Defcon1-Header
Tool-BarfreeBSD ArticlesSearch Our SiteHOMEfreeBSD LinksContribute to FreeBSD HelpFreeBSD FilesFreeBSD Script Corner

QMail How To

QMAIL
+Vpopmail+Sqwebmail+Qmailadmin How-To for FreeBSD 3.x/4.x Tutorial (v1.3)
By Flattie McGee (ZA) © 2000 Globelinks Communications.

ChangeLog:
 v1.0 - Summer Release (I forget when) by Flattie
v1.1 - Fall Release (9.27.00) by Flattie
v1.2 - Updates (9.28.00) by Flattie
v1.3 - More Updates (9.29.00) by Flattie

1.0 - Introduction

This FreeBSD How-To will show you how to install qmail (yes, its spelt in lowercase), a Mail Transfer Agent (MTA) created by D.J. Bernstein, along with several modules (some created by DJB, some by others) which aim to simplify the experience of using E-mail for you and your users.

Before you actually begin this HOW-TO, I will naturally assume that you have familiarized yourself with qmail and are sure that it is the software for you. A basic understanding of Apache and DNS also help. Last but not least, an understanding of FreeBSD and some of its basic commands help. Although this HOWTO is geared toward FreeBSD (well, more toward qmail), it can be adjusted to be useful for another OS such as Linux.

The User-Contributed Documentation section of the qmail website has links to some rather useful documentation.  I recommend you visit the URL's below before you continue on with this HOW-TO.

Qmail Official website @ http://www.qmail.org/
D. J. Bernstein's qmail website @ http://cr.yp.to/qmail.html
D. J. Bernstein's qmail FAQ @ http://cr.yp.to/qmail/faq.html
Adam McKenna has a HowTo @: http://www.flounder.net/qmail/qmail-howto.html
Dave Sill has written Life with qmail @: http://web.infoave.net/~dsill/lwq.html
Man pages for qmail 1.03 @: http://www.qmail.org/man/index.html
Vpopmail + qmailadmin @ http://www.inter7.com/vpopmail/

If none of these web sites help, then you can read the INSTALL.* files in the qmail source directory *smile*.

Once you get everything up and running, you will have the access to the following features/services:
SMTP E-Mail Server
POP3 Virtual/Local Domain Hosting
POP3 Virtual/Local Domain Users
Auto-Responder
Mailing Lists
Web Based E-Mail
Web Based Virtual/Local Domain/User Control Interface
Spam Blocking (experimental and not documented here)
SMTP/POP3/SEND logging
1.1 - What Files will I need?
You will need the following programs which can be found on the inter7.com web site, or from the ftp site that I have shown in this HOW-TO.


1.2 - Example information
In order for you to be able to fully understand this HOWTO, I must get you into the mind set. By providing you with information that usually can confuse people, it will help you in setting up your system. First of all, since this HOW-TO is geared at a 'UNIX' newbie.

I will be using pico (comes with pine) without line wrapping to demonstrate the editing of files, as most newbies are not comfortable with vi. If you are comfortable with vi or another editor, then feel free to use those. But be beware when cut and pasting into files, and much sure the contents don't get wrapped as they could have a damaging effect to our install.

Our main directories will be as follows.
    /var/qmail/             ; qmail's home directory
    /home/vpopmail/           ; vpopmail's home directory
    /var/qmail/supervise/        ; supervise directories
    /service/              ; supervise link directory
    /var/log/qmail            ; our qmail log directory
    /usr2/www/qmailadmin/        ; qmailadmin web interface
    /usr2/www/sqwebmail/         ; sqwebmail web interface
Our network layout in this HOW-TO example is simple. We have a few FreeBSD servers, a C Class sub-block, no firewall (tsk tsk).
    ns1.domain.org is the primary nameserver (200.200.200.1)
    ns2.domain.org is our secondary nameserver (200.200.200.2)
    dns-host.domain.org is a FreeBSD server that hosts the primary DNS. (200.200.200.3)
    dns-host2.domain.org is a FreeBSD server that hosts the secondary DNS. (200.200.200.4)
    mail-host1.domain.org is a FreeBSD server that will handle qmail + modules (200.200.200.5)
    mail.domain.org is a virtual POP3 host. (200.200.200.6)
    webmail.domain.org is our apache powered Web Interface for sqwebmail (200.200.200.7)
    mailadmin.domain.org is our apache powered Web Interface for qmailadmin (200.200.200.8)

1.3 - Future Considerations
What will I be adding to future versions of this HOWTO? Here's a list of some things on my mind.
IMAP Support
MySQL Support
PGP (or other) Encryption
Cloaking of headers
Spam Blocking

Anti-Virus Support
IPFilter Support
Split DNS


1.4 - Thanks and how to contact me

If you wish to comment, contribute or suggest something to improve this document, then please email me at flattie@globelinks.com with the subject of 'QMAIL HOWTO' and I will give you credit if I include it here.
If you have problems with this HOW-TO or qmail in general, feel free to come to IRC Efnet #qmail, or check the qmail mailing list archive @ http://www-archive.ornl.gov:8000/
Special thanks to the following group of people: badacid, Blinky (corrections), Chinger (who pointed out some flaws which were fixed), Dj-vapor (mailwrapper input), Macca, mazpe (becuz he's special), Ranlhach, Retalin... last but not least, DJB & Ken@Inter7 :)
1.5 - Disclaimer & Copyright
Yada yada yada, I am not responsible for any action you take in following through with this HOWTO. Use at your own risk.
This HOWTO is Copyright © 2000 Globelinks Communications - Permission for redistribution is granted under the OpenContent License.
2.0 - Creating Users & Groups for Qmail & Vpopmail

For qmail to run, it must reside in a directory.  Since we don't want to screw anything up, we'll use the default directory. Th an important first step, as the users and groups wouldn't function properly without this command.

# mkdir /var/qmail
I like to create users and groups first.  This helps me lay down the initial foundation and not have to worry about what to do next. First we'll create the vpopmail user and group permissions.

# pw groupadd -n vchkpw -g 98
# pw useradd -n vpopmail -u 98 -g 98 c Vpopmail-Master -d /home/vpopmail -s /nonexistent

Now we'll create the actual qmail user and group permissions.
# pw groupadd -n nofiles -g 91
# pw groupadd -n qmail g 92

# pw useradd -n alias -u 91 -g 91 -d /var/qmail/alias -s /nonexistent
# pw useradd -n qmaild -u 92 -g 91 -d /var/qmail -s /nonexistent
# pw useradd -n qmaill -u 93 -g 91 -d /var/qmail -s /nonexistent
# pw useradd -n qmailp -u 94 -g 91 -d /var/qmail -s /nonexistent
# pw useradd -n qmailq -u 95 -g 92 -d /var/qmail -s /nonexistent
# pw useradd -n qmailr -u 96 -g 92 -d /var/qmail -s /nonexistent
# pw useradd -n qmails -u 97 -g 92 -d /var/qmail -s /nonexistent

2.1 - You should now see the following information

Once again, I cannot stress how important permissions are, thus it is important that we review our main system user/group files and verify that we did indeed add the lines from above.
[/etc/passwd]
vpopmail:*:98:98:Vpopmail-Master:/home/vpopmail:/nonexistent
alias:*:91:91:User &:/var/qmail/alias:/nonexistent
qmaild:*:92:91:User &:/var/qmail:/nonexistent
qmaill:*:93:91:User &:/var/qmail:/nonexistent
qmailp:*:94:91:User &:/var/qmail:/nonexistent
qmailq:*:95:92:User &:/var/qmail:/nonexistent
qmailr:*:96:92:User &:/var/qmail:/nonexistent
qmails:*:97:92:User &:/var/qmail:/nonexistent

 [/etc/group]
vchkpw:*:98:
nofiles:*:91:
qmail:*:92:

2.2 - Make Users & Directories for Logging and Special Modules

Logs are useful for many reasons.  They can tell us what errors are hindering our quest to conquer qmail, or they can simply provide us with information as to who was connecting to our server, when, and why (who to email?).

Since we will be logging pop3, smtpd and send activity, it is only natural that we create the appropriate log directories.

# mkdir /var/log/qmail
# mkdir /var/log/qmail/qmail-send
# mkdir /var/log/qmail/qmail-smtpd
# mkdir /var/log/qmail/qmail-pop3d
# chown -R qmaill.wheel /var/log/qmail
# chmod -R 750 /var/log/qmail

3.0 - Install Applications + Modules

As stated in the introduction, I mentioned what the system would look like once everything was installed. This section will cover the install procedure I took in order to get my shit together. If you follow these instructions to the tee, then you shouldn't have too much problems, if none at all. If you do have problems, and miss a step or found a shorter path, feel free to let me know (E-mail Flattie).

It is important that we know where we are uncompressing our source files into. This directory will act as our starting point. Lets assume it was ~/ports/mailstuff/qmail-1.03. All the other compressed files that we will be uncompressing will also reside in the ~/ports/mailstuff/ directory.
3.1 - Install Qmail (Our saviour)

For more information please visit: http://www.qmail.org
Obtain qmail 1.03 from http://cr.yp.to/software/qmail-1.03.tar.gz

 # tar -zxvf qmail-1.03.tar.gz
# cd qmail-1.03


Lets make qmail behave better. To do this, we'll have to modify some files and increase the limits. We'll edit conf-split, and conf-spawn.

conf-split file is the queue subdirectory split control file. I won't go into detail what it does, but its good! (Default = 23)
# pico -w conf-split


 23
 ;replace 23 with 199
conf-spawn is the silent concurrency limit control file. You can't set it above 255. On some systems you can't set it above 125. qmail will refuse to compile if the limit is too high. Th good too. (Default = 120)
Chinger@#qmail has pointed out that the conf-split number should be a prime number. This URL has a listing of all primes up to 1000. Maybe use 199?

Russ Nelson suggests using a square root of the expected queue size. Click here for more info.

# pico -w conf-spawn
 120
 ;replace 120 with 255
# make setup check
# ./config

or
# ./config-fast mail-host1.domain.org
If you use './config' alone, then it is assumed that you have DNS working for the host. Of course, you will replace mail-host1.domain.org with your own host. Config-fast puts mail-host1.domain.org into /var/qmail/control/me. It also puts it into /var/qmail/control/locals and /var/qmail/control/rcpthosts, so that qmail will accept mail for mail-host1.domain.org.
# echo 255 > /var/qmail/control/concurrencyremote
# chmod 644 /var/qmail/control/concurrencyremote

3.2 - Install Daemon Tools (Useful tools)

For more information please visit: http://cr.yp.to/daemontools.html
Download from: http://cr.yp.to/daemontools/daemontools-0.70.tar.gz

# tar -zxvf daemontools-0.70.tar.gz
# cd daemontools-0.70
# make
# make setup check

3.3 - Install UNIX Client-Server Program Interface for TCP (Inetd replacement)

For more information please visit: http://cr.yp.to/ucspi-tcp.html
Download from: http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz

# tar -zxvf ucspi-tcp-0.88.tar.gz
# cd ucspi-tcp-0.88
# make
# make setup check

3.4 - Installing Vpopmail (Virtual Domain & POP)

For more information please visit: http://www.inter7.com/vpopmail/
Download from mirror: http://www.inter7.cx/vpopmail-4.9.3a.tar.gz
Download from home: http://www.inter7.com/vpopmail/vpopmail-4.9.3a.tar.gz

# tar -zxvf vpopmail-4.9.3a.tar.gz
# cd vpopmail-4.9.3/

# ./configure --enable-roaming-users=y --enable-logging=y --enable-hardquota=15000000000 --enable-ip-alias-domains=y
# make
# make install-strip


Since we are enabling roaming users, we'll want to set up a cron job that does something funky.
# crontab -e

    40 * * * * /home/vpopmail/bin/clearopensmtp 2>&1 > /dev/null
3.5 - Install AutoResponder

For more information please visit: http://www.inter7.com/qmailadmin/
Download from mirror: http://www.vpopmail.cx/autorespond-1.0.0.tar.gz
Download from home: http://www.vpopmail.com/autorespond-1.0.0.tar.gz

Blinky points out that it is possible that if the original message isn't attached to the autoresponder-msg. You should just insert the line incoming_message=""; in front of line 447 in the source-code. line 447 is ' sprintf(msg,"%s" '
# tar -zxvf autorespond-1.0.0.tar.gz
# cd autorespond-1.0.0.tar
# gcc -Wall -o autorespond autorespond.c
# cp autorespond /usr/local/bin

3.6 - Install Ezmlm (Mailing List)

For more information please visit: http://www.ezmlm.org/ or http://cr.yp.to/ezmlm.html
Download from: http://cr.yp.to/software/ezmlm-0.53.tar.gz

# tar -zxvf ezmlm-0.53.tar.gz
# cd ezmlm-0.53
# make
# make man
# make setup

3.7 - Install QmailAdmin (Web Control Interface)

For more information please visit: http://www.inter7.com/qmailadmin/
Download from mirror: http://www.inter7.cx/qmailadmin-0.37.tar.gz
Download from home: http://www.inter7.com/qmailadmin/qmailadmin-0.37.tar.gz

# tar -zxvf qmailadmin-0.37.tar.gz
# cd qmailadmin-0.37

Before we can make and install there are a few things to consider.. a. do you have a vpopmail user and installed vchkpw

b. where is your cgi bin directory
c. where is your ezmlm directory
d. where is your autorespond directory

If you are missing any one of those you can stop reading this now and go install them!! Now, since we're installing the images into a custom directory, its best if we modify some of the paths in the c files.  Th only useful if you are customizing your templates and want go have better control of the directory structure.
We'll edit the following files in the qmailadmin root sourcedir and replace /images/qmailadmin/ with /images/.

alias.c
autorespond.c
mailinglist.c
user.c

The default directories for Qmailadmin are:  /usr/local/share/qmailadmin (for the html files) and /usr/local/apache/htdocs/images/qmailadmin (for the images), and /usr/local/apache/cgi-bin/qmailadmin for the cgi file.  what we'd like to do is have different directories for better control.
# ./configure --enable-cgibindir=/usr2/www/qmailadmin/cgi-bin --enable-htmldir=/usr2/www/qmailadmin --with-htmllibdir=/usr2/www/qmailadmin --enable-vpopuser=vpopmail --enable-autoresponder-bin=/usr/local/bin --enable-ezmlmdir=/usr/local/bin
Since qmailadmin is broken a bit, not everything will be copied or may be copied to the default dirs. So if you have errors with the placement of html files and images, then just manually copy them from the default dirs into the /images and /html dir in your /usr2/www/qmailadmin directory. I should also point out that with the .html files, you should replace the /images/qmailadmin links with /images/ and don't forget to set the right permissions on yer image and html files (chmod 644 is okay).
# make
# make install-strip
# cp /usr2/www/qmailadmin/html/images/qmailadmin/* /usr2/www/qmailadmin/images

3.8 - Install GDBM  (Database Routines)

For more information please visit: http://www.gnu.org/software/gdbm/gdbm.html
Download from: ftp://ftp.gnu.org/gnu/gdbm/gdbm-1.8.0.tar.gz

# tar zxvf gdbm-1.8.0.tar.gz
# cd gdbm-1.8.0
# ./configure
# make
# make install

3.9 - Install Sqwebmail (Web Based Email Checking)

For more information please visit: http://www.inter7.com/sqwebmail/
Download from: ftp://download.sourceforge.net/pub/sourceforge/courier/

# tar -zxvf sqwebmail-1.0.tar.gz
# cd sqwebmail-1.0

# ./configure with-cachedir=/usr2/www/sqwebmail/cache --enable-webpass=vpopmail --with-module=authvchkpw --enable-hardtimeout=7200 --enable-softtimeout=3600 --with-htmllibdir=/usr2/www/sqwebmail --enable-cgibindir=/usr2/www/sqwebmail/cgi-bin --enable-imagedir=/usr2/www/sqwebmail/images/ --enable-imageurl=/usr2/www/sqwebmail/images


# make configure-check
doing the above command will show the following:
CGI will be installed in /usr2/www/sqwebmail/cgi-bin
Images will be installed in /usr2/www/sqwebmail/images/
URL to the image directory is /usr2/www/sqwebmail/images

# make
# make check
# make install
Lets flush our cache directory ever so often.
# crontab -e

    40 * * * * /usr/local/share/sqwebmail/cleancache.pl 2>&1 > /dev/null
# chmod R 755 /usr2/www/sqwebmail/images
# chmod -R a+rx /usr2/www/sqwebmail
# ln -s /usr/local/apache/htdocs/webmail /usr2/www/sqwebmail/webmail

4.0 - FUN STUFF

At this point in time, we'll start to add, remove and edit configuration files. We will also accomplish a number of other fun things.

4.1 - Alias's and Default Directories

Having some aliases helps.  We'll replace username with your name or postmaster.

# mkdir ~alias
# chown alias.qmail ~alias
# echo username > /var/qmail/alias/.qmail-root
# echo username > /var/qmail/alias/.qmail-postmaster
# echo username > /var/qmail/alias/.qmail-mailer-daemon
# chmod 2755 ~alias
# chmod 644 ~alias/.qmail*

Lets create our generic Maildir directory. In the event we ever decide to add local users with  mail access, they would need Maildir with cur/, new/ & tmp/ underneath this directory.  Maildirmake generates the Maildir and its dependent directories.

# /var/qmail/bin/maildirmake /usr/share/skel/Maildir


4.2 - Check qmail control files

Its important to check our /var/qmail/control directory for the necessary files.  What we want to see is the following directory listing, with the following permissions (chmod 644 for the file permissions), ownership is dictated by root and members of the qmail group.:

1 -rw-r--r--   1 root  qmail  -    4 Sep 26 15:27 concurrencyremote
1 -rw-r--r--   1 root  qmail  -  15 Sep 26 15:27 defaultdomain
1 -rw-r--r--   1 root  qmail  -  56 Sep 27 00:46 locals
1 -rw-r--r--   1 root  qmail  -  26 Sep 26 15:27 me
1 -rw-r--r--   1 root  qmail  -  15 Sep 26 15:27 plusdomain
1 -rw-r--r--   1 root  qmail  -  51 Sep 26 22:42 rcpthosts
1 -rw-r--r--   1 root  qmail  -  30 Sep 26 22:42 virtualdomains

[/var/qmail/control/concurrencyremote]
255

[/var/qmail/control/defaultdomain]
domain.org

[/var/qmail/control/locals]
localhost
mail-host1.domain.org
mail.domain.org

[/var/qmail/control/me]
mail-host1.domain.org

[/var/qmail/control/plusdomain]
domain.org

[/var/qmail/control/rcpthosts]
localhost
mail-host1.domain.org
domain.org

 [/var/qmail/control/virtualdomains]
domain.org: domain.org

 4.3 - /var/qmail/users/assign

The file /var/qmail/users/assign assigns addresses to users.  As I won't go into detail on the purpose and functionality of this file, I will in return suggest you read Life With Qmail (http://web.infoave.net/~dsill/lwq.html).  It is important that you keep the uid & gid the same as you have in the /var/qmail/supervise/qmail-smtpd/run file. If you ever decide to update the file, then please run /var/qmail/bin/qmail-newu to rebuild the /var/qmail/users/assign/cdb database file. After that is done, restart qmail.

# pico -w /var/qmail/users/assign


    +domain.org-:domain.org:98:98:/home/vpopmail/domains/domain.org:-::
    .
4.4 - Disable Sendmail and link to qmail

Since we will no longer be needing Sendmail we will just have to disable it. Although, sadly enough, some programs will depend on it. Its a good thing qmail can fool these programs into thinking its really sendmail.

# pico -w /etc/defaults/rc.conf

    sendmail_enable="NO"
    sendmail_flags="-bd -q30m"
# chmod 0 /usr/sbin/sendmail
# mv /usr/sbin/sendmail /usr/sbin/sendmail.gowaway

If the system undergoes a 'make world', its going to replace the sendmail link to /var/qmail/bin/sendmail, qmail and break the package. Dj-vapor kindly pointed out that linking to the qmail's sendmail binary at/var/qmail/bin/sendmail is a not the best solution, there's an even more fun way of doing it. He suggests using mailwrapper to link to qmail's sendmail binary. First we'll link the old sendmail binary to mailwrapper. Lastly, we'll edit /etc/mail/mailer.conf and replace the old sendmail binary locations with qmail's sendmail binary.

# ln -s /usr/sbin/sendmail /usr/sbin/mailwrapper# pico -w /etc/mail/mailer.conf

Replace the following lines:

    sendmail        /usr/libexec/sendmail/sendmail
    send-mail        /usr/libexec/sendmail/sendmail
    mailq            /usr/libexec/sendmail/sendmail
    newaliases        /usr/libexec/sendmail/sendmailWith:

    sendmail        /var/qmail/bin/sendmail
    send-mail        /var/qmail/bin/sendmail -bp
    mailq            /var/qmail/bin/sendmail
    newaliases        /var/qmail/bin/newaliases
If you want more information on mailwrapper, then type the line below on your FreeBSD machine.:
# man mailwrapper

4.5 - Relay Permissions

At this point in time, it would be good to add clients that can use us as a relay (gives them the ability to use us as an SMTP server).

# pico -w /etc/tcp.smtp

    127.0.0.1:allow,RELAYCLIENT=""
    198.168.1.:allow,RELAYCLIENT=""
    200.200.200.:allow,RELAYCLIENT=""
    :allow
# /usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
# chmod 644 /etc/tcp.smtp.cdb

4.6 - Edit System files

(edit /etc/services and verify/add the line below)
    pop3    110/tcp        # Post Office4.7 - Edit DNS zone file(s)

 Naturally, it is assumed that you have a basic understanding of DNS. If you don't, then I suggest you RTFM. But if your too lazy, and want to figure something out, please visit: http://www.acmebw.com/. In the example below, we are going to edit the domain.org zone file, as well as the subnet zone file. Notice the way the mail information is setup.
# pico -w domain.org.db


    $TTL
    86400    @        IN SOA  dns-host1.domain.org.        root.domain.org. (
                                            2000092701    ; Serial
                                            3600        ; Refresh
                                            900            ; Retry
                                            3600000        ; Expire
                                            3600 )        ; Minimum
    
    ns1.domain.org.                IN A        200.200.200.1        ; Primary DNS
    ns2.domain.org.                IN A        200.200.200.2        ; Secondary DNS
    dns-host1.domain.org.        IN A        200.200.200.3        ; Server that powers Primary
    dns-host2.domain.org.        IN A        200.200.200.4        ; Server that powers Secondary
    
    mail-host1.domain.org.        IN A        200.200.200.5        ; Server that powers qmail + modules
    
    mail                        IN A        200.200.200.6        ; Our vpopmail host
    domain.org.                    IN MX        10 mail
    
    webmail.domain.org.            IN A        200.200.200.7        ; Sqwebmail virtual host
    mailadmin.domain.org.        IN A        200.200.200.8        ; Qmailadmin virtual host
    
    @                            IN NS      ns1.domain.org.
# pico -w 200.200.200.in-addr.arpa.db
    $TTL
    86400    @    IN SOA  dns-host1.domain.org.    root.domain.org. (
                                            2000092701    ; Serial
                                            3600        ; Refresh
                                            900            ; Retry
                                            3600000        ; Expire
                                            3600 )        ; Minimum
    
    1                            IN PTR        ns1.domain.org.            ; Primary DNS
    2                            IN PTR        ns2.domain.org.            ; Secondary DNS
    3                            IN PTR        dns-host1.domain.org.    ; Server that powers Primary
    4                            IN PTR        dns-host2.domain.org.    ; Server that powers Secondary
    5                            IN PTR        mail-host1.domain.org.    ; Server that powers qmail + modules
    6                            IN PTR        mail.domain.org.        ; Our vpopmail host
    7                            IN PTR        webmail.domain.org.        ; Sqwebmail virtual host
    8                            IN PTR        mailadmin.domain.org.    ; Qmailadmin virtual host
    
    @                            IN NS      ns1.domain.org.
After you've completed everything that you needed to do with DNS, then reload it.

4.8 - Add POP Domain IP
If you've been using FreeBSD for sometime, then I will assume that you know how to add IP aliases.  Even if you don't, I'll demonstrate here. You can also add an alias for webmail.domain.org and mailadmin.domain.org.
# ifconfig <your_device> inet 200.200.200.6 netmask 255.255.255.0 alias

and/or

# pico -w /etc/rc.conf


    ifconfig_<your_device>_alias0="alias 200.200.200.6 netmask 255.255.255.0"
4.9 - Apache Virtual Hosts
In order for our sqwebmail and qmailadmin web interfaces to work, we must edit the apache configuration file and insert some virtual host information.
# pico -w /usr/local/apache/conf/httpd.conf
    # *** Our ISP's Web-Mail Interface (sqwebmail). 
    <VirtualHost 200.200.200.7>
        ServerName   webmail.domain.org
        ServerAdmin   webmaster@domain.org
        DocumentRoot  /usr2/www/sqwebmail/
        TransferLog   /usr2/www/sqwebmail/logs/access_log
        ErrorLog    /usr2/www/sqwebmail/logs/error_log
        ServerAlias   domain.org
    <Directory /usr2/www/sqwebmail/>
        AllowOverride AuthConfig Indexes Limit
        Options Indexes SymLinksIfOwnerMatch Includes
    </Directory>
        ScriptAlias /cgi-bin/ /usr2/www/sqwebmail/cgi-bin/
        ScriptAlias /global-cgi/ /usr/local/etc/httpd/cgi-bin/
        AddHandler server-parsed .shtml .shtm
    </VirtualHost>
For qmailadmin, we'll also do the same as above, just with its own directory, and IP.
    # *** Our ISP's MailAdmin Interface (qmailadmin). 
    <VirtualHost 200.200.200.8>
        ServerName   mailadmin.domain.org
        ServerAdmin   webmaster@domain.org
        DocumentRoot  /usr2/www/qmailadmin/
        TransferLog   /usr2/www/qmailadmin/logs/access_log
        ErrorLog    /usr2/www/qmailadmin/logs/error_log
        ServerAlias   domain.org
    <Directory /usr2/www/qmailadmin/>
        AllowOverride AuthConfig Indexes Limit
        Options Indexes SymLinksIfOwnerMatch Includes
    </Directory>
        ScriptAlias /cgi-bin/ /usr2/www/qmailadmin/cgi-bin/
        ScriptAlias /global-cgi/ /usr/local/etc/httpd/cgi-bin/
        AddHandler server-parsed .shtml .shtm
    </VirtualHost>
5.0 - Adding Domains

We will add a domain "domain.org". Once we execute the vaddomain command, we will be prompted with a password for postmaster. Vadddomain and vdeldomain need to be run as root because they modify files in /var/qmail/control. If not run as root, they should segfault.

# cd /home/vpopmail/bin
# ./vadddomain domain.org
or
# ./vadddomain domain.org password-for-postmaster

vadddomain will modify the following qmail files  (default locations used) :
    /var/qmail/control/locals
    /var/qmail/control/rcpthosts
    /var/qmail/control/morercpthosts (if rcpthosts > than 50 lines)
    /var/qmail/control/virtualdomains
    /var/qmail/users/assign
    /var/qmail/users/cdbIt will also create a domains directory                
~vpopmail/domains/domain.org
~vpopmail/domains/domain.org/postmaster/Maildir ...
~vpopmail/domains/domain.org/vpasswd
~vpopmail/domains/domain.org/vpasswd.cdb

If you do not specify a password on the command line, it will prompt for a password for the postmaster. Then it will send a kill -HUP signal to qmail-send telling it to re-read the control files.

 5.1.1 - Delete a virtual domain


We can just as easily remove a domain.
# cd ~vpopmail/bin
# ./vdeldomain domain.org
This will wipe out the /home/vpopmail/domains/domain.org directory and flush the /var/qmail/control files.

5.1.2 - Adding a pop user


We'd like to have users, there are two ways to do this. We can do it from console, or we can use qmailadmin.
# cd ~vpopmail/bin
# ./vadduser newuser@domain.org
or
# ./vadduser newuser@domain.org <password-for-newuser>

In the case where the domain is specified (user@domain.org),  the user is added to the ~vpopmail/domains/domain.org directory. If you don't enter a password on the command line, it will prompt for a password.

 5.1.3 - Delete a pop user


We can also delete users.
# cd ~vpopmail/bin
# ./vdeluser newuser@domain.org (for the domain.org virtualdomain example)

5.1.4 - Changing a pop users password


Or change their password.
# cd ~vpopmail/bin
# ./vpasswd newuser@domain.org

5.1.5 - Service Limits
Set Service Limit on Virtual Domains If you want to set per domain limits on the number of:

a) pop accounts 
b) aliases
c) forwards
d) mailing lists
e) autoresponders

Then create a .qmailadmin-limits file in the virtual domain directory for the domain you wish to limit. The syntax of the .qmailadmin-limits file is below:

# cd /home/vpopmail/domains/domain.org


# pico -w .qmailadmin-limits
maxpopaccounts #
maxaliases #
maxforwards #
maxmailinglists #
maxautoresponders #

Where # is the maximum number you wish. Be sure the vpopmail user has read permissions to this file. The default is unlimited. If you set any of the above values to 0 it will effectually disable that part of the menu and that feature.

6.0 - Supervise/Svscan Startup


To give control qmail in a more linear fashion, we have a script that can start qmail, stop it and do other funky things. Lets create some directories for supervise.
# mkdir /service
# chmod 755 /service
# mkdir /var/qmail/supervise
# chmod 755 /var/qmail/supervise

Lets link our /var/qmail/supervise directory with the /service directory to make things run smoother.


# ln -s /var/qmail/supervise/* /service/

If you did it right, then you should see the following resuts in /service/

0 lrwx------  1 root wheel - 32 Sep 29 16:30 qmail-pop3d@ -> /var/qmail/supervise/qmail-pop3d
0 lrwx------  1 root wheel - 31 Sep 29 16:30 qmail-send@ -> /var/qmail/supervise/qmail-send
0 lrwx------  1 root wheel - 32 Sep 29 16:30 qmail-smtpd@ -> /var/qmail/supervise/qmail-smtpd

# mkdir /var/qmail/supervise/qmail-smtpd
# mkdir /var/qmail/supervise/qmail-smtpd/log
# chmod +t /var/qmail/supervise/qmail-smtpd

# mkdir /var/qmail/supervise/qmail-send
# mkdir /var/qmail/supervise/qmail-send/log
# chmod +t /var/qmail/supervise/qmail-send

# mkdir /var/qmail/supervise/qmail-pop3d
# mkdir /var/qmail/supervise/qmail-pop3d/log
# chmod +t /var/qmail/supervise/qmail-pop3d

6.1 Startup @ Boot


We'll need to start qmail when we boot our beast of a computer up.
# pico -w /etc/rc.local


    /usr/bin/env -
    PATH=/usr/local/daemontools/bin:/usr/local/ucspi/bin:/usr/local/bin:/usr/sbin:/usr/bin:/bin csh -cf 'svscan /service &'6.2 - Qmail control file

# pico -w /var/qmail/rc

    #!/bin/sh
    env env - PATH="/var/qmail/bin:/usr/local/bin" \
    qmail-start ./Maildir/
# chmod 700 /var/qmail/rc

6.3 - Control POP3

Naturally, you will want to change the mail-host1.domain.org into the name of your system that is hosting qmail.

# pico -w /var/qmail/supervise/qmail-pop3d/run

    #!/bin/sh
    exec /usr/local/bin/tcpserver -H -R -v -c100 0 110 /var/qmail/bin/qmail-popup mail-host1.domain.org \
    /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1
# chmod 751 /var/qmail/supervise/qmail-pop3d/run

# pico -w /var/qmail/supervise/qmail-pop3d/log/run          

    #!/bin/sh
    exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-pop3d 2>&1# chmod 755 /var/qmail/supervise/qmail-pop3d/log
# chmod 751 /var/qmail/supervise/qmail-pop3d/log/run

6.4 - Control & log the receiving of mail

It is important that the user and group (as designated by u92 and g91) remain as they are.  This allows the qmail and the user alias to function properly.

# pico -w /var/qmail/supervise/qmail-smtpd/run

    #!/bin/sh
    exec /usr/local/bin/tcpserver -p -R -x /etc/tcp.smtp.cdb u92 g91 -v -c100 0 smtp rblsmtpd /var/qmail/bin/qmail-smtpd 2>&1# chmod 751 /var/qmail/supervise/qmail-smtpd/run
# pico -w /var/qmail/supervise/qmail-smtpd/log/run

    #!/bin/sh
    exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-smtpd 2>&1# chmod 755 /var/qmail/supervise/qmail-smtpd/log
# chmod 751 /var/qmail/supervise/qmail-smtpd/log/run

6.5 - Control & log the sending of mail

# pico -w /var/qmail/supervise/qmail-send/run

    #!/bin/sh
    exec /var/qmail/rc # chmod 751 /var/qmail/supervise/qmail-send/run# pico -w /var/qmail/supervise/qmail-send/log/run

    #!/bin/sh
    exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-send 2>&1
# chmod 755 /var/qmail/supervise/qmail-send/log
# chmod 751 /var/qmail/supervise/qmail-send/log/run

6.6 - Our system startup file

The only error that I have found with this script is its inability to kill -9 certain processes (ie qmail-s) so we'll have to kill it manually. It also needs to be executed from /etc/rc.local.
# pico -w /usr/local/etc/rc.d/qmail

 #! /bin/sh
 case "$1" in
     start)
         echo -n "Starting qmail: svscan"
         if cd /var/qmail/supervise; then
         env - PATH="/var/qmail/bin:/usr/local/bin:/usr/bin:/bin" svscan &
         echo $! > /var/run/svscan.pid
         fi
         echo "."
     ;;
     stop)
         echo -n "Stopping qmail: svscan"
         kill `cat /var/run/svscan.pid`
         echo -n " qmail"
         svc -dx /var/qmail/supervise/*
         echo -n " logging"
         svc -dx /var/qmail/supervise/*/log
         echo "."
     ;;
     stat)
         cd /var/qmail/supervise
         svstat * */log
     ;;
     doqueue|alrm)
         echo "Sending ALRM signal to qmail-send."
         svc -a /var/qmail/supervise/qmail-send
     ;;
     queue)
         qmail-qstat
         qmail-qread
     ;;
     reload|hup)
         echo "Sending HUP signal to qmail-send."
         svc -h /var/qmail/supervise/qmail-send
         echo "Sending HUP signal to qmail-pop3d."
         svc -h /var/qmail/supervise/qmail-pop3d
     ;;
     pause)
         echo "Pausing qmail-send"
         svc -p /var/qmail/supervise/qmail-send
         echo "Pausing qmail-smtpd"
         svc -p /var/qmail/supervise/qmail-smtpd
         echo "Pausing qmail-pop3d"
         svc -p /var/qmail/supervise/qmail-pop3d
     ;;
     cont)
         echo "Continuing qmail-send"
         svc -c /var/qmail/supervise/qmail-send
         echo "Continuing qmail-smtpd"
         svc -c /var/qmail/supervise/qmail-smtpd
         echo "Continuing qmail-pop3d"
         svc -c /var/qmail/supervise/qmail-pop3d
     ;;
     restart)
         echo "Restarting qmail:"
         echo "* Stopping qmail-smtpd."
         svc -d /var/qmail/supervise/qmail-smtpd
         echo "* Sending qmail-send SIGTERM and restarting."
         svc -t /var/qmail/supervise/qmail-send
         echo "* Restarting qmail-smtpd."
         svc -u /var/qmail/supervise/qmail-smtpd
         echo "* Sending qmail-pop3d SIGTERM and restarting."
         svc -t /var/qmail/supervise/qmail-pop3d
     ;;
     cdb)
         tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
         chmod 644 /etc/tcp.smtp*
         echo "Reloaded /etc/tcp.smtp."
     ;;  
     *)
         echo "Usage: $0
 {start|stop|restart|doqueue|reload|stat|pause|cont|cdb|queue}"
     exit 1
 esac
exit 0
# chmod 751 /usr/local/etc/rc.d/qmail
In order to start qmail, we can simply run the following command

# /usr/local/etc/rc.d/qmail start

We can stop it with issuing:
# /usr/local/etc/rc.d/qmail stop
Of course, there are other commands you can do (but I won't list them here, as they are self explanitory)
6.7 - Some Diagnostics

We can see how qmail is behaving by issuing the following commad

#/usr/local/etc/rc.d/qmail stat
To make sure we have everything running, lets take a gander at the process listing. These are the important elements. Apache and named aren't shown as there is no need to show them (and they will be on other servers)..
# ps a
 PID TT STAT   TIME COMMAND
 158 con- S   0:00.05 svscan /service
 161 con- I   0:00.01 supervise qmail-pop3d
 162 con- I   0:00.01 supervise log
 163 con- I   0:00.01 supervise qmail-send
 164 con- I   0:00.01 supervise log
 165 con- I   0:00.01 supervise qmail-smtpd
 166 con- I   0:00.01 supervise log
 175 con- I   0:00.01 /bin/sh /var/qmail/rc
 186 con- I   0:00.22 qmail-send
 187 con- I   0:00.01 /usr/local/bin/tcpserver -H -R -v -c100 0 110 /var/qmail/bin/qmail-popup eris.intertech-canada.com /home/
 188 con- I   0:00.01 /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-send
 189 con- I   0:00.01 /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-pop3d
 190 con- I   0:00.01 /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-smtpd
 191 con- I   0:00.01 /usr/local/bin/tcpserver -p -R -x /etc/tcp.smtp.cdb -u92 -g91 -v -c100 0 smtp rblsmtpd /var/qmail/bin/qma
 192 con- I   0:00.01 qmail-lspawn ./Maildir/
 193 con- I   0:00.01 qmail-rspawn
 194 con- I   0:00.01 qmail-clean
6.8 Clean Directories & Logs (start fresh - DANGEROUS)

In the event you ever have a problem with supervise, and are unsure if you set up the files right, it would be good to delete them and start fresh. This is useful if you have shut yer server down hard, and you have errors with supervise loading at startup.
# rm -rf /var/qmail/supervise/qmail-smtpd/supervise
# rm -rf /var/qmail/supervise/qmail-smtpd/log/supervise
# rm -rf /var/qmail/supervise/qmail-pop3d/supervise
# rm -rf /var/qmail/supervise/qmail-pop3d/log/supervise
# rm -rf /var/qmail/supervise/qmail-send/supervise
# rm -rf /var/qmail/supervise/qmail-send/log/supervise

If we want to delete logs that have collected in our log direcetories over time, we can issue the following command.  Please note, that once you execute these commands, any hope of getting your logs back (unless they are backed up) will be futile.  This should only be used if you lack space, or do not need error logs as you have solved the problem.

# cd /var/log/qmail ; cd qmail-pop3d ; rm -rf * ; cd .. ; cd qmail-send ; rm -rf * ; cd .. ; cd qmail-smtpd ; rm -rf * ; cd ..

6.9 - How to read the logs

Convert Multilog datestamps to human readable datestamps

# cat current | tai64nlocal > current.tmp
# tai64nlocal < current > current.tmp
You can tail the logfiles like this (replace qmail-smtpd with your directory of choice):
# tail -f /var/log/qmail/qmail-smtpd/current | tai64nlocal
7.0 - Problems?
If you have queue problems, this will rebuild the queue, but trash any messages currently in there:

# rm -rf /var/qmail/queue
# cd <your qmail source directory>
# reinstall
# make setup check

© 1997 - 20013 Defcon1, www.defcon1.org , Copyrights for all materials on this web site are held by the individual authors, artists, photographers or creators. Materials may not be reproduced or otherwise distributed without permission of www.defcon1.org and the content's original author.

Defcon1-Header2
Tool-Bar-2Defcon1  Webmail