QMail
als Vorlage diente http://www.debianhowto.de/doku.php/de:howtos:sarge:qmail
Installation
apt-get install qmail-src ucspi-tcp-src
UCSPI-TLS (UCSPI-SSL patched)
a replacement for inetd
from spamcontrol
Current patch for ucspi-ssl-0.70 (ucspi-ssl-0.70_ucspitls-0.6.patch) providing 'delayed' (i.e. STARTTLS/STLS) TLS support.
if you get segfault like this (same here)
Jan 30 23:41:48 hostname kernel: [680228.819023] sslserver[25616]: segfault at 6e69622f ip b768a7a2 sp bf8bd1c8 error 4 in libcrypto.so.0.9.8[b75e3000+13a000]
you have the wrong patch! Don't use this one from http://www.suspectclass.com/sgifford/ucspi-tls/files/ucspi-ssl-0.70-ucspitls-0.1.patch
Qmail bauen
Qmail patchen mit Spamcontrol
Qmailadmin
qmailAdmin is a free software package that provides a web interface for managing a qmail system with virtual domains: http://www.inter7.com/index.php?page=qmailadmin
./configure --enable-cgipath=/member/cgi-bin/qmailadmin --enable-autoresponder-path=/usr/bin --enable-ezmlmdir=/usr/bin --enable-maxpopusers=100 --enable-maxaliases=100 --enable-maxforwards=100 --enable-maxautorepsonders=100 --enable-maxmailinglists=100 --disable-ezmlm-mysql --enable-htmldir=/home/www/mygretchen.de/htdocs --enable-cgibindir=/home/www/mygretchen.de/cgi-bin --enable-vpopmaildir=/var/vpopmail --enable-qmaildir=/var/qmail --enable-true-path=/bin/true --enable-no-cache --disable-catchall --disable-trivial-password
qmailadmin 1.2.13 Current settings --------------------------------------- cgi-bin dir = /home/www/mygretchen.de/cgi-bin html dir = /home/www/mygretchen.de/htdocs image dir = /home/www/mygretchen.de/htdocs/images/qmailadmin image URL = /images/qmailadmin template dir = /usr/local/share/qmailadmin qmail dir = /var/qmail vpopmail dir = /var/vpopmail autorespond dir = /usr/bin ezmlm dir = /usr/bin ezmlm idx = yes mysql for ezmlm = no help = no modify quota = no domain autofill = no catchall accounts = no trivial passwords = no modify spam check = no
Qmail-Scanner
Qmail-Scanner is an add-on that enables a Qmail email server to scan gatewayed email for certain characteristics (i.e. a content scanner). It is typically used for its anti-virus and anti-spam protection functions, in which case it is used in conjunction with external scanners. It also enables a site (at a server/site level) to create "Policy blocks": i.e. react to email that contains specific strings in particular headers, or particular attachment filenames or types (e.g. *.VBS attachments). http://qmail-scanner.sourceforge.net/
This is a patched version (ergo unofficial) of qmail-scanner-2.0x, that adds some options focused in deal with spam and others features: http://toribio.apollinare.org/qmail-scanner/
./configure \
--qs-user qscand \
--qmail-queue-binary /usr/sbin/qmail-queue \
--admin sadmin \
--domain mygretchen.de \
--admin-description "System Anti-Virus Administrator" \
--notify psender,nmlvadm \
--local-domains mygretchen.de \
--silent-viruses auto \
--virus-to-delete 0 \
--skip-text-msgs 1 \
--lang de_DE \
--debug 0 \
--minidebug 1 \
--add-dscr-hdrs 0 \
--dscr-hdrs-text "X-Qmail-Scanner" \
--normalize 1 \
--archive 0 \
--settings-per-domain 0 \
--max-scan-size 100000000 \
--unzip 0 \
--max-zip-size 1000000000 \
--max-unpacked-files 10000 \
--redundant 1 \
--log-details syslog \
--log-crypto 0 \
--fix-mime 2 \
--ignore-eol-check 1 \
--sa-sql 1 \
--sa-subject "***SPAM***" \
--sa-delta 0 \
--sa-alt 0 \
--sa-debug 0 \
--sa-report 1 \
--sa-quarantine 0 \
--sa-delete 0 \
--sa-reject 0 \
--scanners "clamscan,fast_spamassassin"
Konfiguration
Supervise
/service/qmail-send/run
#!/bin/sh exec /var/qmail/rc
/service/qmail-send/log/run
#!/bin/sh exec /usr/bin/setuidgid qmaill /usr/bin/multilog t s5000000 /var/log/qmail
http://www.datenklause.de/de/software/qgreylistrbl.html
/service/qmail-smtpd/run
#!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in echo /var/qmail/supervise/qmail-smtpd/run exit 1 fi if [ ! -f /var/qmail/control/rcpthosts ]; then echo "No /var/qmail/control/rcpthosts!" echo "Refusing to start SMTP listener because it'll create an open relay" exit 1 fi . /var/qmail/ssl/env exec /usr/bin/softlimit -m 90000000 \ /usr/local/bin/sslserver -vesn -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 88.198.8.108 smtp /var/qmail/bin/qgreylistrbl.pl \ /var/qmail/bin/qmail-smtpd /var/vpopmail/bin/vchkpw /bin/true 2>&1 #/usr/bin/rblsmtpd -r multihop.dsbl.org -r sbl.spamhaus.org -r ix.dnsbl.manitu.net -r list.dsbl.org
/service/qmail-smtpd/log/run
#!/bin/sh exec /usr/bin/setuidgid qmaill /usr/bin/multilog t s5000000 /var/log/qmail/smtpd
/etc/tcp.smtp
127.0.0.1:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl",QS_SPAMASSASSIN="1" 192.168.230.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl",QS_SPAMASSASSIN="1" :allow,MFDNSCHECK="",SMTPAUTH="",BADMIMETYPE="",BADLOADERTYPE="M",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
cdb neubauen:
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
Qmail
Start-Config:
echo "meinhostname.domain.tld" > /etc/qmail/me
Bounce username. Default: MAILER-DAEMON.
bouncefrom
Procmail
Procmail ist ein Mailfilter mit dem man z.b. Spam- oder Maillinglistenmails automatisch in ein Unterordner verschieben kann. Filterregeln können mit Horde(Ingo) erstellt werden.
von http://www.qmailinfo.org/index.php/Horde-Procmail-Filters
/etc/procmailrc:
SHELL="/bin/sh" #LOGFILE="/tmp/procmail.log" #VERBOSE=on VPOPHOME="/var/vpopmail" DOMHOME="$VPOPHOME/domains/$DOM" USERHOME="$DOMHOME/$USERNAME" SENDMAIL="/usr/sbin/sendmail -f $USERNAME@$DOM" DEFAULT="$USERHOME/Maildir/" HOME="$USERHOME" INCLUDERC="$USERHOME/.procmailrc" ##### move_Spam ##### :0 * ^X-Spam-Status:.*Yes "$DEFAULT/.Spam/" ##### move_unknown ##### :0 * ^X-Spam-Level:.*++ "$DEFAULT/.Unknown/" :0 w | /usr/bin/safecat "${HOME}/Maildir/tmp" "${HOME}/Maildir/new"
/usr/sbin/preprocmail:
#!/bin/sh VPOPMAIL=`echo ~vpopmail` DOMDIR=`$VPOPMAIL/bin/vdominfo -d $HOST` #convert to lower EXT=`echo $EXT | tr "[:upper:]" "[:lower:]" `; #check, if maildir exist if [ -d $DOMDIR/$EXT/Maildir ]; then #create spamfolder if not exists if [ ! -d $DOMDIR/$EXT/Maildir/.Spam ]; then /usr/bin/maildirmake.courier -f Spam $DOMDIR/$EXT/Maildir/ cat > /dev/null fi #create unknownfolder if not exists if [ ! -d $DOMDIR/$EXT/Maildir/.Unknown ]; then /usr/bin/maildirmake.courier -f Unknown $DOMDIR/$EXT/Maildir/ cat > /dev/null fi #create subscription or subscribe to spamfolder if [ ! -r $DOMDIR/$EXT/Maildir/courierimapsubscribed ]; then `echo INBOX.Spam>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`; else #exist the subscription? if [ `/bin/grep Spam $DOMDIR/$EXT/Maildir/courierimapsubscribed |wc -l` = 0 ]; then `echo INBOX.Spam>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`; fi fi #create subscription or subscribe to unknownfolder if [ ! -r $DOMDIR/$EXT/Maildir/courierimapsubscribed ]; then `echo INBOX.Unknown>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`; else #exist the subscription? if [ `/bin/grep Unknown $DOMDIR/$EXT/Maildir/courierimapsubscribed |wc -l` = 0 ]; then `echo INBOX.Unknown>>$DOMDIR/$EXT/Maildir/courierimapsubscribed`; fi fi fi if [ -r $DOMDIR/$EXT/.procmailrc ]; then env -i DOM=$HOST USERNAME=$EXT /usr/bin/procmail -p -m /etc/procmailrc cat > /dev/null exit 99 else env -i DOM=$HOST USERNAME=$EXT /usr/bin/procmail -p -m /etc/procmailrc cat > /dev/null fi cat > /dev/null exit 0
This script will be called from a .qmail file. For example,
/var/vpopmail/domains/somedomain.com/.qmail-default:
| /var/qmail/bin/preline /usr/sbin/preprocmail | /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox
Links
Betrieb
Logfiles
QMail schreibt seine Daten in dem im TAI64N-Format in seine Logfiles. Das mag zwar für die Auswertung der Logfiles sehr nützlich sein, lesbar ist es nicht.
cat /var/log/qmail/smtpd/current | tai64nlocal
Start/Stop/Status
qmailctl Usage: /usr/sbin/qmailctl {start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help}
mygretchen:/# qmailctl stat /service/qmail-send: up (pid 5465) 151263 seconds /service/qmail-send/log: up (pid 2106) 151373 seconds /service/qmail-smtpd: up (pid 2109) 151373 seconds /service/qmail-smtpd/log: up (pid 2111) 151373 seconds messages in queue: 0 messages in queue but not yet preprocessed: 0
Email an alle User/Domains
from http://www.mail-archive.com/vchkpw@inter7.com/msg24692.html
We use something like this, WARNING not real code.
#!/bin/sh # TEXT=/usr/local/src/MASSMAIL/email.txt LIST=`/home/vpopmail/bin/vpopbull -Vn` for i in $LIST; do /var/qmail/bin/sendmail $i < $TEXT echo "Sending to account $i" done
For any ezmlm lists we have, I make sure the system admin is always a moderator. I just send a maintenance message to each list. Keep in mind the email.txt needs to be properly formatted as well.
http://www.inter7.com/vpopmail/doc/vpopbull.html
http://www.qmailwiki.org/Vpopmail#vpopbull
Quota
Überprüfung des Quotas inkl. E-Mail-Report
als Vorlage diente http://puuhis.net/vhcs/quota.txt
Tools
qmHandle - queue management made easy
This little jewel, created by Michele Beltrame (according to qmail.org), gives you an easy way to view and manage the Qmail queue. It even lets you view some stats on the queue. It's a single Perl based script that is command line based, not GUI based (for you all you newbies out there). Don't fret though, because it's incredibly easy to use. If you have trouble setting it up and using it, you need to go back to school. If you think I'm kidding, wait till you set it up and you'll see. It doesn't get any easier than this. You can download the latest version of qmHandle from: http://sourceforge.net/projects/qmhandle. Normally, I would publish a tutorial on how to set it up, but the README file included with it does a wonderful job. Read the README file!
qmailalizer - a tool to generate graphs from Qmail's logs.
http://qmailalizer.sourceforge.net/
Links
Howtos & Co
http://qmail.jms1.net/
http://www.lifewithqmail.org/lwq.html, german version: http://www.wallroth.de/sebastian/lwq.html#installation
http://www.gentoo.org/doc/de/qmail-howto.xml
http://www.debianhowto.de/doku.php/de:howtos:sarge:qmail
http://www.cargal.org/downloads/HOW-TO/debianqmail/debianqmail.html
Installing Qmail, Courier, Ezmlm, ... on Debian
Qmail smtps
AntiSpam
qgreylistrbl
Big all-in-one patch. MUST!
Erstellt badmailfrom-file
http://www.chrishardie.com/tech/qmail/qmail-antispam.html
Patches
Integrate Virusscanner/Spamassassin
http://toribio.apollinare.org/qmail-scanner/
Qmail SMTP Plugin patch (SPP)
Sonstiges
Qmail Ldap/Big Picture
About relaying (blacklist und smtp_auth)
Qmail Bugs and Wishlist