Installing qmail on a Linux server
This blog will explain step by step how to setup and configure qmail (1.03) on a Linux-based server. Different people setup qmail different ways but, I have found this to be the best and easiest way. Do not skip any step unless the step is noted optional.
Add users and groups.
PATH=/bin:/sbin:/usr/bin:/usr/sbin
groupadd nofiles -g 81
groupadd qmail -g 82
useradd alias -u 81 -g nofiles -s /nonexistent -d /var/qmail/alias -M
useradd qmaild -u 82 -g nofiles -s /nonexistent -d /var/qmail -M
useradd qmaill -u 83 -g nofiles -s /nonexistent -d /var/qmail -M
useradd qmailp -u 84 -g nofiles -s /nonexistent -d /var/qmail -M
useradd qmailq -u 85 -g qmail -s /nonexistent -d /var/qmail -M
useradd qmailr -u 86 -g qmail -s /nonexistent -d /var/qmail -M
useradd qmails -u 87 -g qmail -s /nonexistent -d /var/qmail -M
Download qmail source code.
Download patches.
tar xzf qmail-1.03.tar.gz
cd qmail-1.03
for d in ../patch-qmail-*; do patch
Compile and install qmail.
Some linux systems don’t like the way qmail uses “errno”:
./load auto-str substdio.a error.a str.a
substdio.a(substdo.o)(.text+0x43): In function `allwrite’:
: undefined reference to `errno’
collect2: ld returned 1 exit status
make: *** [auto-str] Error 1
To fix this, edit the error.h file in the qmail source code. Add this after 2, before the line saying “extern int errno;”:
After you add that, do “make setup check” again.
You will need to do this again in a few minutes, when you compile checkpassword and daemontools.
Configure qmail.
cd /var/qmail/control
hostname >me
cp me locals
echo YOUR.IP.ADDR.HERE >>locals
cp locals rcpthosts
cd /usr/local/src
wget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz
tar xzf checkpassword-0.90.tar.gz
cd checkpassword-0.90
make
make setup check
(or use the author’s installation guide)
Download and install cmd5checkpw.
cd /usr/local/src
wget http://members.elysium.pl/brush/cmd5checkpw/dist/cmd5checkpw-0.22.tar.gz
tar xzf cmd5checkpw-0.22.tar.gz
cd cmd5checkpw-0.22
make
vi Makefile
## (change /usr/man/man8 to /usr/share/man/man8)
make install
Download and install daemontools.
svscan should be running now. pstree should show something like this.
if ! echo $PATH | /bin/grep -q “/command” ; then
PATH=”/command:$PATH”
fi
Create /var/service and set up a service directory for qmail-send.
mkdir -p /var/service/qmail-send
cd /var/service/qmail-send
mkdir log log/main
chown qmaill log/main
chmod g+s log/main
chmod +t .
cat run
#!/bin/sh
exec env – PATH=”/var/qmail/bin:$PATH” qmail-start ./Maildir/ 2>&1
EOF
cat log/run
#!/bin/sh
exec env – PATH=”/command” setuidgid qmaill multilog t s999999 ./main
EOF
chmod +x run log/run
Turn on the supervised qmail service.
ln -s /var/service/qmail-send /service/
Wait a few seconds. qmail-send should be running now. pstree should show something like this.
|-svscanboot-+-readproctitle | `-svscan-+-supervise---qmail-send-+-qmail-clean | | |-qmail-lspawn | | `-qmail-rspawn | `-supervise---multilog
Download and install ucspi-tcp.
cd /usr/local/src
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
tar xzf ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
make setup check
Set up a qmail-smtpd service on port 2525 for testing. Allow relaying to any domain from 127.0.0.1 and 192.168.202.0/24.
cd /var/service
mkdir qmail-smtpd
cd qmail-smtpd
mkdir log log/main
chown qmaill log/main
chmod g+s log/main
chmod +t .
cat run
#!/bin/sh
exec env – PATH=”/var/qmail/bin:$PATH”
envuidgid qmaild
tcpserver -U -vR -l 0 -x rules.cdb 0 2525
rblsmtpd -a antirbl.tomclegg.net
-r relays.ordb.org
-r bl.spamcop.net
qmail-smtpd `cat /var/qmail/control/me` cmd5checkpw true
2>&1
EOF
cat rules
192.168.202.:allow,RELAYCLIENT=””,RBLSMTPD=””
127.0.0.1:allow,RELAYCLIENT=””,RBLSMTPD=””
:allow
EOF
tcprules rules.cdb rules.tmp
cat log/run
#!/bin/sh
exec env – PATH=/command setuidgid qmaill multilog t ./main
EOF
chmod +x run log/run
Start the qmail-smtpd service.
ln -s /var/service/qmail-smtpd /service/
Set up a qmail-pop3d service on port 25110 for testing.
cd /var/service
mkdir qmail-pop3d
cd qmail-pop3d
mkdir log log/main
chown qmaill log/main
chmod g+s log/main
chmod +t .
cat run
#!/bin/sh
exec env – PATH=”/var/qmail/bin:$PATH”
tcpserver -vR -l 0
0 25110
qmail-popup “`cat /var/qmail/control/me`”
checkpassword qmail-pop3d Maildir
2>&1
EOF
cat log/run
#!/bin/sh
exec env – PATH=/command setuidgid qmaill multilog t ./main
EOF
chmod +x run log/run
Start the qmail-pop3d service.
ln -s /var/service/qmail-pop3d /service/
Create a Maildir for each user.
cd /home &&
for user in *
do
su -l “$user” -c “/var/qmail/bin/maildirmake Maildir”
ls -ld “$user”/Maildir
done
Create a Maildir in /etc/skel.
Switching mail service from sendmail to qmail
Translate /home/*/.forward to /home/*/.qmail (details omitted).
Translate /etc/mail/virtusertable to /var/qmail/alias/.qmail-* and /var/qmail/control/virtualdomains (details omitted).
Test local delivery using “telnet localhost 2525”
Test remote delivery using “telnet localhost 2525”
Test relay control using “telnet YOUR.IP.ADDR.HERE 2525” from somewhere else. You should be able to connect, but mail to test@example.com should be refused.
Test pop using “telnet localhost 25110”
Replace /usr/sbin/sendmail with a symlink to /var/qmail/bin/sendmail
cd /usr/sbin
mv -i sendmail sendmail~
ln -s /var/qmail/bin/sendmail
Turn off pop3 service in /etc/xinetd.d/ipop3 and kick xinetd.
perl -pi~ -e ‘s,^>,tdisable = yesn>,’ /etc/xinetd.d/ipop3
killall -USR1 xinetd
Make sure sendmail won’t start at boot time any more.
# /sbin/chkconfig sendmail off
# /sbin/chkconfig –level 2 sendmail off
# /sbin/chkconfig –list sendmail
sendmail 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Stop sendmail.
Change port 2525 to port 25 in /service/qmail-smtpd/run, change port 25110 to port 110 in /service/qmail-pop3d/run, and restart qmail-smtpd.
svc -t /service/qmail-smtpd /service/qmail-pop3d
Convert /var/spool/mail/* to /home/*/Maildir/ (details omitted).
If you use pine, change the inbox-path in your ~/.pinerc file:
COMPLETE DIGITAL SERVER SOLUTIONS FOR ALL
Bare Metal Dedicated Servers
A single tenant, physical server allowing you full access to its resources
Professional Hybrid Servers
Virtualized server platform hosted on enterprise-grade physical servers
Scalable Cloud Servers
High-performance and highly-available infrastructure
Managed Colocation
Our next-generation data center facilities