qmailadmin

May 22, 2020 Roberto Puzzanghera 43 comments

qmailAdmin is a free software package that provides a web interface for managing a qmail system with virtual domains. It provides admin for adding/deleting users, Aliases, Forwards, Mailing lists and Autoresponders.

Combined patch details

  • qmailadmin-skin, a patch that I created during coronavirus spare time, provides a new responsive skin to the control panel. It modifies everything under the html dir and many .c files in order to adjust the html embedded into the source files. Added a stylesheet style.ccs in the images folder and png files for the qmail logo.
  • patch to call cracklib in order to check for the password strenght. This should avoid unsafe accounts created by domain administrators such as "test 123456".
  • A patch (thanks to Tony, original author unknown) which gets qmailadmin to have authentication failures logged. This makes possibile to ban malicious IPs via fail2ban. It is required to create the log file /var/log/qma-auth.log initially and assign write priviledges to apache.
  • ezmlm-idx 7 compatibility patch (author unknown), which restores the compatibility with ezmlm-idx-7 (thanks to J.D. Trolinger for the advice).
  • a fix to the catchall account (thanks to Luca Franceschini).
  • another fix to autorespond.c to correct the way .qmail files are modified

Changelog

  • 2020.05.22
    - mod_user.html: removed the "required" attribute on password field, to allow modification with no password change

 

Patching qmail

April 25, 2020 Roberto Puzzanghera 269 comments

Changelog

The complete changelog and patch info are inside the README.PATCH file.

  • 2020.04.25
    -qmail-smtpd.c: added rcptcount = 0; in smtp_rset function to prevent the maxrcpto error if control/maxrcpt limit has been exceeded in multiple messages sent sequentially rather than in a single mail (tx Alexandre Fonceca)
  • 2020.04.16
    -qmail-remote-logging patch added (more info here)
  • 2020.04.10
    -DKIM patch updated to v. 1.28
    * outgoing messages from null sender ("<>") will be signed as well with the domain in env variable DKIMDOMAIN
    * declaring NODK env variable disables old domainkeys signature, while defining NODKIM disables DKIM.
  • 2020.01.11
    -qmail-tls patch updated to v. 20200107
    * working client cert authentication with TLSv1.3
  • 2019.12.08
    -BUG qmail-smtpd.c: now TLS is defined before chkuser.h call, to avoid errors on closing the db connection (tx ChangHo.Na)
  • 2019.08.07
    - a couple of adjustments to chkuser (tx Luca Franceschini, more info here)
    * BUG - since any other definition of starting_string ends up as "DOMAIN", if starting_string is otherwise defined, chkuser will be turned off.
    * CHKUSER_ENABLE_ALIAS_DEFAULT, CHKUSER_VAUTH_OPEN_CALL and CHKUSER_DISABLE_VARIABLE are now defined in chkuser_settings.h
    * Now CHKUSER_DISABLE_VARIABLE, CHKUSER_SENDER_NOCHECK_VARIABLE, CHKUSER_SENDER_FORMAT_NOCHECK, CHKUSER_RCPT_FORMAT_NOCHECK and CHKUSER_RCPT_MX_NOCHECK can be defined at runtime level as well.
  • 2019.07.12
    - qmail-channels patch added
    more info here http://www.thesmbexchange.com/eng/qmail-channels_patch.html
    - improved verbosity of die_read function in qmail-smtpd.c (qmail-smtpd: read failure). More info here
  • 2019.06.19
    - DKIM patch updated to v. 1.26
    * BUG - honor body length tag in verification
  • 2019.05.24
    - qmail-tls patch updated to v. 20190517
    * bug: qmail-smtpd ssl_free before tls_out error string (K. Wheeler)
  • 2019.05.23
    - DKIM patch updated to v. 1.25
    * SIGSEGV - when the txt data for domainkeys is very large exposed a bug in the way realloc() was used incorrectly.
    * On 32 bit systems, variable defined as time_t overflows. Now qmail-dkim will skip expiry check in such conditions.
  • 2019.04.25
    * bug fixed on qmail-smtpd.c: it was selecting the wrong openssl version on line 2331 (tx ChangHo.Na)
  • 2019.04.09
    - qmail-tls patch updated to v. 20190408
    * make compatible with openssl 1.1.0 (Rolf Eike Beer, Dirk Engling, Alexander Hof)
    * compiler warnings on char * casts (Kai Peter)

Dovecot vpopmail-auth driver removal

March 17, 2020 Roberto Puzzanghera 6 comments

Those who are still using the Dovecot's vpopmail auth driver should consider a migration to the sql driver, as on March 17 the Dovecot Team announced its removal possibly as soon as the v2.3.11 will be released. See here for additional info about obsolete feature removal.

Comments' new filter in place. Please report issues

March 11, 2020 Roberto Puzzanghera 0 comments

These days I'm forced at home and I've found the time to improve the filter against undesired comments.

Please report any issue dropping me an email if your comments are rejected.

Roberto

Configuring DKIM for qmail

April 10, 2020 Roberto Puzzanghera 130 comments

This note concerns the DKIM patch embedded in my combined patch (more info here). This topic is advanced and you can skip it at the beginning.

DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication. The validation technique is based on public-key cryptography: Responsibility is claimed by the signer by adding a domain name to the message and then also affixing a digital signature of it and the message. The value is placed in the DKIM-Signature: header field. The verifier recovers the signer's public key using the DNS, and then verifies the signature.