| View previous topic :: View next topic |
| Author |
Message |
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
 Posted: Sat Sep 17, 2005 10:16 pm Post subject: HOWTO: qmail vpopmail courier-imap qmail-scanner (09/2005) |
 |
|
THIS GUIDE IS OUTDATED
If you feel experimental I have a new guide at https://forums.gentoo.org/viewtopic-t-539101.html
Mobiusproject has posted an updated version of this guide.
https://forums.gentoo.org/viewtopic-t-527246.html
This is an updated version of the guide originaly posted by Sabrex at
https://forums.gentoo.org/viewtopic-t-171499-start-0.html
Please check the bug sumary at the bottom of the guide.
Packages used in this guide:
| Code: |
qmail-1.03-r15
vpopmail-5.4.6-r1
courier-imap-4.0.1
pyzor-0.4.0-r1
razor-2.77
dcc-1.3.16
spamassassin-3.0.4
clamav-0.87
qmail-scanner-1.25-r1
ezmlm-idx-mysql-0.40-r2
squirrelmail-1.4.5
|
Asumes these packages are installed, configured and running:
Before you start it might be a good idea to run
1) Ensure that the proper USE flags are set
| Code: |
> nano -w /etc/make.conf
USE-flags to set: +apache2 +spamassassin +maildir +mysql +qmail +ssl -ipv6 +ipalias +fam +nls -milter
|
+ipalias is useful if you're setting up the server without having an domain for it. Say you have another server running on the domain you're going to use, but don't want to set this server into production before it's well tested. If you have a (sub)domain for testing purposes you don't need to enable this.
-ipv6 disables use of IPv6. It's been making problems for quite a few ppl. If you're not using IPv6, why have it enabled? As of 2005.1 ipv6 has been enabled by default in Gentoo. Disable to save yourself some problems.
+ssl if you want SSL support
2)Install qmail
You might see something blocking for the instalation of qmail. Unemerge them:
| Code: |
> emerge -C (append name of blocking package(s) here!)
|
Install qmail
Configure qmail
| Code: |
> nano -w /var/qmail/control/servercert.cnf
Modify to whatever suits your needs and save/exit
> ebuild /var/db/pgk/mail-mta/qmail-1.03-r15/qmail-1.03-r15.ebuild config
Press [enter] to continue whenever it asks you to modify /var/qmail/control/servercert.cnf. You've done that.
|
Setup/start smtp service
| Code: |
> ln -s /var/qmail/supervise/qmail-send /service/qmail-send
> ln -s /var/qmail/supervise/qmail-smtpd /service/qmail-smtpd
> rc-update add svscan default
> /etc/init.d/svscan start
|
3) Install vpopmail
Create the vpopmail database.
| Code: |
Login to the mysql server (as a user with permissions to create databases and add users)
mysql> create database vpopmail;
mysql> grant select, insert, update, delete, create, drop on vpopmail.* to vpopmail@localhost identified by 'your vpopmail password';
mysql> flush privileges;
mysql> quit
|
Choose a vpopmail password that is not used anywhere else. The password has to be saved in cleartext! You'll never need to remember it after you're done with the instalation.
If your mysql server is not running on localhost, change the vpopmail@hostname accordingly.
Edit vpopmail.conf.
| Code: |
> nano -w /etc/vpopmail.conf
Modify these lines - insert you vpopmail password:
# Read-only DB
localhost|0|vpopmail|your vpopmail password|vpopmail
# Write DB
localhost|0|vpopmail|your vpopmail password|vpopmail
|
save/exit
Make sure the vpopmail.conf is readable for the vpopmail user. Default is ownership = root:vpopmail with 640 permissions
4) Install imap and pop3 server
| Code: |
> emerge courier-imap
|
Something is buggy... this should fix:
| Code: |
> cd /etc/courier
> ln -s authlib/authdaemonrc
|
Modify /etc/courier/authlib/authdaemonrc
| Code: |
> nano -w /etc/courier/authlib/authdaemonrc
edit the line authmodulelist=.. to read:
authmodulelist="authvchkpw"
|
save/exit
If you want the imapserver to run, modify /etc/courier-imap/imapd
| Code: |
> nano -w /etc/courier-imap/imapd
Edit IMAPDSTART=NO to IMAPDSTART=YES
|
save/exit
If you want ssl support for you imapserver, modify /etc/courier-imap/imapd-ssl and /etc/courier-imap/imapd.cnf
| Code: |
> nano -w /etc/courier-imap/imapd-ssl
Edit IMAPDSSLSTART=NO to IMAPDSSLSTART=YES
|
save/exit
| Code: |
> nano -w /etc/courier-imap/imapd.cnf
Edit according to your server/location/domain
|
save/exit
If you want the pop3 server to run, modify /etc/courier-imap/pop3d
| Code: |
> nano -w /etc/courier-imap/pop3d
Edit POP3DSTART=NO to POP3DSTART=YES
|
save/exit
If you want ssl support for the pop3 server, modify /etc/courier-imap/pop3d-ssl and /etc/courier-imap/pop3d.cnf
| Code: |
> nano -w /etc/courier-imap/pop3d-ssl
Edit POP3DSSLSTART=NO to POP3DSSLSTART=YES
|
save/exit
| Code: |
> nano -w /etc/courier-imap/pop3d.cnf
Edit according to your server/location/domain
|
save/exit
Generate certificates:
| Code: |
(only if you're going to run imap-ssl server)
> mkimapdcert
(only if you're going to run pop3-ssl server)
> mkpop3dcert
|
Start the servers (all or just some of them)
| Code: |
> /etc/init.d/famd start
> rc-update add famd default
> /etc/init.d/courier-imapd start
> rc-update add courier-imapd default
> /etc/init.d/courier-pop3d start
> rc-update add courier-pop3d default
> /etc/init.d/courier-imapd-ssl start
> rc-update add courier-imapd-ssl default
> /etc/init.d/courier-pop3d-ssl start
> rc-update add courier-pop3d-ssl default
|
I'm running all 4 servers. Users may decide if they want imap or pop3. A firewall makes sure that the non-ssl servers is unavailable for users located outside the local network.
5) update the smtpd config to allow smtp-auth using vpopmail
| Code: |
> nano -w /var/qmail/control/conf-smtpd
Uncomment the last 4 lines, and change the value of QMAIL_SMTP_CHECKPASSWORD:
QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"
|
save/exit
Set permissions on vchkpw
| Code: |
> chmod 4711 /var/vpopmail/bin/vchkpw
|
Prepare for qmailfilter
| Code: |
> nano -w /var/qmail/control/conf-common
Modify the SOFTLIMIT to:
SOFTLIMIT_OPTS="-m 32000000"
|
save/exit
The following step makes sending mail a lot faster under some circumstances, and I highly recommend that you do the following if you notice delays of 30 to 45 seconds sending mail:
| Code: |
> nano -w /var/qmail/control/conf-common
TCPSERVER_OPTS="-H -R -l 0" (that's lower-case L followed by zero)
|
save/exit
Reload smtp config
| Code: |
> svc -t /var/qmail/supervise/qmail-smtpd
|
6) install spam database clients
| Code: |
> emerge pyzor
> emerge razor
> emerge dcc
|
7) install ClamAV and SpamAssassin
| Code: |
> emerge spamassassin clamav
|
Configure SpamAssassin
| Code: |
> nano -w /etc/conf.d/spamd
Modify:
SPAMD_OPTS="-m 5 -H -v -x -C /etc/spamassassin/local.cf"
|
save/exit
| Code: |
> nano -w /etc/spamassassin/local.cf
# How many hits before a message is considered spam. Lower to 3.0 after 1000 spams, adjust as needed
required_hits 5.0
# Text to prepend to subject if rewrite_subject is used
rewrite_header subject ***SPAM***
# Encapsulate spam in an attachment
report_safe 1
# Enable the Bayes system
use_bayes 1
# Enable Bayes auto-learning - disable after 20000 spammails (reduce server load)
bayes_auto_learn 1
bayes_auto_learn_threshold_spam 10.0
# Enable or disable network checks
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# Languages
ok_languages all
ok_locales all
|
save/exit
Start spamd
| Code: |
> /etc/init.d/spamd start
> rc-update add spamd default
|
Configure Clamav
| Code: |
> nano -w /etc/freshclam.conf
update DatabaseMirror to a mirror close to your server
|
save/exit
| Code: |
> nano -w /etc/clamd.conf
Make sure the User clamd IS commented.
|
save/exit
Start clamav
| Code: |
> /etc/init.d/clamd start
> rc-update add clamd default
|
8) install qmail-scanner
Make sure spamassassin and clamav is running while emerging qmail-scanner.
| Code: |
> emerge qmail-scanner
|
Stop spamd
| Code: |
/etc/init.d/spamd stop
|
Reconfigure SpamAssassin
| Code: |
> nano -w /etc/conf.d/spamd
Modify:
SPAMD_OPTS="-m 5 -H -u qscand -v -x"
(It would make sence to keep the option "-C /etc/spamassassin/local.cf", but for some weird reason the current version of spamd ignores the config file if it's specified!
PIDFILE="/var/run/spamd/spamd.pid"
|
save/exit
| Code: |
> mkdir /var/run/spamd
> chown qscand:qscand /var/run/spamd
|
Start spamd
| Code: |
/etc/init.d/spamd start
|
reemerge qmail-scanner. For debugging purposes it's a good idea run this in some window with scrolling capability. (I.e over ssh from another pc.)
| Code: |
> emerge qmail-scanner
|
Scroll back to see if Spamd and Clamav was detected. Look for
| Code: |
Searching .....................................
==============================================================
The following binaries and scanners were found on your system:
==============================================================
|
Followed by: clamdscan=... and fast_spamassassin=...
If they're not detected there might be some error messages that will be handy for debugging
Activate qmail-scanner
| Code: |
> nano -w /etc/tcprules.d/tcp.qmail-smtp
Make sure there are lines like this:
#IPs allowed to relay - don't scan with qmail-scanner
## localhost
127.0.0.:allow,RELAYCLIENT="",RBLSMTPD=""
## Lokal network
192.168.2.:allow,RELAYCLIENT="",RBLSMTPD=""
## server public IP
123.123.123.123:allow,RELAYCLIENT="",RBLSMTPD=""
# Don't relay from other IPs. Scan with qmail-scanner
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"
# Note: As of qmail-scanner 1.20 we use a wrapper - not qmail-scanner-queue.pl
|
save/exit
update the cdb
| Code: |
> cd /etc/tcprules.d/
> tcprules tcp.qmail-smtp.cdb tcp.qmail-smtp.tmp < tcp.qmail-smtp
|
9) Create domain(s)
The first domain to add should be the primary domain of the server.
| Code: |
> /var/vpopmail/bin/vadddomain domain.net postmasterpassword
|
Repeat for all virtual domains.
If you want your users username@defaultdomain.net to be able to log in using just username as the username (not username@domain.net) do this:
| Code: |
echo "defaultdomain.net" > ~vpopmail/etc/defaultdomain
|
If you have a (sub)domain for testing add it as a aliasdomain.
| Code: |
> /var/vpopmail/bin/vaddaliasdomain domain.net test.domain.net
|
10) install mailinglists and qmailadmin
| Code: |
> emerge ezmlm-idx-mysql qmailadmin
|
11) Install squirrelmail
| Code: |
> emerge squirrelmail
> ln -s /usr/share/webapps/squirrelmail/1.4.5/htdocs /var/www/localhost/htdocs/mail
|
The last part of the ln-command is pointing to the documentroot of the webserver.
Get the vhost plugin
| Code: |
> cd /usr/share/webapps/squirrelmail/1.4.5/htdocs/plugins
> wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fvlogin-3.6-1.2.7.tar.gz
> tar -xvzf vlogin-3.6-1.2.7.tar.gz
> rm vlogin-3.6-1.2.7.tar.gz
|
Configure squirrelmail
| Code: |
> cp vlogin/data/config.php.sample.typical vlogin/data/config.php
> nano -w vlogin/data/config.php
(modify to fit your needs)
> nano -w secure_login/config.php
(modify to fit your needs)
> cd /usr/share/webapps/squirrelmail/1.4.5/htdocs/config
> perl conf.pl
|
Press D to load the Courier-imap template.
Walk through the config menu to set up to your needs.
Make sure to load the compability, secure_login and vlogin plugins.
As users inboxes grow, the webmail will become slow. To fix this make sure to enable "Allow server thread sort" and "Allow server-side sort" under General Options. (Wonder why these are off by default. Any security risk?)
12) Check Qmail controlfiles
Make sure the files in /var/qmail/control got updated. If they are not updated something is wrog. Probably it's related to mysql permissions.
| Code: |
These files should contain your primary domain:
defaultdomain, locals, me
This should contain all domains and aliasdomains on separate lines:
rcpthosts
This should contain all domains and aliasdomains on the form of domain.net:domain.net :
virtualdomains
|
13) Client setup
For SMTP client setup: All clients outside your local network need to enable TLS (encryption) and SMTP-auth. For username use the full email-adress. There is a bug with Outlook (and express) XP using TLS. No workaround is known. Use another clientprogram! (I love Opera - now it's even free!)
Note: M4chine posted (on Oct. 19th, 2005) that this bug was related to Symantec AntiVirus. If you disable "Internet Mail Security" you may get around this problem. I've no clue if this is the way to go when using other virus software. (Btw, if you're using Symantec / Norton AV you should seriously consider another AV program for windows. Avast, Clamwin and F-secure are my favorites.)
POP3/IMAP client setup: If you do like me - block port 110 and 143 from outside your localnet with a firewall then clients on the outside need to enable SSL and use port 993 for IMAP-SSL and port 995 for POP3-SSL. Clientes on the local network may use ports 110/143 without SSL enabled. Use the full email-address as username.
Known bugs:
clamav is running as root. This is the default setting, but I don't like it. If anyone figure a way to fix this, please let me know.
Mail infected by netsky D does not get detected.
FIXED: There was a bug in my testscript that messed up a header and made qmailscanner fail to extract the attachment
Authentication in imap/pop fail randomly loging:
| Code: | | authdaemond: vmysql: sql error[3]: No Database Selected |
This might be related to the old way to setup vpopmail.conf. Try adding these lines to the end of /etc/vpopmail.conf:
| Code: |
MYSQL_UPDATE_SERVER localhost
MYSQL_UPDATE_USER vpopmail
MYSQL_UPDATE_PASSWD yourvpopmailpassword
MYSQL_READ_SERVER localhost
MYSQL_READ_USER vpopmail
MYSQL_READ_PASSWD yourvpopmailpassword
|
Another thing that might help for the same bug is to edit /etc/courier/authlib/authdaemonrc
edit the line authmodulelistorig=... to read:
authmodulelistorig="authvchkpw"
then run: /etc/init.d/courier-authlib
Unverified tricks from readers
Here I'll put a collection of good ideas, hints and tricks posted by readers. I have not tried these myself.
| Mindstab wrote: | I've also now found that something like
| Code: | | echo "#" > /var/qmail/control/doublebounceto |
should route all double bounce messages to /dev/null hopefully
I just looked into this as I was getting a lot |
To solve problems with bayes not learning:
| krull wrote: | I donno if this helps, I just added a universal path for bayes in spamassassin's local.cf so far it seems to work:
| Code: | nano -w /etc/spamassassin/local.cf
Add:
bayes_path /etc/mail/spamassassin/bayes |
|
| Mindstab wrote: | Um, a possible update for the doc. They worked well, but I found I had to
| Code: |
valias haplo@mindstab.net root@mindstab.net
valias haplo@mindstab.net postmaster@mindstab.net
vaddaliasdomain mindstab.net mail.mindstab.net
|
To get everything working right
Otherwise all my servers log messages were being bounced
Also, I found that if any domains were in qmail/control/locals
qmail tried to use local delivery for users ther to their /home dirs instead of using vpopmail
|
Last edited by petterg on Sun Feb 11, 2007 5:32 pm; edited 11 times in total |
|
| Back to top |
|
 |
Tatey
n00b
Joined: 18 Apr 2004
Posts: 37
Location: Brisbane, Australia
|
| Posted: Sun Sep 18, 2005 9:05 am Post subject: |
|
|
This guide worked like a treat! Thank you very much 
_________________
[ visit my website, tatey.com ] |
|
| Back to top |
|
|
pavaveda
n00b
Joined: 20 Sep 2005
Posts: 2
|
| Posted: Tue Sep 20, 2005 10:24 pm Post subject: |
|
|
If I don't want to use vpopmail, what options do I need in my authmoduleslist?
Thanks. |
|
| Back to top |
|
|
krull
n00b
Joined: 12 Apr 2004
Posts: 8
|
| Posted: Wed Sep 21, 2005 7:29 am Post subject: |
|
|
Great Guide! Worked like a charm!
A few more pointers though for first time installers such as myself:
- when using vpopmail as stated in the guide, all your users will have 'user@domain.tld' as their username in their mail client like thunderbird, outlook, etc... From what I gathered adding --enable-default-domain=<domain name> while you emerge vpopmail will allow you to set a default domain for vpopmail users so that they only put their 'user' instead of the full email as their username. I donno another way to add this than editing the main vpopmail ebuild and digesting it. Anyone care to share an alternative?
- When emerging vpopmail, a messaging saying Use of vpopmail's tcp.smtp[.cdb] is also deprecated now, consider using net-mail/relay-ctrl instead. Probably adding relay-ctrl here in this guide as well would do us alot of good.
Overall, a great Guide! Thanks!
EDIT: ezmlm's mysql support works, but you will have to prep the database's tables first before qmailadmin's mailing-list web UI will be able to use the database.
From the ezmlm/qmailadmin FAQ/DOC (downloadable here)
| Code: | | ezmlm-mktab -d list | mysql -h host -u user -p -f db |
| Quote: | This connects to the mysql server on ``host'' as ``user''
(prompting for the password) and in database ``db'' cre-
ates tables list, list_slog, list_mlog, the corresponding
table sets for address lists list_allow, list_deny,
list_digest, list_mod, as well as list_name,
list_digest_name, list_cookie, and list_digest_cookie.
Since the -d switch is used, any of these tables already
existing are first dropped, with loss of any data already
in them. |
After this ezmlm/qmailadmin will start using the mysql database instead of putting the subscribers in the /etc/vpopmail/domains/<domainname>/<listname>/subscribers/ directory. I haven't tried its viability for big email list yet. Since I am not too familiar with MySQL's user privelages, I made ezmlm use root@localhost which is abit insecure. If someone who is more knowledable would enlighten us on what kind of privelages we ought to put on the user please let us know.
- KrulL
Last edited by krull on Wed Sep 21, 2005 1:20 pm; edited 1 time in total |
|
| Back to top |
|
|
andy124
n00b
Joined: 20 Sep 2005
Posts: 2
|
| Posted: Wed Sep 21, 2005 1:11 pm Post subject: |
|
|
Minor typo - in the 4th code box, the one with the USE flags,
you have "sll" instead of "ssl". |
|
| Back to top |
|
|
andy124
n00b
Joined: 20 Sep 2005
Posts: 2
|
| Posted: Wed Sep 21, 2005 1:53 pm Post subject: |
|
|
Did anyone ever figure out the "clamdscan" permission problem?
My installation works either by using "clamscan", or running clamdscan
as root.
I'd love to hear about it! |
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Wed Sep 21, 2005 9:45 pm Post subject: |
|
|
| pavaveda wrote: | If I don't want to use vpopmail, what options do I need in my authmoduleslist?
Thanks. |
I'll guess you'll use the pam module. |
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Wed Sep 21, 2005 9:56 pm Post subject: |
|
|
| krull wrote: | From what I gathered adding --enable-default-domain=<domain name> while you emerge vpopmail will allow you to set a default domain for vpopmail users
|
I'll guess you could add the default domain to the file /var/qmail/control/defaultdomain
| krull wrote: | When emerging vpopmail, a messaging saying Use of vpopmail's tcp.smtp[.cdb] is also deprecated now, consider using net-mail/relay-ctrl instead. Probably adding relay-ctrl here in this guide as well would do us alot of good.
|
The tcprules stuff is what is installed when emerging qmail. Last time (in Mars) I looked into relay-ctrl I didn't see any reason to switch. Why would we use relay-ctrl over tcprules?
| krull wrote: |
ezmlm's mysql support works, but you will have to prep the database's tables first before qmailadmin's mailing-list web UI will be able to use the database.
|
I didn't need to do that. Was I just lucky? |
|
| Back to top |
|
|
krull
n00b
Joined: 12 Apr 2004
Posts: 8
|
| Posted: Thu Sep 22, 2005 7:02 am Post subject: |
|
|
| petterg wrote: | | I'll guess you could add the default domain to the file /var/qmail/control/defaultdomain |
Nope... doesn't seem to accept that as a valid fix... I did the changes, and still it uses user@domain.tld as a 'username'. Anyways, I can live with , but being on a single domain without any virtualdomain settings, it would've come in handy (not to mention convienient...) to just use a 'username' instead.
| petterg wrote: | | The tcprules stuff is what is installed when emerging qmail. Last time (in Mars) I looked into relay-ctrl I didn't see any reason to switch. Why would we use relay-ctrl over tcprules? |
uh... I am not too familiar with tcprules nor relay-ctrl. Actually, I am a newb on all this MTA stuff...  I noticed though that there was no /etc/tcp.smtp in my gentoo setup (2.6.11-hardened-r15), but a /etc/tcprules.d/tcp.qmail-smtp instead. So when I was following your guide, especially the part with editing /etc/tcp.smtp, I did an educated guess in editing /etc/tcprules.d/tcp.qmail-smtp instead. 
What's the difference of the two, if any? and why relay-ctrl is recomended now over tcprules?
| petterg wrote: | | I didn't need to do that. Was I just lucky? |
Could be. I know that the mailing-list qmailadmin section will still work without mySQL support, writing everything inside /var/vpopmail/domains/<domain.tld>/<listname>/. When I tried to enable mySQL support though the first time around, with the right credentials, it didn't create the database, tables, etc... and wouldn't write any subscribers emails in there.
FYI: Now my setup is not live as of yet, and I am in the process of adding the company's emails/aliases and mailing-lists. This MTA based on your Guide will replace an arcaine setup of MDaemon with WinXP that's handling over 14,000 emails a day (barely...).
Our router forwards mail to our mailserver's internal IP. If I do the switch by just changing the IP's around, would it work 'on-the-fly' per se? (bar ofcourse the hardcoded IP settings that needed change in the qmail/vpopmail setup...)
EDIT: Doing a spamassassin -D --lint, I get these parsing errors:
| Code: | config: SpamAssassin failed to parse line, skipping: report_header 1
config: SpamAssassin failed to parse line, skipping: rewrite_subject 1
config: SpamAssassin failed to parse line, skipping: subject_tag *****SPAM*****
config: SpamAssassin failed to parse line, skipping: use_terse_report 1
config: SpamAssassin failed to parse line, skipping: auto_learn 1
|
Any Ideas? I am looking in man Mail::SpamAssassin::Conf for possible fixes since I read that certain variable settings in SpamAssassin are not being honored with the latest build. (I got mail-filter/spamassassin-3.0.4 installed here..)
EDIT: Google is the answer http://www.hoboes.com/Mimsy/?ART=201
Thanks a heap!
- KrulL |
|
| Back to top |
|
|
narcis.gratianu
n00b
Joined: 21 Nov 2004
Posts: 60
|
| Posted: Thu Sep 22, 2005 10:16 pm Post subject: mail problem after removing ssmtp |
|
|
Hello !
After i unmerged ssmtp and emerged qmail, some of the scripts that i have on my computer and used the /usr/sbin/sendmail symlink to send mail stop working. What can i do to enable it again ? Where i can point the same symlink to send e-mails ?
thank you !
_________________
Best regards,
Narcis GRATIANU |
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Fri Sep 23, 2005 10:47 am Post subject: Re: mail problem after removing ssmtp |
|
|
| narcis.gratianu wrote: | Hello !
After i unmerged ssmtp and emerged qmail, some of the scripts that i have on my computer and used the /usr/sbin/sendmail symlink to send mail stop working. What can i do to enable it again ? Where i can point the same symlink to send e-mails ?
thank you ! |
The qmail-inject command will do that job.
I'm not sure if you should use a symlink or an alias. I'm not sure if they take the same arguments. |
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Fri Sep 23, 2005 11:54 am Post subject: |
|
|
| krull wrote: | Nope... doesn't seem to accept that as a valid fix... I did the changes, and still it uses user@domain.tld as a 'username'. Anyways, I can live with , but being on a single domain without any virtualdomain settings, it would've come in handy (not to mention convienient...) to just use a 'username' instead.
|
Agree. That's one of the many things to look into.
| krull wrote: |
I noticed though that there was no /etc/tcp.smtp in my gentoo setup (2.6.11-hardened-r15), but a /etc/tcprules.d/tcp.qmail-smtp instead. So when I was following your guide, especially the part with editing /etc/tcp.smtp, I did an educated guess in editing /etc/tcprules.d/tcp.qmail-smtp instead. :wink:
|
That was one more typo - some leftovers from the old guide. Thanx for pointing that out. Guide updated.
| krull wrote: |
What's the difference of the two, if any? and why relay-ctrl is recomended now over tcprules?
|
Another way to ask the same: Why it tcprules installed be default when relay-ctrl is recommended?
I didn't see the message, but I didn't sit around to read the stuff eigther.
| krull wrote: |
FYI: Now my setup is not live as of yet, and I am in the process of adding the company's emails/aliases and mailing-lists. This MTA based on your Guide will replace an arcaine setup of MDaemon with WinXP that's handling over 14,000 emails a day (barely...).
|
For a system handeling that many mails you should concider installing a dns server/cache on localhost to speedup spamassassin.
| krull wrote: |
EDIT: Doing a spamassassin -D --lint, I get these parsing errors:
| Code: | config: SpamAssassin failed to parse line, skipping: report_header 1
config: SpamAssassin failed to parse line, skipping: rewrite_subject 1
config: SpamAssassin failed to parse line, skipping: subject_tag *****SPAM*****
config: SpamAssassin failed to parse line, skipping: use_terse_report 1
config: SpamAssassin failed to parse line, skipping: auto_learn 1
|
|
Wops!
local.cf syntax has changed - the config-generator on spamassassin website is not updated (= useless)
Guide is about to be fixed.... reading doc.... |
|
| Back to top |
|
|
laebshade
n00b
Joined: 19 Mar 2005
Posts: 15
|
| Posted: Fri Sep 23, 2005 8:09 pm Post subject: |
|
|
Thanks for the great guide, Peter. I had a working setup yesterday, however today e-mail is not being delivered to my inbox; no errors, no bouncebacks. The e-mail is going somewhere, and I found out where.
Edit: nevermind. Not sure what happened, so I followed the first part and re-emerged qmail, vpopmail, and courier-imap. Problem solved. |
|
| Back to top |
|
|
krull
n00b
Joined: 12 Apr 2004
Posts: 8
|
| Posted: Wed Sep 28, 2005 12:08 pm Post subject: |
|
|
| petterg wrote: | Agree. That's one of the many things to look into.
|
Doing some more investigation on setting up defaultdomain for vpopmail, I found out that editing the ebuild to include --enable-default-domain gave out this error:
| Code: | | configure: error: --enable-default-domain has been superceded. The default domain should be put into the file ~vpopmail/etc/defaultdomain instead |
So I just did what it said by doing:
| Code: | | echo "testdomain.com" > ~vpopmail/etc/defaultdomain |
AND IT WORKED! users can now log in with only their username and not a full user@domain.tld like before! woot! Maybe adding that subtle, yet important detail to your guide would help others out that has the need for single domain setup like mine, petterg.
| petterg wrote: | | For a system handeling that many mails you should concider installing a dns server/cache on localhost to speedup spamassassin. |
Thanks for the suggestion, petterg. I'll do just that. Any good HOWTO out there for such a task?
EDIT: Found a nice simple howto for a DNS Caching with djbdns: http://www.karkomaonline.com/article.php/20031010194701302
EDIT: From Gentoo Wiki: http://gentoo-wiki.com/HOWTO_Setup_a_DNS_Server_with_DJBDNS
Chao!
- KrulL
Last edited by krull on Mon Oct 24, 2005 7:20 am; edited 1 time in total |
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Thu Sep 29, 2005 8:59 am Post subject: |
|
|
| krull wrote: |
| Code: | | echo "testdomain.com" > ~vpopmail/etc/defaultdomain |
AND IT WORKED! :D users can now log in with only their username and not a full user@domain.tld like before! woot! Maybe adding that subtle, yet important detail to your guide would help others out that has the need for single domain setup like mine, petterg.
|
Great!
Updating the guide.... |
|
| Back to top |
|
|
krull
n00b
Joined: 12 Apr 2004
Posts: 8
|
| Posted: Mon Oct 03, 2005 9:30 am Post subject: |
|
|
Minor Correction to the guide:
Where it says:
| Quote: | | nano -w /etc/tcprules.d/tcp.smtp |
It should be:
| Quote: | | nano -w /etc/tcprules.d/tcp.qmail-smtp |
|
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Mon Oct 03, 2005 1:19 pm Post subject: |
|
|
| krull wrote: | | Minor Correction to the guide: |
Done.
Thanks |
|
| Back to top |
|
|
Mindstab
Apprentice
Joined: 02 Jan 2003
Posts: 271
Location: Vancouver, Canada
|
| Posted: Mon Oct 03, 2005 8:19 pm Post subject: |
|
|
um, why might i ask are we using FAM?
What benifits does it bring. I've had qmail vpopmail courier setups before with out it, and I've heard bad things about it's security track records.
So I was surprised to see it here in a non desktop app. Wondered what it was for |
|
| Back to top |
|
|
krull
n00b
Joined: 12 Apr 2004
Posts: 8
|
| Posted: Tue Oct 04, 2005 7:05 am Post subject: |
|
|
Hi all,
I am still testing my installation before putting it in production use. I have noticed this on the mail headers I send out through the SMTP:
| Code: | Received: from unknown (HELO ?127.0.0.1?) (10.0.0.180)
by 0 with SMTP; 3 Oct 2005 17:54:00 +0300 |
Anyone knows why this happens?
Thanks in advance,
KrulL |
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Wed Oct 05, 2005 6:31 pm Post subject: |
|
|
| krull wrote: | Hi all,
I am still testing my installation before putting it in production use. I have noticed this on the mail headers I send out through the SMTP:
| Code: | Received: from unknown (HELO ?127.0.0.1?) (10.0.0.180)
by 0 with SMTP; 3 Oct 2005 17:54:00 +0300 |
Anyone knows why this happens?
Thanks in advance,
KrulL |
Do you get the same messge independet on which pc you're sending from? (Assuming you're using a mail client, not using webmail.) Does the hostname of you server resolve to an IP adress? |
|
| Back to top |
|
|
petterg
Guru
Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway
|
| Posted: Wed Oct 05, 2005 7:16 pm Post subject: |
|
|
| Mindstab wrote: | um, why might i ask are we using FAM?
What benifits does it bring. I've had qmail vpopmail courier setups before with out it, and I've heard bad things about it's security track records.
So I was surprised to see it here in a non desktop app. Wondered what it was for |
From the documentation of courier-imap:
| Quote: |
You may wish to enable IMAP_CHECK_ALL_FOLDERS if you filter new mail into folders other than your regular inbox. You can enable the IMAP_ENHANCEDIDLE option. Enhanced idle mode notifies all clients immediately when any changes to a folder occur.
|
and
| Quote: |
If you choose not to install fam, you can still use IMAP_ENHANCEDIDLE, but instead Courier IMAP will poll for changes every 60 seconds for folders opened by IMAP clients.
|
To me it souded like a good idea to use fam. I might be wrong. |
|
| Back to top |
|
|
Mindstab
Apprentice
Joined: 02 Jan 2003
Posts: 271
Location: Vancouver, Canada
|
| Posted: Fri Oct 07, 2005 5:09 pm Post subject: |
|
|
Um, a possible update for the doc. They worked well, but I found I had to
| Code: |
valias haplo@mindstab.net root@mindstab.net
valias haplo@mindstab.net postmaster@mindstab.net
vaddaliasdomain mindstab.net mail.mindstab.net
|
To get everything working right
Otherwise all my servers log messages were being bounced
Also, I found that if any domains were in qmail/control/locals
qmail tried to use local delivery for users ther to their /home dirs instead of using vpopmail
Thanks |
|
| Back to top |
|
|
DNAspark99
Guru
Joined: 03 Sep 2004
Posts: 321
|
| Posted: Fri Oct 07, 2005 5:52 pm Post subject: |
|
|
I havn't seen it mentioned anywhere, and having to figure it out myself took a while longer than it probably should have, so I'll just mention what I learned here: qmail-scanner and spamassassin 'learning' was not working correctly, so, several headaches later, I fixed it by unifying the ~/.spamassassin dirs and changing some permissions to allow qscand access, even tho after a few 'learnings' some files were overwritten with 'default' ownerships/permissions, but it works now.... can anyone explain 'why'? what was I missing before? (spamassassin wasn't catching *anything* before I did this, now works like it should)
| Code: |
rm -rf /root/.spamassassin
ln -s /var/vpopmail/.spamassassin /root
chgrp qscand -R /var/vpopmail/.spamassassin
chmod g+w -R /var/vpopmail/.spamassassin
|
| Code: |
ls -al /var/vpopmail/.spamassassin/
total 5.7M
drwxrwxr-x 2 vpopmail qscand 176 Oct 7 10:44 ./
drwxr-xr-x 10 vpopmail vpopmail 304 Oct 3 12:43 ../
-rw-rw---- 1 vpopmail qscand 1.4M Oct 7 10:44 auto-whitelist
-rw-rw---- 1 vpopmail qscand 656K Oct 5 14:17 bayes_seen
-rw------- 1 root root 5.1M Oct 5 14:17 bayes_toks
-rw-rw-r-- 1 root root 1.2K Oct 3 23:12 user_prefs
|
|
|
| Back to top |
|
|
Mindstab
Apprentice
Joined: 02 Jan 2003
Posts: 271
Location: Vancouver, Canada
|
| Posted: Sun Oct 09, 2005 6:56 am Post subject: |
|
|
I've also now found that something like
| Code: | | echo "#" > /var/qmail/control/doublebounceto |
should route all double bounce messages to /dev/null hopefully
I just looked into this as I was getting a lot |
|
| Back to top |
|
|
^and1
n00b
Joined: 13 Apr 2005
Posts: 9
|
| Posted: Sun Oct 09, 2005 1:49 pm Post subject: |
|
|
The last install i made, was with the help of saberx's docu. After i installed my server a month ago, i used this "http://gentoo-wiki.com/HOWTO_Setup_QMAIL_VPOPMAIL_and_Other_Mail_Servers" and the qmailrocks howto of the Gentoowiki. But if i look at this howto, ther are no major differences, but i have still two "problems":
With my installation i only can do smtp with ssl(as written here), but not without. Is it possible do get work both at the same time?
And the other problem ist, that all passwords stored in the vlog are cleartext, thoug i only connect with ssl. Is this correct so?
thx
Andi |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Documentation, Tips & Tricks
