Qmail, Courier Imap (with SSL), Vpopmail, and Squirrelmail

General Information

Hosting your own e-mail is a handy thing. This guide will show you how to set up a secure mail server using qmail, vpopmail, qmailAdmin for user management, and smtp-auth so only valid users can send mail.

Requirements

This presumes that you are building this on an ‘empty’ box – no previous openbsd install, etc.

  • An OpenBSD box. – Install OpenBSD 3.4 Release without X (make sure that you give /home and /var/www thier own partitions)
  • A valid domain to use.
  • Local root access on the box or be able to su to root.
  • A SSH client such as puTTy or SecureCRT (if you are setting it up remotely).

Preparation

Section A — update the source tree

# cd /usr/src
# cvs -d anoncvs@anoncvs.ca.openbsd.org:/cvs -q up -rOPENBSD_3_4 -Pd

or you can use cvsup:

# set PKGSITE ftp.openbsd.org/pub/openbsd/3.4/packages/i386
# pkg_add -v $PKGSITE/cvsup-16.1g-no_x11.tgz

Section B — rebuild the default kernel from stable

# cd /usr/src/sys/arch/i386/conf
# /usr/sbin/config GENERIC
# cd /usr/src/sys/arch/i386/compile/GENERIC
# make clean && make depend && make

To reboot with the newly compiled kernel:

# cd /usr/src/sys/arch/i386/compile/GENERIC
# cp /bsd /bsd.old
# cp bsd /bsd
# reboot

Section C — Rebuilding the binaries

# cd /usr/src
# rm -r /usr/obj/*
# make obj && make build

Section D — Install/Run MergeMaster

Yes, make this from ports, there are dependencies you’ll need later for other things.

# cd /usr/ports/sysutils/mergemaster
# make install clean
# cd /
# mergemaster

Make sure that you don’t mangle your password db. If you do, you have 2 choices: 1. Boot single user mode and change the root password or 2. Restart from step 0.

Section E — Make new devices

# cd /dev
# cp /usr/src/etc/etc.'machine'/MAKEDEV ./
# ./MAKEDEV all

Section F — Fixup the file heirarchy

# cd/usr/src/etc/mtree
# install -c -o root -g wheel -m 600 special /etc/mtree
# install -c -o root -g wheel -m 444 4.4BSD.dist /etc/mtree
# mtree -qdef /etc/mtree/4.4BSD.dist -p / -u

Section G — Clean up the cruft from the source tree

# cd /usr/src
# find . -type l -name obj | xargs rm
# make -k cleandir
# rm -rf /usr/obj/*
# make obj

Section H — Add new users and groups and setup for the next boot

It’s time to create the working users and groups

# groupadd -g 200 nofiles
# useradd -g nofiles -u 201 -d /var/qmail qmaild
# useradd -g nofiles -u 202 -d /var/qmail qmaill
# useradd -g nofiles -u 203 -d /var/qmail qmailp
# useradd -g nofiles -u 204 -d /var/qmail/alias alias
# groupadd -g 205 qmail
# useradd -g qmail -u 206 -d /var/qmail qmailq
# useradd -g qmail -u 207 -d /var/qmail qmailr
# useradd -g qmail -u 208 -d /var/qmail qmails
# mkdir /home/vpopmail
# groupadd -g 210 vchkpw
# useradd -g vchkpw -u 211 -d /home/vpopmail -s /sbin/nologin vpopmail
# mkdir -p /var/log/qmail
# cd /var/log/qmail
# mkdir qmail-send qmail-smtpd qmail-pop3d
# chown -R qmaill:qmail /var/log/qmail
# chmod -R 750 /var/log/qmail
# mkdir -p /var/qmail/supervise
# cd /var/qmail/supervise
# mkdir -p qmail-smtpd/log qmail-send/log qmail-pop3d/log
# chmod +t qmail-smtpd qmail-send qmail-pop3d

The pflogd(8) daemon now runs in privilege separated mode, and requires a new user and group _pflogd. Add the group by running

# groupadd -g 74 _pflogd

as root, and add the user entry using vipw(8):

# vipw _pflogd:*:74:74::0:0:pflogd privsep:/var/empty:/sbin/nologin

If you plan on running without SSL, run:

# echo "sendmail_flags=NO" >> /etc/rc.conf.local
# echo "httpd_flags=\"-u\"" >> /etc/rc.conf.local

If you plan on running an SSL-enabled website, run:

# echo "sendmail_flags=NO" >> /etc/rc.conf.local
# echo "httpd_flags=\"-u -DSSL\"" >> /etc/rc.conf.local

Section I — Reboot the machine

# halt

or

# reboot

Whichever suits your needs (I’ve seen machines that refuse to reboot without issueing halt first)

Section J — Change some partition permissions

Open your /etc/fstab to make sure of the permissions on /home, /var, and /var/www directories

# vi /etc/fstab
# /dev/wd0e /home ffs rw,nodev 1 2
# /dev/wd1e /var ffs rw,nodev 1 2
# /dev/wd1f /var/www ffs rw,nodev 1 2

Make sure that you REMOVE the setuid bit on these partitions

Section K — Setup your code repository and get the source

# mkdir -p /usr/local/src
# cd /usr/local/src
# wget http://cr.yp.to/software/qmail-1.03.tar.gz
# wget http://www.ckdhr.com/ckd/qmail-103.patch
# wget http://www.qmail.org/qmailqueue-patch
# wget http://www.jms1.net/qmail/auth-jms1.4a.patch
# wget http://www.jms1.net/qmail/base64.c
# wget http://www.jms1.net/qmail/base64.h
# wget http://moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.errno.patch
# wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
# wget http://www.untroubled.org/bglibs/bglibs-1.011.tar.gz
# wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
# wget http://cr.yp.to/software/qmailanalog-0.70.tar.gz
# wget http://linux.dalouis.com/download/source/ezmlm-0.53-idx-0.41.tar.gz
# wget http://www.untroubled.org/qmail-autoresponder/qmail-autoresponder-0.96.1.tar.gz
# wget http://www.untroubled.org/bglibs/bglibs-1.011.tar.gz
# wget http://www.inter7.com/vpopmail/vpopmail-5.2.2.tar.gz
# wget http://www.inter7.com/vqadmin/vqadmin-2.3.2.tar.gz
# wget http://umn.dl.sourceforge.net/sourceforge/courier/courier-imap-2.2.1.tar.bz2
# wget http://umn.dl.sourceforge.net/sourceforge/courier/maildrop-1.6.3.tar.bz2
# wget http://www.inter7.com/qmailadmin/qmailadmin-1.0.6.tar.gz
# wget http://umn.dl.sourceforge.net/sourceforge/squirrelmail/squirrelmail-1.4.2.tar.gz
# wget http://activeintra.net/openbsd/ports/security/clamav.tgz
# wget http://www.spamassassin.org/released/Mail-SpamAssassin-2.63.tar.gz
# wget http://twtelecom.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-1.20.tgz
# wget http://twtelecom.dl.sourceforge.net/sourceforge/tnef/tnef-1.2.3.1.tar.gz

Installation

Section A — Install wget, bzip2, zip, and php4

# cd /usr/ports/net/wget
# make install clean
# cd /usr/ports/archivers/bzip2
# make install clean
# cd /usr/ports/archivers/zip
# make install clean
# cd /usr/ports/www/php4
# cd core
# env SUBPACKAGE='-pear' make install

These next two entries are optional:

# cd ../extensions
# env FLAVOR="no_x11" make install

Take a break, this takes *forever*!

Section B — Start with qmail

# cd /usr/local/src
# tar zxf qmail-1.03.tar.gz
# cd qmail-1.03
# patch < ../qmail-103.patch
# patch < ../qmailqueue-patch
# cp ../base64* ./
# patch < ../auth-jms1.4a.patch
# patch < ../qmail-1.03.errno.patch
# vi conf-split (change to 200)
# vi conf-spawn (change to 255)
# make man
# make setup check
# ./config-fast your-fqdn-hostname (ex: mail.example.org)

Section C -- ucspi-tcp

# cd /usr/local/src
# tar zxf ucspi-tcp-0.88.tar.gz
# cd ucspi-tcp-0.88
# make
# make setup check

Section D -- daemontools

# cd /usr/local/src
# mkdir -p /package
# chmod 1755 /package
# cd /package
# tar zxf /usr/local/src/daemontools-0.76.tar.gz
# cd admin/daemontools-0.76
# package/install

You'll be prompted to reboot. It's a real good idea.

Section E -- QmailAnalog

# cd /usr/local/src
# tar zxf qmailanalog-0.70.tar.gz
# cd qmailanalog-0.70
# make
# make setup check

Now we need to edit some configuration settings:

# vi /var/qmail/qmailstats

#!/bin/sh
# Qmailanalog invocation script
PATH=/usr/local/qmailanalog/bin:/var/qmail/bin:/bin:/usr/bin
QMAILSTATS="/tmp/q.$$"
umask 077
cat /var/log/qmail/qmail-send/* /var/log/qmail/qmail-pop3d/* \
/var/log/qmail/qmail-smtpd/* | matchup > $QMAILSTATS 5>/dev/null

DATE=`date +'%D'`

(echo "To: server_admin@mydomain.com"
echo "From: postmaster@mydomain.com"
echo "Subject: Nightly Qmail Stats Report for $DATE"
echo ""
zoverall < $QMAILSTATS
zfailures < $QMAILSTATS
zdeferrals < $QMAILSTATS) | qmail-inject

rm -f $QMAILSTATS

Change mydomain.com to your domain.name

# crontab -e
# 01 0 * * * /var/qmail/qmailstats

Section F -- ezmlm

# cd /usr/local/src
# tar zxf ezmlm-0.53-idx-0.41.tar.gz
# cd ezmlm-0.53-idx-0.41
# make
# make setup

Section G -- bglibs

# cd /usr/local/src
# tar zxf bglibs-1.011.tar.gz
# cd bglibs-1.011
# make
# ./installer

Section H -- Qmail-AutoResponder

# cd /usr/local/src
# tar zxf qmail-autoresponder-0.96.1.tar.gz
# cd qmail-autoresponder-0.96.1
# make qmail-autoresponder (do not do just make, it will fail!!)
# cp ./qmail-autoresponder /usr/local/bin
# chmod 755 /usr/local/bin/qmail-autoresponder

Section I -- Vpopmail

# cd /usr/local/src
# tar zxf vpopmail/vpopmail-5.2.2.tar.gz
# cd vpopmail-5.2.2
# ./configure --enable-logging=p
# make
# make install strip

Section J -- Vqadmin

This is a nice cgi program for virtual domains in vpopmail.

# cd /usr/local/src
# tar zxf vqadmin-2.3.2.tar.gz
# cd vqadmin-2.3.2
# ./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/htdocs
# make
# make install-strip

Now we need to configure apache to work with vqadmin. Add the following:

# vi /var/www/conf/httpd.conf

# 
# deny from all
# Options ExecCGI
# AllowOverride AuthConfig
# Order deny,allow
# 

Time to set up the admin username and password:

# cd /var/www/cgi-bin/vqadmin
# vi .htaccess

# AuthUserFile /usr/local/blahblahblah/conf/vqadmin.passwd

# chown .htaccess
# chmod 644 .htaccess
# htpasswd -bc /path/to/where/the/password/file/is/passwordfile admin
# chmod 644 /path/to/where/the/password/file/is/passwordfile

Now open a browser (anything execpt lynx) and go to: http://your.server.name.here/cgi-bin/vqadmin/vqadmin.cgi and you will be prompted for a username and password which you just created above. Now create your domain. vqadmin will create the postmaster@ mailbox for you.

Section K -- MailDrop

# cd /usr/local/src
# bzip2 -d maildrop-1.6.3.tar.bz2
# tar xf maildrop-1.6.3.tar
# cd maildrop-1.6.3
# ./configure --prefix=/usr/local --exec-prefix=/usr/local --enable-maildrop-uid=root \
# --enable-maildrop-gid=vchkpw --enable-maildir-quota
# make
# make install-strip
# make install-man

Section L -- QmailAdmin

# cd /usr/local/src
# tar zxf qmailadmin-1.0.6.tar.gz
# cd qmailadmin-1.06
# ./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/htdocs \
# --enable-autoresponder-bin=/usr/local/bin/qmail-autoresponder
# make
# make install-strip

Configuration

Section A -- Replace sendmail binaries

Now we need to configure qmail to work with daemontools. We will use qmail-conf for this. The last line is to remove the auto start script the ports install added. Not needed if we are gonna use daemontools.

# cd /usr/sbin
# mv sendmail sendmail.dist
# chmod 0 sendmail.dist
# ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
# cd /usr/libexec/sendmail
# mv sendmail sendmail.dist
# chmod 0 sendmail.dist
# ln -s /var/qmail/bin/sendmail /usr/libexec/sendmail/sendmail
# crontab -e

Comment out the following line about the sendmail clientmqueue runner:

#  */30 * * * * /usr/sbin/sendmail -L sm-msp-queue -Ac -q

Don't worry about any system generated mail because it will still get to you via qmail's version of sendmail.

Section B -- Finalize Qmail

In ALL of the following scripts, you need to change yourdomain.com to your valid domain name for these to work!

# vi qmail-pop3d/run

# #!/bin/sh
# PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
# export PATH
# exec tcpserver -H -R -v -c100 0 110 qmail-popup yourdomain.com
# /usr/home/vpopmail/bin/vchkpw qmail-pop3d Maildir 2>&1

# vi qmail-pop3d/log/run

# #!/bin/sh
# PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
# export PATH
# exec setuidgid qmaill multilog t s100000 n20 /var/log/qmail/qmail-pop3d 2>&1

# vi qmail-smtpd/run

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open relay"
exit 1
fi
exec /usr/local/bin/softlimit -m 2000000
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD"
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp
/var/qmail/bin/qmail-smtpd your_domain.com
/usr/home/vpopmail/bin/vchkpw /usr/bin/true 2>&1

# vi qmail-smtpd/log/run

#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
export PATH
exec setuidgid qmaill multilog t s100000 n20 /var/log/qmail/qmail-smtpd 2>&1

 # vi qmail-send/run

#!/bin/sh
exec /var/qmail/rc

 # vi qmail-send/log/run

#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
export PATH
exec setuidgid qmaill multilog t s100000 n20 /var/log/qmail/qmail-send 2>&1

# vi /var/qmail/rc

#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH"
qmail-start "`cat /var/qmail/control/defaultdelivery`"

# vi /var/qmail/bin/qmailctl

#!/bin/sh
PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH

QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`

case "$1" in
start)
echo "Starting qmail..."
echo ""
if svok /service/qmail-send ; then
svc -u /service/qmail-send /service/qmail-send/log
echo "Starting qmail-send"
else
echo "qmail-send supervise not running"
fi
if svok /service/qmail-smtpd ; then
svc -u /service/qmail-smtpd /service/qmail-smtpd/log
echo "Starting qmail-smtpd"
else
echo "qmail-smtpd supervise not running"
fi
if svok /service/qmail-pop3d ; then
svc -u /service/qmail-pop3d /service/qmail-pop3d/log
echo "Starting qmail-pop3d"
else
echo "qmail-pop3d supervise not running"
fi
if [ -d /var/lock/subsys ]; then
touch /var/lock/subsys/qmail
fi
;;
stop)
echo "Stopping qmail..."
echo ""
echo " qmail-smtpd"
svc -d /service/qmail-smtpd /service/qmail-smtpd/log
echo " qmail-send"
svc -d /service/qmail-send /service/qmail-send/log
echo " qmail-pop3d"
svc -d /service/qmail-pop3d /service/qmail-pop3d/log
if [ -f /var/lock/subsys/qmail ]; then
rm /var/lock/subsys/qmail
fi
;;
stat)
svstat /service/qmail-send
svstat /service/qmail-send/log
svstat /service/qmail-smtpd
svstat /service/qmail-smtpd/log
svstat /service/qmail-pop3d
svstat /service/qmail-pop3d/log
qmail-qstat
;;
doqueue|alrm|flush)
echo "Flushing timeout table and sending ALRM signal to qmail-send."
/var/qmail/bin/qmail-tcpok
svc -a /service/qmail-send
;;
queue)
qmail-qstat
qmail-qread
;;
reload|hup)
echo "Sending HUP signal to qmail-send."
svc -h /service/qmail-send
;;
pause)
echo "Pausing qmail-send"
svc -p /service/qmail-send
echo "Pausing qmail-smtpd"
svc -p /service/qmail-smtpd
echo "Pausing qmail-pop3d"
svc -p /service/qmail-smtpd
;;
cont)
echo "Continuing qmail-send"
svc -c /service/qmail-send
echo "Continuing qmail-smtpd"
svc -c /service/qmail-smtpd
echo "Continuing qmail-pop3d"
svc -c /service/qmail-pop3d
;;
restart)
echo "Restarting qmail:"
echo "* Stopping qmail-smtpd."
svc -d /service/qmail-smtpd /service/qmail-smtpd/log
echo "* Sending qmail-send SIGTERM and restarting."
svc -t /service/qmail-send /service/qmail-send/log
echo "* Sending qmail-pop3d SIGTERM and restarting."
svc -t /service/qmail-pop3d /service/qmail-pop3d/log
echo "* Restarting qmail-smtpd."
svc -u /service/qmail-smtpd /service/qmail-smtpd/log
;;
cdb)
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
chmod 644 /etc/tcp.smtp.cdb
echo "Reloaded /etc/tcp.smtp."
;;
help)

# make sure you use double < chars below. Its a wordpress bug
cat < HELP

stop -- stops mail service (smtp connections refused, nothing goes out)
start -- starts mail service (smtp connection accepted, mail can go out)
pause -- temporarily stops mail service (connections accepted, nothing leaves)
cont -- continues paused mail service
stat -- displays status of mail service
cdb -- rebuild the tcpserver cdb file for smtp
restart -- stops and restarts smtp, sends qmail-send a TERM & restarts it
doqueue -- schedules queued messages for immediate delivery
reload -- sends qmail-send HUP, rereading locals and virtualdomains
queue -- shows status of queue
alrm -- same as doqueue
flush -- same as doqueue
hup -- same as reload
HELP
;;
*)
echo "Usage: $0 {start|stop|restart|doqueue|flush|reload|hup|stat|pause|cont|cdb|queue|help}"
exit 1
;;
esac

exit 0

Now that the necessary startup files are created, we need to make sure the right permissions are set:

chmod 755 /var/qmail/rc
chmod 755 /var/qmail/rc /var/qmail/bin/qmailctl
chmod 751 /var/qmail/supervise/qmail-pop3d/run
chmod 751 /var/qmail/supervise/qmail-pop3d/log/run
chmod 751 /var/qmail/supervise/qmail-smtpd/run
chmod 751 /var/qmail/supervise/qmail-smtpd/log/run
chmod 751 /var/qmail/supervise/qmail-send/run
chmod 751 /var/qmail/supervise/qmail-send/log/run
echo ./Maildir > /var/qmail/control/defaultdelivery
echo 255 > /var/qmail/control/concurrencyremote
chmod 644 /var/qmail/control/concurrencyremote
echo 30 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/supervise/qmail-send /service
ln -s /var/qmail/supervise/qmail-smtpd /service
ln -s /var/qmail/supervise/qmail-pop3d /service
qmailctl stop
echo '127.:allow,RELAYCLIENT=""' > /etc/tcp.smtp
qmailctl cdb
echo 'postmaster@yourdomain.org' > /var/qmail/alias/.qmail-root
echo 'postmaster@yourdomain.org' > /var/qmail/alias/.qmail-postmaster
echo 'postmaster@yourdomain.org' > /var/qmail/alias/.qmail-mailer-daemon
echo 'postmaster@yourdomain.org' > /var/qmail/alias/.qmail-anonymous
qmailctl stop
qmailctl start

Section C -- Install Courier-IMAP & IMAP-SSL

cd /usr/local/src
bzip -d courier-imap-2.2.1.tar.bz2
tar xf courier-imap-2.2.1.tar
cd courier-imap-2.2.1
./configure --with-authvchkpw --without-authldap --disable-root-check
make
make install-strip
cd /usr/lib/courier-imap/etc
cp imapd.dist imapd
cp imapd-ssl.dist imapd-ssl
cp authdaemonrc.dist authdaemonrc

Make sure you see IMAPDSSLSTART=YES in imapd-ssl. Then run:

/usr/lib/courier-imap/libexec/imapd.rc start
/usr/lib/courier-imap/sbin/mkimapdcert
/usr/lib/courier-imap/libexec/imapd-ssl.rc start

Section D -- Install and Configure Squirrelmail
Squirrelmail was NOT my first choice here. Yes, it's pretty, and easy to setup, and feature-replete, but it's just too 'candy' like for my taste really. If anyone has knowledge of how to get Horde and Imp working with this kind of setup, drop me a note, would you? Thanks!

cd /var/www/htdocs
tar zxf /usr/local/src/squirrelmail-1.4.2.tar.gz
mv squirrelmail-1.4.2 webmail
cd webmail
mkdir /var/sqattach
chown -R www:www /var/sqattach
cd config
./conf.pl

Now we need to configure the server settings of Squirrelmail.

General:

  • Domain : your.domain.name
  • Invert Time : false
  • Sendmail or SMTP : SMTP

IMAP Settings

  • IMAP Server : localhost
  • IMAP Port : 143
  • Authentication type : login
  • Secure IMAP (TLS) : false
  • Server software : other
  • Delimiter : detect

SMTP Settings

  • SMTP Server : localhost
  • SMTP Port : 25
  • POP before SMTP : false
  • SMTP Authentication : login
  • Secure SMTP (TLS) : false

General Settings

  • Attachment Directory : /var/sqattach

Go test it. use the url http://www.yourdomain.here/webmail and login
login: postmaster@your.domainname
password: the password you chose when you created the domain

Section E -- ClamAV

cd /usr/ports/security
tar zxf /usr/local/src/clamav.tgz
cd clamav
make install clean
cp /usr/local/share/examples/clamav/clamav.conf /etc/clamav.conf
vi /etc/clamav.conf - edit to your liking
mv /usr/local/bin/clamdscan /usr/local/bin/clamdscan.dist
cp /usr/local/bin/clamscan /usr/local/bin/clamdscan

Create a crontab to keep the virus definitions up-to-date:

# crontab -e
0 8 * * * /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log --daemon-notify

Section F -- SpamAssassin

In order for SA to work correctly, you need the following perl modules installed:

  • Time::HiRes
  • Net::DNS
  • Digest::SHA1
  • Digest::HMAC
  • HTML::Parser
cd /usr/local/src
tar zxf Mail-SpamAssassin-2.63.tar.gz
cd Mail-SpamAssassin-2.6.3
perl Makefile.pl
make
make install
cd /var/qmail
mkdir .spamassassin
cd .spamassassin
echo 'required_hits 5.0' > user_prefs
chown -R qmailq:qmail /var/qmail/.spamassassin
lynx /usr/ports/mail/p5-Mail-SpamAssassin/file/p5-Mail-SpamAssassin-mini-howto.html
vi /etc/mail/spamassassin/local.cf  and edit to taste

Section G -- TNEF

cd /usr/local/src
tar zxvf tnef-1.2.3.1.tar.gz
cd tnef-1.2.3.1
./configure
make
make check
make install

Section H -- Qmail-Scanner

cd /usr/local/src
tar zxf qmail-scanner-1.20.tgz
cd qmail-scanner-1.2.0
./configure --admin postmaster --domain your.domain.here --notify admin \
--local-domains your.domain.here --install
setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g

You should see a line like 'perlscanner:total of 9 entries.'

The following line should be placed directly under #!/bin/sh

 # vi /var/qmail/supervise/qmail-smtpd/run

QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" export QMAILQUEUE

You also need to modify the 'softlimit' line to read 10000000.
We need to have qmail-scanner run a few tests and you will be emailed with the results.

cd /usr/local/src/qmail-scanner-1.20/contrib
./test_intallation.sh -doit

Section I -- Configure /etc/rc.local to start all the newly installed services

Remove the following line from rc.local

csh -cf '/command/svscanboot &'

Now add the following lines to rc.local for all services to start upon system boot:

### DaemonTools for starting Qmail
if [ -x /command/svscanboot ]; then
echo ' Qmail SMTP POP3';csh -cf '/command/svscanboot &' >/dev/null 2>&1
fi
### courier-imap
echo ' Courier-IMAP';
/usr/lib/courier-imap/libexec/imapd.rc start

### courier-imap ssl
echo ' Courier-IMAP SSL';
/usr/lib/courier-imap/libexec/imapd-ssl.rc start
### spamassassin
if [ -x /usr/bin/spamd ]; then
echo ' SpamAsassin';
/usr/bin/spamd -u _spamdaemon -d
fi

Congratulations, you now have a complete OpenBSD mail server. Just reboot and you are done.

# halt  or reboot

Watch the console when you reboot, you should see the following lines appear shortly before the login prompt:

Qmail SMTP POP3
Courier-IMAP
Courier-IMAP SSL
SpamAssassin

Speak Your Mind

*