Subject
-D : delete all messages in the queue (local and remote)

20. Redhat

With redhat/fedora, you have to install these packages :

yum update
yum upgrade
yum install mysql
yum install mysql-server
yum install mysql-devel
yum install php-mysql
yum install expect
yum install perl-Time-HiRes
yum install perl-suidperl

Then, don't forget to edit this file : /etc/sysconfig/network in order to specify the right hostname.
It is also important to :
- Change the user id (uid) of the user qmails to 90 (instead of 97).
- Change the mysql dir from /usr/include/mysql/ to /usr/lib/mysql

21. Files

/etc/tcp.smtp [ Tcpserver ]
/etc/mail/spamassassin/local.cf [ Spamassassin ]
/etc/default/spamassassin [ Spamassassin ]
/var/qmail/supervise/qmail-pop3d/run [ qmai ]
/var/qmail/supervise/qmail-pop3d/log/run [ qmail ]
/var/qmail/supervise/qmail-smtpd/run [ qmail ]
/var/qmail/supervise/qmail-smtpd/log/run [ qmail ]
/var/qmail/supervise/qmail-send/run[ qmail ]
/var/qmail/supervise/qmail-send/log/run[ qmail ]
/usr/local/courier-imap/etc/imapd [ courier-imap ]
/etc/init.d/qmail [ qmail ]
/usr/local/etc/isoqlog.conf [ isoqlog ]
/etc/qmail.mrtg.cfg [ qmailmrtg ]

Here is a list of the most important files :
ControlDefaultUsed byPurpose
badmailfromnoneqmail-smtpdblacklisted From addresses
bouncefromMAILER-DAEMONqmail-sendusername of bounce sender
bouncehostmeqmail-sendhostname of bounce sender
concurrencyincomingnone/service/qmail-smtpd/runmax simultaneous incoming SMTP connections
concurrencylocal10qmail-sendmax simultaneous local deliveries
concurrencyremote20qmail-sendmax simultaneous remote deliveries
defaultdeliverynone/var/qmail/rcdefault .qmail file
defaultdomainmeqmail-injectdefault domain name
defaulthostmeqmail-injectdefault host name
databytes0qmail-smtpdmax number of bytes in message (0=no limit)
doublebouncehostmeqmail-sendhost name of double bounce sender
doublebouncetopostmasterqmail-senduser to receive double bounces
envnoathostmeqmail-senddefault domain for addresses without "@"
helohostmeqmail-remotehost name used in SMTP HELO command
idhostmeqmail-injecthost name for Message-ID's
localiphostmeqmail-smtpdname substituted for local IP address
localsmeqmail-senddomains that we deliver locally
meFQDN of systemvariousdefault for many control files
morercpthostsnoneqmail-smtpdsecondary rcpthosts database
percenthacknoneqmail-senddomains that can use "%"-style relaying
plusdomainmeqmail-injectdomain substituted for trailing "+"
qmqpserversnoneqmail-qmqpcIP addresses of QMQP servers
queuelifetime604800qmail-sendseconds a message can remain in queue
rcpthostsnoneqmail-smtpddomains that we accept mail for
smtpgreetingmeqmail-smtpdSMTP greeting message
smtproutesnoneqmail-remoteartificial SMTP routes
timeoutconnect60qmail-remotehow long, in seconds, to wait for SMTP connection
timeoutremote1200qmail-remotehow long, in seconds, to wait for remote server
timeoutsmtpd1200qmail-smtpdhow long, in seconds, to wait for SMTP client
virtualdomainsnoneqmail-sendvirtual domains and users

22. References

QMAIL + Vpopmail + Sqwebmail + Qmailadmin + MySql : How-To for FreeBSD 4.x (v2.0) By Flattie McGee (ZA) 2001 Globelinks Communications.
Life with qmail
Howto Qmail met vpopmail, qmailadmin, imapcourier, squirrelmail + vele extra's
qmailrocks.org for the stat system

Posted by admin on December 06 2006 13:59:18 17912 Reads · Print
Rating is available to Members only.

Please login or register to vote.

No Ratings have been Posted.


Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.
Member Poll
Which PHP framework do you preffer?





eZ Components






You must login to vote.
You must login to post a message.

03/10/2011 18:17
Hi, How to remove Register from Login screen? I don't want them to register and have full access! if you leave register then they should not have any rights until the admin assigns them

26/09/2011 08:28
Please describe your problem with more details. Thank you.

22/11/2010 18:31
Help. There was a problem with the request; error regarding feedbackzdr form program

Custom web software development by Devzone Tech
Copyright © 2022 - www.webtoolbag.com