Introduction

Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts. As of October 2001, qmail is the second most common SMTP server on the Internet, and has by far the fastest growth of any SMTP server.

Installation

This guide will help you easily set up a email server using Qmail as MTA, OpenLDAP as a back-end for users, and Courier IMAP for IMAP server. Follow These simple steps..

Qmail

In this setup I assume that your domain is yourdomain.com and it has a valid MX record setup as mail.yourdomain.com. Remember to replace yourdomain.com with your actual domain in the example codes in this howto. Also I assume that you know what an MX record is. To find out MX your type in a terminal:

Note: I will use root login from here 

dig mx yourdomain.com

Prerequisite packages for Qmail 

apt-get install libldap2-dev libssl-dev openssl sharutils unzip maildrop perl-suid

mkdir /downloads
cd /downloads
wget http://www.qmailrocks.org/downloads/qmail-1.03.tar.gz
wget http://www.qmailrocks.org/downloads/ucspi-tcp-0.88.tar.gz
wget http://www.qmailrocks.org/downloads/daemontools-0.76.tar.gz
wget http://www.qmailrocks.org/downloads/patches/daemontools-0.76.errno.patch
wget http://www.qmailrocks.org/downloads/patches/ucspi-tcp-0.88.errno.patch
wget http://www.qmailrocks.org/downloads/scripts/finalize/qmailctl
wget http://www.nrg4u.com/qmail/qmail-ldap-1.03-20060201.patch.gz
gunzip /downloads/qmail-ldap-1.03-20060201.patch.gz

Creating users and groups.. 

mkdir -p /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias -s /sbin/nologin -p'*' alias
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaild
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaill
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmailp
groupadd qmail
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailq
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailr
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmails
groupadd vmail
useradd -g vmail -s /bin/true vmail
mkdir /home/vmail
chown vmail.vmail /home/vmail
chmod 700 /home/vmail

Qmail Complile 

mkdir -p /var/qmail
mkdir /usr/src/qmail
cd /usr/src/qmail
tar zxvf /downloads/qmail-1.03.tar.gz
cd qmail-1.03
patch -p1 < /downloads/qmail-ldap-1.03-20060201.patch

vi Makefile

LDAPFLAGS=-DQLDAP_CLUSTER -DEXTERNAL_TODO -DDASH_EXT -DDATA_COMPRESS -DQMQP_COMPRESS -DSMTPEXECCHECK

# ZLIB needed for -DDATA_COMPRESS and -DQMQP_COMPRESS
ZLIB=-lz

# to enable the auto-maildir-make feature
MDIRMAKE=-DAUTOMAILDIRMAKE

# to enable the auto-homedir-make feature
HDIRMAKE=-DAUTOHOMEDIRMAKE

# on most systems we need this to make auth_pop and auth_imap
SHADOWLIBS=-lcrypt

# to enable the possibility to log and debug imap and pop
DEBUG=-DDEBUG

make setup check

Qmail Configure and ldap control files 

cd /var/qmail/control
echo 100 > concurrencyincoming
echo 255 > concurrencyremote
echo ./Maildir/ > defaultdelivery
echo yourdomain.com > defaultdomain
echo 10000 > defaultquotacount
echo 10000000 > defaultquotasize
echo /var/qmail/bin/dirmaker > dirmaker
echo yourdomain.com > defaultdomain
echo dc=yourdomain,dc=com > ldapbasedn
echo 0 > ldapcluster
id -g vmail > ldapgid
echo cn=manager,dc=yourdomain,dc=com > ldaplogin
echo /home/vmail > ldapmessagestore
echo qmailUser > ldapobjectclass
echo secret > ldappassword
echo 127.0.0.1 > ldapserver
id -u vmail > ldapuid
echo mail.yourdomain.com > me
echo 80000000 > qmail-smtpd-softlimit
echo 80000000 > qmail-pop3d-softlimit
echo 3 > qmail-pop3d-loglevel
echo 3 > qmail-start-loglevel
echo yourdomain.com > rcpthosts
ln -s rcpthosts locals

UCSPI-TCP / Daemontools Install 

cd /usr/src/qmail
tar zxvf /downloads/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
patch < /downloads/ucspi-tcp-0.88.errno.patch
make && make setup check

mkdir -p /package
chmod 1755 /package
cd /package
tar zxvf /downloads/daemontools-0.76.tar.gz
cd /package/admin/daemontools-0.76/src
patch < /downloads/daemontools-0.76.errno.patch
cd /package/admin/daemontools-0.76
package/install
/command/svscanboot &
chmod 755 /etc/rc.local

vi /etc/rc.local

/command/svscanboot &
exit 0

Qmail Run Script Files 

mkdir /var/qmail/supervise
cd /var/qmail/supervise
mkdir -p qmail-smtpd/log qmail-send/log qmail-pop3d/log
chmod +t qmail-smtpd qmail-send qmail-pop3d

vi qmail-smtpd/run

#!/bin/sh
QUID=`id -u qmaild`
QGID=`id -g qmaild`
MAXD=`head -1 /var/qmail/control/concurrencyincoming`
HOST=`head -1 /var/qmail/control/me`
SOFT=`head -1 /var/qmail/control/qmail-smtpd-softlimit`
CDBF="/etc/tcp.smtp.cdb"

if [ -z "$QUID" -o -z "$QGID" -o -z "$MAXD" -o -z "$HOST" ]; then
    echo QUID, QGID, MAXD, or HOST is unset in
    echo /var/qmail/supervise/qmail-smtpd/run
    exit 1
fi

exec            /usr/local/bin/softlimit                -m $SOFT        \
                /usr/local/bin/tcpserver                -v              \
                                                        -H              \
                                                        -R              \
                                                        -l $HOST        \
                                                        -x $CDBF        \
                                                        -c $MAXD        \
                                                        -u $QUID        \
                                                        -g $QGID        \
                                                        0               \
                                                smtp                    \
                              /var/qmail/bin/qmail-smtpd                \
             /var/qmail/bin/auth_smtp /usr/bin/true 2>&1

vi qmail-smtpd/log/run

#!/bin/sh
export PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s10000000 n20 /var/log/qmail/qmail-smtpd 2>&1

vi  /var/qmail/rc

#!/bin/sh
QLOG="`cat /var/qmail/control/qmail-start-loglevel`"
DEFD="`cat /var/qmail/control/defaultdelivery`"
exec env - PATH="/var/qmail/bin:$PATH" LOGLEVEL="$QLOG" qmail-start "$DEFD"

vi qmail-send/run

#!/bin/sh
exec /var/qmail/rc

vi qmail-send/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s10000000 n20  /var/log/qmail/qmail-send  2>&1

vi qmail-pop3d/run

#!/bin/sh
IP=`head -1 /var/qmail/control/me`
LL=`head -1 /var/qmail/control/qmail-pop3d-loglevel`
SL=`head -1 /var/qmail/control/qmail-pop3d-softlimit`
exec                                                                            \
        env LOGLEVEL=$LL                                                        \
        softlimit -m $SL                                                        \
        /usr/local/bin/tcpserver -v -R -H -l 0 0  pop3                          \
        /var/qmail/bin/qmail-popup $IP                                          \
        /var/qmail/bin/tcp-env                                                  \
        /var/qmail/bin/auth_pop                                                 \
        /var/qmail/bin/qmail-pop3d Maildir 2>&1

vi qmail-pop3d/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s10000000 n20  /var/log/qmail/qmail-pop3d  2>&1

vi /var/qmail/bin/dirmaker

#!/bin/sh
echo '----------------------------------------------' >> /tmp/dirmaker
date >> /tmp/dirmaker
echo $1 >> /tmp/dirmaker
id >> /tmp/dirmaker

mkdir --parents -m 700 -p $1/Maildir
mkdir --parents -m 700 -p $1/Maildir/tmp
mkdir --parents -m 700 -p $1/Maildir/cur
mkdir --parents -m 700 -p $1/Maildir/new
chown -R vmail:vmail $1

chmod 755 qmail-pop3d/run qmail-smtpd/run qmail-send/run
chmod 755 qmail-pop3d/log/run qmail-smtpd/log/run qmail-send/log/run
chmod 755 /var/qmail/rc /var/qmail/bin/dirmaker

vi /etc/tcp.smtp

127.:allow,RELAYCLIENT="",MAXRCPTCOUNT="200"
192.168.:allow,BLOCKRELAYPROBE="",RCPTCHECK="",SENDERCHECK="",AUTHPREPEND="Authenticated user: ",SANITYCHECK="",SMTPAUTH="",LOGLEVEL="3",AUTHREQUIRED="",MAXRCPTCOUNT="100"
:allow,BLOCKRELAYPROBE="",RCPTCHECK="",SANITYCHECK="",RETURNMXCHECK="STRICT",RBL="",REJECTEXEC="",LOGLEVEL="3",TARPITCOUNT="10",TARPITDELAY="10",SMTPAUTH="",MAXRCPTCOUNT="25"

Note: 192.168. is my local ip range to know more about options used go to www.nrg4u.com 

mkdir /var/log/qmail
cd /var/log/qmail
mkdir qmail-send qmail-smtpd qmail-pop3d
chown -R qmaill:root /var/log/qmail
chmod -R 750 /var/log/qmail
cd /var/qmail
cp -p /downloads/qmailctl /var/qmail/bin/.
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin/
qmailctl cdb
cd /service/
ln -s /var/qmail/supervise/qmail-* .

OpenLDAP

LDAP means Lightweight Directory Access Protocol, a simplified version of X500 protocol. You will find a more detailed presentation on Wikipedia. LDAP is a way to make certain kinds of information available across a network. In this setup the information is user logins - their passwords, user IDs, and various details.

First, install the ldap server daemon (slapd) on the server: install the following packages: slapd, ldap-utils, and db4.2-util. 

sudo apt-get install slapd ldap-utils db4.2-util
cp -p /usr/src/qmail/qmail-1.03/qmail.schema /etc/ldap/schema/

Now Create a tmp configuration file 

vi slapd-tmp.conf

include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/qmail.schema

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args

moduleload      back_hdb

database        hdb
suffix          "dc=yourdomain,dc=com"
rootdn          "cn=manager,dc=yourdomain,dc=com"
rootpw          {SSHA}+xDld2OXYtm0NRlJYXL050VGym/sYUn+

index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

Remember to change the rootpw by genrating new password hash use the command slappasswd 

rm -rf /etc/ldap/slapd.d/*

slaptest -f slapd-tmp.conf -F /etc/ldap/slapd.d -u

chown openldap.openldap -R /etc/ldap/slapd.d
chown openldap.openldap -R /var/lib/ldap

/etc/init.d/slapd restart

Now let's populate some database 

vi yourdomain.ldif

# base dn
dn: dc=yourdomain,dc=com
objectClass: dcObject
objectClass: organization
o: yourdomain
dc: yourdomain

# ou, yourdomain.com
dn: ou=yourdomain.com,dc=yourdomain,dc=com
objectClass: top
objectClass: organizationalUnit
ou: yourdomain.com

vi test.ldif

# test, yourdomain.com
dn: uid=test,ou=yourdomain.com,dc=yourdomain,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailUser
cn: Test User
sn::  User
mail: test@yourdomain.com
accountStatus: active
mailMessageStore: yourdomain.com/test 
uid: test
mailHost: mail.yourdomain.com
deliveryMode: noforward
userPassword:: e0NSWVBUfUJuZGZpVzJHQkd0enc=

ldapadd -x -D "cn=manager,dc=yourdomain,dc=com" -W -f yourdomain.ldif
ldapadd -x -D "cn=manager,dc=yourdomain,dc=com" -W -f test.ldif

Courier IMAP

apt-get install courier-authdaemon courier-authlib courier-authlib-userdb courier-base courier-imap expect courier-ldap courier-authlib-ldap

vi /etc/courier/authdaemonrc

authmodulelist="authldap"
authmodulelistorig="authldap"

vi /etc/courier/authldaprc

LDAP_URI                ldap://mail.yourdomain.com
LDAP_BASEDN             dc=yourdomain,dc=com
LDAP_BINDDN             cn=manager,dc=yourdomain,dc=com
LDAP_BINDPW             secret
LDAP_MAIL               uid
LDAP_FILTER     (&(objectClass=qmailUser)(accountStatus=active))
LDAP_GLOB_UID           vmail
LDAP_GLOB_GID           vmail
LDAP_HOMEDIR            mailMessageStore
LDAP_MAILROOT        /home/vmail
LDAP_DEFAULTDELIVERY    defaultDelivery

vi /etc/courier/imapd

IMAPDSTART=YES

/etc/init.d/courier-ldap start
/etc/init.d/courier-authdaemon start
/etc/init.d/courier-imap start

Webmail

To configure webmail go to Roundcube Mail to setup latest version ...

QmailOpenLDAP (last edited 2012-01-04 21:59:41 by 202)