Installing and configuring vpopmail

August 9, 2022 Roberto Puzzanghera 81 comments

Vpopmail provides an easy way to manage virtual email domains and non /etc/passwd email accounts on your mail servers.

The purpose of this note is to show how to use Mysql as the authentication system. Having a users database also offers the advantage of communicating with the database via PHP, and creating web-based user interfaces to manage accounts.

Patch details

The patch we'll apply is the result of the following bunch of patches:

  • sql-aliasdomains patch, which makes vpopmail save the aliasdomains to MySQL. This makes the dovecot sql auth driver aware of the aliasdomains, provided that you modify the sql query as well (see the dovecot page for more info).
  • defaultdelivery patch, which makes vpopmail to copy your favourite delivery agent (stored in QMAILDIR/control/defauldelivery) into the .qmail-default file of any newly created domain, overriding the default vpopmail's behaviour, where vpopmail copies its delivery agent vdelivermail. You have to configure with --enable-defaultdelivery to enable this.
    If the functionality is disabled (--disable-defaultdelivery, which is the default option) vdelivermail is installed with the "delete" option instead of "bounce-no-mailbox", which is not reasonable anymore.
  • dovecot-sql-procedures patch
    If you want to use the dovecot's sql auth driver with one table for each domain (--disable-many-domains) you have to heavily customize your queries to the sql database. With this patch vpopmail installs the sql procedures and functions in the database when you create a new domain. The procedures can be called by dovecot to perform the auth.
    The sql stuff supports aliasdomains and mysql limits and will be loaded from ~/vpopmail/etc/disable-many-domains_procedures.sql. You can customize the sql procedure editing this file.
    You have to configure with --enable-mysql-bin=PATH as we have to install the procedures calling the mysql bin as a shell command (no way to load an sql query from a file in C language, comments welcome).
  • vusaged configure patch
    It seems that at least on Debian 11 vusaged refuses to run the configure successfully, as the mysql libraries are not linked (configure: error: No vauth_getpw in libvpopmail). After some inspection, I noticed that avoiding the break of the configure command, the following make command will find libmysqlclient and compile with no problems, and the program works as expected.
    NB: an autoreconf -f -i into the vusaged directory is needed before configuring, as the configure.ac script was modified.
  • recipient check patch. It can be used with Erwin Hoffmann's s/qmail to accomplish the recipient check. Not important in my installation, look at doc/README.vrcptcheck for more info.
  • gcc-10-compat patch, which gets vpopmail to compile with gcc-10

read more

Installing Dovecot and sieve on a vpopmail + qmail server

August 9, 2022 Roberto Puzzanghera 73 comments

Changelog

  • Aug 9, 2022 improved the sql stuff in case of --disable-many-domains (tx kengheng)
  • Apr 21, 2022
    -Solr support added
  • Apr 17, 2022
    -auth-sql.conf.ext: changed the userdb lookup for LDA from static to sql, as the home dir was not retrieved correctly if positioned in a subfolder (i.e. domains/0/domainname).
  • June 20, 2021
    -15-mailboxes.conf: added Junk.TeachSpam and Junk.TeachNotSpam mailboxes to store messages for the learning and reporting systems (more info here)
  • March 17, 2021
    - 90-quota.conf: quota definition adjusted in this way quota = maildir:: as the GETQUOTA command was not returning the quota (thanks a.key)
  • March 2, 2021
    - "one table per domain" support added (--disable-many-domains)
    - added domains limits support to password_query (you have to compile vpopmail --enable-mysql-limits)
  • January 29, 2021
    - auth-sql.conf.ext now uses the userdb's prefetch driver in order to perform one single query when doing the auth
    - dovecot-sql.conf.ext has been modified to allow authentication both with real and alias domains, provided that you patched vpopmail accordingly. More info in this page.
    - the iterate_query in the sql driver now extracts the "user" field (was "username") as required by the docs.

Overview

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It's fast, simple to set up, requires no special administration and it uses very little memory.

read more

Roundcube plugins

August 8, 2022 Roberto Puzzanghera 26 comments

My enabled plugins are (at the moment):

  • Password, to change the user's password
  • ManageSieve, which writes sieve scripts to filter the incoming mails (reject, move to specific folders etc.). Note that in order to use it you must have Dovecot managesieve enabled.
  • SpamAssassin User Prefs SQL (sauserprefs), which writes the spamassassin user preferences in the DB. The user will be allowed to create a black/white list, to adjust the required_score and so on.
  • MarkAsJunk. You can add the sender's email address to the blacklist, or run a command such as sa_learn. Requires sauprefs.
  • ContextMenu. Adds context menus to the message list, folder list and address book. Menu includes the abilities mark messages as read/unread, delete, reply and forward.
  • Newmail notifier. can notify new mail focusing browser window and changing favicon, playing a sound and  displaying desktop notification (using webkitNotifications feature).
  • Persistent login, which provides a "Keep me logged in" aka "Remember Me" functionality for Roundcube.
  • ZipDownload, which adds an option to download all attachments to a message in one zip file, when a message has multiple attachments.
  • enigma adds support for viewing and sending of signed and encrypted messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format
  • swipe, which adds left/right/down swipe actions to entries in the the message list on touch devices (tables/phones).

Other plugins that I have used in the past for which the old documentation might not be valid anymore

  • autologon. Autologin from external Site e.g. (CMS, Portal ...)
  • logout redirect. Modified version to only redirect to the homepage (depending on the domain part of the default identity)
  • rcguard. This plugin logs failed login attempts and requires users to go through a reCAPTCHA verification process when the number of failed attempts go too high.
  • carddav. CardDav client. You can sync your addressbook against a CardDav server like nextcloud or SoGO.
  • quickrules (abandoned project). Adds a button to the message list to allow the quick creation of rules in the SieveRules plugin. Information from selected emails is used to prefile the new rule form.

read more

qmailadmin

August 8, 2022 Roberto Puzzanghera 87 comments

qmailAdmin is a free software package that provides a web interface for managing a qmail system with virtual domains. It provides admin for adding/deleting users, Aliases, Forwards, Mailing lists and Autoresponders.

Combined patch details

  • qmailadmin-skin, a patch that I created during covid-19 spare time, provides a new responsive skin to the control panel. It modifies everything under the html dir and many .c files in order to adjust the html embedded into the source files. Added a stylesheet style.css in the images folder and a couple of png files for the qmail logo. It should be much easier to modify the qmailadmin's skin from now on.
  • A patch to call cracklib in order to check for the password strenght. This should avoid unsafe accounts created by domain administrators such as "test 123456".
  • A nice patch (thanks to Tony, original author unknown) which gets qmailadmin to have authentication failures logged. This makes possible to ban malicious IPs via fail2ban. It is required to create the log file /var/log/qma-auth.log initially and assign write priviledges to apache.
  • ezmlm-idx 7 compatibility patch (author unknown), which restores the compatibility with ezmlm-idx-7 (thanks to J.D. Trolinger for the advice).
  • a fix to the catchall account (thanks to Luca Franceschini).
  • another fix to autorespond.c to correct the way .qmail files are modified

read more
qmail notes

General notes

daemontools

ucspi-tcp6

ucspi-ssl

qmail

vpopmail

Patching

Configuring

Testing

autorespond

ezmlm-idx

qmailadmin

Add-ons

RBL

Greetdelay

tcprules

SPF

DKIM

SURBL

Limiting per user/IP outgoing emails

Denying bad DNS HELOs

Greylisting

qmail-taps-extended

moreipme

qmHandle

queue-repair

vQadmin

ezmlm-browse

ezmlm-web

rblsmtpd

qmail-rblchk

Dovecot

Running

Testing

Filtering

Indexing with Solr

Expunging

vpopmail-auth driver removal

Spamassassin

Filtering networks

TxRep and Bayesian

Learning and reporting

User Prefs

DMARC

Roundcube

Plugins

ClamAV

clamav-unofficial-sigs

simscan

Testing

fail2ban

Installing a valid SSL certificate

ChangeLog

Need help?

Pay me a coffee:

PayPal - The safer, easier way to pay online.

Other contents

Running OpenBoard in a window

LXC scripts for unprivileged containers

Linux-VServer on Slackware

Migrating from Linux-VServer to LXC (Slackware)

Running two php on the same server

rsync backup via ssh

Securing proftpd

Installing mariaDB

Setting up MySQL

SEO friendly URLs with apache mod_rewrite

Building your ownCloud

Building your own mozilla-sync server

Setting up Tex on Mediawiki

Slackware RSS feeds

English
Italiano
Recent comments

not delivered to the mailbox under domain's subfolder 0 or 1
August 9, 2022 16:05

not delivered to the mailbox under domain's subfolder 0 or 1
August 9, 2022 15:42

not delivered to the mailbox under domain's subfolder 0 or 1
August 9, 2022 13:55

not delivered to the mailbox under domain's subfolder 0 or 1
August 9, 2022 13:49

not delivered to the mailbox under domain's subfolder 0 or 1
August 9, 2022 12:36

not delivered to the mailbox under domain's subfolder 0 or 1
August 9, 2022 09:39

not delivered to the mailbox under domain's subfolder 0 or 1
August 9, 2022 09:24

not delivered to the mailbox under domain's subfolder 0 or 1
August 8, 2022 20:03

not delivered to the mailbox under domain's subfolder 0 or 1
August 8, 2022 19:35

Two pointers to be able to make Cracklib patch to work
August 8, 2022 11:08

Tags

apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver lxc mariadb mediawiki mozilla mysql openboard owncloud patches php proftpd qmail qmail to postfix qmail-spp qmailadmin rbl roundcube rsync sieve simscan slackware solr spamassassin spf ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin

Recent posts

Installing and configuring vpopmail

ChangeLog

Installing Dovecot and sieve on a vpopmail + qmail server

Roundcube plugins

qmailadmin

Configuring qmail

Setting up your firewall with fail2ban

Roundcube webmail

Need help?

Patching qmail

RSS feeds