Howto Qmail+checkpassword+Mysql+Spamcontrol+(E)SMTP auth+ucspi+daemontools.
|
Dott. Emiliano Bruni, info/at/ebruni_dot_it |
Last modified: 2004/01/22 23:30 |
|
Copyright © 2003 |
License: GNU Free Document License |
Abstract
Simple step-to-step guide to install Qmail+checkpassword with MySQL patch and with patch for Spamcontrol, SMTP authentication access. This guide covers installation of Ucspi and daemontools too.
You could download require packages and apply them related patchs or go directly to step 22 and download sources with patchs already installed
Download package qmail from http://www.qmail.org/
Download patch mysql x qmail (ver 1.1.9) from http://iain.cx/qmail/mysql/download.html
Download SpamControl with (E)SMTP auth from http://www.fehcom.de/qmail/spamcontrol.html
Download Checkpassword 0.90 http://cr.yp.to/checkpwd/install.html
Download patch for Checkpassword 2.0.1pre2 fromhttp://iain.cx/qmail/mysql/download.html
Download mysqldump from http://iain.cx/qmail/mysql/download.html
Download daemontools from ftp://cr.yp.to/daemontools/daemontools-0.76.tar.gz)
tar zxvf qmail-1.03.tar.gz
cd qmail-1.03
Install patch Spamcontrol
tar zxvf ../spamcontrol_2073.tgz
vi spamcontrol.sh e impostare variabile SOLARIS a 0
./spamcontrol.sh
Install patch qmail-mysql-1.1.9.patch. (This is a patched
version of mysql patch in order to work correctly after spamcontrol patch.)
cd ..
patch < ../qmail-mysql-1.1.9.emi.patch
cd qmail-1.03
patch < ../qmail-mysql-1.1.9.patch
To correct an error in qmail-getpw where:
pw = (struct passwd *) malloc(sizeof(struct passwd *));
replace with
pw = (struct passwd *) malloc(sizeof(struct passwd));
cd ..
for redhat 9 install also these patchs
http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.errno.patch
http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.qmail_local.patch
patch -p1 < /usr/src/qmail/qmail-1.03.errno.patch
patch -p1 < /usr/src/qmail/qmail-1.03.qmail_local.patch
tar zvxf checkpassword-0.90.tar.gz; cd checkpassword-0.90
patch < ../checkpassword-mysql-2.0.1pre2.patch
for redhat 9 install also this patch from
http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/checkpassword-0.90.errno.patch
patch -p1 < /usr/src/qmail/checkpassword-0.90.errno.patch
Open conf-qmail and conf-home in qmail-1.03 and replace row with /usr/local/qmail
vi Makefile and modify it in this way:
MYSQL_LIBS=/usr/lib/mysql/libmysqlclient.a -lm -lz -lcrypt #-lsocket -lnsl
MYSQL_INCLUDE=-I/usr/include
LOGGING=#-DO_NOT_LOG_CONNECTS -DO_NOT_LOG
After having testing installation, remember to recompile qmail
disabling logging.
vi conf-qmail and replace row with /usr/local/qmail
vi Makefile and modify it in this way:
MYSQL_LIBS=/usr/lib/mysql/libmysqlclient.a -lm -lz -lcrypt #-lsocket -lnsl
MYSQL_INCLUDE=-I/usr/include
LOGGING=#-DO_NOT_LOG_SQL -DO_NOT_LOG -DO_NOT_LOG_ERRORS
After having testing installation, remember to recompile qmail
disabling logging.
If don't want to lose time for applying patchs you can download qmail source with patchs already applied with all configurations describe over from http://www.ebruni.it/docs/qmail_mysql/bin/qmail+mysql+esmtp.tar.gz
If don't want to lose time for applying patchs you can download checkpassword source with patch already applied with all configurations describe over from http://www.ebruni.it/docs/qmail_mysql/bin/checkpassword-0.90+mysql.tar.gz
mkdir /usr/local/qmail
groupadd -g 601 nofiles;groupadd -g 602 qmail
Add required Unix users
useradd -g nofiles -d /usr/local/qmail/alias -s /bin/true alias
useradd -g nofiles -d /usr/local/qmail -s /bin/true qmaild
useradd -g nofiles -d /usr/local/qmail -s /bin/true qmaill
useradd -g nofiles -d /usr/local/qmail -s /bin/true qmailp
useradd -g qmail -d /usr/local/qmail -s /bin/true qmailq
useradd -g qmail -d /usr/local/qmail -s /bin/true qmailr
useradd -g qmail -d /usr/local/qmail -s /bin/true qmails
Compile source:
cd /usr/src/qmail/qmail-1.03
make setup check
./config-fast <host.domain>
Configure qmail startup script:
cp /usr/local/qmail/boot/home /usr/local/qmail/rc.qmail
vi /usr/local/qmail/rc.qmail e modificare ./Mailbox in ./Maildir/
Compile source:
cd /usr/src/qmail/checkpassword-0.90
make setup check
Set checkpassword with 711 and flag suid for working with
auth patch
chmod 711 /usr/local/qmail/bin/checkpassword
chmod u+s /usr/local/qmail/bin/checkpassword
Install ucspi-tcp-0.88-1.i386.rpm
rpm -ivh ftp://rpmfind.net/linux/contrib/libc6/i386/ucspi-tcp-0.88-1.i386.rpm
(for redhat 9 this rpm is not good. download source from
http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88-005patch.src.rpm
and rebuild it
rpmbuild --rebuild ucspi-tcp-0.88-005patch.src.rpm e poi
rpm -ivh /usr/src/redhat/RPMS/i386/ucspi-tcp-0.88-005patch.i386.rpm)
mkdir /etc/tcp
Create smtp and add rules for smtp TCP connection like
this:
cat >/etc/tcp/smtp <<EOF
127.0.0.1:allow,RELAYCLIENT=""
EOF
Compile rules into /etc/tcp/smtp with
tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp
Create pop-3 and add rules for pop3 TCP connection like
this:
cat >/etc/tcp/pop-3<<EOF
:allow
:deny
EOF
Compile rules into /etc/tcp/pop-3 with
tcprules /etc/tcp/pop-3.cdb /etc/tcp/pop-3.tmp < /etc/tcp/pop-3
Create db "qmail" into mysql
mysqladmin -p create qmail
Install database dump
mysql -p qmail < /usr/src/qmail/mysqldump
Create "qmail" mysql user with permission on
database "qmail"
GRANT USAGE ON *.* TO "qmail"@"localhost" IDENTIFIED BY
"qmailpass";
GRANT SELECT ,INSERT ,UPDATE , DELETE ON `qmail`.* TO "qmail"@ "localhost";
and reload users table with
mysqladmin -p reload
Create /usr/local/qmail/control/sqlserver like this:
cat >/usr/local/qmail/control/sqlserver<<EOF
server localhost
login
qmail
password qmailpass
db qmail
EOF
Set file permission with:
chmod 644 /usr/local/qmail/control/sqlserver
chown qmaild.qmail /usr/local/qmail/control/sqlserver
Create and set email directory
mkdir /var/spool/pop
chown qmaild:qmail /var/spool/pop
chmod 711 /var/spool/pop
mkdir /var/spool/pop/domains
chown qmaild:qmail /var/spool/pop/domains
chmod 711 /var/spool/pop/domains
Install daemontools that runs and monitors qmail processes.
Create the directory
mkdir /usr/local/daemontools
cd /usr/local/daemontools
for redhat 9 install this patch before:
http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/daemontools-0.76.errno.patch
patch -p1 < /usr/src/qmail/daemontools-0.76.errno.patch
Install package
tar zxvf /usr/src/qmail/daemontools-0.76.tar.gz
cd admin/daemontools-0.76
./package/install
Create directory for supervise processes
mkdir -p /usr/local/qmail/supervise/qmail-send/log
mkdir -p /usr/local/qmail/supervise/qmail-smtpd/log
mkdir -p /usr/local/qmail/supervise/qmail-pop3d/log
mkdir /var/log/qmail
mkdir /var/log/qmail/smtpd
mkdir /var/log/qmail/pop3d
Set permission for log users
chown -R qmaill /var/log/qmail
Create startup file for qmail-send
cat >/usr/local/qmail/supervise/qmail-send/run <<EOF
#!/bin/sh
exec /usr/local/qmail/rc.qmail
EOF
Create log process for this service
cat > /usr/local/qmail/supervise/qmail-send/log/run<<EOF
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \
/var/log/qmail
EOF
Create startup file for qmail-smtpd
cat >/usr/local/qmail/supervise/qmail-smtpd/run<<EOF
#!/bin/sh
QMAILDUID=\`id -u qmaild\`
NOFILESGID=\`id -g qmaild\`
MAXSMTPD=\`cat /usr/local/qmail/control/concurrencyincoming\`
exec /usr/local/bin/softlimit -m 4000000
\\
/usr/local/bin/tcpserver -v -p -x /etc/tcp/smtp.cdb -c "\$MAXSMTPD"
\\
-u "\$QMAILDUID" -g "\$NOFILESGID" 0 smtp \\
/usr/local/bin/rblsmtpd -r relays.ordb.org \\
sh -c '{ test -z "\$TCPREMOTEHOST" && [ "\$TCPREMOTEIP" != "127.0.0.1" ] ; } \\
&& echo "451 bad reverse DNS
\$TCPREMOTEIP" \\
|| /usr/local/qmail/bin/qmail-smtpd \\
/usr/local/qmail/bin/checkpassword /bin/true' 2>&1
EOF
Create log process for this service
cat >/usr/local/qmail/supervise/qmail-smtpd/log/run<<EOF
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t
\\
/var/log/qmail/smtpd
EOF
Create startup file for pop3
cat > /usr/local/qmail/supervise/qmail-pop3d/run<<EOF
#!/bin/sh
exec /usr/local/bin/softlimit -m 4000000
\\
/usr/local/bin/tcpserver -v -x /etc/tcp/pop-3.cdb -R -H -l 0 0 pop-3 \\
/usr/local/qmail/bin/qmail-popup
\\
host.domain /usr/local/qmail/bin/checkpassword \\
/usr/local/qmail/bin/qmail-pop3d Maildir 2>&1
EOF
Create log process for this service
cat >/usr/local/qmail/supervise/qmail-pop3d/log/run<<EOF
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t
\\
/var/log/qmail/pop3d
EOF
Make these scripts runnable with
chmod 755 /usr/local/qmail/supervise/qmail-send/run
chmod 755 /usr/local/qmail/supervise/qmail-send/log/run
chmod 755 /usr/local/qmail/supervise/qmail-smtpd/run
chmod 755 /usr/local/qmail/supervise/qmail-smtpd/log/run
chmod 755 /usr/local/qmail/supervise/qmail-pop3d/run
chmod 755 /usr/local/qmail/supervise/qmail-pop3d/log/run
Create concurrencyincoming
echo 20 > /usr/local/qmail/control/concurrencyincoming
chmod 664 /usr/local/qmail/control/concurrencyincoming
add mail filters
echo '*@*@*' > /usr/local/qmail/control/badrcptpatterns
echo '*!*' >> /usr/local/qmail/control/badrcptpatterns
echo '*@*@*' > /usr/local/qmail/control/badmailpatterns
echo '*!*' >> /usr/local/qmail/control/badmailpatterns
Link startap directory in /services
ln -s /usr/local/qmail/supervise/qmail-pop3d /service
ln -s /usr/local/qmail/supervise/qmail-send /service
ln -s /usr/local/qmail/supervise/qmail-smtpd /service
Download startup script from
http://www.ebruni.it/docs/qmail_mysql/bin/qmaild and
cp qmaild /etc/rc.d/init.d/qmaild
chmod 755 /etc/rc.d/init.d/qmaild
Remove sendmail
/etc/rc.d/init.d/sendmail stop
rpm -e --nodeps sendmail
Remove old pop3
vi /etc/xinetd.d/ipop3 e impostare disable=yes
service xinetd restart
startup qmail
/etc/rc.d/init.d/qmaild start
insert qmaild in the runlevel
chkconfig --add qmaild
chkconfig --level 235 qmaild on
create a link to simulate sendmail
ln -s /usr/local/qmail/bin/sendmail /usr/sbin/sendmail
In /etc/login.defs remove comment to QMAIL_DIR MailDir and comment MAILDIR