Howto Qmail+checkpassword+Mysql+Spamcontrol+(E)SMTP auth+ucspi+daemontools.

Dott. Emiliano Bruni, info/at/ebruni_dot_it

Last modified: 2004/01/22 23:30

Copyright © 2003
Emiliano Bruni

License: GNU Free Document License
(http://www.gnu.org/licenses/fdl.html)

Abstract

Simple step-to-step guide to install Qmail+checkpassword with MySQL patch and with patch for Spamcontrol, SMTP authentication access. This guide covers installation of Ucspi and daemontools too.

Packages download

You could download require packages and apply them related patchs or go directly to step 22 and download sources with patchs already installed

  1. Download package qmail from http://www.qmail.org/

  2. Download patch mysql x qmail (ver 1.1.9) from http://iain.cx/qmail/mysql/download.html

  3. Download SpamControl with (E)SMTP auth from http://www.fehcom.de/qmail/spamcontrol.html

  4. Download Checkpassword 0.90 http://cr.yp.to/checkpwd/install.html

  5. Download patch for Checkpassword 2.0.1pre2 fromhttp://iain.cx/qmail/mysql/download.html

  6. Download mysqldump from http://iain.cx/qmail/mysql/download.html

  7. Download daemontools  from ftp://cr.yp.to/daemontools/daemontools-0.76.tar.gz)

Apply patchs into qmail

  1. tar zxvf qmail-1.03.tar.gz

  2. cd qmail-1.03

  3. Install patch Spamcontrol
    tar zxvf ../spamcontrol_2073.tgz
    vi spamcontrol.sh e impostare variabile SOLARIS a 0
    ./spamcontrol.sh

  4. Install patch qmail-mysql-1.1.9.patch. (This is a patched version of mysql patch in order to work correctly after spamcontrol patch.)
    cd ..
    patch < ../qmail-mysql-1.1.9.emi.patch
    cd qmail-1.03
    patch < ../qmail-mysql-1.1.9.patch

  5. To correct an error in qmail-getpw where:
    pw = (struct passwd *) malloc(sizeof(struct passwd *));
    replace with
    pw = (struct passwd *) malloc(sizeof(struct passwd));

  6. cd ..

  7. for redhat 9 install also these patchs
    http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.errno.patch
    http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.qmail_local.patch
    patch -p1 < /usr/src/qmail/qmail-1.03.errno.patch
    patch -p1 < /usr/src/qmail/qmail-1.03.qmail_local.patch

Install patch to checkpassword

  1. tar zvxf checkpassword-0.90.tar.gz; cd checkpassword-0.90

  2. patch < ../checkpassword-mysql-2.0.1pre2.patch

  3. for redhat 9 install also this patch from
    http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/checkpassword-0.90.errno.patch
    patch -p1 < /usr/src/qmail/checkpassword-0.90.errno.patch

Configure qmail source.

  1. Open conf-qmail and conf-home in qmail-1.03 and replace row with /usr/local/qmail

  2. vi Makefile and modify it in this way:
    MYSQL_LIBS=/usr/lib/mysql/libmysqlclient.a -lm -lz -lcrypt #-lsocket -lnsl
    MYSQL_INCLUDE=-I/usr/include
    LOGGING=#-DO_NOT_LOG_CONNECTS -DO_NOT_LOG
    After having testing installation, remember to recompile qmail disabling logging.

Configure checkpassword source.

  1. vi conf-qmail and replace row with /usr/local/qmail

  2. vi Makefile and modify it in this way:
    MYSQL_LIBS=/usr/lib/mysql/libmysqlclient.a -lm -lz -lcrypt #-lsocket -lnsl
    MYSQL_INCLUDE=-I/usr/include
    LOGGING=#-DO_NOT_LOG_SQL -DO_NOT_LOG -DO_NOT_LOG_ERRORS
    After having testing installation, remember to recompile qmail disabling logging.

Download sorgenti con patch già applicate.

  1. If don't want to lose time for applying patchs you can download qmail source with patchs already applied with all configurations describe over from http://www.ebruni.it/docs/qmail_mysql/bin/qmail+mysql+esmtp.tar.gz

  2. If don't want to lose time for applying patchs you can download checkpassword source with patch already applied with all configurations describe over from http://www.ebruni.it/docs/qmail_mysql/bin/checkpassword-0.90+mysql.tar.gz

Install qmail

  1. mkdir /usr/local/qmail

  2. groupadd -g 601 nofiles;groupadd -g 602 qmail

  3. Add required Unix users
    useradd -g nofiles -d /usr/local/qmail/alias -s /bin/true alias
    useradd -g nofiles -d /usr/local/qmail -s /bin/true qmaild
    useradd -g nofiles -d /usr/local/qmail -s /bin/true qmaill
    useradd -g nofiles -d /usr/local/qmail -s /bin/true qmailp
    useradd -g qmail -d /usr/local/qmail -s /bin/true qmailq
    useradd -g qmail -d /usr/local/qmail -s /bin/true qmailr
    useradd -g qmail -d /usr/local/qmail -s /bin/true qmails

  4. Compile source:
    cd /usr/src/qmail/qmail-1.03
    make setup check
    ./config-fast <host.domain>

  5. Configure qmail startup script:
    cp /usr/local/qmail/boot/home /usr/local/qmail/rc.qmail
    vi /usr/local/qmail/rc.qmail e modificare ./Mailbox in ./Maildir/

Install checkpassword

  1. Compile source:
    cd /usr/src/qmail/checkpassword-0.90
    make setup check

  2. Set checkpassword with 711 and flag suid for working with auth patch
    chmod 711 /usr/local/qmail/bin/checkpassword
    chmod u+s /usr/local/qmail/bin/checkpassword

Install UCSPI like connection filter

  1. Install ucspi-tcp-0.88-1.i386.rpm
    rpm -ivh ftp://rpmfind.net/linux/contrib/libc6/i386/ucspi-tcp-0.88-1.i386.rpm
    (for redhat 9 this rpm is not good. download source from http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88-005patch.src.rpm and rebuild it
    rpmbuild --rebuild ucspi-tcp-0.88-005patch.src.rpm e poi
    rpm -ivh /usr/src/redhat/RPMS/i386/ucspi-tcp-0.88-005patch.i386.rpm    )

  2. mkdir /etc/tcp

  3. Create smtp and add rules for smtp TCP connection like this:
    cat >/etc/tcp/smtp <<EOF
    127.0.0.1:allow,RELAYCLIENT=""
    EOF

  4. Compile rules into /etc/tcp/smtp with
    tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp

  5. Create pop-3 and add rules for pop3 TCP connection like this:
    cat >/etc/tcp/pop-3<<EOF
    :allow
    :deny
    EOF

  6. Compile rules into /etc/tcp/pop-3 with
    tcprules /etc/tcp/pop-3.cdb /etc/tcp/pop-3.tmp < /etc/tcp/pop-3

Creata Qmail database.

  1. Create db "qmail" into mysql
    mysqladmin -p create qmail

  2. Install database dump
    mysql -p qmail < /usr/src/qmail/mysqldump

  3. Create "qmail" mysql user with permission on database "qmail"
    GRANT USAGE ON *.* TO "qmail"@"localhost" IDENTIFIED BY "qmailpass";
    GRANT SELECT ,INSERT ,UPDATE , DELETE ON `qmail`.* TO "qmail"@ "localhost";
    and reload users table with
    mysqladmin -p reload

  4. Create /usr/local/qmail/control/sqlserver like this:
    cat >/usr/local/qmail/control/sqlserver<<EOF
    server localhost
    login qmail
    password qmailpass
    db qmail
    EOF

  5. Set file permission with:
    chmod 644 /usr/local/qmail/control/sqlserver
    chown qmaild.qmail /usr/local/qmail/control/sqlserver

Create email directory

  1. Create and set email directory
    mkdir /var/spool/pop
    chown qmaild:qmail /var/spool/pop
    chmod 711 /var/spool/pop
    mkdir /var/spool/pop/domains
    chown qmaild:qmail /var/spool/pop/domains
    chmod 711 /var/spool/pop/domains

Install daemontools

  1. Install daemontools that runs and monitors qmail processes.

  2. Create the directory
    mkdir /usr/local/daemontools
    cd /usr/local/daemontools

  3. for redhat 9 install this patch before:
    http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/daemontools-0.76.errno.patch
    patch -p1 < /usr/src/qmail/daemontools-0.76.errno.patch

  4. Install package
    tar zxvf /usr/src/qmail/daemontools-0.76.tar.gz
    cd admin/daemontools-0.76
    ./package/install

  5. Create directory for supervise processes
    mkdir -p /usr/local/qmail/supervise/qmail-send/log
    mkdir -p /usr/local/qmail/supervise/qmail-smtpd/log
    mkdir -p /usr/local/qmail/supervise/qmail-pop3d/log
    mkdir /var/log/qmail
    mkdir /var/log/qmail/smtpd
    mkdir /var/log/qmail/pop3d

  6. Set permission for log users
    chown -R qmaill /var/log/qmail

  7. Create startup file for qmail-send
    cat >/usr/local/qmail/supervise/qmail-send/run <<EOF
    #!/bin/sh
    exec /usr/local/qmail/rc.qmail
    EOF

  8. Create log process for this service
    cat > /usr/local/qmail/supervise/qmail-send/log/run<<EOF
    #!/bin/sh
    exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \
    /var/log/qmail
    EOF

  9. Create startup file for qmail-smtpd
    cat >/usr/local/qmail/supervise/qmail-smtpd/run<<EOF
    #!/bin/sh
    QMAILDUID=\`id -u qmaild\`
    NOFILESGID=\`id -g qmaild\`
    MAXSMTPD=\`cat /usr/local/qmail/control/concurrencyincoming\`
    exec /usr/local/bin/softlimit -m 4000000 \\
    /usr/local/bin/tcpserver -v -p -x /etc/tcp/smtp.cdb -c "\$MAXSMTPD" \\
    -u "\$QMAILDUID" -g "\$NOFILESGID" 0 smtp \\
    /usr/local/bin/rblsmtpd -r relays.ordb.org \\
    sh -c '{ test -z "\$TCPREMOTEHOST" && [ "\$TCPREMOTEIP" != "127.0.0.1" ] ; } \\
    && echo "451 bad reverse DNS \$TCPREMOTEIP" \\
    || /usr/local/qmail/bin/qmail-smtpd \\
    /usr/local/qmail/bin/checkpassword /bin/true' 2>&1
    EOF

  10. Create log process for this service
    cat >/usr/local/qmail/supervise/qmail-smtpd/log/run<<EOF
    #!/bin/sh
    exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \\
    /var/log/qmail/smtpd
    EOF

  11. Create startup file for pop3
    cat > /usr/local/qmail/supervise/qmail-pop3d/run<<EOF
    #!/bin/sh
    exec /usr/local/bin/softlimit -m 4000000 \\
    /usr/local/bin/tcpserver -v -x /etc/tcp/pop-3.cdb -R -H -l 0 0 pop-3 \\
    /usr/local/qmail/bin/qmail-popup \\
    host.domain /usr/local/qmail/bin/checkpassword \\
    /usr/local/qmail/bin/qmail-pop3d Maildir 2>&1
    EOF

  12. Create log process for this service
    cat >/usr/local/qmail/supervise/qmail-pop3d/log/run<<EOF
    #!/bin/sh
    exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \\
    /var/log/qmail/pop3d
    EOF

  13. Make these scripts runnable with
    chmod 755 /usr/local/qmail/supervise/qmail-send/run
    chmod 755 /usr/local/qmail/supervise/qmail-send/log/run
    chmod 755 /usr/local/qmail/supervise/qmail-smtpd/run
    chmod 755 /usr/local/qmail/supervise/qmail-smtpd/log/run
    chmod 755 /usr/local/qmail/supervise/qmail-pop3d/run
    chmod 755 /usr/local/qmail/supervise/qmail-pop3d/log/run

  14. Create concurrencyincoming
    echo 20 > /usr/local/qmail/control/concurrencyincoming
    chmod 664 /usr/local/qmail/control/concurrencyincoming

  15. add mail filters
    echo '*@*@*' > /usr/local/qmail/control/badrcptpatterns
    echo '*!*' >> /usr/local/qmail/control/badrcptpatterns
    echo '*@*@*' > /usr/local/qmail/control/badmailpatterns
    echo '*!*' >> /usr/local/qmail/control/badmailpatterns

  16. Link startap directory in /services
    ln -s /usr/local/qmail/supervise/qmail-pop3d /service
    ln -s /usr/local/qmail/supervise/qmail-send /service
    ln -s /usr/local/qmail/supervise/qmail-smtpd /service

  17. Download startup script from
    http://www.ebruni.it/docs/qmail_mysql/bin/qmaild and
    cp qmaild /etc/rc.d/init.d/qmaild
    chmod 755 /etc/rc.d/init.d/qmaild

  18. Remove sendmail
    /etc/rc.d/init.d/sendmail stop
    rpm -e --nodeps sendmail

  19. Remove old pop3
    vi /etc/xinetd.d/ipop3  e impostare disable=yes
    service xinetd restart

  20. startup qmail
    /etc/rc.d/init.d/qmaild start

  21. insert qmaild in the runlevel
    chkconfig --add qmaild
    chkconfig --level 235 qmaild on

  22. create a link to simulate sendmail
    ln -s /usr/local/qmail/bin/sendmail /usr/sbin/sendmail

Other settings

  1. In /etc/login.defs remove comment to QMAIL_DIR MailDir and comment MAILDIR

posted @ 2004-10-27 13:34  活力豆  阅读(1224)  评论(0)    收藏  举报