Qmail

Qmail based on qmailrocks install

One of the things I missed most and disappointed me is the grave lack of a qmail package for Gutsy. I’m using Qmail since more than 5 years and I was always happy. This describes the installation based on the qmailrocks debian guide. All credits should go to the qmailrocks team. This only points some of the differences and problems I encountered on ubuntu. It’s mainly a list of commands as found on the qmailrocks site with some observations.

Base Qmail

apt-get install build-essential
wget http://www.qmailrocks.org/downloads/qmailrocks.tar.gz
tar xvfz qmailrocks.tar.gz

modify the ./scripts/install/qmr_install_linux-s1.script to replace bin/sh with bin/bash and run the script

./scripts/util/qmail_big_patches.script
apt-get install libssl-dev openssl ca-certificates

this will avoid next step to crash with:

qmail-remote.c:36:25: error: openssl/ssl.h: No such file or directory
qmail-remote.c:37: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
qmail-remote.c: In function ‘ssl_timeoutread’:
qmail-remote.c:132: error: ‘ssl’ undeclared (first use in this function))
make man && make setup check
./config-fast XYZ-HOSTNAME
make cert
chown -R vpopmail:qmail /var/qmail/control/clientcert.pem /var/qmail/control/servercert.pem
cd /usr/src/qmail/ucspi-tcp-0.88/
make && make setup check

this will generate the following error:

/usr/bin/ld: errno: TLS definition in /lib/libc.so.6 section .tbss mismatches non-TLS reference in tcpserver.o
/lib/libc.so.6: could not read symbols: Bad value
collect2: ld returned 1 exit status

I knew this error from here so I applied the same patch as for Fedora:

patch < /downloads/qmailrocks/patches/ucspi-tcp-0.88.errno.patch
make && make setup check
cd /package/admin/daemontools-0.76/src
patch < /downloads/qmailrocks/patches/daemontools-0.76.errno.patch
cd ..
package/install

at this point I could start svscanboot

nohup /command/svscanboot  & #I don't like that much the rc.local install

I decided to skip ezmlm installation as it was really not needed in my case

cd /downloads/qmailrocks
tar zxvf autorespond-2.0.5.tar.gz
cd autorespond-2.0.5
make && make install

Vpopmail

I decided to install vpopmail without mysql

cd /downloads/qmailrocks
tar zxvf vpopmail-5.4.13.tar.gz
cd vpopmail-5.4.13
./configure --enable-logging=p
make && make install-strip
cd /downloads/qmailrocks
tar zxvf vqadmin-2.3.6.tar.gz
cd vqadmin-2.3.6
./configure --enable-cgibindir=/path/to/your/cgi-bin --enable-htmldir=/path/to/your/html/directory
make && make install-strip

in /etc/apache2/sites-enabled/000-default

    ScriptAlias /admin/cgi-bin/ /some_path/admin/cgi-bin/
    <Directory "/some_path/admin/cgi-bin/vqadmin">
        deny from all
        Options ExecCGI
        AllowOverride AuthConfig
        Order deny,allow
    </Directory>

Hint: if you install vqamin in something else than /cgi-bin it will not work because it’s hardcodde so make sure you supress the /admin in /admin/cgi-bin/

    ScriptAlias /cgi-bin/ /some_path/cgi-bin/
    <Directory "/some_path/cgi-bin/vqadmin">
        deny from all
        Options +ExecCGI
        AllowOverride AuthConfig
        Order deny,allow
    </Directory>

in .htaccess

AuthType Basic
AuthUserFile /etc/apache2/vqadmin.passwd
AuthName vQadmin
require valid-user
satisfy any

Continue with the installation:

/etc/init.d/apache2 restart
cd /downloads/qmailrocks
tar zxvf qmailadmin-1.2.9.tar.gz
cd qmailadmin-1.2.9
./configure --enable-cgibindir=/path/to/your/cgi-bin --enable-htmldir=/path/to/your/html/directory \
--enable-ezmlmdir=n (because I did not installed ezmlm)
make && make install-strip
/downloads/qmailrocks/scripts/finalize/linux/finalize_linux.script

edit the files from: http://www.qmailrocks.org/finalize.php and then create the binary versions for /etc/tcp.smtp

qmailctl cdb

then create aliases. I also create .qmail-default as a catchall account but I later realized this was not the case anymore. There was no need to remove another mail client because none other was installed by default.

/downloads/qmailrocks/scripts/util/qmr_inst_check

I had to fix several things before this worked. One of them was to start /command/svscanboot as the rc.local method did not seem to work. After some check I realised I had to remove the exit 0 line from the /etc/rc.local script and chmod u+x the script to have the svscanboot run.

Pop3s

By default the qmailrocks does not install a pop3s server. I used stunnel to wrap the pop3 service in ssl.

apt-get install stunnel

create stunnel.pem:

openssl req -new -x509 -days 365 -nodes -config /usr/share/doc/stunnel/examples/stunnel.cnf -out stunnel.pem -keyout stunnel.pem
openssl gendh 512 >> stunnel.pem

replace /service/qmail-pop3d/run

#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
export PATH
exec tcpserver -H -R -v -c100 0 110 qmail-popup xyx-hostname \
/home/vpopmail/bin/vchkpw qmail-pop3d Maildir 2>&1

with

#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
export PATH
exec tcpserver -H -R -v -c100 0 995 /usr/bin/stunnel -f -p \
 /var/cache/certs/stunnel.pem -l /var/qmail/bin/qmail-popup -- \
qmail-popup xyz-hostname /home/vpopmail/bin/vchkpw qmail-pop3d Maildir 2>&1

In order to test the pop3s service I did the followings:

stunnel -f -c -r 10.10.0.12:995 -d 110
telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK <5398.1198676816@xyz-hostname>
^]
telnet> quit

Imap

apt-get install courier-imap-ssl
#dpkg --purge --force-depends postfix would create dpkg depedencies and block other installs
update-rc.d -f postfix remove

There is no AUTHMODULES or AUTHMODULES_ORIG line in imapd. The authmodulelist file does not seem to have any purpose. Modify in authdaemonrc the line: authmodulelist=”authpam” to authmodulelist=”authvchkpw”. Upon restart of /etc/init.d/courier-authdaemon restart the log shows the following error:

libauthvchkpw.so: cannot open shared object file: No such file or directory

because the courier-authlib from ubuntu does not contains the libauthvchkpw.so

cd /downloads/qmailrocks/
tar jxvf courier-authlib-0.55.tar.bz2
cd courier-authlib-0.55
apt-get install libdb-dev
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap \
--without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib
make && make check
cp .libs/libauthvchkpw.so /usr/lib/courier-authlib/

This might seem an ugly solution to mix versions but it worked in my case:

Dec 26 16:56:35 yellow authdaemond: modules="authvchkpw", daemons=5
Dec 26 16:56:35 yellow authdaemond: Installing libauthvchkpw
Dec 26 16:56:35 yellow authdaemond: Installation complete: authvchkpw

after this the test imap connexion works:

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.
a login len@xyz-hostname xxxxx
a OK LOGIN Ok.
a logout
* BYE Courier-IMAP server shutting down
a OK LOGOUT completed

Squirrelmail

apt-get install squirrelmail
squirrelmail-configure

create a link to /usr/share/squirrelmail
add a redirect to apache config to force https

RedirectPermanent /squirrelmail https://hostname/squirrelmail/

Mailx

apt-get install mailx

Testing at this point with generate the following error:

send-mail: fatal: open /etc/postfix/main.cf: No such file or directory
Can't send mail: sendmail process failed with error code 75

This is because I skipped the sendmail replacement step which consists of:

rm /usr/lib/sendmail /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail

7 Responses

  1. Thank you very much for posting this, especially the IMAP section! Got me rolling again ;).

    cheers

  2. And I was just considering today using postfix for an installation ;)

  3. HI
    I have been installing qmail form qmail rocks and I have gotten as far as step 12 I followed the install instructions for qmail rocks and got the a NO Login failed error when doing telnet on 143. So I have tried your option and it is still a no login failed error.
    Would you have any idea why this is happening? I have googled it but the only one that applies to me says to do what you have posted here on your site. Any help would be appreciated.
    Cheers
    Rick

  4. @rick: you should check the imap output. This guide is a bit old and I don’t know if it applies to new versions of ubuntu, I was in fact considering using postfix for the new installs I am doing.

  5. Thanks and great work, it saved me many hours, particularly for the IMAP section.

  6. […] Ausprobiert auf Debian Lenny.  (via) […]

  7. You can find an updated version of QMR for Debian on http://qmailrocks.thibs.com

Leave a Reply

*