|
General software contributed by users and supporters of qmail.
- Harald Hanche-Olsen has written some code to do dot-locking. Dot-locking is slightly unreliable, so
Dan doesn't support it in qmail.
- Seth
Alves hacked on maildir.module-970707 until it worked (mostly) with
imap-4.1.BETA.
- Mattias Larsson wrote a preliminary patch to IMAP4rev1
which lets it work with Maildirs. David Harris has improved that patch
to make a production quality UW-imap server with Maildir support.
And in his turn, Herbie has updated the Maildir patch for the latest UW IMAP server.
- David Summers has a qmail-imap Linux RPM.
This is a version of the IMAP/POP server that works with QMAIL, using
Mattias's patches. The three differences are:
- Mail is delivered and picked up from ~user/Mailbox
- Mail can be delivered and picked up from ~user/Maildir/ (see README.maildir)
- CRAM-MD5 authentication has been added to the IMAP server.
-
Sam Varshavchik wrote a Maildir-only IMAP server
called Courier IMAP.
- Ali Lomonaco has a patch for finger so it knows to look in $HOME
for a Mailbox. It was written for the finger from FreeBSD 2.2.2,
which is probably the standard BSD finger.
- Giles Lean didn't like the idea of patching majordomo, so
following a suggestion from J.T. Conklin that he found in the list
archives he wrote a majordomo-inject
script and some documentation on how to use it. Needs Perl 5.004.
Nathan
J. Mehl has thrown together a bourne shell script to automagically
create all of the
necessary aliases for a majordomo list with digests in a Qmail
environment that uses Giles majordomo-inject.
- Julie Baumler is using
UIUC's ph to redirect mail on her mail hub. She wrote a note on how
to configure qmail to use ph.
- Olaf Titz's BSMTP package for
qmail, for those who want to run BSMTP over UUCP with qmail. The
10k shar contains an rsmtp program for incoming messages and a
maildir2bsmtp program for outgoing messages. Both are written in
perl.
- Russell Nelson's checkhomeownership script will report on
users who don't own their home directories or Maildirs. This is
important to run before starting up qmail, because sendmail doesn't
care a whit whether the user owns their home directory, but home
directory ownership is how qmail decides if the user exists or not.
If you have a mail hub, and you've botched the home directory
ownership, the users will never be logging into it, so they won't
notice. And you won't notice either, until they run screaming to you
that they haven't gotten the important mail they wanted, and their
correspondent noted that the mail bounced.
- David Summers has
some perl
scripts that work with maildir2smtp. Now uses APOP-style
authentication.
- Russell Nelson's newbox script to create new
maildrops for users who don't have login accounts on their mail server.
- Chris Garrigues wrote a program to pretty-print
Received: lines.
- Brian
T. Wightman has written a delayed-mail
notifier.
- Another delayed-mail
notifier is available from Matt Ranney.
- Mark Delany has a rmail
for people receiving ! addresses via UUCP. It parses ! addresses,
applies a number of simple pattern matching rules to convert them to
FQDN addresses and injects them into qmail.
- Russell Nelson has a program
to eliminate duplicate messages. It has
two modes of operation -- strict and loose. Strict only eliminates
perfect duplicates, whose only difference is in the Received: lines.
Loose eliminates duplicates that have identical From: Date:,
Message-Id: and body parts.
-
Peter Samuel has expanded on Russell's program and written a
duplicate eliminator that uses dbm hash file(s) instead of a text
file. It also has improved exception handling and provisions for sites
without the MD5 perl module.
- Russ
Allbery uses Majordomo with qmail. He has a FAQ on
the subject.
- Russell Nelson has a system to allow relaying to any host which authenticates
itself through a POP3 connection. Only thing is, it's dependent upon
the user to do the right thing, because at least Eudora and Netscape
send mail before checking for new mail. You can turn that
feature off, but still the user needs to get into the habit of
checking for mail before sending mail. Mirko Zeibig has some
improvements in an RPM.
- David Harris has a similar system to only allow hosts who have authenticated via the
POP3 server to relay mail using qmail. This does not require
patching the POP or SMTP servers, but is implemented by two programs
which cleanly interface into the system, and can work with most any
POP or IMAP server.
- Petr
Novotny wrote an alternative to Russell Nelson's Open-SMTP patch
for checkpassword. His code is a PAM
module which calls external program to log $TCPREMOTEIP. It
requires a PAM-enabled checkpassword.
- Michele
Beltrame has a tool to view the qmail
queue
(with colored display), view messages in it and delete
messages. It's very simple and written in Perl.
- Keith
Burdis has written several qmail programs,
including dotqmail2alias, alias2dot, deliver, and compactor/exploder
- Eric Huss has released queue-fix
1.4. It repairs or generates a qmail queue structure. You can
use this to help move your queue location, or if you regenerate the
file system and the inode numbering changes. It will also fix
permissions and ownerships of the files. Eric reports that Matthew
Harrell wrote a patch to queue-fix
which makes it work with Russ Nelson's big-todo patch. Patches upon patches!
- Harald Hanche-Olsen has a shell/awk/gnu-find script which renames a queue so that it has the right
filenames (corresponding to inodes).
- Charles Cazabon wrote queue_repair.
queue-repair is a qmail queue diagnostic and repair tool, written in
Python, and licensed under the GPL.
- Peter Samuel has a
qmail-compatible
vacation program.
- Jason van Zyl has a patch to the cyrus imap server so that it authenticates out of a
cdb (the same hash format that users/assign uses) instead of
kerberos or /etc/passwd. And he has a perl script that allow you to
enter users into the system and it takes care of updating the
users/assign file, and the cdb file that cyrus is using to
authenticate from.
- Bruce Guenter wrote qlogtools, a set of tools
useful in analyzing or producing logs from qmail and other packages.
- Monte Mitzelfelt has a program which sorts a qmail
log file by message delivery.
- Ismail Yenigul has a qmail
log analyzer tool called IsoQlog.
-
Bruce Guenter wrote his own implementation of the mini-qmail idea,
only his (nullmailer)
has a queue for more reliablity. It supports SMTP and QMQP, so it's a
drop-in replacement for qmail-qmqpc.
- Eric Hess needed longer timeouts
for qmqpc. The timeouts are hard coded in qmail-qmqpc. They
tend to be on the low side (10 seconds to connect, 60 seconds to
read/write). He uses some automated systems with qmqp and sometimes
the servers are overloaded and can't respond in that timeframe.
- Jay Austad has his qmqpc rotating the server list by a random
amount. This distributes the load over multiple qmqp servers.
- There are a number of web interfaces for reading mailboxes:
- Sam Varshavchik's sqwebmail.
- FocalTek's FocalMail.
- horde.org's IMP. Requires PHP and an IMAP/POP3 server.
- @.
- Twig. No frames, no javascript.
- oMail-webmail
is a simple Webmail solution for mail servers based on qmail and
optionally vmailmgr. This a GPL project, maintained by Olivier Müller. The mails are read
directely from Maildirs on the harddisk, which is much quicker than
using protocols like POP3 or IMAP. Other features includes multiple
language support (currently English, French, German and Italian),
folders and addressbook support. oMail is programmed in
Perl. Developers and translators are welcome to subscribe to the devel mailing
list.
- iGENUS is a chinese webmail
system for perl + qmail + vpopmail + mysql.
- @Mail is a WebMail application
written in Perl with optional mySQL support. Create a HotMail type
service at your domains or read existing POP3 accounts via the web.
- Several autoresponders are available:
- Vyacheslav Ignatyuk wrote an alpha version of a qmail
manager module for webmin. It's a first alpha version,
so may be unstable.
-
Peter Green has some code to Archive and process log files
generated by qmail-send and qmail-smtpd.
- William E. Baxter has released qtools, a
suite of utilities for use in .qmail files. The tools support
applying a filter to a message body, message head, or entire message;
conditional delivery of a message to a Maildir; and configuration of
simple autorepliers.
-
Sam Varshavchik has a local delivery agent called Maildrop that has
a custom filtering language more readable than procmail's.
- Russell Nelson has a program called no-alternative, which picks the text/plain
part out of a MIME multipart/alternative message, and forwards it to
$USER-alternative.
- Russell Nelson and Magnus
Bodin have conspired to write some scripts and documentation to throw
information about qmail into
mrtg.
- Sean Truman has some
mrtg
scripts which don't use qmailanalog.
- Chris Dent wrote Qmail::Queue.pm.
- oMail-admin is a PHP4-based
Web-administration solution for mail servers based on Dan
Bernstein's qmail and Bruce Guenter's vmailmgr.
- Dru Nelson has an incoming message
filter
- Dru Nelson has an
administrator's program to remove
queued mail that has a certain string in it.
- LinuxMagic has written qmail-remove
to remove emails from the queue. If they match a string, they are
moved to a temporary directory.
- Mail2DB -- Store incoming mail
in a PostgreSQL database. Mail2DB is suitable
for putting in a .qmail/.forward file and will archive e-mail to a SQL
database. Currently, there is only the storage component. This was
written because somone on a LUG list expressed interest in such a
system, but he only knew PHP (which isn't an ideal language for
calling from a .qmail file ;-). Hopefully a user interface will be
forthcoming.
- Russ Nelson has a qmtpd tarball for people using
0.70 or later daemontools with qmail.
Just drop it into your /service directory, and five seconds later,
you're running qmtpd. Don't forget to set your lowest MX priority to
12801, or all your deliveries will occur using SMTP. This is a
companion to his qmail-remote patch.
- Vmailadmin is a web
application that allow your client to administer the pop accounts in
his domain, easily and with security, without the need to contact
ISP staff.
- Alex Kramarov has created qmail-print-queue to print
the qmail queue contents - it runs on all messages and displayes
the from:, to: and date: headers; can also dump the full header of the
message if ran with "-h" switch (if mess822 is properly installed). It
is useful in conjunction with monitoring tools like qmail-mrtg and
others.
- Andrew Richards has written a set
of tools to enable you to hash
users' mail directories.
- Mahlon Smith has written a
general new mail
checker, useful if you use the mutt MUA and procmail to filter
incoming mail to Maildirs, since there isn't a built in mechanism for
doing this from within mutt.
- qmail-qsanity-0.52 checks your
queue data structures for internal consistency. If it finds any
problems, it prints a warning to stderr. Plans are to change it to
generate shell commands which will correct the problems.
- qmail-lint-0.55
checks your qmail configuration for common problems. Prints warning
or error messages to stdout.
- Davide Giunchi wrote qmail-masq[uerade].
It will masquerade the internal address with an external one when
sending email from local network users to the external internet users.
- Todd A. Jacobs has a program to
generate random
extension addresses.
- Baris Metin's qinstall helps you install qmail.
- Wolfgang Pichler wanted graphs
from logs, so he wrote qmailalizer.
- Bruce Guenter wrote mailfront, a package
containing customizeable network front-ends for mail servers;
specifically SMTP and POP3. Supports SMTP auth and POP3 AUTH
PLAIN and LOGIN.
- Mark Delany wrote set_supplementary_groups, which
lets you gain group permissions for the groups you are in in
/etc/group. In particularly mailman requires this.
- LinuxMagic is porting their
Anti-Spam/Valid User checking program,
|
|
[index]
|
User-Contributed Maildir Support |
|
|
|
|
| |
|
|
Maildir-specific software contributed by qmail users. Maildir is a
lock-free mailbox standard which is reliable over NFS.
- Chris
Mosley has a program which loops on
maildir2mbox so that programs like Elm can continue to receive
mail without needing to exit and reenter. Relies on Ivan Kohler's mbox2maildir.
- Ivan
Kohler has a mbox2maildir program.
Gets its parameters fron the MAIL and MAILDIR environment variables.
- Russell
Nelson's convert-and-create
script will create Maildirs for all users who receive mail and will
convert their /var/spool/mail mbox-format mailboxes into messages in a
Maildir. Stuart Bain has improved it so it will convert UW-IMAP mboxes into Courier-IMAP
maildirs.
- Bruce Guenter changed the
above convert-and-create script to convert a
single user. Gets its parameters from the command line.
- Valerio Granato has also done a convert-and-create variation.
- Todd Underwood has written Yet Another Mailbox to Mailbox Converter.
- The ultimate mbox2maildir has not yet been invented.
However, Robin Whittle has created another mbox2maildir.
This one can do entire directories of mboxes.
- Matthew C. Mead has a ``from'' program that
prints a summary of mail in a maildir waiting to be read.
- Russ
Allbery has his own maildir summary
program. Same idea as Matt's but a slightly different philosophy.
- Mutt is a MUA
that has native support for Maildirs.
- Mikko Hänninen has a patch to Mutt which converts GMT dates in the
header into local time.
- Bloodhounds International wrote maildir patches for the c-client library (now
distributed by Adam McKenna), which is used by Pine and IMAP2. Dean
Gaudet has a patch to it that lets you work with multiple inboxes.
- Ragnar Kjørstad has adjusted the maildir patches for pine 4.00 to
work with pine
4.10, and imapd 4.5.
- And similarly Sean Cody has a
maildir patch for pine 4.33.
- And similarly Jozef Hitzinger and Adam
Slattery for pine 4.33,
4.4x, and 4.50, including Dean Gaudet's maildir-1billion fix
- GPL'ed MUA, called Mew and IM support
qmail's Maildir. Mew is interface for Emacs/XEmacs. IM is perl
scripts for process mail like MH.
- Paul
Gregg has a script which runs from a .qmail file that checks a
Maildir for a quota (clearly only effective on a userless mailhub).
The script is called mailquotacheck.
- Jeff Hayward has a patch to qmail-local (which arguably belongs
down below in the patches section except that Paul Gregg's quota check
was already here) which treats quota
exceeded as a permanent error, bouncing the message back to the
sender.
- Levent Serinol has a quota
patch for qmail-local. When you're running with a single
userid, the operating system cannot enforce quotas, so this patch
enables qmail-local to enforce a quota.
-
There are various xbiff (X mail notifiers) solutions for maildirs:
. The
comment at the top of the script explains why this one is better.
- A text-only biff by David Gerber.
- The Clarkson University Unix Team has an xbiff and from.
Tetsu Ushijima has a program called maildirdeliver,
which writes a new message into a Maildir. Most of the code is
essentially just stolen from qmail-local.c.
Len Budney wrote a little C program
called safecat,
which implements DJB's maildir algorithm to copy stdin to a file in a
maildir. When exit codes are checked, as by qmail-local or fetchmail
with -w option, it should be as reliable as qmail's own maildir
delivery (which heavily influenced the safecat).
John White has written a perl module which provides maildir
delivery to perl programs. Included are example mail sorting
programs meant to be invoked from .qmail or .qmail-default
Jonathan Kamens has written a replacement for the Emacs "movemail" program, which understands how to read
mail from a qmail-style maildir.
Kenji Rikitake reports that
procmail-3.15 includes support of the maildir format with no
patch. All you need to do is to add a slash to the mail folder names.
Michael Elkins has a tool to synchronize a maildir with a
remote IMAP mailbox.
nnmaildir is a maildir
backend for Gnus.
Exim has Maildir
support in its appendfile transport. Not exactly new news,
but worth mentioning.
Gnus has had native maildir support
since version 5.8. Also see nnmaildir.
Ronald C. Rivera creates home
directories and moves email directly from
an LDIF file. It also creates the user's public_html directory
which can be used in conjunction with mod_ldap_userdir.
Tim Deegan has an RFC1339 remote mail
check daemon that works with Maildir mailboxes.
|
| |
|
[index]
|
EZ Mailing List Manager |
|
|
|
|
| |
|
|
EZ Mailing List Manager (EZMLM) is a mailing list manager which allows
users to create their own mailing lists with a single command.
- Dan Bernstein's ezmlm page.
- Fred
Lindberg and Fred
B. Ringel have written an ezmlm
FAQ. In addition, Fred L. has also written (in his copious free
time) the Ezman, an ezmlm
manual for both list owners and users.
- Fred
Lindberg has an add-on to ezmlm-0.53
called ezmlm-idx. It gives you headers, trailers, threaded digests,
multi-message get, thread retrieval in MIME multipart/digest with
headers filtered to make the digest rfc1153-like (default). It also
has all aspects of message moderation, subscription moderation, and
remote administration of subscriber addresses.
- Fred Lindberg is the
latest author of code to ensure that an ezmlm
subscriber is on the list
- Fred Lindberg has
an EZMLM
list splitter. It forwards subscribe/unsubscribe requests from a
main list to one of a set of sublists based on the target address
(hash or domain name). This way, the list can be split into a number
of hosts for load splitting or geographic splitting without
inconveniencing the user (who always deals with the main list).
- Özgür Kesim has a ezmlm HOWTO for
advanced mailing lists.
- Steve Peterson
implemented a simple web
subscribe/unsubscribe interface to ezmlm.
- Michael Hirohama wrote Ezmlm-Thresh, which
allows EZMLM mailing list messages to be limited to a threshold per
subscriber.
- Guy Antony Halse has a web
interface to ezmlm called ezmlm-web, currently at
2.1. It has improvements over Glen Stewart's version.
- Glen Stewart has improved on Guy Antony Halse's EZmlm-Web 1.02.
He's calling his version EZmlm-Web
v1.0.2gs1.2. The gs1.2 version suffix modifications are fairly
extensive and done by Glen Stewart. Some of the most notable changes in this release include:
- list owner logon screen & password
- ListMaster access/control from filtered, configurable IP addresses
- Only the ListMaster can create and delete lists
- skeleton support for WebGlimpse indexing of selected list archives
- spam filter option for list owner addresses
- tooltip help for all list configuration settings
- case-insensitive list and subscriber address sorting
- list owner can change their owner address
- configuration tour (help) for list owners
- many other fixes and enhancements
- Sergiusz Pawlowicz wrote ezmlm-cgi-py, a
more approachable (i.e. Python, not djb-C) version of "the Freds"
ezmlm-cgi archive formatter.
|
| |
|
[index]
|
Living with Qmail - Tips & Advice |
|
|
|
|
| |
|
|
Some good advice for new qmail users, contributed by qmail users.
- Did you restart qmail? I find that to be a help for a lot of
qmail problems. :-) [John Mitchell]
- You should also check the permissions very carefully on all of
the necessary directories and files. [John Mitchell]
- You must also put the virtual domain into
control/rcpthosts or the mailer will bounce the message
with a notice saying that the host wasn't in rcpthosts. [John Mitchell]
- Of course, you must also be the MX for the virtual hosts. I had
a problem in my setup that was driving me nuts until I realized that
my DNS provider had missed an MX update request. [John Mitchell]
- Check all lines in sendmail.cf beginning with M. Any that
contain P=[IPC] or P=[TCP] should also have
E=\r\n. [Tim
Goodwin]
- You might want to limit posting to mailing lists.
- The right-hand-side of entries in
control/virtualdomains should begin with a username. If
you don't use a username, the mail will be handled by ~alias. But if
you forget, and create a user by that name, then the mail will
suddenly be handled by the user, which is probably not what you
intended to happen. Best to use, in this case, alias as
the username and avoid trouble. [Russ Nelson]
- remember to add 'preline' before
procmail or other filters when moving .forward to .qmail. [Ira Abramov]
- If you use qmail's
preline
utility, remember that preline expects to pipe the entire
mail message through the specified program. If the specified
program closes standard input before preline has finished, preline
will exit with a transient failure and you'll see the following
error in your logs:
deferral: preline:_fatal:_unable_to_copy_input:_broken_pipe/
You'll see this problem if you try to use the sendmail version of
vacation. Use Peter's vacation program
instead. [Peter Samuel]
- Run qmail from an init.d script [Larry Doolittle]
- You can usually create control/rcpthosts from
sed 's/:.*//' <virtualdomains | cat - locals | sort
>rcpthosts [Russ
Nelson]
- Sometimes you need to use a database to
forward mail. Create ~alias/.qmail-default like this:
|if T=`X`; then forward $T; else
echo "Sorry, no mailbox here by that name (#5.1.1)";
exit 100; fi
That all goes on one line. Fill in the X part with a program
that looks up the user, and exits with zero and prints the destination
address, or else exits nonzero if no match is found. By the way, the
X program probably should ignore case. For NIS, you would replace the
X in the above command with: ypmatch $LOCAL aliases .
[Russ Nelson]
- Similarly, you could also use a simple linear search text file
named mapping containing lines in the form
incoming:outgoing like this:
|if MAP=`grep -i "$LOCAL:" mapping` && T=`echo $MAP | awk -F: '{print $2}'` ;
then forward $T;
else echo "Sorry, no mailbox here by that name (#5.1.1)";
exit 100; fi
[Russ Nelson]
- Anything you print from a program run by a .qmail file ends up in
the log file.
[Russ
Nelson]
- Some syslog library calls use the TZ variable to timestamp the
messages. qmail's env invocation strips out the whole environment,
which causes the timestamp to be incorrect. When this happens, use
env - PATH="/var/qmail/bin:$PATH" TZ=CST6CDT qmail-start
./Mailbox splogger qmail to start qmail.
[Harald
Hanche-Olsen]
- You can do a reasonable imitation of sendmail delivery, including
.forward and /var/spool/mail, with
#!/bin/sh
exec qmail-start '|dot-forward .forward
|preline -f /bin/mail -f "$SENDER" -d "$USER"' splogger qmail
depending on your system's binmail interface. Of course, I recommend
throwing binmail away, but people who need to preserve /var/spool/mail
should still be able to use qmail. [Daniel
J. Bernstein]
- If you want to have private .qmail files which only work on local
mail (e.g. a fax gateway), you can put the following test at the
beginning of it (all on one line):
| if [ -n "`sed -n -e '/invoked from network/p' -e 2q`" ]; then exit 100; else exit 0; fi
That is, peek at the headers, if the message came from the network, bounce
it, otherwise forward it along.
[John R. Levine]
- [Daniel
J. Bernstein] has three suggestions for allowing your users to
relay when they're not at a known IP address (which is the FAQ 5.4 solution):
- Use a secret IP address and port number, and you'll have much
better security than user-chosen passwords.
- Put a secret string into the HELO string sent by the client. This
will be visible to the fixup script, so you can reject messages with bad
passwords without changing qmail-smtpd---and it's still more widely
supported than XTND XMIT.
- Oh, you want real security? Check that all messages are PGP-signed by local users. I wouldn't be
surprised if PGP plugins are available for more clients than XTND XMIT
patches are.
- [Anand
Buddhdev] wrote turnmail, modified by
Russell Nelson for publication here, which wraps around qmail-pop3d
and triggers a serialmail delivery to the connecting host whose user
just authenticated themselves. Or, a Unix system can use fetchmail,
getmail
or an NT system pullmail.
- Dan Bernstein suggested that one might give ordinary users access
to qmail-qread through ucspi. Steinar
Haug implemented that suggestion thusly with a client that looks
like this:
#!/bin/sh
exec /local/etc/tcpclient -RHl0 -- 127.0.0.1 20025 sh -c 'exec cat <&6'
and he starts the server like this:
tcpserver -u126 -g120 -R 127.0.0.1 20025 /var/qmail/bin/qmail-qread &
- The default delivery instructions, which are invoked when a .qmail
file is nonexistent or empty, are found in the first parameter of
qmail-start. That's why the install instructions tell you to touch
.qmail-root .qmail-mailer-daemon and .qmail-postmaster.
- [Anand
Buddhdev] recommends pullmail, which is a
Windows NT program that pulls mail from a POP3 server, and stuffs it
into NT's SMTP server.
- [Mark
Delany] modifies FAQ 2.3 so he can use the same .qmail file for multiple UUCP sites:
Here is our .qmail-uucpfqdn-default file (all on one line)
|preline -df /usr/bin/uux - -r -gC -a"$SENDER"
`echo $EXT | cut -f2 -d-`!rmail "(${EXT3}@$HOST)"
And here is a sample virtualdomains entry:
some.domain:uucpfqdn-uuhostname
- Dan Bernstein noted that qmail will skip dns queries for incoming
mail with tcpserver -Hl your.host.name; and you can skip
them for outgoing mail with control/smtproutes.
- Harald Hanche-Olsen has a solution to the problem of mail that has
wrongly been queued for a remote host (because, say, you didn't have a
host in your locals or virtualdomains):
echo tcn.net:[127.0.0.1] >> /var/qmail/control/smtproutes
Now send qmail-send an ALRM signal.
- Hitesh Patel has a patch
for UnixWare 2.1.x and 7.0.x, which is not currently supported by
qmail.
By the way..... the patch above opens up the option of sending mail
to root... if you want this then just copy the right files into your
qmail source directory... if you don't go into conf-unusual.h and
comment out line 25 that says "#define ALLOW_ROOT_MAIL 1".
Probably a good idea to comment it out -russ .
- Daniel J. Bernstein suggests that if you have buggy clients that
send bare LFs, and you want to treat their messages the same way
sendmail does, you can simply run his fixcrio program instead
of qmail-smtpd for your outgoing mail relay. fixcrio then takes
qmail-smtpd as argument. fixcrio is part of the ucspi-tcp package.
- Balazs
Nagy likes to watch logs in a virtual terminal (/dev/tty8). He uses
... | tee >(accustamp | tailocal > /dev/tty8) | accustamp | cyclog
The extra accustamp seems to be needed to make it work with bash.
- Frederik Vermeulen says: If you don't want a specific
undeliverable mail to sit in the queue any longer, you can make it
reach the queuelifetime by running touch -d '1 week ago'
on its queue/info file. It will then be bounced after one
more delivery attempt.
- Russ Nelson has used qmail-local to deliver to a dynamic Mailbox
or Maildir name. He does it like this:
|qmail-local "$USER" "$HOME" "$LOCAL" "" "nodeliver" "$HOST" "$SENDER" "/path/to/users/maildir/here/"
- Harald Hanche-Olsen warns people to beware when patching Solaris
machines, because at least one patch restores the
/etc/rc?.d/[SK]??sendmail symlink. You might want to remove files
matching that name in your startup scripts.
- Vern Hart doesn't like a pile of .qmail files in his home
directory. So he uses users/assign to put them into a subdirectory:
=vern:vern:2244:18:/home/vern:::
+vern-:vern:2244:18:/home/vern:s/::
This puts .qmail in his home directory but everything
else is in .qmails/. This changes ~/.qmail-foo to
~/.qmails/foo and really cleans up his home.
-
Jim Simmons points out that you can stop linuxconf from creating a
potential security hole by removing the /usr/sbin/sendmail line from
/usr/lib/linuxconf/redhat/perm. If you don't do this, linuxconf will
change /var/qmail/bin/sendmail to running suid.
-
Dag Wieers wants to see all messages that are delivered to his
domain but were bounced because the user or alias does not exist. Since
you cannot forward and pipe in the same dot-qmail he found the following
solution to be his most simple option, .qmail-default:
|forward dag@mind.be &>/dev/null
|echo "Sorry, no mailbox here by that name. (#5.1.1)"; exit 100
This way someone can simply check those mails regularly and forward them
to the right person manually (which sometimes saves time when people are
waiting for feedback)
- Peter van Dijk suggests that
you have two services running smtpd, one using recordio and the
other not. He says that it's a great diagnostic tool. Create
/service/qmail-smtpd as you would normally. Create
/service/qmail-smtpd-recordio as a copy with recordio inserted, and
logging to a separate space (be sure to chmod this logdir tight
because recordio records complete emails). Create
/service/qmail-smtpd-recordio/down. The switchover is then simply:
# svc -u /service/qmail-smtpd-recordio ; svc -d /var/service/qmail-smtpd
and viceversa.
- Han Boetes blocks sites with no
reverse dns. He uses the following tcp.smtp file. The only thing
I would do differently is to set RBLSMTPD instead of just denying the
connection.
127.0.0.1:allow,RELAYCLIENT=""
172.16.11.:allow,RELAYCLIENT=""
=:allow
:deny
- Adrian Knoth suggests that your
Unix client machines can use stunnel's
public key mechanism to authenticate smtp.
|
| |
|
[index]
|
Alternative Checkpassword Implementations |
|
|
|
|
| |
|
|
qmail-popup and qmail-pop3d are glued together by a program called
checkpassword. It's run by qmail-popup, reads the username and
password handed to the POP3 daemon, looks them up in /etc/passwd,
verifies them, switches to the username/home directory, and runs
pop3d. At least that's what the standard one does.
Some alternatives are listed below.
Mark
Delany has a clever way to test your checkpassword with a bit of
command line re-direction. For example, with username
fred, password bloggs,
printf "fred\0bloggs\0Y123456\0" | /bin/checkpassword `which id` 3<&0
will execute /bin/id if the password is right.
The printf is a bit trickier to manipulate if the username/password
starts with a digit. If you haven't a printf then enter the data into
a file with your favourite binary editor, such as emacs, and then it's
simply:
/bin/checkpassword /bin/id 3<test.file
Or use perl:
perl -e 'printf "%s\0%s\0Y123456\0","fred","bloggs"' | ...
- Jedi/Sector One has a checklocalpwd.c
that checks a configuration file in addition to the users mentioned in
/etc/passwd.
- Jos Backus has a mkpoppass/chkpoppass pair. It uses an
alternate username/password file and is written in perl.
-
Bruce
Guenter has a virtual domain mail manager package called vmailmgr. It's designed to manage
multiple domains of mail addresses and mailboxes on a single host.
Co-operates with qmail for mail delivery and program control. Has
corresponding add/deluser and change-passwd commands, and CGI scripts.
Knows about shadow and MD5-encrypted passwords. Uses CDBs for the
virtual domain tables. Supports IMAP via an authentication module for
Courier-IMAP.
- Russell Nelson's pop-subaddr patch allows multiple maildirs per POP3
user, all of them authenticated with the same password.
- Alexey Mahotkin rewrote checkpassword-pam
from scratch.
- Petr
Novotny wrote an alternative to Russell Nelson's Open-SMTP patch
for checkpassword. His code is a PAM
module which calls external program to log $TCPREMOTEIP. It
requires a PAM-enabled checkpassword or any POP3/IMAP system that uses
PAM for authentication.
-
Bruce
Guenter has yet another SMTP relay control
package. It uses a setuid program called from checkpassword to avoid
patching checkpassword. Strictly speaking, it's not a patch, but it's
here so people can find it along with the others.
- Christopher
Johnson (EI39-1) wrote a virtual
domains package with the following features. Inter7 is now
maintaining the current
version.
- Dynamic delivery - no need to have dozens of .qmail files all over the place. Just a single .qmail-default handles all the deliveries
- Shadow password support - something that seemed to be lacking in the other programs
- Only takes up 1 entry in /etc/passwd - everything runs under a single UID/GID
- Decent documentation - actually, some docs I've come across for this are pretty good, but I had a bugger of a
time getting the things working (probably 'cos I'm using shadow'd passwords on my own Linux box).
- Delivers direct to a Maildir for use with qmail-pop3d
- Ken Jones has a program for administration of virtual domains
called QmailAdmin,
using the vchkpw program. It handles pop acccounts, aliases, forwards,
autorepsonder and ezmlm mailing list.
- Justin Hopper has a quota implementation for
QmailAdmin.
- Steve
Simitzis has XTND XMIT mods for
qmail-pop3d that also incorporate some patches found on this site.
- André Oppermann has patches to do user lookup (deliver and
retrieval via qmail-pop3) using LDAP.
- Pedro Melo has a patch to checkpassword-0.81 which uses a CDB file.
- Chris
Johnson wrote checkcdb, a
version of checkpassword that authenticates users from a cdb
database. It includes perl scripts to maintain the user database file.
- Shinya Ohira fixed a
security lapse in checkpw, which gets its password from a file in
the user's home directory, and allows both POP
and APOP authentication. Magnus Bodin has a copy if that site happens to
be unavailable.
-
Tong has a PostgreSQL
checkpassword.
-
David McNicol wrote qmail-authpop,
which uses Sam Varshavchik's's authlib. This library is used by his
sqwebmail and courier-imap applications, linked-to from elsewhere in
this document.
- The Clarkson University Unix Team has a
checkpassword that authenticates against AFS.
- Matthias Andree has a patch to Dan's checkpassword
that allows checkpasswd to use an arbitrary base
directory for finding Maildirs
- Jesse
Sweetland has added Postgres support to his checkpassword and
qmail-getpw replacements. He calls the package sql-xpw. These differ from
Takeshi's code because his is a patch to qmail and this code is not.
- Ariel Kirsman has written a
checkpassword which authenticates using an NT domain. It is derived from
code taken from squid.
- Andrew Richards has a checkpassword
for Radius, written in C. It's based around Dan's
checkpassword, and uses the Radius client library from FreeBSD, as
well as MD5, since that's how Radius encodes its data.
- Larry M. Smith has a vanilla checkpassword.pl.
- Piotr Swebodzinski has a checkpassword for tru64 Unix.
- Scott Gifford has notes
for using checkpassword w/ Courier-IMAP.
- Andrew Richards has a checkpassword
that wraps around Courier-IMAP's authentication for use by
qmail-pop3d.
- Andreas Aardal Hanssen has a way
to run multiple
checkpasswords and authenticate against one, and if that
fails, then the other. If none succeed, it returns failure.
- David Phillips has a
checkpassword which authenticates via a pop3 connection.
While this may seem counter-productive, you can use it for smtp-auth
where the smtp server does not have direct access to the user database.
- Pla'cido Revilla wrote a
checkpassword that authentifies against a PHPNuke users database. This allows
administrators of these kind of portals to automatize the creation of
pop3 accounts in their system. His name is actually Plácido Revilla,
but slashdot's rdf parser craps out on non-ASCII characters.
|
| |
|
[index]
|
Yet More Qmail Addons |
|
|
|
|
| |
|
|
Still need something more from qmail? The chances are good that you
can find it here, contributed by users and supporters of qmail.
- Paul Fox has created a getpwnam() patch for qmail
which causes it to use getpwname() to get the uids of its usernames.
- Evan Champion has a patch to condredirect. It allows
condredirect to handle the case where the child has a permanent
delivery error -- for example, when the program condredirect is asked
to run doesn't exist.
- John Saunders has a patch
to date822fmt.c which causes it to emit dates in the local
timezone.
- Chuck Foster implemented code (which Bill Nugent updated it to qmail
1.03) to bind the local address for smtp
client sessions to an address which is mapped using the remote address
as a key. This can be useful to bypass a firewall, or if you've got
split routing, or if you have a better non-publicized route to the
destination host.
- Russell
Nelson's qmail-popbull
program lets you create bulletins which get added to a user's
mailbox as they log in. Equivalent to an all-customers mailing list,
but takes up much less resources, and lets you withdraw bulletins.
-
Bruce
Guenter has a qmail
RPM which automatically applies a number of patches found here and
which comes with some scripts.
- Markus
Stumpf has a pair of qmail
patches, one to cause qmail-smtpd to log its disposition of mail,
and another to convince qmail-remote to use a fixed IP address other
than the one you get without binding to an address. Andy Repton has
ported the fixed IP address patch to
qmail 1.03. Damir Cifer has better instructions for his port.
- Chuck Foster originally wrote a patch for tcpcontrol. That
functionality got subsumed into tcpserver. John Levine has updated it
to the current version (0.84).
It allows you to:
- deny services based on domain names instead of IP addresses.
- distinguish between no PTR and wrong PTR DNS records.
- deny service to hosts whose forward and reverse DNS do not agree.
- Christopher K. Davis has a patch to accept oversize DNS
packets which works on both qmail's dns.c and tcpserver's dns.c.
Or better yet, install djbdns,
which is more secure than bind.
- Bruce
Guenter has a patch which causes qmail programs to get
their userids, not compiled in via auto_uids.c, but instead by
looking at files in /var/qmail/owners.
- Bruce
Guenter has RPMs of daemontools.
- Bruce Guenter wrote supervise-scripts,
to help him start and stop supervise-managed programs in a more
controlled manner.
- Nick Leverton wrote a patch to qmail-send to cause it to suspend remote
delivery without needing to restart qmail.
- Ximenes Zalteca improved Dave's patch so that broken
versions of Eudora which emit a
CAPA command can still work with qmail's POP3 server.
- Fred Lindberg has a patch which causes qmail-send to preserving
the MIME-ness whenbouncing MIME
messages. It requires and includes a patch to ezmlm, since it
breaks QSBMF.
- Jose Luis Painceira's patch deletes the body on big
bouncing messages. It's based on Fred Lindberg's patch (see
previous item). Note that if you use ezmlm, you may need Fred's patch
for ezmlm-return, which is not included here.
- Klaus-Uwe R. Ittner wrote a patch to make serialmail enclose the
bounced
message as a MIME part, in analogy with qmail-mime.tar.gz. Useful
for all those unfortunate people who use character sets other than
us-ascii and want to be able to decipher what bounced.
- There's also the qmail-verh
patch. This allows substitution of the recipient local/host parts
into the message. Useful for inserting a customized mailto: URL for
list-unsubscribe into the body of the message. Bernhard Graf has a fix for input
buffer boundary problems.
- Bruce Guenter has written a patch which
causes any program that would run qmail-queue to look for an
environment variable QMAILQUEUE. If it
is present, it is used in place of the string "bin/qmail-queue" when
running qmail-queue. This could be used, for example, to add a
program into the qmail-smtpd->qmail-queue pipeline that could do
filtering, rewrite broken headers, etc.
- Bart Hartgers and Franz Sirl have worked
on a patch
to qmail-pop3d. It adds support for Maildir's cur/new directories.
It inserts Status: headers. It strips the :info part for UIDL.
- Mrs. Brisby has written a
user/password based authentication
mechanism for qmail-smtpd. This lets your microsoft's outlook express
supports (outgoing mail server user name) and netscape 4.5 (and
above-betas) users securely roam. Users can use a slightly modified
version of their own checkpassword.c program as outlined in my own vchkpw.c that I use.
Also, two very simple perl scripts to perform pop3-based
authentication for qmail.
- Krzysztof Dabrowski has made some improvements to
Mrs. Brisby's smtp-auth, to let it work with CRAM-MD5
and PLAIN.
- Eric M. Johnston's YAQSAP
(Yet Another qmail SMTP AUTH Patch).
- Frederik Vermeulen has written a patch implementing RFC2487
(starttls) in qmail (qmail-smtpd as server, qmail-remote as
client). This means you can get SSL or TLS encrypted
and authenticated SMTP between the
MTAs and between MTA and an MUA like Netscape4.5.
- Do you want to use starttls and smtp-auth at the
same time? The above patches conflict, so you'll need this patch. Neal Groothuis combined the newest versions of the starttls
and smtp-auth patches ( 20020526 and 0.31 respectively).
- Nagy Balazs wrote a patch to ensure that the domain name on the envelope sender
is a valid DNS name (local
copy by request of author). This ensures that you do not receive
email which you cannot bounce, should that prove necessary.
- Petri Kaukasoina wrote a little shared library which should help
qmail reliability
on Linux. Linux does not automagically fsync metadata
(information necessary tomake a file appear in the filesystem). It
only fsyncs metadata when the the directory is fsynced.
- Bruce Guenter's syncdir gives qmail bsd
fsync semantics on a Linux filesystem.
- Scott Moorhouse rewrote a patch (which someone had written earlier
and which I failed to publish here) to work around a Netscape bug, the
symptoms of which are that it does not know how big a message is, so
Netscape's download indicator
doesn't progress.
- Frank DENIS wrote a patch to truncate bounce
messages (local
copy, by author's request), on the off chance that the user may
have kept a copy of the email.
-
takeshi@SoftAgency.co.jp wrote MySQL +
QMAIL, including qmail-getpw-mysql and checkpassword-mysql, to
look up users in a mysql database. Iain Patterson has
improved on MySQL +
QMAIL.
- Also see sql-gpw and sql-cpw.
- Michael Devogelaere's qmail-sql now checks whether a
user exists before accepting mail. It replaces his old
qmail+pgsql.
- The prolific Bruce Guenter has written qmail-qfilter, which is
a front end for qmail-queue that can send the body of the message
through one or more filters, such as qmail-inject or new-inject.
-
Matthias Andree has a patch to allow qmail's sendmail wrapper to ignore the -N dsn
option that sendmail has, for compatibility with MUAs that use the
-N dsn switch (mutt can do)
- Ward Vandewege wrote a patch
to implement badrcptto, in the
same vein as badmailfrom.
- Russ Nelson updated his
changes to qmail-remote to send using
QMTP. If you wish to receive mail via qmtp, run qmtpd.
- Gerrit Pape has Debian packages.
- qmail ought to recognize 0.0.0.0
as a local IP address. This
patch from Scott Gifford implements that change.
- Klaus Reimer has code to change
the appearance of bounce
messages. Note that this has the potential to break QSBMF.
- Scott Woods has qmail running on
a Cray. It took some patching
to make it run on UNICOS, but it's running.
- Scott Gifford's moreipme
patch is available. This solves the problem seen when a host
has more IP addresses than it knows about. This happens in particular
when you have an IP masquerading load balancer in front of a host.
- Mark Delaney noted that he was getting spam with a
null envelope sender. That by itself is insufficient reason to reject
the email. However, when the spam has multiple envelope recipients,
it cannot be a bounce message. So, Charles
Cazabon wrote a patch to enforce single
recipients on bounces.
- André Oppermann fixed the silly qmail
syndrome. That's where qmail spends more time processing
incoming email than scheduling deliveries.
- Bjoern Kalkbrenner has improved
the smtp-auth
client patch so it works with multiple users. This is of most
use for a desktop qmail installation which needs to relay mail through
a server that requires authentication. The original
author was Jay Soffian (documentation,
patch). Last
person to touch that patch was Robert Sanders, but I must have missed
his additions because I had no link to his version here.
- Giacomo Cariello has OpenBSD Qmail Ports, even though
Theo has removed them from portstree.
- Adrian Ho has increased qmail-remote's compliance with
RFC2821. Some smtp servers are now emitting 5XX responses from the
get-go, and mere RFC821 behavior doesn't deal well with them.
- James Raftery wants the canonicalized hostname in
the logfile, so he can see the real envelope recipients of
messages after host name canonicalization. If you send a mail to me
at lecter@www.redbroock.dcu.ie, your logs will show 'to remote
lecter@www.redbrook.dcu.ie' but qmail-remote will actually use
'lecter@prodigy.redbrook.dcu.ie' in the RCPT TO command.
- Miguel Beccari has QmailToaster RPM
packages. Features: Mail Server (pop3, pop3-ssl, imap4, imap-ssl,
smtp, smtp-ssl), Web Administration Tools (vpopmail, vqadmin), Web
Mail Client (horde), Mailing lists(ezmlm), Autoresponder, Antispam.
|
| |
|
[index]
[index]
[index]
|
Anti-spam techniques and code |
|
|
|
|
| |
|
|
-
Chris Hardie has written a qmail anti-spam
howto.
- Dan's rblsmtpd blocks spam using the RBL and other
DNS-based lists. Because of the size of the RSS zone, they have
removed the necessary TXT records that rblsmtpd relies on. Alan Curry
has a patch to rblsmtpd to make it work with
A records.
- Russell
Nelson has a pair of programs to help keep
spam out of your mailbox.
- Jason R. Mastaler has improved TMDA, an anti-spam system.
- Lionel Widdifield wrote an anti-spam patch. Someone made some
improvements to Lionel's patch, which Lindsay Haisley has ported to qmail 1.03.
- qregex provides
full regexp matching on envelope addresses.With REs (Regular
Expresions) it becomes quite easy to filter out email addresses that
contain invalid characters or simply aren't a real address.
- Chris
Johnson has a patch to implement tarpitting in
qmail-smtpd. If you don't know what tarpitting is, it's the practice
of inserting a small sleep in an SMTP session for each RCPT TO after
some set number of RCPT TOs. The idea is to thwart spammers who would
hand your SMTP server a single message with a long list of RCPT
TOs.
- Andrew Pam has an automated anti-spam badmailfrom
script called adbait.pl.
- Nagy Balazs wrote a patch to ensure that the domain name on the envelope sender
is a valid DNS name (local
copy by request of author). This is not terribly effective
against spammers, but I list it here because some people want it.
- Jon Rust wrote qrblcheck, which reads
a message on stdin, grabs the IP address from the Received lines and
checks it against five different DNS-based spamlists.
- Jay Soffian has a qmail-queue
replacement to filter against DNS spamlists..
It uses Bruce Guenter's QMAILQUEUE patch.
Matching email is not rejected, but instead an X-RBL: header is added,
for filtering at the delivery layer.
- O'Shaughnessy Evans has a set of
shell scripts that comprise a spam-filtering system called "spamrule".
- Ask Bjørn Hansen wrote qpsmtpd, a smtp server
with filtering tools. It's written in perl.
- Erwin Hoffman's SPAMCONTROL combines many spam control features.
- EnderUNIX Team wrote spamGuard, which
scans your log files for "too much" email from a particular user, and
adds them to badmailfrom.
- Russell Nelson has a patch to reject relay probes generated by
so-called anti-spammers. These relay probes have '!', '%' and '@'
in the local (username) part of the address.
- Dale Woolridge, James Law, and
Moto Kawasaki have created spam throttle, a
qmail-smtpd patch which inserts a sleep after the DATA command when a
client's throughput is too high.
- James Grinter has instructions on
using
SpamAssassin. It's a script that runs from a .qmail file.
- Chris Kennedy has written the BlackHole
spam/virus filter.
- Noel Mistula wrote checkhab, which checks
for HTML, attachments, and binaries in email, and blocks them.
- Gerrit Pape wrote qconfirm, a delivery
confirmation process for a mail address.
- Chris Johnson wrote qdated to create and
verify timestamped e-mail addresses. These addresses expire after a
user-configurable period of time; any mail sent to an expired address
will bounce.
- Roger Merchberger has some
techniques to deal with double-bouncing
email.
|
| |
|
[index]
Send kudos/brickbats to Russell
Nelson. Some design contributed by Steve Cole
and Olivier Mueller. Some lint'ing by Paul Theodoropoulos.
Last modified: Wed Dec 4 12:03:52 EST 2002
Gratuitious blank lines added so that top.html#link works.
|