Patching qmail
August 7, 2019 Roberto Puzzanghera 245 comments
- Latest stable combined patch for netqmail-1.06 v. 2019.08.07 (MD5)
Changelog
The complete changelog and patch info are inside the README.PATCH file.
- 2019.08.07
- a couple of adjustments to chkuser (tx Luca Franceschini, more info here)
* BUG - since any other definition of starting_string ends up as "DOMAIN", if starting_string is otherwise defined, chkuser will be turned off.
* CHKUSER_ENABLE_ALIAS_DEFAULT, CHKUSER_VAUTH_OPEN_CALL and CHKUSER_DISABLE_VARIABLE are now defined in chkuser_settings.h
* Now CHKUSER_DISABLE_VARIABLE, CHKUSER_SENDER_NOCHECK_VARIABLE, CHKUSER_SENDER_FORMAT_NOCHECK, CHKUSER_RCPT_FORMAT_NOCHECK and CHKUSER_RCPT_MX_NOCHECK can be defined at runtime level as well. - 2019.07.12
- qmail-channels patch added
more info here http://www.thesmbexchange.com/eng/qmail-channels_patch.html
- improved verbosity of die_read function in qmail-smtpd.c (qmail-smtpd: read failure). More info here - 2019.06.19
- DKIM patch updated to v. 1.26
* BUG - honor body length tag in verification - 2019.05.24
- qmail-tls patch updated to v. 20190517
* bug: qmail-smtpd ssl_free before tls_out error string (K. Wheeler) - 2019.05.23
- DKIM patch updated to v. 1.25
* SIGSEGV - when the txt data for domainkeys is very large exposed a bug in the way realloc() was used incorrectly.
* On 32 bit systems, variable defined as time_t overflows. Now qmail-dkim will skip expiry check in such conditions. - 2019.04.25
* bug fixed on qmail-smtpd.c: it was selecting the wrong openssl version on line 2331 (tx ChangHo.Na) - 2019.04.09
- qmail-tls patch updated to v. 20190408
* make compatible with openssl 1.1.0 (Rolf Eike Beer, Dirk Engling, Alexander Hof)
* compiler warnings on char * casts (Kai Peter) - 2019.04.03
-libdomainkeys patch updated (tx Manvendra Banghui) - 2019.03.22
- fixed a bug causing crashes of qmail-remote when using openssl-1.1 (tx Luca Franceschini) - 2019.02.27
- port to openssl-1.1
- DKIM patch updated to v. 1.24
* bug fix: restored signaturedomains/nosignaturedomains functionalities.
smtp-auth + qmail-tls + forcetls patch for qmail
June 28, 2019 Roberto Puzzanghera 77 comments
Changelog
- 2019.06.28
- qmail-tls patch updated to v. 20190517
* bug: qmail-smtpd ssl_free before tls_out error string (K. Wheeler) - 2019-04-17
- qmail-tls patch updated to v. 20190408
* make compatible with openssl 1.1.0 (Rolf Eike Beer, Dirk Engling, Alexander Hof)
* compiler warnings on char * casts (Kai Peter) - 2019-03-12
* openssl-1.1 port
I have put into a package the latest version of the following patches for netqmail-1.06.
Installing a Let's Encrypt certificate for your qmail and dovecot servers
March 21, 2018 Roberto Puzzanghera 14 comments
More info:
Here is how to install and configure a valid certificate from Let's Encrypt for your qmail and dovecot servers. The installation will be done by certbot.
Certbot is part of EFF’s effort to encrypt the entire Internet. Secure communication over the Web relies on HTTPS, which requires the use of a digital certificate that lets browsers verify the identity of web servers (e.g., is that really google.com?). Web servers obtain their certificates from trusted third parties called certificate authorities (CAs). Certbot is an easy-to-use client that fetches a certificate from Let’s Encrypt—an open certificate authority launched by the EFF, Mozilla, and others—and deploys it to a web server.
Installing Dovecot and sieve on a vpopmail + qmail server
March 21, 2018 Roberto Puzzanghera 56 comments
- Overview
- Installing
- Configuring
- Download my dovecot's config files
- dovecot.conf
- 10-auth.conf
- auth-sql.conf.ext
- 10-director.conf
- 10-logging.conf
- Logrotate
- 10-mail.conf
- 10-master.conf
- 10-ssl.conf
- 15-lda.conf
- 15-mailboxes.conf
- 20-imap.conf
- 20-lmtp.conf
- 20-pop3.conf
- 90-plugin.conf
- 90-quota.conf
Overview
- Info: http://www.dovecot.org/
- Documentation: http://wiki2.dovecot.org
- Mail Server overview: http://wiki2.dovecot.org/MailServerOverview
- Download: http://www.dovecot.org/releases/2.3/
- Version: dovecot-2.3.1
Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It's fast, simple to set up, requires no special administration and it uses very little memory.
Limiting the number of emails sent by a given auth-user/domain/IP
October 24, 2017 Roberto Puzzanghera 8 comments
If you want to avoid the risk of compromising your server because of accounts who are sending messages indiscriminately to the world, due to the fact that their password was violated in some way, then you can take advantage of Luca Franceschini's rcptcheck-overlimit.sh script, which has to be used in conjunction with the rcptcheck patch (a patch derived by Luca himself from an original work of Jay Soffian).
Since in 2016 Luca has decided to merge his combo with my big patch, he is giving his personal contribution to it. He fixed many bugs and added new important patches and functionalities, often writing himself the code. The script shared here is just the last one and it's quite surprising (at least for me) to observe how many things are performed putting together just 20 lines.
- thanks to Luca Franceschini (Digitalmind)
- version 2017-08-23
- rcptcheck patch
- rcptcheck-overlimit.sh
Slackware guest on Linux-Vserver
July 5, 2016 Roberto Puzzanghera 4 comments
- Info: http://linux-vserver.org/
- What
Linux-Vserverdoes (from wikipedia): http://en.wikipedia.org/wiki/Linux-VServer - Download only my patch: /files/linux-vserver/linux-vserver_slackware-14.2.patch
- Download my patch and installer script: /files/linux-vserver/slack_vserver.tar.gz
Linux-Vserver is an open source software which acts as a virtual private server implementation done by adding operating system-level virtualization capabilities to the Linux kernel.
