Roundcube webmail

December 1, 2021 Roberto Puzzanghera 7 comments

Roundcube is a full featured webmail with a nice interface.

Changelog

  • Dic 1, 2021
    RC upgraded to v. 1.5.1
  • Gen 3, 2021
    disabled the SMTP authentication when sending messages via RC. SMTP port changed to 25.

Migrating to the last version

The following "migration" notes didn't work fine this time, when upgrading to v. 1.5.0 from v. 1.4.11. When running the installto.sh script I got a couple of error concerning the database schema:

ERROR: Error in DDL upgrade 2020020101: [1091] Can't DROP 'user_id_fk_cache_index'; check that column/key exists

This was very annoying. I cured it manually installing all the database foreign keys. Look at this page for more info. I also had to create the 'contactgroupmembers', but I think it would be created by the script in case of no errors.

I solved this one upgrading my mariadb from 10.0 to 10.5

ERROR: Error in DDL upgrade 2020091000: [1709] Index column size too large. The maximum column size is 767 bytes.

So, for what concerns this major update, it could be better for most of us to perform a clean installation.

I'm leaving the following "upgrade" notes for future upgrades, hoping that they may remain valid.

Installing and configuring vpopmail

October 30, 2021 Roberto Puzzanghera 75 comments

Vpopmail provides an easy way to manage virtual email domains and non /etc/passwd email accounts on your mail servers.

The purpose of this note is to show how to use Mysql as the authentication system. Having a users database also offers the advantage of communicating with the database via PHP, and creating web-based user interfaces to manage accounts.

Patch details

The patch we'll apply is the result of the following bunch of patches:

  • sql-aliasdomains patch, which makes vpopmail save the aliasdomains to MySQL. This makes the dovecot sql auth driver aware of the aliasdomains, provided that you modify the sql query as well (see the dovecot page for more info).
  • defaultdelivery patch, which makes vpopmail to copy your favourite delivery agent (stored in QMAILDIR/control/defauldelivery) into the .qmail-default file of any newly created domain, overriding the default vpopmail's behaviour, where vpopmail copies its delivery agent vdelivermail. You have to configure with --enable-defaultdelivery to enable this.
    If the functionality is disabled (--disable-defaultdelivery, which is the default option) vdelivermail is installed with the "delete" option instead of "bounce-no-mailbox", which is not reasonable anymore.
  • dovecot-pwd_query patch
    If you want to use the dovecot's sql auth driver with one table for each domain (--disable-many-domains) you have to heavily customize your password query. With this patch vpopmail installs the sql procedure and functions in the database when you create a new domain. The procedure can be called by dovecot to perform the auth.
    The sql stuff supports aliasdomains and mysql limits and will be loaded from ~/vpopmail/etc/pwd-query_disable-many-domains.sql. You can customize the sql procedure editing this file.
    You have to configure with --enable-mysql-bin=PATH as we have to install the procedure calling the mysql bin as a shell command (no way to load an sql query from a file in C language, comments welcome).
  • vusaged configure patch
    It seems that at least on Debian 11 vusaged refuses to run the configure successfully, as the mysql libraries
    are not linked (configure: error: No vauth_getpw in libvpopmail). After some inspection, I noticed that avoiding the break of the configure command, the following make command will find libmysqlclient and compile with no problems, and the program works as expected.
    NB: an autoreconf -f -i into the vusaged directory is needed before configuring, as the configure.ac script was modified.
  • recipient check patch. It can be used with Erwin Hoffmann's s/qmail to accomplish the recipient check. Not important in my installation, look at doc/README.vrcptcheck for more info.
  • gcc-10-compat patch, which gets vpopmail to compile with gcc-10

ClamAV

September 28, 2021 Roberto Puzzanghera 8 comments

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.

Starting from v. 0.104.0 the installation of clamav is based only on CMake, which superseds the autotools install. Therefore we have to change the way the program is configured at compile time.

Since the installation we are going to do is very basic, I suggest to install a package from your distro and come back here to read the post-install notes.

What follows concerns the installation from source. As already said, CMake is needed and if your distro doesn't provide a recent version you should update it via python pip3; refer to this page if you need to update your CMake.

If you have a recent CMake version (v. 3.21.3 works here) this is how you can install clamav from source.

Patching qmail

September 27, 2021 Roberto Puzzanghera 327 comments

Changelog

The complete changelog and patch info are inside the README.PATCH file.

  • Sep 27, 2021
    -chkuser: now it allows double hyphens "--" in the sender email, like in y--s.co.jp (diff here)
  • Aug 22, 2021
    -minor fix to qlog: now it logs the auth-type correctly (diff)
  • 2021.06.19
    -chkuser: defined extra allowed characters in sender/rcpt addresses and added the slash to the list (tx Thomas). diff here
  • 2021.06.12
    -RSA key and DH parameters are created 4096 bit long also in Makefile-cert. qmail-smtpd.c and qmail-remote.c updated accordingly (tx Eric Broch).
    -Makefile-cert: the certs will be owned by vpopmail:vchkpw
  • 2021.03.21
    -update_tmprsadh.sh: RSA key and DH parameters increased to 4096 bits
  • 2020.12.04
    received.c: some adjustments to compile with gcc-10 (diff here)
  • 2020.07.29
    -dk-filter: corrected a bug where dk-filter was using DKIMDOMAIN unconditionally. Now it uses DKIMDOMAIN only if _SENDER is null (tx Manvendra Bhangui).
  • 2020.07.27
    -added a fix for CVE-2005-2513 (tx C)
  • 2020.04.25
    -qmail-smtpd.c: added rcptcount = 0; in smtp_rset function to prevent the maxrcpto error if control/maxrcpt limit has been exceeded in multiple messages sent sequentially rather than in a single mail (tx Alexandre Fonceca)
  • 2020.04.16
    -qmail-remote-logging patch added (more info here)
  • 2020.04.10
    -DKIM patch updated to v. 1.28
    * outgoing messages from null sender ("<>") will be signed as well with the domain in env variable DKIMDOMAIN
    * declaring NODK env variable disables old domainkeys signature, while defining NODKIM disables DKIM.