QMail: Unterschied zwischen den Versionen

Aus crazylinux.de
Zur Navigation springen Zur Suche springen
(smtps)
Zeile 43: Zeile 43:
  modify spam check = no
  modify spam check = no
</pre>
</pre>
===Qmail-Scanner===
Qmail-Scanner is an add-on that enables a Qmail email server to scan gatewayed email for certain characteristics (i.e. a content scanner). It is typically used for its anti-virus and anti-spam protection functions, in which case it is used in conjunction with external scanners. It also enables a site (at a server/site level) to create "Policy blocks": i.e. react to email that contains specific strings in particular headers, or particular attachment filenames or types (e.g. *.VBS attachments). http://qmail-scanner.sourceforge.net/
This is a patched version (ergo unofficial) of  qmail-scanner-2.01, that adds some options focused in deal with spam and others features.
http://www.bec.at/support/qmail-scanner/
./configure --qs-user qscand --qmail-queue-binary /usr/sbin/qmail-queue --admin sadmin --domain mygretchen.de
--admin-description "System Administrator" --notify psender,nmlvadm --local-domains mygretchen.de --silent-viruses auto --virus-to-delete 0
--skip-text-msgs 1 --lang de_DE --debug 0 --minidebug 1 --add-dscr-hdrs 0 --dscr-hdrs-text "X-Qmail-Scanner" --normalize yes --archive 0
--settings-per-domain 0 --max-scan-size 100000000 --unzip 0 --max-zip-size 1000000000 --max-unpacked-files 10000
--redundant xi10 --log-details syslog --log-crypto 0 --fix-mime 2 --ignore-eol-check 0 --sa-subject "***SPAM***" --sa-delta 0 --sa-alt 1
--sa-debug 1 --sa-report 1 --sa-quarantine 0 --sa-delete 0 --sa-reject 0 --scanners "clamscan,fast_spamassassin"


==Konfiguration==
==Konfiguration==

Version vom 3. März 2007, 18:02 Uhr

als Vorlage diente http://www.debianhowto.de/doku.php/de:howtos:sarge:qmail

Installation

apt-get install qmail-src ucspi-tcp-src

UCSPI-TLS (UCSPI-SSL patched)

Ein Ersatz für inetd

from spamcontrol
Current patch for ucspi-ssl-0.70 (ucspi-ssl-0.70_ucspitls-0.4.patch) providing 'delayed' (i.e. STARTTLS/STLS) TLS support.

Qmail bauen

Qmail patchen mit Spamcontrol

Qmailadmin

http://www.inter7.com/index.php?page=qmailadmin 

./configure --enable-cgipath=/member/cgi-bin/qmailadmin --enable-autoresponder-path=/usr/bin --enable-ezmlmdir=/usr/bin --enable-maxpopusers=100
--enable-maxaliases=100 --enable-maxforwards=100 --enable-maxautorepsonders=100 --enable-maxmailinglists=100 --disable-ezmlm-mysql
--enable-htmldir=/home/www/mygretchen.de/htdocs --enable-cgibindir=/home/www/mygretchen.de/cgi-bin --enable-vpopmaildir=/var/vpopmail
--enable-qmaildir=/var/qmail --enable-true-path=/bin/true --enable-no-cache



            qmailadmin 1.2.0
            Current settings
---------------------------------------
       cgi-bin dir = /home/www/mygretchen.de/cgi-bin
          html dir = /home/www/mygretchen.de/htdocs
         image dir = /home/www/mygretchen.de/htdocs/images/qmailadmin
         image URL = /images/qmailadmin
      template dir = /usr/local/share/qmailadmin
         qmail dir = /var/qmail
      vpopmail dir = /var/vpopmail
   autorespond dir = /usr/bin
         ezmlm dir = /usr/bin
         ezmlm idx = yes
   mysql for ezmlm = no
              help = no
      modify quota = no
   domain autofill = no
 modify spam check = no


Qmail-Scanner

Qmail-Scanner is an add-on that enables a Qmail email server to scan gatewayed email for certain characteristics (i.e. a content scanner). It is typically used for its anti-virus and anti-spam protection functions, in which case it is used in conjunction with external scanners. It also enables a site (at a server/site level) to create "Policy blocks": i.e. react to email that contains specific strings in particular headers, or particular attachment filenames or types (e.g. *.VBS attachments). http://qmail-scanner.sourceforge.net/

This is a patched version (ergo unofficial) of qmail-scanner-2.01, that adds some options focused in deal with spam and others features. http://www.bec.at/support/qmail-scanner/ 

./configure --qs-user qscand --qmail-queue-binary /usr/sbin/qmail-queue --admin sadmin --domain mygretchen.de 
--admin-description "System Administrator" --notify psender,nmlvadm --local-domains mygretchen.de --silent-viruses auto --virus-to-delete 0
--skip-text-msgs 1 --lang de_DE --debug 0 --minidebug 1 --add-dscr-hdrs 0 --dscr-hdrs-text "X-Qmail-Scanner" --normalize yes --archive 0
--settings-per-domain 0 --max-scan-size 100000000 --unzip 0 --max-zip-size 1000000000 --max-unpacked-files 10000
--redundant xi10 --log-details syslog --log-crypto 0 --fix-mime 2 --ignore-eol-check 0 --sa-subject "***SPAM***" --sa-delta 0 --sa-alt 1
--sa-debug 1 --sa-report 1 --sa-quarantine 0 --sa-delete 0 --sa-reject 0 --scanners "clamscan,fast_spamassassin"

Konfiguration

Supervise

/service/qmail-send/run 

#!/bin/sh
exec /var/qmail/rc


/service/qmail-send/log/run 

#!/bin/sh
exec /usr/bin/setuidgid qmaill /usr/bin/multilog t s5000000 /var/log/qmail

http://www.datenklause.de/de/software/qgreylistrbl.html

/service/qmail-smtpd/run 

#!/bin/sh

QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`

if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then
    echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
    echo /var/qmail/supervise/qmail-smtpd/run
    exit 1
fi

if [ ! -f /var/qmail/control/rcpthosts ]; then
    echo "No /var/qmail/control/rcpthosts!"
    echo "Refusing to start SMTP listener because it'll create an open relay"
    exit 1
fi

. /var/qmail/ssl/env
exec /usr/bin/softlimit -m 90000000 \
        /usr/local/bin/sslserver -vesn -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
        -u "$QMAILDUID" -g "$NOFILESGID" 88.198.8.108 smtp /var/qmail/bin/qgreylistrbl.pl \
 /var/qmail/bin/qmail-smtpd /var/vpopmail/bin/vchkpw /bin/true 2>&1

#/usr/bin/rblsmtpd -r multihop.dsbl.org -r sbl.spamhaus.org -r ix.dnsbl.manitu.net -r list.dsbl.org


/service/qmail-smtpd/log/run 

#!/bin/sh
exec /usr/bin/setuidgid qmaill /usr/bin/multilog t s5000000 /var/log/qmail/smtpd


/etc/tcp.smtp 

127.0.0.1:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl",QS_SPAMASSASSIN="1"
192.168.230.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl",QS_SPAMASSASSIN="1"
:allow,MFDNSCHECK="",SMTPAUTH="",BADMIMETYPE="",BADLOADERTYPE="M",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

cdb neubauen: 

tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp

Qmail

Start-Config: 

echo "meinhostname.domain.tld" > /etc/qmail/me

Bounce username. Default: MAILER-DAEMON. 

bouncefrom

Procmail

Procmail ist ein Mailfilter mit dem man z.b. Spam- oder Maillinglistenmails automatisch in ein Unterordner verschieben kann. Filterregeln können mit Horde(Ingo) erstellt werden.
von http://www.qmailinfo.org/index.php/Horde-Procmail-Filters

/etc/procmailrc: 

SHELL="/bin/sh"
#LOGFILE="/tmp/procmail.log"
#VERBOSE=on
VPOPHOME="/var/vpopmail"
DOMHOME="$VPOPHOME/domains/$DOM"
USERHOME="$DOMHOME/$USERNAME"
SENDMAIL="/usr/sbin/sendmail -f $USERNAME@$DOM"

DEFAULT="$USERHOME/Maildir/"
HOME="$USERHOME"
INCLUDERC="$USERHOME/.procmailrc"

##### move_Spam #####
:0
* ^X-Spam-Status:.*Yes
"$DEFAULT/.Spam/"

##### move_unknown #####
:0
* ^X-Spam-Level:.*++
"$DEFAULT/.Unknown/"

:0 w
| /usr/bin/safecat "${HOME}/Maildir/tmp" "${HOME}/Maildir/new"

/usr/sbin/preprocmail: 

#!/bin/sh

VPOPMAIL=`echo ~vpopmail`
DOMDIR=`$VPOPMAIL/bin/vdominfo -d $HOST`

#convert to lower
EXT=`echo $EXT | tr "[:upper:]" "[:lower:]" `;

#check, if maildir exist
if [ -d $DOMDIR/$EXT/Maildir ]; then
        #create spamfolder if not exists
        if [ ! -d $DOMDIR/$EXT/Maildir/.Spam ]; then
                /usr/bin/maildirmake.courier -f Spam $DOMDIR/$EXT/Maildir/
                cat > /dev/null
        fi

        #create unknownfolder if not exists
        if [ ! -d $DOMDIR/$EXT/Maildir/.Unknown ]; then
                /usr/bin/maildirmake.courier -f Unknown $DOMDIR/$EXT/Maildir/
                cat > /dev/null
        fi

        #create subscription or subscribe to spamfolder
        if [ ! -r $DOMDIR/$EXT/Maildir/courierimapsubscribed ]; then
                `echo INBOX.Spam>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
        else
                #exist the subscription?
                if [ `/bin/grep Spam $DOMDIR/$EXT/Maildir/courierimapsubscribed |wc -l` = 0 ]; then
                        `echo INBOX.Spam>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
                fi
        fi

        #create subscription or subscribe to unknownfolder
        if [ ! -r $DOMDIR/$EXT/Maildir/courierimapsubscribed ]; then
                `echo INBOX.Unknown>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
        else
                #exist the subscription?
                if [ `/bin/grep Unknown $DOMDIR/$EXT/Maildir/courierimapsubscribed |wc -l` = 0 ]; then
                        `echo INBOX.Unknown>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`;
                fi
        fi
fi

if [ -r $DOMDIR/$EXT/.procmailrc ]; then
        env -i DOM=$HOST USERNAME=$EXT /usr/bin/procmail -p -m /etc/procmailrc
        cat > /dev/null
        exit 99
else
        env -i DOM=$HOST USERNAME=$EXT /usr/bin/procmail -p -m /etc/procmailrc
        cat > /dev/null
fi
cat > /dev/null
exit 0


This script will be called from a .qmail file. For example,

/var/vpopmail/domains/somedomain.com/.qmail-default: 

| /var/qmail/bin/preline /usr/sbin/preprocmail
| /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox

Links

Beispiele für Filterung

Betrieb

Logfiles

QMail schreibt seine Daten in dem im TAI64N-Format in seine Logfiles. Das mag zwar für die Auswertung der Logfiles sehr nützlich sein, lesbar ist es nicht. 

cat /var/log/qmail/smtpd/current | tai64nlocal

Start/Stop/Status

qmailctl
Usage: /usr/sbin/qmailctl {start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help}

mygretchen:/# qmailctl stat
/service/qmail-send: up (pid 5465) 151263 seconds
/service/qmail-send/log: up (pid 2106) 151373 seconds
/service/qmail-smtpd: up (pid 2109) 151373 seconds
/service/qmail-smtpd/log: up (pid 2111) 151373 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0

Tools

qmHandle - queue management made easy

This little jewel, created by Michele Beltrame (according to qmail.org), gives you an easy way to view and manage the Qmail queue. It even lets you view some stats on the queue. It's a single Perl based script that is command line based, not GUI based (for you all you newbies out there). Don't fret though, because it's incredibly easy to use. If you have trouble setting it up and using it, you need to go back to school. If you think I'm kidding, wait till you set it up and you'll see. It doesn't get any easier than this. You can download the latest version of qmHandle from: http://sourceforge.net/projects/qmhandle. Normally, I would publish a tutorial on how to set it up, but the README file included with it does a wonderful job. Read the README file!

qmailalizer - a tool to generate graphs from Qmail's logs.

http://qmailalizer.sourceforge.net/

Links

Howtos & Co

http://www.lifewithqmail.org/lwq.html
http://www.gentoo.org/doc/de/qmail-howto.xml
http://www.debianhowto.de/doku.php/de:howtos:sarge:qmail
http://www.cargal.org/downloads/HOW-TO/debianqmail/debianqmail.html
Installing Qmail, Courier, Ezmlm, ... on Debian
Qmail smtps

AntiSpam

qgreylistrbl
Big all-in-one patch. MUST!
Erstellt badmailfrom-file
http://www.chrishardie.com/tech/qmail/qmail-antispam.html

Patches

Integrate Virusscanner/Spamassassin
http://toribio.apollinare.org/qmail-scanner/
Qmail SMTP Plugin patch (SPP)

Sonstiges

Qmail Ldap/Big Picture
About relaying (blacklist und smtp_auth)
Qmail Bugs and Wishlist

Abgerufen von „https://crazylinux.de/?title=QMail&oldid=3463