qmail installation manual
Authors: Ferruca <fernando@nediam.com.mx> and
Nediam <javier@nediam.com.mx>
Publication date: 2004-11-18
Last updated: 2006-04-14
This manual is based on the Life with Qmail documentation: http://www.lifewithqmail.org. The operating system we used for testing was Debian GNU/Linux.
- Download from http://qmail.org the following packages:
- netqmail-x.x.x.tar.gz
- ucspi-tcp-x.x.tar.gz
- daemontools-x.x.tar.gz
Note: at the time of this writing , the most recent version of netqmail is 1.05, the most recent of ucspi-tcp is 0.88, and that of daemon-tools is 0.76. - Supposing the above packages were downloaded to /usr/local/, extract and decompress them:
SERVER:~# cd /usr/local
SERVER:/usr/local# tar -zxvf netqmail-1.05.tar.gz
(The README says that before beginning the qmail installation, first we must apply a patch executing the script collate.sh)
SERVER:/usr/local# cd netqmail-1.05
SERVER:/usr/local/netqmail-1.05# ./collate.sh
SERVER:/usr/local/netqmail-1.05# mv netqmail-1.05 ../qmail-1.05
SERVER:/usr/local/netqmail-1.05# cd ..
SERVER:/usr/local# tar -zxvf ucspi-tcp-0.88.tar.gz
SERVER:/usr/local# tar -zxvf daemontools-0.76.tar.gz
- Create the directory where qmail will be installed:
SERVER:~# mkdir /var/qmail
- Create the users and groups under the qmail processes will run. The way to do this is through a script that comes with the qmail source code named
INSTALL.ids. It is important to check this file to see which commands will be useful to us. First let's make a copy of it:
SERVER:~# cd /usr/local/qmail-1.05
SERVER:/usr/local/qmail-1.05# cp INSTALL.ids INSTALL.ids.old
Then, using some editor delete the lines that won't be needed (in our case we will only leave the ones in the Linux section), make it executable and run it:
SERVER:/usr/local/qmail-1.05# chmod 700 INSTALL.ids
SERVER:/usr/local/qmail-1.05# ./INSTALL.ids
Verify in /etc/group and in /etc/passwd that the groups and users have been created properly. - Do the qmail compilation:
SERVER:/usr/local/qmail-1.05# make setup check
-
Do the post-installation configuration by executing the config script. This script serves to detect the hostname and the server's domain
name so our mail server can only accept SMTP messages from these hosts.
SERVER:/usr/local/qmail-1.05# ./config
Your hostname is host. Your host's fully qualified name in DNS is host.domain. Putting host.domain into control/me... Putting domain into control/defaultdomain... Putting domain into control/plusdomain... Checking local IP addresses: 0.0.0.0: PTR lookup failed. I assume this address has no DNS name. 127.0.0.1: Adding localhost to control/locals... a.b.c.d: Adding host.domain to control/locals... If there are any other domain names that point to you, you will have to add them to /var/qmail/control/locals. You don't have to worry about aliases, i.e., domains with CNAME records. Copying /var/qmail/control/locals to /var/qmail/control/rcpthosts... Now qmail will refuse to accept SMTP messages except to those hosts. Make sure to change rcpthosts if you add hosts to locals or virtualdomains!
Tip: If the server is not registered in the DNS server, then we'll have to use the config-fast script instead of config, and we need to pass the full name of the computer as parameter: ./config-fast host.domain -
Install ucspi-tcp. ucspi-tcp (Unix Client-Server Program Interface) is a set of tools for creating TCP client-server applications.
SERVER:/usr/local/qmail-1.05# cd ../ucspi-tcp-0.88
SERVER:/usr/local/ucspi-tcp-0.88# patch < ../netqmail-1.05/other-patches/ucspi-tcp-0.88.a_record.patch
SERVER:/usr/local/ucspi-tcp-0.88# patch < ../netqmail-1.05/other-patches/ucspi-tcp-0.88.errno.patch
SERVER:/usr/local/ucspi-tcp-0.88# patch < ../netqmail-1.05/other-patches/ucspi-tcp-0.88.nodefaultrbl.patch
SERVER:/usr/local/ucspi-tcp-0.88# make
SERVER:/usr/local/ucspi-tcp-0.88# make setup check
-
Install daemon-tools. This package is a set of tools for managing Unix services (daemons).
SERVER:/usr/local/ucspi-tcp-0.88# cd ../admin/daemontools-0.76/src/
SERVER:/usr/local/admin/daemontools-0.76/src# patch < /usr/local/netqmail-1.05/other-patches/daemontools-0.76.errno.patch
SERVER:/usr/local/admin/daemontools-0.76/src# cd ..
SERVER:/usr/local/admin/daemontools-0.76# package/install
- Create the qmail boot script /var/qmail/rc containing the following lines:
#!/bin/sh # /var/qmail/rc : qmail startup script # Using control/defaultdelivery (in our case will be ./Maildir/) as default message delivery. exec env - PATH="/var/qmail/bin:$PATH" \ qmail-start "`cat /var/qmail/control/defaultdelivery`"
Then give it execution permissions:
SERVER:/var/qmail# chmod 755 rc
Tip: Look in the /var/qmail/boot/ directory for more examples of qmail boot scripts. -
Create the directory where the logs generated by qmail will be located:
SERVER:/var/qmail# mkdir /var/log/qmail
- Define the default mailbox to be used. Most recommended for qmail is Maildir:
SERVER:/var/qmail# echo ./Maildir/ > /var/qmail/control/defaultdelivery
In order to create their inbox to the users, use the command maildirmake. This command must to be executed with the id of each user. For example, to create his inbox to user john, we would use the following commands:
SERVER:/var/qmail# su - john
john@SERVER:~$ /var/qmail/bin/maildirmake $HOME/Maildir - Create the qmail init script /var/qmail/bin/qmailctl containing
these.
lines. Following this, make it executable and make it a symbolic link to /usr/bin/:
SERVER:/var/qmail/bin# chmod 755 qmailctl
SERVER:/var/qmail/bin# ln -s /var/qmail/bin/qmailctl /usr/bin/
Copy this same script to /etc/init.d/ and create the respective simbolic links to the runlevel directories, or make the appropriate configuration if your distribution uses BSD-style rather than System-V:
SERVER:/var/qmail/bin# cp qmailctl /etc/init.d/qmail
SERVER:/var/qmail/bin# cd /etc/init.d/
SERVER:/etc/init.d# update-rc.d qmail start 99 2 3 4 5 . stop 99 0 1 6 .
Tip: if the distribution you are using does not have the utility update-rc.d, you'll have to create the links manually. - Create the supervise scripts. These scripts serve to control the qmail daemons and their respective logs. First we create the supervise
directories:
SERVER:~/# mkdir -p /var/qmail/supervise/qmail-send/log
SERVER:~/# mkdir -p /var/qmail/supervise/qmail-smtpd/log
Now we create the script /var/qmail/supervise/qmail-send/run containing the following lines:
#!/bin/sh
exec /var/qmail/rc
Create the script /var/qmail/supervise/qmail-send/log/run containing the following lines:
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail
Create the script /var/qmail/supervise/qmail-smtpd/run containing the following lines:
#!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in echo /var/qmail/supervise/qmail-smtpd/run exit 1 fi if [ ! -f /var/qmail/control/rcpthosts ]; then echo "No /var/qmail/control/rcpthosts!" echo "Refusing to start SMTP listener because it'll create an open relay" exit 1 fi exec /usr/local/bin/softlimit -m 2000000 \ /usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
Tip: by default tcpserver will accept 40 concurrent connections. If more are required, one have to specify it with the parameter 'c'. For example, if a maximum of 200 concurrent connections is desired, this is the way to specify it: tcpserver -v -R -c200 -l "$LOCAL" -x /etc/tcp.smtp.cdb ...
Create the script /var/qmail/supervise/qmail-smtpd/log/run containing the following lines:
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd
Make executable all four run files we've just created:
SERVER:~/# chmod 755 /var/qmail/supervise/qmail-send/run
SERVER:~/# chmod 755 /var/qmail/supervise/qmail-send/log/run
SERVER:~/# chmod 755 /var/qmail/supervise/qmail-smtpd/run
SERVER:~/# chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
Configure the log directories we specified in the scripts:
SERVER:~/# mkdir -p /var/log/qmail/smtpd
SERVER:~/# chown qmaill /var/log/qmail /var/log/qmail/smtpd
Create the file /var/qmail/control/concurrencyincoming and change the permissions. This file will contain the number of the maximum simultaneous incoming SMTP connections qmail will accept:
SERVER:~/# echo 20 > /var/qmail/control/concurrencyincoming
SERVER:~/# chmod 644 /var/qmail/control/concurrencyincoming
Finally, create symbolic links for the supervise directories to the /service directory:
SERVER:~/# ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
After creating these links qmail will start automatically. To continue with the rest of the configuration, we will stop it:
SERVER:~/# qmailctl stop
Stopping qmail...
qmail-smtpd
qmail-send
- Create the file /etc/tcp.smtp. This file will specify the rules to allow/deny the hosts to send emails from our server. We will allow local
users to inject mail through SMTP and then we will recreate the cdb file for SMTP:
SERVER:~/# echo '127.:allow,RELAYCLIENT=""' >> /etc/tcp.smtp
SERVER:~/# qmailctl cdb
Tip: To allow some other host to use our SMTP service, it has to be added to /etc/tcp.smtp in a similar way. For example, to give relay access to IP 192.168.1.240:
SERVER:~/# echo '192.168.1.240.:allow,RELAYCLIENT=""' >> /etc/tcp.smtp - Create aliases. Define a local or remote email account where emails sent to postmaster, mailer-daemon, and root should be
redirected, and create the aliases (in this example, we'll suppose we have decided that user john will get these emails):
SERVER:~/# echo john > /var/qmail/alias/.qmail-root
SERVER:~/# echo john > /var/qmail/alias/.qmail-postmaster
SERVER:~/# ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
SERVER:~/# chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster
Tip: if more aliases are required, create them in the same way. For example to create an alias for webmaster:
SERVER:~/# echo john > /var/qmail/alias/.qmail-webmaster - Start qmail and check if the services have been initiated:
SERVER:~/# qmailctl start
SERVER:~/# qmailctl stat
/service/qmail-send: up (pid 5490) 11 seconds /service/qmail-send/log: up (pid 5491) 11 seconds /service/qmail-smtpd: up (pid 5492) 11 seconds /service/qmail-smtpd/log: up (pid 5493) 11 seconds messages in queue: 0 messages in queue but not yet preprocessed: 0
SERVER:~/# ps -efl | grep "service errors" | grep -v grep
100 S root 4844 4841 0 76 0 - 309 pipe_w Nov15 ? 00:00:00 readproctitle service errors:
.........................................................................................................................................................................
.........................................................................................................................................................................
..............................................................
All four services must be up for longer than a second, and readproctitle should not report any errors (the program readproctitle keeps a log of the error messages generated by the services administered by svscan). - Tests. Check the files TEST.deliver and TEST.receive that are found in the directory where qmail's .tar.gz was decompressed:
Send an email to a local account and verify that it has been delivered to the inbox:
SERVER:~/# echo to: john | /var/qmail/bin/qmail-inject
SERVER:~/# ls /home/john/Maildir/new/1100637402.5643.SERVER
SERVER:~/# more /home/john/Maildir/new/1100637402.5643.SERVERReturn-Path: <root@domain> Delivered-To: john@domain Received: (qmail 5640 invoked by uid 0); 16 Nov 2004 20:36:42 -0000 Date: 16 Nov 2004 20:36:42 -0000 Message-ID: <20041116203642.5639.qmail@domain> From: root@domain to: john@domain
SERVER:~/# tail /var/log/qmail/current@40000000419a64e411198e4c new msg 2812883 @40000000419a64e411199a04 info msg 2812883: bytes 211 from <root@domain> qp 5640 uid 0 @40000000419a64e4151d8674 starting delivery 1: msg 2812883 to local john@domain @40000000419a64e4151e651c status: local 1/10 remote 0/20 @40000000419a64e416c5c3ec delivery 1: success: did_1+0+0/ @40000000419a64e416c7b7ec status: local 0/10 remote 0/20 @40000000419a64e416c7bbd4 end msg 2812883
Send an email to an external account and verify that it has been delivered:
SERVER:~/# echo to: someaccount@hotmail.com | /var/qmail/bin/qmail-inject
SERVER:~/# tail /var/log/qmail/current
@40000000419a81fe1967e9f4 new msg 2812883 @40000000419a81fe1967f5ac info msg 2812883: bytes 210 from <root@domain> qp 5755 uid 0 @40000000419a81fe1d055c04 starting delivery 5: msg 2812883 to remote someaccount@hotmail.com @40000000419a81fe1d0632dc status: local 0/10 remote 1/20 @40000000419a8200346717ac delivery 5: success: 64.4.50.99_accepted_message./Remote_host_said:_250__< 20041116224052.5754.qmail@domain>_Queued_mail_for_delivery/ @40000000419a82003467274c status: local 0/10 remote 0/20 @40000000419a820034672b34 end msg 2812883
Send an email from an external account to a local account and check that it has been received:
SERVER:~/# tail /var/log/qmail/current@40000000419b8597346c576c new msg 2812883 @40000000419b8597346c6324 info msg 2812883: bytes 886 from <cuenta@domain2> qp 6181 uid 1007 @40000000419b8597380898cc starting delivery 8: msg 2812883 to local john@domain @40000000419b8597380967d4 status: local 1/10 remote 0/20 @40000000419b859739b54ae4 delivery 8: success: did_1+0+0/ @40000000419b859739b717d4 status: local 0/10 remote 0/20 @40000000419b859739b71fa4 end msg 2812883
Send an email from an external account to an inexistent local account and check that a message has been sent to the remote account saying that these mailbox doesn't exist:
SERVER:~/# tail /var/log/qmail/current@40000000419bdbe12214bd34 new msg 2812883 @40000000419bdbe12214c8ec info msg 2812883: bytes 862 from <cuenta@domain2> qp 6331 uid 1007 @40000000419bdbe12615e69c starting delivery 9: msg 2812883 to local john33@domain @40000000419bdbe12616e484 status: local 1/10 remote 0/20 @40000000419bdbe126356134 delivery 9: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ @40000000419bdbe12637e1d4 status: local 0/10 remote 0/20 @40000000419bdbe12a7383fc bounce msg 2812883 qp 6334 @40000000419bdbe12a738fb4 end msg 2812883 @40000000419bdbe12a75491c new msg 2812889 @40000000419bdbe12a763b4c info msg 2812889: bytes 1409 from <> qp 6334 uid 1012 @40000000419bdbe12e6f90cc starting delivery 10: msg 2812889 to remote cuenta@domain2 @40000000419bdbe12e701d6c status: local 0/10 remote 1/20 @40000000419bdbe534597f34 delivery 10: success: 66.98.170.56_accepted_message./Remote_host_said: _250_2.0.0_iAHMHvYj009257_Message_accepted_for_delivery/ @40000000419bdbe534598ed4 status: local 0/10 remote 0/20 @40000000419bdbe5345992bc end msg 2812889
- Final notes: The next step would be to install a POP3 or IMAP server. In this page you will find the instructions to use courier-imap with qmail. Also, a webmail could be installed. Squirrelmail is a very good one. In order to remove messages from the qmail queue you can use the program Qmail-remove.
References:
- D. J. Bernstein, qmail: second most popular MTA on the Internet - http://qmail.org/top.html
- D. J. Bernstein, ucspi-tcp - http://cr.yp.to/ucspi-tcp.html
- Dave Sill - Life with qmail - http://www.lifewithqmail.org
- tcpserver, Linux man page - http://www.die.net/doc/linux/man/man1/tcpserver.1.html
- Shekhar Joshi, qmail & courier-imap - http://shrii.org/qmail.html
- SquirrelMail, Webmail for Nuts! - http://www.squirrelmail.org
The latest version of this document is available at: http://nediam.com.mx/en/docs/qmail_manual/index.php