QmailAdmin

I'm getting  "Filer error 2" when trying to "Add forward to Destination"

You can create a forward but with only to one email address.

The apache reports the error when trying to add more emails to the forward sales:

vmysql: error creating table 'valias': Table 'valias' already exists
vmysql: sql error[k]: Duplicate entry 'sales-mydomain.com-1' for key 'PRIMARY'

Here is my valias in vpopmail database:

MariaDB [vpopmail]> describe valias;

+--------------+----------------------+------+-----+---------+-------+
| Field        | Type                 | Null | Key | Default | Extr  |
+--------------+----------------------+------+-----+---------+-------+
| valias_type  | tinyint(1)           | NO   | PRI | 1       |       |
| alias        | varchar(32)          | NO   | PRI | NULL    |       |
| domain       | varchar(96)          | NO   | PRI | NULL    |       |
| valias_line  | text                 | NO   |     | NULL    |       |
| copy         | tinyint(1)           | NO   |     | 0       |       |
+--------------+----------------------+------+-----+---------+-------+

5 rows in set (0.001 sec)

I can't reproduce the issue. Can you describe the steps to reproduce it please?

Anyway I don't think you can use qmailadmin to forward to multiple addresses. And your valias schema seems not to be the latest version's one. Which version are you using?

From the QmailAdmin Main Menu

Go to Forwards

Click on the Pencil to Modify an existing Forward Account

Try to Add forward Destination

When clicking on Add, I get in red "File error 2" on top of Modify.

Also getting in the qmailadmin_error.log, 

[Tue Apr 29 11:41:55.610047 2025] [cgid:error] [pid 70331] [client myipaddress:54165] End of script output before headers: qmailadmin, referer: https://mydomain.com/cgi-bin/qmailadmin/com/adddotqmail?user=postmaster&dom=mydomain.com&time=1745941218

I replaced my actual domain with mydomain.com and myipaddress.

This bug has been cured in vpopmail 5.6.2. Please update to latest version

Thank you for your promtly reply.

I got the File error 2 in qmailadmin while testing, then upgraded qmailadmin to 1.2.24 from 1.2.21, I couldn't upgrade qmailadmin without upgrading vpopmail first from 5.6.1 to 5.6.8.

Updated the vpopmail tables as per Upgrade vpopmail instructions

But the upgrade did not fixed the  File error 2.

The domain was already there before the vpopmail upgrade.

I will check again the vpopmail upgrade notes, maybe I missed something.

yes, you have to follow the upgrading notes and manually upgrade the database schema, as the primary key that you have in the valias table prevents the creation of additional forwards for a given address

I mean the vpopmail's upgrading notes

Hi Roberto,

There is a small bug with QmailAdmin v1.2.24 and vpopmail v5.6.7 and v5.6.8. When I try to add new user with QmailAdmin receive "Internal Server Error". The error form the apache log is:

"AH01215: *** buffer overflow detected ***: terminated".

The same QmailAdmin v1.2.24 is working fine with vpopmal v5.6.6.

Hi Bai,

I cannot reproduce the issue. Did you recompile qmailadmin after upgrading vpopmail? What did you enable in password_strength.conf? Post your vpopmail and qmailadmin configure command.

Hi Roberto,

On your questions one by one:

Did you recompile qmailadmin after upgrading vpopmail? - Yes after each upgrade of vpopmail i recompile qmailadminin and test it.
Did enable cracklib? - yes version 2.10.3
What did you enable in password_strength.conf? - Only two lines are uncomment in /home/vpopmail/etc/password_strength.conf:

Policy = Passwords must be at least one character long
Length >= 1

Vpopmail and qmailadmin configure command are as absolutely the same like in your guide .

weird... I didn't modify anything concerning users creation in vpopmail 5.6.7 and 5.6.8, just the delivery program and vpopmaild which have nothing to do with this issue. You can see it from the commits changelog

which OS and c compiler?

Ubuntu 24.04.2 LTS
gcc version 13.3.0

Can you try to add users from command line please? Just to be sure that it's not qmailadmin fault 

Hi,

no issue to add new user with command line or vQadmin.

So I would test qmailadmin v. 1.2.23

Hi,

qmailadmin 1.2.23 works fine with both ~ vpopmail 5.6.8 and 5.6.9. No issue to add new user

Hi Bai,

I'm testing successfully on Ubuntu 24 qmailadmin 1.2.24 and vpopmail 5.6.8. I've no idea of what's going on there...

Hi Roberto,

Finally I found what is the issue . I compared the difference in the installation steps from the history on both servers and found one difference. On the old one I run ./configure ... without CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib" \ like in the instructiuons . The compilation complete whidout errors but is not working fine. On the new server I compile in the right way with CFLAGS= .. just like in your instractions and all is working fine. Now no issues with adding new user.
Thank you for your time !

I guess you have some duplicate library on /usr/local

Hi,

I also testing successfully on another ubuntu installation qmailadmin 1.2.24 + vpopmail 5.6.8
Seems something wrong with my server. I will try to understand what is going on.

HI Roberto , 

       I guess you can add the below two parameters to the configure options of qmailadmin quide, this is specifically userfull for administrators who have large number of mailboxes on their domains  and have to  click on next page to get to the next set of users.  With the below parameters the total number of users listed per page is configurable. Just a thought for those who would like this functionality 

--enable-maxusersperpage=100 \
--enable-maxaliasesperpage=100 \

Cheers

added, thanks for the hint

Was not modified here, when modified in vpopmail.

please, can you provide more details?

Hi Roberto,

when i tried to create new mailing list with the name called testing, i hit these error msg as below:

[Mon Mar 25 15:06:33.427911 2024] [cgi:error] [pid 5461] [client 192.168.0.10:46531] AH01215: ezmlm-make: fatal: dir and dot must start with slash: /var/www/qmail/cgi-bin/qmailadmin, referer: https://groupmail.abc.com/cgi-bin/qmailadmin/com/addmailinglist?user=postmaster&dom=abc.com&time=1711349572
[Mon Mar 25 15:06:33.431640 2024] [cgi:error] [pid 5461] [client 192.168.0.10:46531] AH01215: ezmlm-sub: fatal: Unable to change directory to /home/vpopmail/domains/abc.com/testing: file does not exist: /var/www/qmail/cgi-bin/qmailadmin, referer: https://groupmail.abc.com/cgi-bin/qmailadmin/com/addmailinglist?user=postmaster&dom=abc.com&time=1711349572

after i installed ezmlm, i got run the ezmlm-test and all result is OK as your page. Please advise. thank you

fixed in v. 1.2.20

do you have problems only with the name testing? do you have errors when creating a m/l with another name?

Hi Roberto,

Yes.. another name for M/L also same issue.. below is i created another M/L for "aabbcc" name

[Tue Mar 26 11:25:08.911292 2024] [cgi:error] [pid 5464] [client 192.168.0.10:11957] AH01215: ezmlm-make: fatal: dir and dot must start with slash: /var/www/qmail/cgi-bin/qmailadmin, referer: https://groupmail.abc.com/cgi-bin/qmailadmin/com/addmailinglist?user=postmaster&dom=abc.com&time=1711423212
[Tue Mar 26 11:25:08.915008 2024] [cgi:error] [pid 5464] [client 192.168.0.10:11957] AH01215: ezmlm-sub: fatal: Unable to change directory to /home/vpopmail/domains/abc.com/aabbcc: file does not exist: /var/www/qmail/cgi-bin/qmailadmin, referer: https://groupmail.abc.com/cgi-bin/qmailadmin/com/addmailinglist?user=postmaster&dom=abc.com&time=1711423212

Today i tried to create New Forward... i success to create a new Forward... but while i tried to add more email addresses into that forward list.. it come out error too.

[Tue Mar 26 11:36:45.678003 2024] [cgi:error] [pid 4474] [client 192.168.0.10:12401] AH01215: vmysql: error creating table 'valias': Table 'valias' already exists: /var/www/qmail/cgi-bin/qmailadmin, referer: https://groupmail.abc.com/cgi-bin/qmailadmin/com/moddotqmail?user=postmaster&dom=abc.com&time=1711423212&modu=group
[Tue Mar 26 11:36:45.678361 2024] [cgi:error] [pid 4474] [client 192.168.0.10:12401] AH01215: vmysql: sql error[k]: Duplicate entry 'group-abc.com-1' for key 'PRIMARY': /var/www/qmail/cgi-bin/qmailadmin, referer: https://groupmail.abc.com/cgi-bin/qmailadmin/com/moddotqmail?user=postmaster&dom=abc.com&time=1711423212&modu=group

They are two separate issues. I'll check the 1st one and let you know. 

Concerning the 2nd one, supposing you disabled defaultdelivery in vpopmail, did you revert the valias table schema and recompiled qmailadmin?

Hi Roberto,

Thank you, by the way i have solved the issue of "add more email addresses into the Forward" .. i went inside mysql database "vpopmail" and find the table "valias", then drop all the primary key inside the table.. then it works back. so far i tried to send a mail to the forward, then the email list inside the forward can get the mail.

I don't know what you have done, but it's not correct to erase the primary key. You have to install my suggested schema

Hi Roberto,

qmailadmin-1.2.20 looks like got bug.. now i able to create new mailing list and also added members into the list.. but when i want to view who are the members on the list... the page there showed 0 members... 

then i tried to send an email to this mailing list.. the members inside the list all able to receive my email.. 

i tried to downgrade it to qmailadmin-1.2.16 .. it able to show all the members inside the mailing list.. so weird.

sorry, fixed in version 1.2.21

Hi Roberto,

On Qmailadmin > Modify User > Routing >Modify User
If I check "Forward To" and "Save a Copy" after applying only forward is modified in .qmail file "Save a copy" is not set in .qmail file
If I manualy modify .qmail file and add local delivery when I go to qmailadmin I can see "Save a copy" is checked
(I can uncheck "Save a copy" and qmail delete local delivery which i add manualy)
Doesn't matter if a logon to qmailadmin as postmaster or user, doesn't matter if changing browser

Thank you very much!

Hi Jmecherie,

did you install vpopmail enabling defaultdelivery (--enable-defaultdelivery)?

yes

It is intentional when vpopmail has been configured with --enable-defaultdelivery. If you enable "Save a copy" you'll get the message twice, because you already have the delivery agent in your .qmail file.

I think that this routing functionality can be handled by the user himself by means of my qmailforward RC plugin.

I dont understand.
When "Standard (No Forwarding)" is checked there is no .qmail file in Mailbox
When "Forward To:" is checked there is a .qmail file containg ONLY email to forward. It doesn't cotain local delivery, The email is forwarded but there is not local copy. 
How can I have email forwarded and a local copy saved?

if there's no .qmail you didn't create that .qmail once you have decided to use --enable-defaultdelivery. There's a program which can help to do that. I suppose you didn't have a look at the page where I describe it. So you have two options 1) create the .qmail files in each mailbox according to the --enable-defaultdelivery logic 2) recompile vpopmail (and then qmailadmin) with --disable-defaultdelivery

Sorry I miss reading --enable-defaultdelivery

Thank you very much !

I released an update where a user who doesn't have a copy of control/defauldelivery in his/her .qmail can use qmailadmin's copy&forward in the usual way even when vpopmail has been configured with --enable-defaultdelivery

Hi Roberto,

i found that i have the same issue of this "Save a copy", which after put in an email address in "Forward to" then tick on "Save a Copy" ... after i clicked on "Modify User", i found that system auto uncheck that "Save a Copy" option.

while vpopmail setup, i got put enable-defaultdelivery this option.. what should i do for next?

thank you

Hi, which vpopmail and qmailqdmin version did you install? What do you have in user's .qmail?

PS what do you have in your control/defaultdelivery?

Hi Roberto

vpopmail version = vpopmail-5.6.1

qmailadmin = qmailadmin-1.2.18

if i selected "Standard", inside .qmail file is "./Maildir/", if i selected "Forward to", the .qmail changed to the email address that i put in .. example: &test@abc.com

my control/defaultdelivery = ./Maildir/

You have to update qmailadmin to version 1.2.19, which should solve the problem (but testers are needed) as mentioned in a comment of mine above.

Anyway, since using the defauldelivery feature in this way makes no sense, you should --disable-defauldelivery, recompile vpopmail and then recompile qmailadmin.

I'll check it out. 

Btw, I don't understand why you configured vpopmail with --enable-defaultdelivery if you are not using vpopmail as delivery agent

Hi Roberto,

after updated qmailadmin to 1.2.19 .. i able to use that "Save a copy" function... anyway is it my defaultdelivery is wrong? maybe i did alot of testing.. and mis-changed the value inside...

so what should inside this control/defaultdelivery ?

Thank you

I said that it makes no sense not to have dovecot in defaultdelivery because the goal of that feature is to allow both sieve and vpopmail aliases. If you are not using dovecot I don't see any reason to have defaultdelivery active

Hi Roberto,

today just saw your page got new version for qmailadmin (1.2.20) ... after upgarded to that version.. the ezmlm issue solved...

Thank you

Hi Roberto,

I have an error when trying to compile qmailadmin in almalinux8. Could you help me?

make[1]: Entering directory '/var/src/qmailadmin-1.2.16'
gcc -I. -I/home/vpopmail/include -I. -Wall -MT user.o -MD -MP -MF .deps/user.Tpo -c -o user.o user.c
user.c: In function ‘show_user_lines’:
user.c:177:11: error: unknown type name ‘storage_t’; did you mean ‘stack_t’?
storage_t diskquota = 0;
^~~~~~~~~
stack_t
user.c:178:11: error: unknown type name ‘storage_t’; did you mean ‘stack_t’?
storage_t maxmsg = 0;
^~~~~~~~~
stack_t

Thank you

Joao

Hi Joao,

that "unknown storage_t type" is defined in the storage.h file of vpopmail. It's imported via the vpopmail header files that you have on top of the user.c file whose compilation failed.

Do you get any error during the vpopmail installation?

Hi Roberto, thank you for replying.

Yes! I could found an error in vpopmail and now I can compile qmailadmin.

Thanks again!

Hi,

Recently come across this error: "free(): double free detected in tcache 2: /var/www/qmail/cgi-bin/qmailadmin"

When add a new forward email at forward menu.

Anyone come across this issue?

Thx

which version of gcc?

Below is the gcc -v output

Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/aarch64-redhat-linux/8/lto-wrapper
Target: aarch64-redhat-linux
Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,fortran,lto --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-gcc-major-version-only --with-linker-hash-style=gnu --enable-plugin --enable-initfini-array --with-isl --disable-libmpx --enable-gnu-indirect-function --build=aarch64-redhat-linux
Thread model: posix
gcc version 8.5.0 20210514 (Red Hat 8.5.0-16.0.2) (GCC)

I'm sorry but I cannot reproduce the issue. Let me know if you identify the cause

I noticed that when calling the web https://xxxxxx/cgi-bin/qmailadmin/passwd you could change ANY password even with it warning of the weak password

analyzing from line 266 of qmailadmin.c onwards we have:

char log_buf[3 * MAX_BUFF];
memset(log_buf, 0x0, sizeof(log_buf));
snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain);
log_auth(log_buf);
} else if (pw->pw_flags & NO_PASSWD_CHNG) {
strcpy (StatusMessage, "You don't have permission to change your password.");
} else if (strcmp (Password1, Password2) != 0) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[200]);
} else if (*Password1 == '\0') {
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[234]);
} else if (vpasswd (User, Domain, Password1, USE_POP) != VA_SUCCESS) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[140]);
#ifndef TRIVIAL_PASSWORD_ENABLED
} else if ( strstr(User,Password1)!=NULL) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[320]);
#endif
/* cracklib patch */
#ifdef CRACKLIB
} else if ((tmpstr = FascistCheck(Password1, CRACKLIB)) != NULL ) {
sprintf (StatusMessage, "Bad password - %s\n", tmpstr);
#endif
/* end cracklib */
} else {
/* success */
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[139]);
*Password = '\0';
send_template ("change_password_success.html");

this is because the password is changed in the vpasswd() command that runs BEFORE the cracklib check.

the solution is to swap the order by changing the vpasswd line, leaving this last "vpasswd (User, Domain, Password1, USE_POP) != VA_SUCCESS"....

like this:

char log_buf[3 * MAX_BUFF];
memset(log_buf, 0x0, sizeof(log_buf));
snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain);
log_auth(log_buf);
} else if (pw->pw_flags & NO_PASSWD_CHNG) {
strcpy (StatusMessage, "You don't have permission to change your password.");
} else if (strcmp (Password1, Password2) != 0) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[200]);
} else if (*Password1 == '\0') {
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[234]);
#ifndef TRIVIAL_PASSWORD_ENABLED
} else if ( strstr(User,Password1)!=NULL) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[320]);
#endif
/* cracklib patch */
#ifdef CRACKLIB
} else if ((tmpstr = FascistCheck(Password1, CRACKLIB)) != NULL ) {
sprintf (StatusMessage, "Bad password - %s\n", tmpstr);
#endif
/* end cracklib */
} else if (vpasswd (User, Domain, Password1, USE_POP) != VA_SUCCESS) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[140]);
} else {
/* success */
snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[139]);
*Password = '\0';
send_template ("change_password_success.html");

Hi Alexandre, I see the problem and I've tested your patch. Tomorrow I'll update my combined patch.

Thank you very much

I've got file permission error after successful login. I had to suid/sgid /cgi-bin/qmailadmin so that qmailadmin binary can read/write /var/vpopmail/domain contents.

The suid/sgid /cgi-bin/qmailadmin permissions should be set at installation time for the vpopuser defined in your configure command. Check that --enable-vpopuser and --enable-vpopgroup match your vpopmail user/group

Hi Roberto,

In the Installing qmailadmin section, the image URL parameter is misconfigured.

This line:

--enable-imageurl=/files \

Should be:

--enable-imageurl=/qmailadmin/files \

Otherwise images won't show up.

I also recommend adding the line below to the configure part:

--disable-catchall

Catchall configuration is really bad for spam.

Cheers.

Hi Gabriel,

it works because I have

 Alias /files/ ${QMAILROOT}/qmailadmin/files/

in the apache configuration. Actually this is not needed, so I'm going to cancel this alias.

PS I added --disable-catchall to the config

Hi Roberto,

I have patch qmailadmin with roberto-qmailadmin-1.2.16.patch but patched qmailadmin is not allowing me to enable cracklib.

Any advise please.

Thank you

I think you forgot this before configuring

autoreconf -f -i

Thank you!

Hello Roberto.

Thank you, your tutorial is excellent !

So, I use CentOS 8 with roundcube, qmailadmin, and SPAM control with bash scripts filters inside .qmail files.

Usually, I created new users, with bash script, and vadduser (vpopmail), that I created default folders structures (Spam, Draft, etc)

This an exemple of my .qmail file for each user:

|/var/qmail/bin/checkxm
|/var/qmail/bin/checkdomain
|/var/qmail/bin/checkdns
|/var/qmail/bin/checkb64
|/var/qmail/bin/checkgif
|/var/qmail/bin/checkphrase
|/var/qmail/bin/checkword
|/var/qmail/bin/checkattach
|/var/qmail/bin/checkfile
./Maildir/

Can I create .qmail files, and Spam (and other folders) using qmailadmin "Create EmailAccount" ?

Running a bash script after creation (if exist)

Thanks

Hello Marco,

qmailadmin can't be of any help if you want to customize your .qmail files in that way. It can write into them just when you define a forwarder or an autorespoder.

There are more here !

https://www.mail-archive.com/qmailadmin@inter7.com/msg05527.html

https://github.com/qmail/qmailadmin/blob/master/qmailadmin/user.c (LINE 522 without pathes)

I found this, that we can run an script to create Spam, Draft, etc, and change .qmail

This page has 18 years old !

https://vchkpw.inter7.narkive.com/zhZCBC2R/auto-create-dir-for-spam-email#post2

qmailadmin ==> README.hooks

"Basically, it'll tell you to create a .qmailadmin-hooks file, what to
put in it and the various places you may want to place the file. Make
sure that .qmailadmin-hooks has the correct user and group ownership, too."

"I use it to call a bash script. It could probably also call"
/home/vpopmail/etc/.qmailadmin-hooks

Have you seen this before ?

No, I've never heard of qmailadmin hookes before... thanks for letting me know. I hope that this solves your needs :-)

Hello Roberto.

I must update some information here.
I finally did qmailadmin-hooks to works !

I'm using CentOS 8 and Apache runs with apache:apache user/group, but qmailadmin needs vpopmail:vchkpw to run.
I've tried to use suExec, and change user.c from original qmailadmin, but no success.

The best solution in this case, is start a second Apache instance, with user vpopmail:vchkpw (1st is running with apache:apache and serving webpages to customers)
Apache from CentOS 8 has a file /usr/share/doc/httpd/instance.conf informing how to run multiples instances. (it is quite easy to do this)

Usando o qmailadmin-hooks we can do some bash scripts to run, and create additional folders (Spam, Sent, Trash, etc) setting .qmail files and put SPAM filters there, and many other things that must happens together with an email account creation. (or deletion, or modifying). (see more in README.hooks, from original qmailadmin package)

Most Linux distributions run Apache with other user:group and never from vpopmail:vchkpw, making qmailadmin-hooks do not work properly (it can create/delete/change an account, but hooks never run because wrong permissions)

Thanks for your site !

Thank you, it's very much appreciated

Hello,

i did as in tutorial, installed qmailadmin but it didnt show me any site from https://mail.zareckao.online/cgi-bin/qmailadmin

At the moment right now i changed the port from 443 to 80 in the apache virtualhost file to try HTTP and under the page it appears downloading the file

If it tries to download the file you should double check your cgi stuff

It could be an Apache or even a DNS issue.

can you post the result of 

dig yourdomain

and the result of

apachectl -S | grep yourdomain

I'm on an holiday trip and it will be difficult for me answering

; <<>> DiG 9.16.1-Ubuntu <<>> mail.zareckao.online
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61827
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mail.zareckao.online.          IN      A

;; ANSWER SECTION:
mail.zareckao.online.   300     IN      A       94.152.212.46

;; Query time: 28 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: wto sie 03 17:40:30 CEST 2021
;; MSG SIZE  rcvd: 65

*:443 mail.zareckao.online (/etc/apache2/sites-enabled/000-default.conf:36)
*:80 mail.zareckao.online (/etc/apache2/sites-enabled/mail.zareckao.online.conf:35)

Please do not post your comments twice. If I don't reply immediately it's because I can't :-)

Post your Apache config please

also here u got apache2.conf file

The apache2.conf is not important. You have to enable CGI moving the module config file into the modules-enabled dir, and eventually also some other config files

thanks, it worked :)

this is for port 80:

Define QMAILROOT /var/www/qmail
Define LOGDIR /var/log/apache2

ServerName mail.zareckao.online
DocumentRoot ${QMAILROOT}
ScriptAlias /cgi-bin/ ${QMAILROOT}/cgi-bin/
ErrorLog ${LOGDIR}/qmailadmin_error.log
CustomLog ${LOGDIR}/qmailadmin_access.log common

Require all granted
AllowOverride None

AllowOverride None
Options ExecCGI
Require all granted

Alias /files/ ${QMAILROOT}/qmailadmin/files/

Require all granted

and this is for 443:

Define QMAILROOT /var/www/qmail
Define LOGDIR /var/log/apache2

ServerName mail.zareckao.online
DocumentRoot ${QMAILROOT}
ScriptAlias /cgi-bin/ ${QMAILROOT}/cgi-bin/
ErrorLog ${LOGDIR}/qmailadmin_error.log
CustomLog ${LOGDIR}/qmailadmin_access.log common

Require all granted
AllowOverride None

AllowOverride None
Options ExecCGI
Require all granted

Alias /files/ ${QMAILROOT}/qmailadmin/files/

Require all granted

Hi

Today I realized that qmailadmin autoresponder don't work in the right way when spamassassin is enable on limits via VpopMail

The FROM and SUBJECT are repited, and the autorespond messages is returned

550-5.7.1 Multiple 'From' headers found.

If I disable SPAMASSASSIN from VPOPMAIL limits (mysql), autoresponders works perfect

Any idea ?

Do you mean that you have disable_spamassassin=1 in the limit table? Do you get this error in the smtp session or when creating the autoresponder via qmailadmin?

Hello!

If you downloaded the cracklib dictionary, then runing the command:

cracklib-format cracklib-words-2.9.7 | cracklib-packer pw_dict

and you encounter the following error:

cracklib-packer: error while loading shared libraries: libcrack.so.2: cannot open shared object file: No such file or directory

You should run `ldconfig` command and run the command again.

thank you. Added the ldconfig command

Hi Roberto

The following error occurred when applying the patch "roberto-qmailadmin-1.2.16_20200901.patch":

patch: **** malformed patch at line 7496: diff -ruN ../../qmailadmin-1.2.16-original/html/setremotecatchall.html qmailadmin-1.2.16/html/setremotecatchall.html

Please correct it.

Thank you. Corrected

Cracklib patch works great and it can detect bad passwords, except if user uses password as password. It lets it through.

It's rejecting "password" as password here...

Hrm, that is strange then. It clearly is using cracklib to check, as I tried for example !7350r13r0 as password that's in cracklib-words-2.9.7 and got error "Bad password - it is based on a dictionary word." However if I use password, it creates the account with it successfully. Like as if it wasn't checking cracklib.

# cracklib-check
!7350r13r0
!7350r13r0: it is based on a dictionary word
password
password: it is based on a dictionary word

cracklib is correctly rejecting it.

Any ideas as to how I could trouble shoot this further?

Unfortunately I've no idea at the moment

Should update this:

wget https://notes.sagredo.eu/files/qmail/patches/qmailadmin/roberto-qmailadmin/roberto-qmailadmin-1.2.16_20200522.patch

With this:

wget https://notes.sagredo.eu/files/qmail//patches//qmailadmin//roberto-qmailadmin//roberto-qmailadmin-1.2.16_20200810.patch

Thank you. Corrected

Hi Roberto

I find a little difference in mailinglist.c
Lines :

FULL: @@ -1253,93 +1254,93 @@
SKIN: @@ -1253,93 +1270,88 @@

Ful patch at the end of the last block

 sprintf (TmpBuf, html_text[272], listname);
- printf ("(%s)", TmpBuf);
- printf ("
\n");
+ printf ("(%s)", TmpBuf);
+ printf ("
\n");
sprintf (TmpBuf, html_text[273], listname);
- build_option_str ("CHECKBOX", "opt6", "q", TmpBuf);
- printf ("
\n");
+ build_option_str ("checkbox", "opt6", "q", TmpBuf);
+ printf ("
\n");
sprintf (TmpBuf, html_text[274], listname, listname, listname);
- printf ("    (%s)", TmpBuf);
+ printf ("    (%s)", TmpBuf);

Skin patch same place

 sprintf (TmpBuf, html_text[272], listname);
- printf ("(%s)", TmpBuf);
- printf ("
\n");
- sprintf (TmpBuf, html_text[273], listname);
- build_option_str ("CHECKBOX", "opt6", "q", TmpBuf);
- printf ("
\n");
- sprintf (TmpBuf, html_text[274], listname, listname, listname);
- printf ("    (%s)", TmpBuf);
+ printf ("(%s)", TmpBuf);
+ printf ("", TmpBuf);

You can see that there are a lot of deleted lines (5)

Which is ok? Full or Skin?

Hi Pablo, the skin patch is intended for vanilla qmailadmin. The full embeds a patch to make it ezmlm-idx-7 compliant, which is important, as you know. Therefore, it depends if you want to apply that patch by yourself or you want to use the full one.

In any case the full patch code is correct because already includes that fix

HI !

Very nice work
You forgot the value for Rela Name in mod_user.html

Line 2425 add : value="##i7"

I don't know why I don't see the page just like your examples, something may be missing

Thank you, Pablo. Patch updated.

Concerning your problem, do you get any error in your browser inspector's console? Maybe a missing apache setting which prevents some element to be displayed?

I solved the problem with the different look

I forget to tell you that I'm using FreeBSD with ports
For every patch you made, I have a lot of ours to "translate" to "ports"
Ajajajajaja

I reallized that you are using a differente version of qmailadmin, the problem was in the CSS and I only used the style patch, not the full patch, and I found that in style patch there is a missing patch for Makefile.in to copy CSS

Sorry, I can't get what you mean concerning the translation problem. Can you clarify so that I can improve the documentation and avoid that others will have the same issue?

As far as the patch is concerned, I'm going to add a modification for Makefile.in in my patch as well. Thanks for the advice. Please provide any hint as you can to improve this guide for FreeBSD users.

Sorry, my english is not so good :D

For "translate" to "ports" I mean, convert your patch to a new one that works with FreeBSD ports collection

I can do everything "by hand", but I have to maintain a lot of server and it is more easy mainain everything with ports

For example :
qmailadmin in FreeBSD ports is on version 1.2.15 and include all the patchs you combined in your patch, so, I only used the style patch, but it don't work as is, I had to make some changes to make it work

And also, I have make a change (by hand) on the Makefile in the port

it would be great if you can share your FreeBSD patches once converted them. I could publish them together with my linux patches... I remember that other people here complained of not been able to compile and I can only guess that the more people will be using qmail for FreeBSD the more hints and material will come back to them, just like it happens for linux :)

I make patches and "manually" update the files needed in the port tree (Makefile and other files sometimes), is something not "easy"

Your patches work on FreeBSD when instaling every manually, but, using external patches on ports is not posible, the port must be modified to use it

Every time a port is update by the maintener, all the files in the port are overwriting

What I really need to do is to update the port "officially" , but I do some things, only for the way we build servers, so, what I make is not for everyone, I should do other patches to share, and really, I don't have the time :(

In order to solve:

/bin/bash: aclocal-1.15: command not found

I had to run:

autoreconf -f -i

Before running the ./configure line.

I got this output:

root@avcs7-ks12:/usr/local/src/qmailadmin-1.2.16# patch -p1 < ../qmailadmin-1.2.16-pwd-strenght.2019.09.13.patch
patching file Makefile.am
patching file Makefile.in
patching file html/add_user.html
patching file html/change_password.html
patching file html/header.html
patching file html/mod_user.html
patching file html/pwd_strenght_chk.js
patch: **** malformed patch at line 170:

This is on a centos 7.7 host. Can you confirm if the patch file is corrupted or not?

Thanks

Richard

thanks for the advise. Corrected

With patch for password strenght applied autoresponse can't be set the error is: "The password must be at least 8 caracthers long!"

The password box is indeed empty because i don't want to change password I want to sent vacation auto response.

Yes you are right, I will improve that patch when I'll find the time.

I created that patch to solve the big problem of the pwd strenght and didn't pay attention to autoresponder because I use sieve for the purpose and don't let users manage the account via qmailadmin.

In the meantime you can reverse the patch or type the pwd when setting autoresponse

To bypas I added a new line to check if password is 0 lenght. 

var key = (change==0) ? 'password1' : 'newpass1';
 if (eval(key).value.length=0) return true;}
 if (eval(key).value.length<8) {alert(alertTooShort); eval(key).focus(); return false;}

And thank you very much for your site.
Very helpful !

you missed a double == here

if (eval(key).value.length=0) return true;}

btw I think that in this way you could set a blank pwd if you submit the form without setting the vacation.

Take a look at this new version of the patch

This what I changed with respect to the previous

+ // disable check if setting the autoresponder provided that the pwd remains intact
+ if (
+ (document.getElementById("cforward").checked==false || document.getElementById("vacation").checked==true)
+ && eval(key).value.length==0
+ ) return true;

There is a modification in mod_user.html as well

I get compiler errors if I try to compile 1.2.16 with or without your patches - 

user.c:173:11: error: unknown type name ‘storage_t’; did you mean ‘stack_t’?

Is there a working version of 1.2.16?   I can manually fix this by copying over missing files from 1.12.15, but surely 1.2.16 should compile without errors out the box?

the compilation is ok with gcc-8.2 as well here

(the problem is qmail-tls, which is not compatible with openssl-1.1 :-(

which version of gcc? both versions work here (gcc-5.5)

I have followed your guide and I am at the point of logging into Qmailadmin.

The page comes up perfectly but after entering postmaster, domain and password, it gives a blank screen.

I checked all the error logs and there are no entries pointing to a reason for this behaviour.

Using the following versions:

qmailadmin 1.2.16
vpopmail 5.4.33

When there is a blank screen after you put password on qmailadmin page, check permision for qm-auth.log file
It should be the permission of webserver. On debian/ubuntu usualy  is www-data (not apache as in Roberto guide)

did you check the syslog to look for a segfault? Anyway.. I would try to recompile qmailadmin

The qmailadmin-1.2.16 with ezmlm-idx-7.2.2  needs a patch in order to manage the mailing lists.  I had had to add this patch to my src directory then re-compile.  

patch < ../mailinglist.c.ezmlm7.patch

I also use your qmailadmin-1.2.16-pwd-strenght.patch-2015.04.25 and qmailadmin-1.2.16-log.patch with this patch.

I am not sure if this is in your patch list Roberto.  There are a few sources and I am not sure which one to post. 

Thanks,

John D. Trolinger

Thanks for the advise, John. I was not aware of this patch, but I found it in the qmailrocks site. Tomorrow I'm going to study the idea behind it and eventually I'll add it to my qmailadmin. 

Can you report what kind of error you get when the patch is not applyed?

Before the patch I had to use the command line to add moderators.  Also I could not change settings for the various mailing lists.  

This may not be typical; I had migrated from another server  running older versions of qmailadmin and ezmlm.

Best Regards

I added mailinglist.c.ezmlm7.patch to the patch list

Hi,

The password qmailadmin-1.2.16-pwd-strenght.patch-2015.04.25 patch does not work for me. I am able to use simple password like 1234.

Anyone also encounter this?

thanks

nic

and you can open the js file with your browser?

Hi Roberto,

Sadly to say, i dont know the path to it even.
 

Sorry and thanks

nic

Probably you installed the pwd_strenght_chk.js file in the wrong path. Just navigate to the "add new user" page, right click to look at the html code and click over the javascript file. The file must be accessible by your web server.

Hello,

The absolute path of add user

/usr/local/share/qmailadmin/html/add_user.html

The path of the javascript

/usr/local/share/qmailadmin/html/pwd_strenght_chk.js

Cgi-bin path

/var/www/cgi-bin/qmailadmin

Configuration

./configure --enable-help \
--enable-domain-autofill \
--enable-htmldir=/var/www/html \
--enable-imagedir=/var/www/html/images/qmailadmin \
--enable-imageurl=http://domain.com/images/qmailadmin \
--enable-cgibindir=/var/www/cgi-bin \
--disable-ezmlm-mysql \
--enable-modify-quota \
--disable-trivial-password

Can you help me to spot any mistake.

Many thanks again

nic

It depends on your web server configuration as well. Try to check if the webserver can access that file as suggested in my previous post

Hi,

I can see the source.

<script language="Javascript" type="text/javascript" src="/qmailadmin/html/pwd_strenght_chk.js"></script>
        </head>
        <body bgcolor="#ffffff" onload="init();">

But if i goto http://domain.com/cgi-bin/qmailadmin/html/pwd_strenght_chk.js i will just be directed to http://domain.com/cgi-bin/qmailadmin/

regards

nic

Nic, your web server looks for the script in this path http://domain.com/qmailadmin/html/pwd_strenght_chk.js. Note that the dir is different. Try again and if it fails double check your web server config as far the qmailadmin virtual domain is concerned and also that apache can actually access that file

Thanks Roberto.

All the functions in /html folder are working. I even edited the footer.html and it is also reflected in qmailadmin pages. I just don't know why the js file is not called.

sigh

nic

perhaps you have javascript disabled in your browser?

Hello,

I had checked. javascript.enabled is true and i did a "Do i have java" on Java.com

Thanks for leading me this far. I think its up to myself to look for the broken link.

regards

nic

Hi,

I cannot find where is the broken link, or how it is broken. But i copy the js file into a public folder and edit the path of add_user.html, change_password.html and mod_user.html to URL of the new js file location.

All working now.

Thanks

nic

I guess you have some apache permissions problems.. try to browse to that js file with your browser and look at the error you get

Hi,

Thanks for your great works on this guide.  I would like to share the patch for qmailadmin (1.2.16) in order to have auth logging.  The patch shall log the failed login in qmailadmin login page.  The patch as underneath:

--- qmailadmin.c 2011-02-22 22:45:48.000000000 +0800
+++ qmailadmin.c.new 2015-05-11 12:06:58.984316573 +0800
@@ -22,6 +22,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <sys/stat.h>
+#include <sys/time.h>
 #include <unistd.h>
 #include <pwd.h>
 #include <dirent.h>
@@ -109,6 +110,33 @@
 char RealDir[156];
 char Lang[40];
 
+static void
+log_auth(char *msg)
+{
+    FILE *fp = NULL;
+    if ((fp = fopen("/var/log/qma-auth.log", "a")) == NULL) {
+ exit(-1);
+    }
+
+    const char *ip_addr = getenv("REMOTE_ADDR");
+    if (!ip_addr)
+        ip_addr = "127.0.0.1";
+
+    time_t tv;
+    struct tm tm;
+    char time_buf[64];
+
+    time(&tv);
+    localtime_r(&tv, &tm);
+    strftime(time_buf, sizeof(time_buf) - 2, "%Y/%m/%d %H:%M:%S", &tm);
+
+    fprintf(fp, "%s user:%s@%s ip:%s auth:%s\n", time_buf, Username, Domain, ip_addr, msg);
+
+    if (fclose(fp) != 0) {
+        exit(-1);
+    }
+}
+
 void qmailadmin_suid (gid_t Gid, uid_t Uid)
 {
   if ( geteuid() == 0 ) {
@@ -195,6 +223,11 @@
     if (*Username && (*Password == '\0') && (*Password1 || *Password2)) {
       /* username entered, but no password */
       snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[198]);
+
+      char log_buf[3 * MAX_BUFF];
+      memset(log_buf, 0x0, sizeof(log_buf));
+      snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain);
+      log_auth(log_buf);
     } else if (*Username && *Password) {
       /* attempt to authenticate user */
       vget_assign (Domain, RealDir, sizeof(RealDir), &Uid, &Gid);
@@ -208,6 +241,11 @@
 
       if ( *Domain == '\0' ) {
         snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[198]);
+
+        char log_buf[3 * MAX_BUFF];
+        memset(log_buf, 0x0, sizeof(log_buf));
+        snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain);
+        log_auth(log_buf);
       } else {
         chdir(RealDir);
         load_limits();
@@ -215,6 +253,11 @@
         pw = vauth_user( User, Domain, Password, "" );
         if ( pw == NULL ) {
           snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[198]);
+
+          char log_buf[3 * MAX_BUFF];
+          memset(log_buf, 0x0, sizeof(log_buf));
+          snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain);
+          log_auth(log_buf);
         } else if (pw->pw_flags & NO_PASSWD_CHNG) {
           strcpy (StatusMessage, "You don't have permission to change your password.");
         } else if (strcmp (Password1, Password2) != 0) {
@@ -264,6 +307,12 @@
          pw = vauth_user( Username, Domain, Password, "" );
          if ( pw == NULL ) {
            snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[198]);
+
+           char log_buf[3 * MAX_BUFF];
+           memset(log_buf, 0x0, sizeof(log_buf));
+           snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain);
+           log_auth(log_buf);
+
            show_login();
            vclose();
            exit(0);

It is required to created the log file /var/log/qma-auth.log initially.  Then we can use the log in fail2ban with the underneath filter:

[Definition]
failregex = ip:<HOST> auth:failed

ignoreregex =

Hope the patch is helpful.

Tony

Tony, I added your patch to the present guide. Thanks a lot

verrry much appreciated, as this is one thing I was looking for. At the moment I have an apache authentication before the web page is displayed, just to record the failures in the apache log.

Hello Roberto,

i want to warn you about the risks of using the login picture from qmailadmin. Seriously this is no joke and i couldn't believe it the first time but using qmailadmin with this picture (middleleft1.png ) had cost me a fine of several hundreds Euro. This has happened: A few weeks ago i've got a letter from the company Getty Images, that i'm using illegal the picture provided in the login form from qmailadmin. Getty Images says that they has the legal rights of this image an i didn't have a license to use the picture and i have to pay this amount of money as an compensation for violating the copy right of this picture and of course i have to remove the picture immediatelly. I googled this thing and found out that this is true and even the guys from inter7 are aware of this thing, that happend to other qmailadmin users too (see the full thread of this post: http://article.gmane.org/gmane.mail.qmail.admin/4804). I contacted a lawyer and he said that under german and EU copyright laws this is true and i violated the copy right because i have to make sure that when i publish on a website a picture i'm responsible to make sure that i don't violate any copyright rules, even when the picture is part of an open source software. Another lawyer told me that i can try to go against it but the uncertain of succes and the costs of an lawyer for this put me to the decision to pay the fine.

So be warned when using the picture and check the copyright laws of your country.

Cheers

Thanks for the hint Mark. I'm going to write a note asap

I suppose that this is the reason why that image is not shown anymore in the latest version. I thought that it was a bug, but I think this is an explanation.

Hi Roberto,

I'm trying to setup email server based on your blog on Centos 6.5 x64

I manage to get everything to work until Qmailadmin part, when i test the menu "Set catchall email deleted" "Set catchall bounced" and "Set remote catch all account" , the page just show blank screen, even when i refresh (F5) , other menu seems ok.

Do you have any hint about this problem ?

Thanks.

this issue is fixed (thanks to Luca Franceschini). Patch

Dear all,

after some testing I found out that it works when downgrading vpopmail to v. 5.4.32 and qmailadmin to 1.2.15.

I also noticed that the compilation of qmailadmin breaks when compiling 1.2.16 over vpopmail 5.4.32, or 1.2.15 over vpopmail 5.4.33.

Summarizing:

• qmailadmin 1.2.16 goes with vpopmail-5.4.33, but this option seems to have the catch-all accounts functionality broken
• qmailadmin 1.2.15 only goes with vpopmail-5.4.32

Hi George,

I have the same issue here. It worked in the past. I think it could be a bug... let me know if you solve

it was working before, must be some upgrade to apache, php, bash(?), or who knows what broke this.

surely it does not depend on php because it's not written in php. 

I would try to downgrade qmailadmin to see if it's broken only in the latest version

Hi Roberto,

I cannot find where qmailadmin logs failed login attempts or failed change password attempts. I'd like to work with fail2ban to ban those who attempt too many logins.

Thank you,

Boatner

Hi Boatner, I know. This is a problem. It doesn't log anything nor to /var/log/maillog nor to mysql