Professional Documents
Culture Documents
5 x86_64
Original Author: m.kamal
Updated by: Teo En Ming (Zhang Enming)
Email: teo.en.ming@gmail.com
Date: 22 March 2014
Note: This article covers most options of qmail installation & configuration, as we have gathered most
needed Qmail packages to a powerful mail server, and satisfy all system administrator needs. Wish you
all the best of luck. Lets start..,
Replacement for sendmail: qmail supports host and user masquerading, full host hiding, virtual
domains, null clients, list-owner rewriting, relay control, double-bounce recording, arbitrary RFC 822
address lists, cross-host mailing list loop detection, per-recipient checkpointing, downed host backoffs,
independent message retry schedules, etc. In short, its up to speed on modern MTA features. qmail also
includes a drop-in sendmail wrapper so that it will be used transparently by your current UAs.
2. Required packages
There are five packages needed for this qmail install.
2.1 netqmail-1.06.tar.gz
qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internetconnected UNIX hosts. As of October 2001, qmail is the second most common SMTP server on the
Internet, and has by far the fastest growth of any SMTP server.
2.2 ucspi-tcp-0.88.tar.gz
It is a tool similar to inetd. ucspi-tcp listens in 25 port and spawns qmail-smtpd when required. ucspitcp stands for Unix Client Server Program Interface for TCP.
2.3 daemontools-0.76.tar.gz
daemontools is actually a tool to manage & monitor daemons linux. It is used in qmail as well to
manage qmail daemons.
2.4 checkpassword-0.90.tar.gz
checkpassword provides a simple, uniform password-checking interface to all root applications. It is
suitable for use by applications such as login, ftpd, and pop3d.
2.5 qmail-smtpd-auth-0.31.tar.gz
This patch enables SMTP AUTH protocol with following auth types: LOGIN, PLAIN and CRAMMD5.
3. Qmail Install
Install required package:
yum install gcc gcc-c++ make patch pam-devel openssl* wget vim-common vim-enhanced -y
4. Configure Qmail
4.1 Post Installation setup
Post installation configuration can be done by running following script.
./config-fast mail.teo-en-ming.com
cd checkpassword-0.90
patch < /usr/local/src/netqmail-1.06/other-patches/checkpassword-0.90.errno.patch
Install checkpassword.
make
make setup check
7. Install daemontools
Untar the daemontools source
cd /package
tar -xzvf daemontools-0.76.tar.gz
Patch daemontools with daemontools-0.76.errno.patch provided with net qmail.
cd /package/admin/daemontools-0.76/src
patch < /usr/local/src/netqmail-1.06/other-patches/daemontools-0.76.errno.patch
Install daemontools
cd ..
package/install
8. Qmail Startup script
The qmailctl script is used as startup script for qmail.
8.1 Download qmailctl
cd /var/qmail/bin/
wget http://lifewithqmail.org/qmailctl-script-dt70
Start daemontools with Upstart on CentOS 6.5 as it doesnt work with sysvinit:
Remove the added line from /etc/inittab :
SV:123456:respawn:/command/svscanboot
- Create a new file /etc/init/svscan.conf , with the startup code in it:
start on runlevel [345]
respawn
exec /command/svscanboot
- Tell init to re-read its configuration files and start svscanboot:
# initctl reload-configuration
# initctl start svscan
RETVAL=$?
;;
*)
echo $"Usage: $0 {condrestart|start|stop|restart|reload|status}"
exit 1
esac
exit $RETVAL
Now, make /etc/init.d/dovecot executable
chmod 755 /etc/init.d/dovecot
13.9 Create dovecot user
useradd dovecot
13.10 Start dovecot
/etc/init.d/dovecot start
14. Vpopmail commands
Vpopmail tools are located in /var/vpopmail/bin/
authvchkpw clearopensmtp dotqmail2valias vaddaliasdomain vadddomain vadduser valias vchangepw
vchkpw vconvert vdeldomain vdelivermail vdeloldusers vdeluser vdominfo vipmap vkill vlist
vmkpasswd
vmoddomlimits vmoduser vpasswd vpopbull vpopmaild vsetuserquota vusagec vuserinfo
14.1 Adding a domain
Domain can be added using following command
/var/vpopmail/bin/vadddomain teo-en-ming.com
/var/vpopmail/bin/vadddomain zhang-enming.com
can be processed using other UNIX tools. ripMIME supports both the RFC MIME standards as well as
being able to behave according to various MUA features which are often used as exploitation holes.
SimScan is a program developed by Inter7, the same people who wrote vpopmail, qmailadmin, and
several other programs which are commonly used on qmail servers. It serves the same purpose for
which many people use qmail-scanner, however because its written in C instead of Perl it runs much
more quickly, making it a better choice for high-volume mail servers.
Now it is time to make our e-mail server more secure, so to do that we will install Spamassassin,
ClamAV, Ripmime, and SimScan.
18. SpamAssassin installation:
18.2 Installing spamassassain from SOURCE:
yum install mod_perl.x86_64 mod_perl-devel.x86_64 perl-CPAN
cd /usr/local/src
wget http://archive.apache.org/dist/spamassassin/Mail-SpamAssassin-3.3.2.tar.gz
tar -xzvf Mail-SpamAssassin-3.3.2.tar.gz
cd /usr/local/src/Mail-SpamAssassin-3.3.2
perl -MCPAN -e shell
o conf prerequisites_policy ask
force install Digest::SHA HTML::Parser Net::DNS NetAddr::IP Time::HiRes Archive::Tar IO::Zlib
Digest::SHA Mail::SPF IP::Country Razor2 Net::Ident IO::Socket::INET6 IO::Socket::SSL
Compress::Zlib Mail::DKIM DBI LWP::UserAgent HTTP::Date Encode::Detect
o conf prerequisites_policy ask
perl Makefile.PL
make
make install
At this moment Spamassassin will complain about some dependences, but if no error message appear
we can go ahead and continue the installation with no problems.
groupadd spamd
useradd -g spamd -d /etc/mail/spamassassin -s /bin/false -m spamd
chown -R spamd.spamd /etc/mail/spamassassin
Ok, now we need to create a directory and set Spamassassin to the initialization:
mkdir /var/run/spamd
chown -R spamd /var/run/spamd
sa-update -D
18.3 Run spamd:
spamd -x -u spamd -H /etc/mail/spamassassin -s /var/log/spamd.log -d
-pidfile=/var/run/spamd/spamd.pid &
;;
*)
echo "Usage: $0 {start|stop|restart|help}"
exit 1
;;
esac
exit 0
To make sure that smpad is running type the following command:
ps aux | grep spamd
18.4 Added spamd on logrotate:
touch /etc/logrotate.d/spamd
Open the file and paste the text bellow:
nano /etc/logrotate.d/spamd
# Spamassassin Logrotate
/var/log/spamd {
daily
notifempty
missingok
postrotate
/usr/bin/killall -HUP spamd 2> /dev/null || true
endscript
}
Contents of /var/qmail/control/simcontrol:
:clam=yes,spam=yes,spam_passthru=yes,attach.vbs:.lnk:.scr:.wsh:.hta:.pif
/var/qmail/bin/simscanmk -g
Contents of /etc/tcp.smtp:
127.:allow,RELAYCLIENT=""
qmailctl stop
qmailctl cdb
qmailctl start
qmailctl stat
22. Install AutoResponders:
cd /usr/local/src
wget http://www.inter7.com/devel/autorespond-2.0.5.tar.gz
tar zxvf autorespond-2.0.5.tar.gz
cd autorespond-2.0.5
gcc -Wall -o autorespond autorespond.c
cp autorespond /usr/local/bin
# crontab -e
40 * * * * /usr/local/share/sqwebmail/cleancache.pl 2>&1 > /dev/null
chmod -R 755 /var/www/html/squirrelmail
chmod -R a+rx /usr/local/share/sqwebmail
26. Adding MX records to DNS server: