qmail + vpopmail + Dovecot | Roberto's qmail notes

Quoting D. J. Bernstein definition

qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts

References

You can find a comprehensible introduction on how a mail server works in this page of the Dovecot site. The qmail newbie's guide to relaying by Chris Johnson is very clear. It’s very suitable reading material for someone who’s just getting started.

Disclaimer

The aim of this short guide is NOT to teach you how a mail server works, even though by the time you’re finished reading it you will hopefully have a working e-mail server. These notes just serve as a reminder of the main steps to follow in order to build a quick installation of qmail and related software. I published them because of the lack of any up-to-date documentation concerning the qmail “distributions” I was familiar with, hoping that these notes could be useful to others out there. And I created this guide partly just because I enjoy doing this kind of thing.
Therefore, to learn in depth how a mail server works, you are invited to read carefully at least the references I will mention in each page.

Secondly, I am NOT responsible for what you do with your server :) Use my guide at your own risk.

Finally, comments, criticisms and suggestions are always welcome! :-p

Which distro?

These notes have been written without a specific Linux distribution in mind. I tested them on my Slackware virtual mail servers, both 64 and 32 bit, and a number of guys out there can confirm that it works with other common distributions.

Is this a toaster?

According to the DJB's definition of a toaster, the answer would be yes. I personally consider a toaster something a la Bill Shupp or qmailtoaster, which comes with the packages included. Since I prefer to let you check for the latest versions of everything yourself, strictly speaking this shouldn’t properly be considered a toaster. I would simply call this site “Roberto’s qmail notes” instead. At any rate, I’ve included a paragraph about qmail toasters here just to satisfy the search engines -as most people come here actually looking for a toaster :)).

Before we start...

As I am not  a native english speaker, I will gladly accept every hint to improve the understanding of this guide.

Edit: I would like to address a big thank to Dave Martin, who revised my english in the qmail section of this guide.

Index

I will explain shortly how to put together:

  • daemontools
  • ucspi-tcp6 (IPv6 and greetdelay support)
  • netqmail 1.06
    • patches applyed:
      • qmail-authentication
      • qmail-tls
      • force-tls
      • chkuser
      • qmail queue custom error
      • SPF
      • SRS
      • oversize DNS
      • reread concurrency
      • big concurrency
      • big concurrency fix
      • maildir++
      • better qmail-smtpd logging
      • Greeting delay (both qmail-smtpd and rblsmtpd)
      • DKIM and SURBL
      • EXT-TODO
      • BIG-TODO
      • qmail-inject-null-sender
      • doublebounce-trim
      • esmtp-size
      • qmail-tap
      • qmail-remote CRLF
      • outgoingip
      • qmail-bounce
      • qmail-smtpd pid, qp log patch
      • any-to-cname
      • rfc2821
      • qmail-dnsbl
      • qmail-moreipme
      • qmail-hide-ip-headers
      • qmail-date-localtime
      • qmail-liberal-lf
      • maxrcpt
      • queue-extra
      • qmail-empf
    • Recipient verification and Mail From: Address Verification
    • submission service (port 587)
    • RBL support (patched for greetdelay)
  • vpopmail (mysql auth)
  • vqadmin
  • qmailadmin
  • ezmlm mailing list (ezmlm-web, ezmlm-browse web interfaces)
  • Dovecot
    • IMAPs
    • POP3s
    • sieve
    • clearing of old Junk and Trash emails
  • Roundcube webmail (spamassassin user's preferences, sieve filtering, password plugins)
  • Spammassassin spam filter (with userprefs)
  • Clamav virus filter
  • simscan mail scanner
  • setting up fail2ban

Licence

Creative Commons License

Roberto's qmail notes is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Comments

log@serverhost

Hi,

I had built a new toaster with the latest patch. It was about 2 days old. Everything was working fine and today it happened that every email sent, there a a bounced message. The bounced message  complaints that it tried to deliver the message to log@serverhost.

The intended recipient still maanged to get the email.

Bounced mail below :-
Hi. This is the qmail-send program at domain.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<log@domain.com>:
Sorry. Although I'm listed as a best-preference MX or A for that host, it isn't in my control/locals file, so I don't treat it as local. (#5.4.6)

I decided to create log@domain.com and tried to see what is being recieved, it happened to be the exact email sent out.

Any idea what went wrong?

thanks

nic

qmail-extra was modified..

The mails sent to log@domain.com are needed just to improve the qmail-send log; read the qmail-extra patch on the purpose.

But domain.com must have a valid MX and has to be included in you locals file. Try to see what

qmail-showctl |grep local 

says

Thanks Roberto.Since it is

Thanks Roberto.

Since it is needed, i will just keep the account log@domain.com and put up a crontab to delete mails nightly.

no, this is not how it is

no, this is not how it is programmed to work. There's no actual email to that account. Check the contents of the file /var/qmail/alias/.qmail-log and compare with what I reported in the qmail-extra patch documentation

Qmail log@

FIrst of all, 

congratulations for your work and tutorial.

we follow and mounted a new qmail install.

we repair that the new server trys to send a "copy" of every message to log@domain.com

can you tell us where you put this conf, cause we don't found any reference to this.

Best regards and congratulations again.

Matheus

I added a clarification about

I added a clarification about this functionality at the bottom of the configuration page

Hi, I didn't write a

Hi,

I didn't write a related page yet, just a note here http://notes.sagredo.eu/node/82#queue-extra. Actually it a way to improve the qmail-send log.

Is the functionality working fine for you?

Qmail and Mirroring

Hi

This documentation is the best for qmail, I'm working with qmail a year without problems, but it feels like I have to advance a bit.

Is there any possibility to setup a mirror qmail server? i mean have two servers working and when one is down the other keep working with all the services. Imap, Pop3, SMTP, etc.

Thanks in advance.

uh... I really don't know how

uh... I really don't know how exactly, but I guess that a lot of work should be done to dinamically change the IP in the name server in the event that a program like ping (?) returns a certain response. And also to sync back and restore everything automatically.

Thanks!

Thanks for the qmail info! Helped a ton when I had to update a old server recently and didn't want to switch away from qmail.

Saved me tons of time!

thanks

Roberto, you did a great job! thanks a lot!

to be noted:

- your vpopmail guide is not --large-site=y, so your vpopmail mysql table only had 1 single 'vpopmail' table. i cannot find dovecot support --large-site=y configuration for sql auth, i am backward to use vpopmail auth instead to make it work atm.

regards,

GW

I think you mean

I think you mean --enable-many-domains (http://www.inter7.com/vpopmail/FAQ.txt FAQ #19). It can be a choice, of course, in case of many domains.

So, if I understand well, this option is not dovecot compliant? If you use the SQL backend it should be sufficient to adjust the sql query accordingly. I can't get the vpopmail driver working anymore...

regarding --enable-many-domains option

YES indeed, dovecot compliences issue, and another issue to be added, there is corrupted dovecot.index.chache each time new message arrived! Actually i can get running dovecot 2.2.5 with vpopmail 5.4.33 with --enable-many-domains option using vpopmail driver BUT another issues came up:

- LDA permission to user socket connection denied

- Dovecot Indexing causes dovecot.index.chache corrupted

- LDA issue causes Managesieve/Sieve did not work.

I've never tried this

I've never tried this configuration, but if I were in you I would try to switch to the mysql driver.

Let us know...

SQL driver migration

i can do migration from vpopmail to sql properly but imap-auth scheme support is only LOGIN and PLAIN, it is failed when i 'm using DIGEST-MD5 and CRAM-MD5. i will try to solve this later but the LDS Indexing issue still remind eventhough dovecot always fix it after checking it.

You can get rid of DIGEST-MD5

You can get rid of DIGEST-MD5 and CRAM-MD5 enabling imaps and pop3s...

Indeed, but LDA Indexing

Indeed, but LDA Indexing corrupted still annoying while courier works properly...stuck with corrupted dovecot.index.cache...

qmail support site url changed

please note the URL has been moved to

www.fehcom.de/qmail/qmail.html

 Thank you for putting these notes together.

David.

Thanks for an EXCELLENT resource

Roberto,

We migrated to our new mail server yesterday (built from the ground up using your notes as our guide).  It’s working great!  SpamAssassin is working!  ClamAV is working! SPF is working! DKIM is working!  RoundCube rocks!  In short—everything works! 

Up til now, we had been limping along with a partially broken, spam-laden mail server.  Worse yet, I didn’t know what steps to take to fix it—seemed like any fixes I implemented ended up breaking something else.

Thanks so much for notes.sagredo.eu—it’s been a Godsend!

-Dave Martin
 

Nice!

Hello,

Congratulations for this how to, i think this is one of the most complete on web. Updated tools and perfect to Slackware, my favorite distro.

Nice howto

Hello,

I just convert the mailboxes configuration with myself/scripts/bash etc.. nvm..  It's done.  this issue is close.
2 days ago, I switch my company domain, to the new mail server, and it works great! Good spam, virus protecion. Nice looking webmail, and fresh packages.  Bling-bling ;))

I'am very verrrryy glad that You help and assist me at time of the configuration of your toaster. Thank you! good job, nice howto ;-)