Installing QMail
This blog will explain step by step how to setup and configure qmail (1.03) on a Linux-based server.
Different people setup qmail different ways but, I have found this to be the best and easiest way. Do not skip any step unless the step is noted optional.
QMail Installation Steps
Step 1: Login to SSH
ssh root@IP-ADDRESS
Add users and groups.
PATH=/bin:/sbin:/usr/bin:/usr/sbingroupadd nofiles -g 81groupadd qmail -g 82useradd alias -u 81 -g nofiles -s /nonexistent -d /var/qmail/alias -Museradd qmaild -u 82 -g nofiles -s /nonexistent -d /var/qmail -Museradd qmaill -u 83 -g nofiles -s /nonexistent -d /var/qmail -Museradd qmailp -u 84 -g nofiles -s /nonexistent -d /var/qmail -Museradd qmailq -u 85 -g qmail -s /nonexistent -d /var/qmail -Museradd qmailr -u 86 -g qmail -s /nonexistent -d /var/qmail -Museradd qmails -u 87 -g qmail -s /nonexistent -d /var/qmail -M
Download qmail source code.
cd /usr/local/srcwget http://cr.yp.to/software/qmail-1.03.tar.gz
Download patches.
wget http://tomclegg.net/software/patch-qmail-103.patchwget http://tomclegg.net/software/patch-qmail-sendmail-flagf.patchwget http://tomclegg.net/software/patch-qmail-badmailfrom-wildcardwget http://tomclegg.net/software/patch-qmail-capa-pop3dwget http://tomclegg.net/software/patch-qmail-capa-popupwget http://tomclegg.net/software/patch-qmail-remote-authwget http://tomclegg.net/software/patch-qmail-smtpd-authwget http://tomclegg.net/software/patch-qmail-smtpd-auth-logExtract qmail and apply patches.
tar xzf qmail-1.03.tar.gzcd qmail-1.03for d in ../patch-qmail-*; do patch <“$d”; doneCompile and install qmail.
make setup check
Some linux systems don’t like the way qmail uses “errno”:
./load auto-str substdio.a error.a str.asubstdio.a(substdo.o)(.text+0x43): In function `allwrite’:: undefined reference to `errno’collect2: ld returned 1 exit statusmake: *** [auto-str] Error 1
To fix this, edit the error.h file in the qmail source code. Add this after 2, before the line saying “extern int errno;”:
#include “errno.h”
After you add that, do “make setup check” again.
You will need to do this again in a few minutes, when you compile checkpassword and daemontools.
Configure qmail.
cd /var/qmail/controlhostname >mecp me localsecho YOUR.IP.ADDR.HERE >>localscp locals rcpthosts
cd /var/qmail/aliasecho YOUR@EMAIL.ADDRESS >.qmail-rootcp .qmail-{root,mailer-daemon}cp .qmail-{root,postmaster}cp .qmail-{root,hostmaster}cp .qmail-{root,abuse}Download and install checkpassword.
cd /usr/local/srcwget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gztar xzf checkpassword-0.90.tar.gzcd checkpassword-0.90makemake setup check
(or use the author’s installation guide)Download and install cmd5checkpw.
cd /usr/local/srcwget http://members.elysium.pl/brush/cmd5checkpw/dist/cmd5checkpw-0.22.tar.gztar xzf cmd5checkpw-0.22.tar.gzcd cmd5checkpw-0.22makevi Makefile## (change /usr/man/man8 to /usr/share/man/man8)make install
Download and install daemontools.
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gztar xzf daemontools-0.76.tar.gzcd admin/daemontools-0.76package/install
svscan should be running now. pstree should show something like this.
|-svscanboot-+-readproctitle| `-svscan
Add to /etc/profile:
if ! echo $PATH | /bin/grep -q “/command” ; thenPATH=”/command:$PATH”fiCreate /var/service and set up a service directory for qmail-send.
mkdir -p /var/service/qmail-sendcd /var/service/qmail-sendmkdir log log/mainchown qmaill log/mainchmod g+s log/mainchmod +t .cat <<‘EOF’ >run#!/bin/shexec env – PATH=”/var/qmail/bin:$PATH” qmail-start ./Maildir/ 2>&1EOFcat <<‘EOF’ >log/run#!/bin/shexec env – PATH=”/command” setuidgid qmaill multilog t s999999 ./mainEOFchmod +x run log/runTurn on the supervised qmail service.
ln -s /var/service/qmail-send /service/
Wait a few seconds. qmail-send should be running now. pstree should show something like this.
|-svscanboot-+-readproctitle | `-svscan-+-supervise—qmail-send-+-qmail-clean | | |-qmail-lspawn | | `-qmail-rspawn | `-supervise—multilog
Download and install ucspi-tcp.
cd /usr/local/srcwget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gztar xzf ucspi-tcp-0.88.tar.gzcd ucspi-tcp-0.88make setup checkSet up a qmail-smtpd service on port 2525 for testing. Allow relaying to any domain from 127.0.0.1 and 192.168.202.0/24.
cd /var/servicemkdir qmail-smtpdcd qmail-smtpdmkdir log log/mainchown qmaill log/mainchmod g+s log/mainchmod +t .cat <<‘EOF’ >run#!/bin/shexec env – PATH=”/var/qmail/bin:$PATH”envuidgid qmaildtcpserver -U -vR -l 0 -x rules.cdb 0 2525rblsmtpd -a antirbl.tomclegg.net-r relays.ordb.org-r bl.spamcop.netqmail-smtpd `cat /var/qmail/control/me` cmd5checkpw true2>&1EOF
cat <<‘EOF’ >rules192.168.202.:allow,RELAYCLIENT=””,RBLSMTPD=””127.0.0.1:allow,RELAYCLIENT=””,RBLSMTPD=””:allowEOFtcprules rules.cdb rules.tmp <rules
cat <<‘EOF’ >log/run#!/bin/shexec env – PATH=/command setuidgid qmaill multilog t ./mainEOFchmod +x run log/run
Start the qmail-smtpd service.
ln -s /var/service/qmail-smtpd /service/
Set up a qmail-pop3d service on port 25110 for testing.
cd /var/servicemkdir qmail-pop3dcd qmail-pop3dmkdir log log/mainchown qmaill log/mainchmod g+s log/mainchmod +t .cat <<‘EOF’ >run#!/bin/shexec env – PATH=”/var/qmail/bin:$PATH”tcpserver -vR -l 00 25110qmail-popup “`cat /var/qmail/control/me`”checkpassword qmail-pop3d Maildir2>&1EOF
cat <<‘EOF’ >log/run#!/bin/shexec env – PATH=/command setuidgid qmaill multilog t ./mainEOFchmod +x run log/run
Start the qmail-pop3d service.
ln -s /var/service/qmail-pop3d /service/Create a Maildir for each user.
cd /home &&for user in *dosu -l “$user” -c “/var/qmail/bin/maildirmake Maildir”ls -ld “$user”/Maildirdone
Create a Maildir in /etc/skel.
/var/qmail/bin/maildirmake /etc/skel/Maildir
Switching mail service from sendmail to qmail
Translate /home/*/.forward to /home/*/.qmail (details omitted).
Translate /etc/mail/virtusertable to /var/qmail/alias/.qmail-* and /var/qmail/control/virtualdomains (details omitted).
Test local delivery using “telnet localhost 2525”
Test remote delivery using “telnet localhost 2525”
Test relay control using “telnet YOUR.IP.ADDR.HERE 2525” from somewhere else. You should be able to connect, but mail to test@example.com should be refused.
Test pop using “telnet localhost 25110”
Replace /usr/sbin/sendmail with a symlink to /var/qmail/bin/sendmail
cd /usr/sbinmv -i sendmail sendmail~ln -s /var/qmail/bin/sendmail
Turn off pop3 service in /etc/xinetd.d/ipop3 and kick xinetd.
perl -pi~ -e ‘s,^},tdisable = yesn},’ /etc/xinetd.d/ipop3killall -USR1 xinetd
Make sure sendmail won’t start at boot time any more.
# /sbin/chkconfig sendmail off# /sbin/chkconfig –level 2 sendmail off# /sbin/chkconfig –list sendmailsendmail 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Stop sendmail.
killall sendmail
Change port 2525 to port 25 in /service/qmail-smtpd/run, change port 25110 to port 110 in /service/qmail-pop3d/run, and restart qmail-smtpd.
svc -t /service/qmail-smtpd /service/qmail-pop3d
Convert /var/spool/mail/* to /home/*/Maildir/ (details omitted).
If you use pine, change the inbox-path in your ~/.pinerc file:
inbox-path={localhost/pop3}INBOX
About the author
