Adsense 1

Friday, May 11, 2007

Dual MTA Qmail - Contd...

OS: CentOS4.4(64bit)

For the inside queue(that scans and delivers mail) i followed the instructions from qmailrocks. Disk space, pre-installation check list & other instructions are here

Note: I installed vpopmail without mysql since the number of domains i manage is small. If you are going to have more than 10 domains consider using vpopmail with mysql backend. Remember to replace all example.net entries with your own domain. For hostnames enter the FQDN of your server.

After installing qmailrocks, make sure that mails to & from your domain works. The qmail installation from qmailrocks listens on port 25, alter it to listen on port 2000.

Last few lines in '/var/qmail/supervise/qmail-smtpd/run' looks like this

# tail -4 /var/qmail/supervise/qmail-smtpd/run


/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 127.0.0.1 2000 \
/var/qmail/bin/qmail-smtpd your.hostname.here \
/home/vpopmail/bin/vchkpw /usr/bin/true 2>&1


With the above setting, the QMR installation will serve us as a separate queue which will scan any mail that comes to it. Now we have everything setup to install our other queue.

Note: I used /var/qmail-inside as my qmail directory(for all incoming mails). You can choose any other directory you want. Also for this queue i patched qmail with jms's combined patch set 6cd

Below are the steps:


cd /usr/local/src
wget ftp://ftp.jp.qmail.org/qmail/qmail-1.03.tar.gz
wget http://qmail.jms1.net/patches/qmail-1.03-jms1.6cd.patch
wget http://untroubled.org/qmail-qfilter/qmail-qfilter-2.1.tar.gz
wget http://qmail.jms1.net/scripts/service-qmail-send-run
wget http://qmail.jms1.net/scripts/service-qmail-smtpd-run
tar zxfv qmail-1.03.tar.gz
mv qmail-1.03 qmail-inside
cd qmail-inside/


Edit conf-qmail and change the directory entry from /var/qmail to /var/qmail-inside

echo 211 > conf-split
echo 255 > conf-spawn
patch < /usr/local/src/qmail-1.03-jms1.6cd.patch make setup check


Next we have to copy create necessary control files for qmail. Copying all the control files from the /var/qmail/control will do. But we have remove some unwanted files too. virtualdomains file has the names of the virtual domains created with vpopmail. However, having this file means that the mail will be directly delivered to the vpopmail user rather than passing it to out other queue.


cd /var/qmail-inside/control/
cp /var/qmail/control/* /var/qmail-inside/control/
rm -f virtualdomains.lock locals.lock rcpthosts.lock clientcert.pem
rm -f virtualdomains


It is better to link some files directly from /var/qmail so that when there are new virtual domains we don't have to change the file each time we add a new virtual domain.


/var/qmail-inside/control
rm -f rcpthosts
ln -s /var/qmail/control/rcpthosts
rm -f plusdomain
ln -s /var/qmail/control/plusdomain


Now we are gonna created necessary aliases and cbd file.

cd /var/qmail-inside/alias  echo "postmaster" > .qmail-root
echo "postmaster@example.net" > .qmail-postmaster
echo "postmaster" > .qmail-mailer-daemon
cp .qmail-root .qmail-abuse
echo "127.0.0.1:allow,RELAYCLIENT=\"\"" > /etc/tcp.smtp.inside
tcprules /etc/tcp.smtp.inside.cdb /etc/tcp.smtp.inside.tmp < /etc/tcp.smtp.inside


Next step is to create all supervise and log directories

mkdir -p /var/qmail-inside/supervise/qmail-inside-send/log
mkdir -p /var/qmail-inside/supervise/qmail-smtpd-25/log
mkdir -p /var/qmail-inside/supervise/qmail-smtpd-465/log
chmod +t /var/qmail-inside/supervise/qmail-inside-send
chmod +t /var/qmail-inside/supervise/qmail-smtpd-25
chmod +t /var/qmail-inside/supervise/qmail-smtpd-465
mkdir -p /var/log/qmail-inside/qmail-inside-send
mkdir -p /var/log/qmail-inside/qmail-smtpd-25
mkdir -p /var/log/qmail-inside/qmail-smtpd-465
chown -R qmaill /var/log/qmail-inside/
chown vpopmail.qmail servercert.pem


Create run files for both smtpd instances:
vi /var/qmail-inside/supervise/qmail-smtpd-25/log/run


#!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s2500000 /var/log/qmail-inside/qmail-smtpd-25


vi /var/qmail-inside/supervise/qmail-inside-send/log/run

#!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail-inside/qmail-inside-send


Now we are going to create the supervise directories:

cd /var/qmail-inside/supervise
cp /usr/local/src/service-qmail-smtpd-run qmail-smtpd-25/
cp /usr/local/src/service-qmail-smtpd-run qmail-smtpd-465/
cp /usr/local/src/service-qmail-send-run qmail-inside-send/
cp qmail-smtpd-25/log/run qmail-smtpd-465/log/


vi qmail-smtpd-465/log/run

change the directory qmail-smtpd-25 to qmail-smtpd-465

chmod 755 qmail-smtpd-465/log/run qmail-smtpd-25/log/run\ qmail-inside-send/log/run
cd /var/qmail-inside/supervise/qmail-inside-send/
mv service-qmail-send-run run

Edit the file run: vi run

and change the following entries

VQ=/var/qmail to VQ=/var/qmail-inside

and save the file


chmod 755 run
cd ../qmail-smtpd-25/
mv service-qmail-smtpd-run run
vi run


Change the following:

VQ="/var/qmail-inside"
SMTP_CDB="/etc/tcp.smtp.inside.cdb"
GREETDELAY=30
IP=0

uncomment RBLSMTPD_PROG, RBL_BAD , save the file and make it executable.
# chmod 755 run


We have to install sslserver for enabling secured smtp connections(i configured it to listen on port 465).

Installing sslserver

cd /usr/local/src/
wget http://www.superscript.com/ucspi-ssl/ucspi-ssl-0.70.tar.gz
cd /package/
tar zxfv /usr/local/src/ucspi-ssl-0.70.tar.gz
cd host/superscript.com/net/ucspi-ssl-0.70
package/compile
package/rts  # output should be empty
package/install
cd /var/qmail-inside/supervise/qmail-smtpd-465/
mv service-qmail-smtpd-run run
vi run


change the following

VQ="/var/qmail-inside"
SMTP_CDB="/etc/tcp.smtp.cdb"
QUSER=vpopmail
IP=0
PORT=465
SSL=1
AUTH=1
REQUIRE_AUTH=1

Save the file

chmod 755 run
cd /var/qmail-inside/control/
echo ":127.0.0.1:2000" > smtproutes
cd /service/
ln -s /var/qmail-inside/supervise/qmail-smtpd-25/
ln -s /var/qmail-inside/supervise/qmail-inside-send/
ln -s /var/qmail-inside/supervise/qmail-smtpd-465/

ps -ef|grep qmail-inside

will show that the processes are started and running. Check the corresponding services logs and make sure that they don't throw errors.

If you followed the above steps word by word then, log files for the above services will be at: /var/log/qmail-inside/qmail-smtpd-25/current and /var/log/qmail-inside/qmail-smtpd-465/current

Errors and fixes:
When configuring your mail client to send mail you get auth failure. You have to use useid@example.net as username. Also make sure that SSLis enbaled and the port is set as 465.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)