QMail
Aus CrazyLinux
als Vorlage diente http://www.debianhowto.de/doku.php/de:howtos:sarge:qmail
Inhalt |
1 Installation
apt-get install qmail-src ucspi-tcp-src
1.1 UCSPI-TLS (UCSPI-SSL patched)
a replacement for inetd
from spamcontrol
Current patch for ucspi-ssl-0.70 (ucspi-ssl-0.70_ucspitls-0.6.patch) providing 'delayed' (i.e. STARTTLS/STLS) TLS support.
if you get segfault like this (same here)
you have the wrong patch! Don't use this one from http://www.suspectclass.com/sgifford/ucspi-tls/files/ucspi-ssl-0.70-ucspitls-0.1.patch
1.2 Qmail bauen
Qmail patchen mit Spamcontrol
1.3 Qmailadmin
qmailAdmin is a free software package that provides a web interface for managing a qmail system with virtual domains: http://www.inter7.com/index.php?page=qmailadmin
./configure --enable-cgipath=/member/cgi-bin/qmailadmin --enable-autoresponder-path=/usr/bin --enable-ezmlmdir=/usr/bin --enable-maxpopusers=100 --enable-maxaliases=100 --enable-maxforwards=100 --enable-maxautorepsonders=100 --enable-maxmailinglists=100 --disable-ezmlm-mysql --enable-htmldir=/home/www/mygretchen.de/htdocs --enable-cgibindir=/home/www/mygretchen.de/cgi-bin --enable-vpopmaildir=/var/vpopmail --enable-qmaildir=/var/qmail --enable-true-path=/bin/true --enable-no-cache --disable-catchall --disable-trivial-password
qmailadmin 1.2.13
Current settings
---------------------------------------
cgi-bin dir = /home/www/mygretchen.de/cgi-bin
html dir = /home/www/mygretchen.de/htdocs
image dir = /home/www/mygretchen.de/htdocs/images/qmailadmin
image URL = /images/qmailadmin
template dir = /usr/local/share/qmailadmin
qmail dir = /var/qmail
vpopmail dir = /var/vpopmail
autorespond dir = /usr/bin
ezmlm dir = /usr/bin
ezmlm idx = yes
mysql for ezmlm = no
help = no
modify quota = no
domain autofill = no
catchall accounts = no
trivial passwords = no
modify spam check = no
1.4 Qmail-Scanner
Qmail-Scanner is an add-on that enables a Qmail email server to scan gatewayed email for certain characteristics (i.e. a content scanner). It is typically used for its anti-virus and anti-spam protection functions, in which case it is used in conjunction with external scanners. It also enables a site (at a server/site level) to create "Policy blocks": i.e. react to email that contains specific strings in particular headers, or particular attachment filenames or types (e.g. *.VBS attachments). http://qmail-scanner.sourceforge.net/
This is a patched version (ergo unofficial) of qmail-scanner-2.0x, that adds some options focused in deal with spam and others features: http://toribio.apollinare.org/qmail-scanner/
--qs-user qscand \
--qmail-queue-binary /usr/sbin/qmail-queue \
--admin sadmin \
--domain mygretchen.de \
--admin-description "System Anti-Virus Administrator" \
--notify psender,nmlvadm \
--local-domains mygretchen.de \
--silent-viruses auto \
--virus-to-delete 0 \
--skip-text-msgs 1 \
--lang de_DE \
--debug 0 \
--minidebug 1 \
--add-dscr-hdrs 0 \
--dscr-hdrs-text "X-Qmail-Scanner" \
--normalize 1 \
--archive 0 \
--settings-per-domain 0 \
--max-scan-size 100000000 \
--unzip 0 \
--max-zip-size 1000000000 \
--max-unpacked-files 10000 \
--redundant 1 \
--log-details syslog \
--log-crypto 0 \
--fix-mime 2 \
--ignore-eol-check 1 \
--sa-sql 1 \
--sa-subject "***SPAM***" \
--sa-delta 0 \
--sa-alt 0 \
--sa-debug 0 \
--sa-report 1 \
--sa-quarantine 0 \
--sa-delete 0 \
--sa-reject 0 \
--scanners "clamscan,fast_spamassassin"
2 Konfiguration
2.1 Supervise
/service/qmail-send/run
#!/bin/sh exec /var/qmail/rc
/service/qmail-send/log/run
#!/bin/sh exec /usr/bin/setuidgid qmaill /usr/bin/multilog t s5000000 /var/log/qmail
http://www.datenklause.de/de/software/qgreylistrbl.html
/service/qmail-smtpd/run
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open relay"
exit 1
fi
. /var/qmail/ssl/env
exec /usr/bin/softlimit -m 90000000 \
/usr/local/bin/sslserver -vesn -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 88.198.8.108 smtp /var/qmail/bin/qgreylistrbl.pl \
/var/qmail/bin/qmail-smtpd /var/vpopmail/bin/vchkpw /bin/true 2>&1
#/usr/bin/rblsmtpd -r multihop.dsbl.org -r sbl.spamhaus.org -r ix.dnsbl.manitu.net -r list.dsbl.org
/service/qmail-smtpd/log/run
#!/bin/sh exec /usr/bin/setuidgid qmaill /usr/bin/multilog t s5000000 /var/log/qmail/smtpd
/etc/tcp.smtp
127.0.0.1:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl",QS_SPAMASSASSIN="1" 192.168.230.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl",QS_SPAMASSASSIN="1" :allow,MFDNSCHECK="",SMTPAUTH="",BADMIMETYPE="",BADLOADERTYPE="M",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
cdb neubauen:
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
2.2 Qmail
Start-Config:
echo "meinhostname.domain.tld" > /etc/qmail/me
Bounce username. Default: MAILER-DAEMON.
bouncefrom
2.3 Procmail
Procmail ist ein Mailfilter mit dem man z.b. Spam- oder Maillinglistenmails automatisch in ein Unterordner verschieben kann. Filterregeln können mit Horde(Ingo) erstellt werden.
von http://www.qmailinfo.org/index.php/Horde-Procmail-Filters
/etc/procmailrc:
SHELL="/bin/sh"
#LOGFILE="/tmp/procmail.log"
#VERBOSE=on
VPOPHOME="/var/vpopmail"
DOMHOME="$VPOPHOME/domains/$DOM"
USERHOME="$DOMHOME/$USERNAME"
SENDMAIL="/usr/sbin/sendmail -f $USERNAME@$DOM"
DEFAULT="$USERHOME/Maildir/"
HOME="$USERHOME"
INCLUDERC="$USERHOME/.procmailrc"
##### move_Spam #####
:0
* ^X-Spam-Status:.*Yes
"$DEFAULT/.Spam/"
##### move_unknown #####
:0
* ^X-Spam-Level:.*++
"$DEFAULT/.Unknown/"
:0 w
| /usr/bin/safecat "${HOME}/Maildir/tmp" "${HOME}/Maildir/new"
/usr/sbin/preprocmail:
#!/bin/sh
VPOPMAIL=`echo ~vpopmail`
DOMDIR=`$VPOPMAIL/bin/vdominfo -d $HOST`
#convert to lower
EXT=`echo $EXT | tr "[:upper:]" "[:lower:]" `;
#check, if maildir exist
if [ -d $DOMDIR/$EXT/Maildir ]; then
#create spamfolder if not exists
if [ ! -d $DOMDIR/$EXT/Maildir/.Spam ]; then
/usr/bin/maildirmake.courier -f Spam $DOMDIR/$EXT/Maildir/
cat > /dev/null
fi
#create unknownfolder if not exists
if [ ! -d $DOMDIR/$EXT/Maildir/.Unknown ]; then
/usr/bin/maildirmake.courier -f Unknown $DOMDIR/$EXT/Maildir/
cat > /dev/null
fi
#create subscription or subscribe to spamfolder
if [ ! -r $DOMDIR/$EXT/Maildir/courierimapsubscribed ]; then
`echo INBOX.Spam>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
else
#exist the subscription?
if [ `/bin/grep Spam $DOMDIR/$EXT/Maildir/courierimapsubscribed |wc -l` = 0 ]; then
`echo INBOX.Spam>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
fi
fi
#create subscription or subscribe to unknownfolder
if [ ! -r $DOMDIR/$EXT/Maildir/courierimapsubscribed ]; then
`echo INBOX.Unknown>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
else
#exist the subscription?
if [ `/bin/grep Unknown $DOMDIR/$EXT/Maildir/courierimapsubscribed |wc -l` = 0 ]; then
`echo INBOX.Unknown>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
fi
fi
fi
if [ -r $DOMDIR/$EXT/.procmailrc ]; then
env -i DOM=$HOST USERNAME=$EXT /usr/bin/procmail -p -m /etc/procmailrc
cat > /dev/null
exit 99
else
env -i DOM=$HOST USERNAME=$EXT /usr/bin/procmail -p -m /etc/procmailrc
cat > /dev/null
fi
cat > /dev/null
exit 0
This script will be called from a .qmail file. For example,
/var/vpopmail/domains/somedomain.com/.qmail-default:
| /var/qmail/bin/preline /usr/sbin/preprocmail | /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox
3 Links
4 Betrieb
4.1 Logfiles
QMail schreibt seine Daten in dem im TAI64N-Format in seine Logfiles. Das mag zwar für die Auswertung der Logfiles sehr nützlich sein, lesbar ist es nicht.
cat /var/log/qmail/smtpd/current | tai64nlocal
4.2 Start/Stop/Status
qmailctl
Usage: /usr/sbin/qmailctl {start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help}
mygretchen:/# qmailctl stat /service/qmail-send: up (pid 5465) 151263 seconds /service/qmail-send/log: up (pid 2106) 151373 seconds /service/qmail-smtpd: up (pid 2109) 151373 seconds /service/qmail-smtpd/log: up (pid 2111) 151373 seconds messages in queue: 0 messages in queue but not yet preprocessed: 0
4.3 Email an alle User/Domains
from http://www.mail-archive.com/vchkpw@inter7.com/msg24692.html
We use something like this, WARNING not real code.
#!/bin/sh
#
TEXT=/usr/local/src/MASSMAIL/email.txt
LIST=`/home/vpopmail/bin/vpopbull -Vn`
for i in $LIST; do
/var/qmail/bin/sendmail $i < $TEXT
echo "Sending to account $i"
done
For any ezmlm lists we have, I make sure the system admin is always a moderator. I just send a maintenance message to each list. Keep in mind the email.txt needs to be properly formatted as well.
http://www.inter7.com/vpopmail/doc/vpopbull.html
http://www.qmailwiki.org/Vpopmail#vpopbull
4.4 Quota
Überprüfung des Quotas inkl. E-Mail-Report
als Vorlage diente http://puuhis.net/vhcs/quota.txt
5 Tools
5.1 qmHandle - queue management made easy
This little jewel, created by Michele Beltrame (according to qmail.org), gives you an easy way to view and manage the Qmail queue. It even lets you view some stats on the queue. It's a single Perl based script that is command line based, not GUI based (for you all you newbies out there). Don't fret though, because it's incredibly easy to use. If you have trouble setting it up and using it, you need to go back to school. If you think I'm kidding, wait till you set it up and you'll see. It doesn't get any easier than this. You can download the latest version of qmHandle from: http://sourceforge.net/projects/qmhandle. Normally, I would publish a tutorial on how to set it up, but the README file included with it does a wonderful job. Read the README file!
5.2 qmailalizer - a tool to generate graphs from Qmail's logs.
http://qmailalizer.sourceforge.net/
6 Links
6.1 Howtos & Co
http://qmail.jms1.net/
http://www.lifewithqmail.org/lwq.html, german version: http://www.wallroth.de/sebastian/lwq.html#installation
http://www.gentoo.org/doc/de/qmail-howto.xml
http://www.debianhowto.de/doku.php/de:howtos:sarge:qmail
http://www.cargal.org/downloads/HOW-TO/debianqmail/debianqmail.html
Installing Qmail, Courier, Ezmlm, ... on Debian
Qmail smtps
6.2 AntiSpam
qgreylistrbl
Big all-in-one patch. MUST!
Erstellt badmailfrom-file
http://www.chrishardie.com/tech/qmail/qmail-antispam.html
6.3 Patches
Integrate Virusscanner/Spamassassin
http://toribio.apollinare.org/qmail-scanner/
Qmail SMTP Plugin patch (SPP)
6.4 Sonstiges
Qmail Ldap/Big Picture
About relaying (blacklist und smtp_auth)
Qmail Bugs and Wishlist
