Installing qmail on a Linux server
This blog will explain step by step how to setup and configure qmail (1.03) on a Linux-based server. Different people setup qmail different ways but, I have found this to be the best and easiest way. Do not skip any step unless the step is noted optional.
Add users and groups.
PATH=/bin:/sbin:/usr/bin:/usr/sbin
groupadd nofiles -g 81
groupadd qmail -g 82
useradd alias -u 81 -g nofiles -s /nonexistent -d /var/qmail/alias -M
useradd qmaild -u 82 -g nofiles -s /nonexistent -d /var/qmail -M
useradd qmaill -u 83 -g nofiles -s /nonexistent -d /var/qmail -M
useradd qmailp -u 84 -g nofiles -s /nonexistent -d /var/qmail -M
useradd qmailq -u 85 -g qmail -s /nonexistent -d /var/qmail -M
useradd qmailr -u 86 -g qmail -s /nonexistent -d /var/qmail -M
useradd qmails -u 87 -g qmail -s /nonexistent -d /var/qmail -M
Download qmail source code.
cd /usr/local/src
wget http://cr.yp.to/software/qmail-1.03.tar.gz
Download patches.
wget http://tomclegg.net/software/patch-qmail-103.patch
wget http://tomclegg.net/software/patch-qmail-sendmail-flagf.patch
wget http://tomclegg.net/software/patch-qmail-badmailfrom-wildcard
wget http://tomclegg.net/software/patch-qmail-capa-pop3d
wget http://tomclegg.net/software/patch-qmail-capa-popup
wget http://tomclegg.net/software/patch-qmail-remote-auth
wget http://tomclegg.net/software/patch-qmail-smtpd-auth
wget http://tomclegg.net/software/patch-qmail-smtpd-auth-log
Extract qmail and apply patches.
tar xzf qmail-1.03.tar.gz
cd qmail-1.03
for d in ../patch-qmail-*; do patch <“$d”; done
Compile and install qmail.
make setup check
Some linux systems don’t like the way qmail uses “errno”:
./load auto-str substdio.a error.a str.a
substdio.a(substdo.o)(.text+0x43): In function `allwrite’:
: undefined reference to `errno’
collect2: ld returned 1 exit status
make: *** [auto-str] Error 1
To fix this, edit the error.h file in the qmail source code. Add this after 2, before the line saying “extern int errno;”:
#include “errno.h”
After you add that, do “make setup check” again.
You will need to do this again in a few minutes, when you compile checkpassword and daemontools.
Configure qmail.
cd /var/qmail/control
hostname >me
cp me locals
echo YOUR.IP.ADDR.HERE >>locals
cp locals rcpthosts
cd /var/qmail/alias
echo YOUR@EMAIL.ADDRESS >.qmail-root
cp .qmail-{root,mailer-daemon}
cp .qmail-{root,postmaster}
cp .qmail-{root,hostmaster}
cp .qmail-{root,abuse}
Download and install checkpassword.
cd /usr/local/src
wget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz
tar xzf checkpassword-0.90.tar.gz
cd checkpassword-0.90
make
make setup check
(or use the author’s installation guide)
Download and install cmd5checkpw.
cd /usr/local/src
wget http://members.elysium.pl/brush/cmd5checkpw/dist/cmd5checkpw-0.22.tar.gz
tar xzf cmd5checkpw-0.22.tar.gz
cd cmd5checkpw-0.22
make
vi Makefile
## (change /usr/man/man8 to /usr/share/man/man8)
make install
Download and install daemontools.
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
tar xzf daemontools-0.76.tar.gz
cd admin/daemontools-0.76
package/install
svscan should be running now. pstree should show something like this.
|-svscanboot-+-readproctitle
| `-svscan
Add to /etc/profile:
if ! echo $PATH | /bin/grep -q “/command” ; then
PATH=”/command:$PATH”
fi
Create /var/service and set up a service directory for qmail-send.
mkdir -p /var/service/qmail-send
cd /var/service/qmail-send
mkdir log log/main
chown qmaill log/main
chmod g+s log/main
chmod +t .
cat <<‘EOF’ >run
#!/bin/sh
exec env – PATH=”/var/qmail/bin:$PATH” qmail-start ./Maildir/ 2>&1
EOF
cat <<‘EOF’ >log/run
#!/bin/sh
exec env – PATH=”/command” setuidgid qmaill multilog t s999999 ./main
EOF
chmod +x run log/run
Turn on the supervised qmail service.
ln -s /var/service/qmail-send /service/
Wait a few seconds. qmail-send should be running now. pstree should show something like this.
|-svscanboot-+-readproctitle
| `-svscan-+-supervise---qmail-send-+-qmail-clean
| | |-qmail-lspawn
| | `-qmail-rspawn
| `-supervise---multilogDownload and install ucspi-tcp.
cd /usr/local/src
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
tar xzf ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
make setup check
Set up a qmail-smtpd service on port 2525 for testing. Allow relaying to any domain from 127.0.0.1 and 192.168.202.0/24.
cd /var/service
mkdir qmail-smtpd
cd qmail-smtpd
mkdir log log/main
chown qmaill log/main
chmod g+s log/main
chmod +t .
cat <<‘EOF’ >run
#!/bin/sh
exec env – PATH=”/var/qmail/bin:$PATH”
envuidgid qmaild
tcpserver -U -vR -l 0 -x rules.cdb 0 2525
rblsmtpd -a antirbl.tomclegg.net
-r relays.ordb.org
-r bl.spamcop.net
qmail-smtpd `cat /var/qmail/control/me` cmd5checkpw true
2>&1
EOF
cat <<‘EOF’ >rules
192.168.202.:allow,RELAYCLIENT=””,RBLSMTPD=””
127.0.0.1:allow,RELAYCLIENT=””,RBLSMTPD=””
:allow
EOF
tcprules rules.cdb rules.tmp <rules
cat <<‘EOF’ >log/run
#!/bin/sh
exec env – PATH=/command setuidgid qmaill multilog t ./main
EOF
chmod +x run log/run
Start the qmail-smtpd service.
ln -s /var/service/qmail-smtpd /service/
Set up a qmail-pop3d service on port 25110 for testing.
cd /var/service
mkdir qmail-pop3d
cd qmail-pop3d
mkdir log log/main
chown qmaill log/main
chmod g+s log/main
chmod +t .
cat <<‘EOF’ >run
#!/bin/sh
exec env – PATH=”/var/qmail/bin:$PATH”
tcpserver -vR -l 0
0 25110
qmail-popup “`cat /var/qmail/control/me`”
checkpassword qmail-pop3d Maildir
2>&1
EOF
cat <<‘EOF’ >log/run
#!/bin/sh
exec env – PATH=/command setuidgid qmaill multilog t ./main
EOF
chmod +x run log/run
Start the qmail-pop3d service.
ln -s /var/service/qmail-pop3d /service/
Create a Maildir for each user.
cd /home &&
for user in *
do
su -l “$user” -c “/var/qmail/bin/maildirmake Maildir”
ls -ld “$user”/Maildir
done
Create a Maildir in /etc/skel.
/var/qmail/bin/maildirmake /etc/skel/Maildir
Switching mail service from sendmail to qmail
Translate /home/*/.forward to /home/*/.qmail (details omitted).
Translate /etc/mail/virtusertable to /var/qmail/alias/.qmail-* and /var/qmail/control/virtualdomains (details omitted).
Test local delivery using “telnet localhost 2525”
Test remote delivery using “telnet localhost 2525”
Test relay control using “telnet YOUR.IP.ADDR.HERE 2525” from somewhere else. You should be able to connect, but mail to test@example.com should be refused.
Test pop using “telnet localhost 25110”
Replace /usr/sbin/sendmail with a symlink to /var/qmail/bin/sendmail
cd /usr/sbin
mv -i sendmail sendmail~
ln -s /var/qmail/bin/sendmail
Turn off pop3 service in /etc/xinetd.d/ipop3 and kick xinetd.
perl -pi~ -e ‘s,^},tdisable = yesn},’ /etc/xinetd.d/ipop3
killall -USR1 xinetd
Make sure sendmail won’t start at boot time any more.
# /sbin/chkconfig sendmail off
# /sbin/chkconfig –level 2 sendmail off
# /sbin/chkconfig –list sendmail
sendmail 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Stop sendmail.
killall sendmail
Change port 2525 to port 25 in /service/qmail-smtpd/run, change port 25110 to port 110 in /service/qmail-pop3d/run, and restart qmail-smtpd.
svc -t /service/qmail-smtpd /service/qmail-pop3d
Convert /var/spool/mail/* to /home/*/Maildir/ (details omitted).
If you use pine, change the inbox-path in your ~/.pinerc file:
inbox-path={localhost/pop3}INBOX
About the author
