/Guides/FreeBSD/Mailserver/

General Information

Hosting your own e-mail is a handy thing.  This guide will show you how to set up a secure mail server using qmail, vpopmail, qmailAdmin for user management, and smtp-auth so only valid users can send mail.

Requirements

1. A FreeBSD box.
   
2. A valid domain to use.
   
3. Local root access on the box or be able to su to root.
   
4. A SSH client such as puTTy or SecureCRT (if you are setting it up remotely).

Installation

qmail with auth patch

First, we start off by installing qmail -- this is, after all, the main program that makes up the entire server.  First thing we want to do is extract the source so we can apply the qmail auth patch.  This allows us to have a smtp server that can relay for certain people only.

# #	cd /usr/ports/mail/qmail make extract

Now we want to change to the working directory for qmail.  I am using wget to download the file, but you can use any program that gets the file and saves it in the current directory as qmail-smtpd.c

# # #

cd ./work/qmail-1.03 wget http://www.bsdguides.org/downloads/freebsd/qmail-smtpd-auth.patch patch < qmail-smtpd-auth.patch

That is it for the patching.  Now we need to compile and install. Kill sendmail, and then use the force-enable-qmail directive to force it to use qmail instead of sendmail on boot, and also to replace some other binaries that sendmail uses, so that you do not break any scripts. We also add a value to make.conf so that a buildworld will not undo what we just did.

# # # # #

cd ../.. killall -9 sendmail make fetch all install force-enable-qmail WITH_QMAILQUEUE_PATCH=yes WITH_BIG_TODO_PATCH=yes \ WITH_BIG_CONCURRENCY_PATCH=yes WITH_OUTGOINGIP_PATCH=yes echo 'no_sendmail="YES"' >> /etc/make.conf

tcpserver ( ucspi-tcp )

Nice and simple

# #	cd /usr/ports/sysutils/ucspi-tcp make install clean

Daemontools

In order to make the administration of the individual mail programs easier (POP3, SMTP, etc), daemontools will be used.  In the case that a daemon/service is brought down or ended, daemontools will make sure that it is restarted within 5 seconds ( Thusly, killing your mail services would be senseless ).

# # #

cd /usr/ports/sysutils/daemontools make install clean echo 'svscan_enable="YES"' >> /etc/rc.conf

Binc-Imap

Binc-Imap is a IMAP server, it is specifically geared for usage with qMail, and works very well with vpopmail

# #	cd /usr/ports/mail/bincimap/ make install

vpopmail

The tools we can use to add new accounts and easily manage domains -- Remove users, add mailing lists and more. We set WITH_DOMAIN_QUOTA's so that we can set a quota for a whole domain, and single users. Adding spamassassin with the Alex Dupre patch is a nice way to get rid of unwanted ads and whatnot. Set SPAM_THRESHOLD to any number you want. Anything that is tagged as spam and is over this amount in points, will cause the mail to be deleted.

# #	cd /usr/ports/mail/vpopmail make install clean -DWITH_DOMAIN_QUOTAS -DWITH_SPAMASSASSIN SPAM_THRESHOLD=10

qmailAdmin

This will enable us to administrate the users and mailing lists over HTTP.  Note: This requires you to have apache installed and running. Please remember that the paths are relative to /usr/local, so if you want it to be in /usr/home/user/cgi-bin/ you need to make the CGIBINDIR=../home/user/cgi-bin/.

# #	cd /usr/ports/mail/qmailadmin make all install clean CGIBINDIR=www/cgi-bin-dist WEBDATADIR=www/data-dist

Replace CGIBINDIR=www/cgi-bin-dist with the correct path to your CGI-BIN, relative to /usr/local, if you changed it from the standard one which is created when you install Apache. The same thing for WEBDATADIR.

Configuration

qmail

Now we need to configure qmail to work with daemontools.  We will use qmail-conf for this.  The last line is to remove the auto start script the ports install added.  Not needed if we are gonna use daemontools.

# # #

cd /usr/ports/mail/qmail-conf/ make install clean rm /usr/local/etc/rc.d/qmail.sh

Now lets insert some important info into some important files.  This way qmail is happy.

# # #

hostname > /var/qmail/control/me hostname | sed "s/`hostname -s`.//g" > /var/qmail/control/defaultdomain hostname | sed "s/`hostname -s`.//g" > /var/qmail/control/plusdomain

Now let's do the actual configuring.

# # # # # # # # # # # # # # # # # # # # # # # # # # # #

/var/qmail/bin/qmail-pop3d-conf /usr/local/vpopmail/bin/vchkpw qmaill /var/qmail/service/pop3d cd /var/qmail/service/pop3d/ echo ":allow" > tcp echo "200" > env/CONCURRENCY make /var/qmail/bin/qmail-smtpd-conf qmaild qmaill /var/qmail/service/smtpd cd /var/qmail/service/smtpd/ echo "200" > env/CONCURRENCY echo '127.0.0.1:allow,RELAYCLIENT=""' > tcp echo ":allow" >> tcp make cat run | sed "/qmaild/s//root/" > run.new mv run.new run cat run | sed "/\/var\/qmail\/bin\/qmail-smtpd/s//\/var\/qmail\/bin\/qmail-smtpd {vpopmail}/" > run.new mv run.new run cat run | sed "/{vpopmail}/s//\/usr\/local\/vpopmail\/bin\/vchkpw {bintrue}/" > run.new mv run.new run cat run | sed "/{bintrue}/s//\/usr\/bin\/true/" > run.new mv run.new run chmod +x run echo '#\!/bin/sh' > /var/qmail/rc echo 'exec env - PATH="/var/qmail/bin:$PATH" \' >> /var/qmail/rc echo 'qmail-start ./Maildir/ /usr/local/bin/multilog t /var/log/qmail qmaill' >> /var/qmail/rc chmod 755 /var/qmail/rc /var/qmail/bin/qmail-delivery-conf qmaill /var/qmail/service/qmail mkdir /var/log/qmail chmod 750 /var/log/qmail chown qmaill /var/log/qmail

Spamassassin

This is not an complete guide, and it is just an easy way to get you going. Put the following in: /usr/local/etc/mail/spamassassin/local.cf

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

cat << EOF > /usr/local/etc/mail/spamassassin/local.cf # How many hits before a message is considered spam. required_hits           5.0 # Whether to change the subject of suspected spam rewrite_subject         1 # Text to prepend to subject if rewrite_subject is used subject_tag             *****SPAM***** # Encapsulate spam in an attachment report_safe             2 # Use terse version of the spam report use_terse_report        0 # Enable the Bayes system use_bayes               1 #bayes_path             /usr/local/vpopmail/.spamassassin # Enable Bayes auto-learning auto_learn              1 # Enable or disable network checks skip_rbl_checks         0 use_razor2              1 use_dcc                 1 use_pyzor               1 # How long to wait for each rbl_timeout             5 razor_timeout           5 pyzor_timeout           5 check_mx_attempts       1 # We dont want to check if DNS is available, we know it is dns_available           yes # Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. ok_languages            all # Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales              all EOF

Once I get time, I'll write a guide on most of the functions, and what you can do and add to make your SA perform better. Now to get SA started, and keep it running forever (SA is known to crash, and or just die), we add it to deamontools, just as we are going to do that with qmail later on in this guide.

Binc-IMAP

This is binc-imap with basic functionality. I will not bother to get a self signed SSL cert going or other stuff like that. If you need such functionality you can read the binc-imap support/help files.

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

cat << EOF > /usr/local/etc/bincimap/bincimap.conf /* -*- mode:java -*- */ // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation; either version 2 of the License, or // (at your option) any later version. // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Street #330, Boston, MA 02111-1307, // USA. // Global configuration file for Binc IMAP. Some settings in this file // can be overrun with command line arguments. //---------------------------------------------------------------------------- Authentication {         allow plain auth in non ssl = "yes",         auth penalty = 4,         disable starttls = "yes" } //---------------------------------------------------------------------------- Security {         jail path = "/usr/local/vpopmail/domains",         jail user = "vpopmail",         jail group = "vchkpw" } //---------------------------------------------------------------------------- Log {         type = "multilog",         environment ip variable = "TCPREMOTEIP" } //---------------------------------------------------------------------------- Mailbox {         depot = "IMAPdir",         type = "Maildir",         path = "IMAPdir",         auto create inbox = "yes",         auto subscribe mailboxes = "INBOX",         umask = "077" } //---------------------------------------------------------------------------- Session {         idle timeout = 1860,         auth timeout = 60,         transfer timeout = 1200,         transfer buffer size = 1024 } //---------------------------------------------------------------------------- EOF chmod uog+r-wx /usr/local/etc/bincimap/bincimap.conf

For more info about this file please read /usr/local/etc/bincimap/bincimap.conf.sample. The last command is just to set the config file to read only for owner group and user, that way it can't be changed unless you have root privileges.
Next up we have to write a little script to automatically add some directories so that binc-imap can create folders and its cache files.

Run this script everytime you added a user using qmailadmin or by using the commandline tools. It creates the .spamassassin dirs, and a IMAPdir which binc-imap uses. Now, if the user creates folders they will have to keep using IMAPdir to access those mails, but otherwise they can switch between IMAP and pop3, as both of them can access their Maildir. Ignore any errors it generates because of trying to create the same folder twice. Everything is good.

# # # # # # # # # # # # # # # # # # # # # # #

cat << EOF > /usr/local/vpopmail/domains/imapdir.sh #!/bin/sh OLDPWD=\$PWD for i in \`find /usr/local/vpopmail/domains/ -type d -maxdepth 1 | grep -v '^.\$'\`; do         cd \$i                 for e in \`find . -type d -maxdepth 1 | grep -v '^.\$'\`; do                         cd \$e                         mkdir IMAPdir                         chmod 700 IMAPdir                         chown vpopmail:vchkpw IMAPdir                         cd IMAPdir                         ln -s ../Maildir INBOX                         cd ..                         mkdir .spamassassin                         chmod 700 .spamassassin                         chown vpopmail:vchkpw .spamassassin                         cd ..                 done         cd .. done cd \$OLDPWD EOF chmod +x /usr/local/vpopmail/domains/imapdir.sh

Create the run and log run files needed for spamassassin and binc-imap.

# # # # # # # # # # # # # # # # # # # # # #

mkdir /var/spamd-service cd /var/spamd-service echo "#\!/bin/sh" > run echo "exec 2>&1" >> run echo "exec /usr/local/bin/spamd -c -v -u vpopmail -s stderr" >> run chmod +x run mkdir log cd log cat << EOF > run #!/bin/sh exec setuidgid qmaill \ multilog \         t \         \${MAXFILESIZE+"s\$MAXFILESIZE"} \         \${MAXLOGFILES+"n\$MAXLOGFILES"} \         \${PROCESSOR+"!\$PROCESSOR"} \         ./main EOF mkdir main chown qmaill:qmail main chmod +s main chmod +x run

And we also have to add an entry for Binc-Imap. It is just like all of the other services so far started from deamontools

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

mkdir /var/qmail/service/binc-imap cd /var/qmail/service/binc-imap/ cat << EOF > run #!/bin/sh exec 2>&1 \ envdir ./env \         sh -c '                 case "\$REMOTENAME" in h) H=;; p) H=p;; *) H=H;; esac                 case "\$REMOTEINFO" in r) R=;; [0-9]*) R="t\$REMOTEINFO";; *) R=R;; esac                 exec \                         softlimit \${DATALIMIT+"-d\$DATALIMIT"} \                                 /usr/local/bin/tcpserver \                                         -vD"\$H\$R" \                                         \${LOCALNAME+"-l\$LOCALNAME"} \                                         \${BACKLOG+"-b\$BACKLOG"} \                                         \${CONCURRENCY+"-c\$CONCURRENCY"} \                                         -xtcp.cdb \                                         -- "\${IP-0}" "\${PORT-143}" \                                                 /usr/local/bin/bincimap-up --logtype=multilog \                                                         --conf=/usr/local/etc/bincimap/bincimap.conf -- \                                                                         /usr/local/vpopmail/bin/vchkpw \                                                                                 /usr/local/bin/bincimapd ' EOF chmod +x run mkdir env cd env touch BACKLOG CONCURRENCY DATALIMIT IP LOCALNAME MAILDIRNAME POPUPHOST REMOTEINFO REMOTENAME echo "200" > CONCURRENCY echo "500000" > DATALIMIT cd .. echo ":allow" > tcp /usr/local/bin/tcprules tcp.cdb tcp.tmp < tcp mkdir log cd log cat << EOF > run #!/bin/sh exec setuidgid qmaill \ multilog \         t \         \${MAXFILESIZE+"s\$MAXFILESIZE"} \         \${MAXLOGFILES+"n\$MAXLOGFILES"} \         \${PROCESSOR+"!\$PROCESSOR"} \         ./main EOF mkdir main chown qmaill:qmail main chmod +s main chmod +x run

Next we have to add entries so that once we start daemontools it is able to start up all the processes needed for qmail to work.

# # # # # #

mkdir /var/service ln -s /var/qmail/service/pop3d /var/service/pop3d ln -s /var/qmail/service/smtpd /var/service/smtpd ln -s /var/qmail/service/qmail /var/service/qmail ln -s /var/spamd-service /var/service/spamd-service ln -s /var/qmail/service/binc-imap /var/service/binc-imap

Configuring vpopmail

Now we need to add a domain and a user to the entire system.  We do that using the vpopmail tools installed in /usr/local/vpopmail/bin.  First we want to add a domain.  I suggest adding your computer's hostname or any domain that is pointed at it.  Note: sub-domains allowed.

#	/usr/local/vpopmail/bin/vadddomain domain.tld

Since we dont want to have a system with just postmaster, since that is a bad idea, we need to add a user as follows:

#	/usr/local/vpopmail/bin/vadduser user1@domain.tld

For any other actions, you can take a look at the commands by going to /usr/local/vpopmail/bin and doing an ls -al.  To get more info on a command, just type the command name without any parameters and the output will then be displayed.

# cd /usr/local/vpopmail/bin # ./vadduser vadduser: usage: [options] email_address [passwd] options: -v (print the version) -q quota_in_bytes (sets the users quota) -s (don't rebuild the vpasswd.cdb file, faster for large sites) -c comment (sets the gecos comment field) -e standard_encrypted_password -n no_password -r generate a random password

For further reading, check out http://inter7.com/ -- the creators of vpopmail.

Using qmailAdmin

Using qmailAdmin is simple and straight forward.  In any normal browser goto http://yourserversname.com/cgi-bin/qmailadmin/qmailadmin and login as postmaster, fill in the domain you want to login for and type in the password you set.  From here you can add users, edit mailing lists and a lot of other things.

daemontools

Now lets start the entire thing.  We can, for easy access, just use the same script that will startup qmail and daemontools on a restart:

#	/usr/local/etc/rc.d/svscan.sh start

If all goes well, you can do a "ps aux" to see if tcpserver and qmail are running.  If not then you must have done something wrong.  If you have added a user account, check to see if auth is working.  If it isn't and you skipped the section of making qmail-smtpd run as root, then go back and make the changes.

Restarting deamontools is not the way to go about restarting your qmail, install, or restarting spamassassin. To restart deamontools:

# #	/usr/local/etc/rc.d/svscan.sh stop /usr/local/etc/rc.d/svscan.sh start

To restart spamassassin or any other service, issue the following commands:

#	svc -t /var/service/spamd-service

Replace spamd-service with any other directory that is currently in /var/service/. If you would like to restart the superviser that is watching in this cause spamd, you can issue the following command:

#	svc -dx /var/service/spamd-service

We would also like to be able to get some stats. Preferably on the amount of uptime, or how long a service has been up and running for. There is a special command for that called svstat. Use it as so:

#	svstat /var/service/*

Or if you want individual uptimes:

#	svstat /var/service/spamd-service

This guide is © 2003 - 2010 Bert JW Regeer.

Author: Bert JW Regeer
bsdguides at 0x58 dot com

This is a great guide!  However, I did find one thing that could help people who already have an existing qmail setup.  If you use this guide's setup, you will have to comment out the following line in inetd:

smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qmail-smtpd

If you don't, any auth will be accepted rather than valid ones.

this article is very informative.. thanks

Using qMail thru inetd and tcpservers at the same time is a waste of resources, second, inetd is insecure, and is easily crashed. This will help make your mail system stable.

Excellent Guide!!
Simple and works perfectly!!
Thanks ;)

How i can make qmail without auth? a believe i don't need some options in here.

But all other went smoothly

Just leave out the steps where you have to download the edited qmail file, and leave out these steps:

cat run | sed "/qmaild/s//root/" > run
cat run | sed "/qmail-smtpd/s//qmail-smtpd {vpopmail}/" > run
cat run | sed "/{vpopmail}/s///usr/local/vpopmail/bin/vchkpw {bintrue}/" > run
cat run | sed "/{bintrue}/s///usr/bin/true/" > run

That should do it :)

I ran these commands before reading Jarek's question, but i did skip the auth patch.  Can you please tell me what commands I could run to undo these changes?

cat run | sed "/qmaild/s//root/" > run
cat run | sed "/qmail-smtpd/s//qmail-smtpd {vpopmail}/" > run
cat run | sed "/{vpopmail}/s///usr/local/vpopmail/bin/vchkpw {bintrue}/" > run
cat run | sed "/{bintrue}/s///usr/bin/true/" > run


thank you

De the following:

rm -rf /var/qmail/service/smtpd
/var/qmail/bin/qmail-smtpd-conf qmaild qmaill /var/qmail/service/smtpd
cd /var/qmail/service/smtpd/
echo "200" > env/CONCURRENCY
echo '127.0.0.1:allow,RELAYCLIENT=""' > tcp
echo ":allow" >> tcp
make

That should do it :)

hi all,

as i try to follow this guide install qmail tonight, i found qmail work, but vpopmail seems got problem, i am not sure is different version problem, the version i use is 5.4.0.

Also, qmailadmin can not work..

# /usr/local/vpopmail/bin/vadddomain test.mydomain.com
Please enter password for postmaster:
enter password again:
Error: Domain already exists

# /usr/local/vpopmail/bin/vadduser test@test.mydomain.com
Please enter password for test@test.mydomain.com:
enter password again:
Error: Unable to chdir to vpopmail/domains directory

For some reason it thinks the domain allready exists.

Run the following commands:

cd /var/qmail/users
grep -v "^+test.mydomain.com" assign > assign.new
mv assign.new assign
chown root:qmail assign
/var/qmail/bin/qmail-newu
cd /var/qmail/control
grep -v "^test.mydomain.com" rcpthosts > rcpthosts.new
mv rcpthosts.new rcpthosts
chown root:qmail rcpthosts
cd /usr/local/vpopmail/domains/
rm -rf test.mydomain.com
cd ..
chown -R vpopmail:vchkpw domains


Then try to add the domain again. If it still does not work, you can try what my good friend Derrick did:

rm -rf /var/qmail
rm -rf /var/service/pop3d
rm -rf /var/service/smtpd
rm -rf /var/service/qmail
rm -rf /usr/local/vpopmail

start the tutorial from #1

wow, great stuff, got this setup on two machines now, and working fine.
great guide

Excellent Guide works perfectly!!

all but one thing ...
SMTP-AUTH ...

my outlook express can't send mail and the server act like the password given to STMP connection i wrong...

I use a clean FreeBSD 4.9 with updated ports

  

Your outlook issue may have to do with this, http://support.microsoft.com/default.aspx?scid=kb;en-us;290684 you may want to take a look at that URL.  Hope it helps!!

tcpserver isnt showing up in ps aux... any ideas?  i did JUST waht the guide told me to do

Hi and thanks for this excellent guide !

I followed the different steps, but got this error on launching vadddomain :

[root@host:/usr/local/vpopmail]# /usr/local/vpopmail/bin/vadddomain domain.org
Please enter password for postmaster:
enter password again:
Failure while attempting to remove_line() the locals file
Error. Failed to add domain to assign file
Error: Could not update file

I'm running FreeBSD 5.2.1 on this host.
Have you any idea why I got this problem ?

Thanks a lot

Excuse me for last message : here's the solution for people encountering same problem in the future :

juste do :
# touch /var/qmail/control/locals

and then retry to add domain again after deleting it like when domain already exists :

> Run the following commands:
>
> cd /var/qmail/users
> grep -v "^+test.mydomain.com" assign > assign.new
> mv assign.new assign
> chown root:qmail assign
> /var/qmail/bin/qmail-newu
> cd /var/qmail/control
> grep -v "^test.mydomain.com" rcpthosts > rcpthosts.new
> mv rcpthosts.new rcpthosts
> chown root:qmail rcpthosts
> cd /usr/local/vpopmail/domains/
> rm -rf test.mydomain.com
> cd ..
> chown -R vpopmail:vchkpw domains

Sorry for the first question :)

And thanks a lot for this great guide !

Hello,
This is a great work, thanks!
I got everything up and running (domains and users) but i have a problem that is bugging me. If anyone sends me an e-mail i will receive it and keep it in the Maildir/ correctly (this shows that recieving email is going right) but when i try to auth on an user account with any mail client i get this:

May  5 03:04:11 mail vpopmail[77668]: vchkpw-pop3: vpopmail user not found null@:81.84.26.99

Thanks for any help that comes!

You need to auth using your full email adress.

As in:

null@domain.com

and not just null :).


X-Istence

Hi. First of all, thank you for all your hard work! These guides are a fantastic reference. One question though. Why do you change the working directory for qmail, and what do you change it to? I tried reading through the qmail-smtpd.c file to get an idea of what's happening, but my understanding of C is weak. I just like to understand what's being changed  from the default setup. Thanks again!

Nothing is being changed from the default install, except qmail-smtpd.c there is an entire piece added for SMTP auth.

I go into the work directory to apply this patch, thats it.

I went as per the quide ,I am able to send mails using  my server but  recieving gives me an error in outlook express

The server responded with an error. Account: 'mail.infodatalab.com', Server: 'mail.infodatalab.com', Protocol: POP3, Server Response: '-ERR this user has no $HOME/Maildir', Port: 110, Secure(SSL): No, Server Error: 0x800CCC90, Error Number: 0x800CCC90

the smae i checked in the /var/log/qmail/current  it has an error

@4000000040ab41cc05a06054 status: local 1/10 remote 0/20
@4000000040ab41cc05f759f4 delivery 5: deferral: /usr/local/vpopmail/bin/vdelivermail:_permission_denied/

even if i try from local to local user or say same user .

Guy My problem is solved  thanks

I have two errors when try to add domain and later other error when try to add and user to the domain itself:

step 1-
# ./vadddomain mydomain.com
Please enter password for postmaster:
enter password again:
Failure while attempting to remove_line() the locals file
Error. Failed to add domain to assign file
Error: Could not update file

step 2-
-> ( but it's appear that the domain is created ) <-
on the follow output can see Domain already exists:

# ./vadddomain mydomain.com
Please enter password for postmaster:
enter password again:
Error: Domain already exists

step 3-
# ./vadduser charly@mydomain.com
Please enter password for charly@mydomain.com:
enter password again:
Error: Unable to chdir to vpopmail/domains directory

i cannot see domains on this directory, is it ok?

# ls -l vpopmail/domains/
total 2
-rw-------  1 vpopmail  vchkpw  43 Apr  4 16:03 .dir-control

# cat vpopmail/domains/.dir-control
2147483646
0
3
0 0 0
61 61 61
0 2 2
0 0 0


please i need help!
carlosrdelmoral@hotmail.com

The solution was posted above Carlos.

Hi, really great work, but i have one error. i have installed qmail , i'v done everything according to instructions, but still i have 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) , so i  wanna ask what is wrong when in files /control/me locals rcpthosts everything i put is correct. where should i look for error?  

thans for help

ls -al /var/qmail/control/rcpthosts
cat /var/qmail/control/rcpthosts

Paste the output of that, if you want, email me at qmail-help@x-istence.com and i will help you over email. I have no clue what it could be :(.

Hello, I had an qmail (smtpd and pop3d) + vpopmail installation and I installed the imapd and squirrelmail. Everything is working ok but the Maildirs are different.

I can log in squirrel and send email, create drafts, etc.. but when Ireceive mails they are gathered in /usr/local/vpopmail/domains/domain.tld/username/Maildir instead of the /usr/local/vpopmail/domains/domain.tld/username/IMAPDir.

Is it possible to configure either the imapd to get the mails from Maildir or to get vpopmail sending them to the IMAPDir?

thanks!

If you do an ls -l on the IMAPdir, you will see that INBOX is just a link to Maildir.  All of your mail is stored in Maildir, whether you use IMAP or POP3.

Sorry for the second reply, that was an error.

Well the script that is provided is a little buggy. First it has a " that doesn't belong there (i guess, at least it gives me some error executing) and the rest is a bit strange. I've done some of it manualy but it's a little sucky coz i have 300+ users.

I'm having several errors with the imapdirs.sh that is provided here and i don't seem to able to get it working.

I have ~300 users divided in 8 domains but the script doesn't create the links and dirs in any user and it gives me som "unmatched" error in the 1st find command.

Anyone had a problem with this script?

Thanks!

Hey Nullpt2,

I fixed the script, there was indeed an unmatched ", but my SH version did not seem to care (FreeBSD 4.10). Should be all fixed now.

I just tested it against about 200 new users on a new box i set up, and it works without a hitch. Please try again :)

Thanks! It doesn't gives me that error anymore but when I'm cating the script to the file i get a strange content in the for's. I have the domains with path in the first for and the domains without the path in the second for. Shouldn't this be a little different?

thanks

When I try to execute it I have a fatal error:

imapdir.sh: 4: Syntax error: word unexpected

Maybe I can discuss this issue trough mail?

sure, <email address be gone. Spam be gone> :).

And i allready think i know why. Instead of catting it to the file, use edit, and just copy and paste into whatever you are using to SSH, and see if it works.

Still not working :( I'll give you a full detail trough the email. Thanks!

Is it possible to configure either the imapd to get the mails from Maildir or to get vpopmail sending them to the IMAPDir?

Yes it is possible. Don't use ln -s. Edit the /usr/local/etc/bincimap/bincimap.conf file and change the depot = "IMAPdir",  to depot = "Maildir++". Start Stop the qmail and enjoy :-)

"Yes it is possible. Don't use ln -s. Edit the /usr/local/etc/bincimap/bincimap.conf file and change the depot = "IMAPdir",  to depot = "Maildir++". Start Stop the qmail and enjoy :-)"

i can't get this work :( i can't acess e-mail via IMAP...i can login but no mails only in POP3
"Don't use ln -s" where ?
one more thing, i'm using outlook to send e-mail... i can send e-mail whtouth pass how to fix this ?

Thanks

PS: i'm a newbie sory ...

layer: That what you want allready happens currently. Except it just symlinks it from INBOX to ../Maildir.

If you would not like to do this, do what he said, except just forget about the "maildir.sh" script, and never run it. Then edit /usr/local/etc/bincimap/bincimap.conf so that the line:

depot = "IMAPdir"

Looks like

depot = "Maildir++"

svc -dx /var/service/binc-imap

And you are set :).

Good luck, contact me via email if you need more help. <email address removed. Spam be gone.>

Hello, since the SpamAssassin upgrade available in the freebsd port system that you need now to upgrade your perl to 5.8. Doing this you will have to upgradeall your perl ports and other software depending on perl.Since that I had to make some modifications in the SpamAssassin as it doesnt allow -a anymore and im having some problems because there is so many changes in the configuration that im getting crazy!

Could the writter of this guide update to the new spamassassin version configuration?

Thanks!

I'll look into it.

Just a note, for SA-3.x which was just added to the ports tree, remove the -a switch in /var/spamd-service/run so the run script is:

#!/bin/sh
exec /usr/local/bin/spamd -c -v -u vpopmail

I guess the whitelists option is gone in 3.x and it caused perl5.8.5 to hang after I had upgraded, removing that switch fixed it.

From the upgrading FAQ:

- The --auto-whitelist, --whitelist and -a options for "spamd" and "spamassassin" to turn on the auto-whitelist have been removed and replaced by the "use_auto_whitelist" configuration option which is also now turned on by default.

Hello. Thank you very much for putting together this outstanding guide! I notice when running this setup my BincIMAP log /var/qmail/service/binc-imap/log/main/current contains has the following messages:
@40000000418fd8e41f1db89c softlimit: fatal: unable to run ${DATALIMIT+-d$DATALIMIT}: file does not exist

I double-checked my "run" shell script against the guide and everything seems to match. I have the DATALIMIT file in /var/qmail/service/binc-imap/env and the file contains 500000. Any idea what the problem could be?

Thanks

What does your /var/qmail/service/binc-imap/run file look like? If you copied and pasted it from this website, it should work perfectly.

If you need any help, email me at qmail-guide [at] x-istence [dot] com

I have updated my guide according to j79zlr's information. It should work with SA 3.0 now.

j79zlr: The way you are using SA, you would have information show up in readproctitle because you are not having SA log it to stderr to be logged by multilog.

Hello. Thank you very much for putting together this outstanding guide! I notice when running this setup my BincIMAP log /var/qmail/service/binc-imap/log/main/current contains has the following messages:
@40000000418fd8e41f1db89c softlimit: fatal: unable to run ${DATALIMIT+-d$DATALIMIT}: file does not exist

I double-checked my "run" shell script against the guide and everything seems to match. I have the DATALIMIT file in /var/qmail/service/binc-imap/env and the file contains 500000. Any idea what the problem could be?

Thanks

This guide was AWESOME! Very thorough and much appreciated :)

rjk: your problem is the fact that you did not use cat, but instead copied and pasted it straight into a text file. This means that the shell filtering did not happen, and in this case, it means that you left certain 's in the run file. This would cause it to not work, as instead of interpreting that as a variable, it would interpret it as a command that it has to run.

Please copy and paste the cat << EOF > {file} then the entire script right into cat, and then EOF. This will cause the file to be written properly, and it will then work.

X-Istence

I can't get vpopmail to work after trying the posted fix twice now. I am using 5.3 and following the steps by the site....

/usr/local/vpopmail/bin/vadddomain hardrocksociety.com
Please enter password for postmaster:
enter password again:
Failure while attempting to remove_line() the locals file
Error. Failed to add domain to assign file
Error: Could not update file

Any help is appreciated, as I'm a sorta noob.
I assume this is due to 5.3....

Dan

No, 5.3 should not be the problem, and should work perfectly.

Did you touch /var/qmail/control/locals as root?

Also, after that vadddomain do a vdeldomain <domain> and then try readding it. It should work.

I ran into the same problem as Dan Simmons, it seems the directory attributes weren't allowing root to write to the /usr/local/vpopmail/domains directory, if fixed the problem by:

#ls /usr/local/vpopmail/

drwxr--r--  -------------> domains

#chmod 755 /usr/local/vpopmail/domains

root can write to any directory, even if it is chmod 000:

Breached# ls -al ./test
total 4
d---------   2 root      xistence   512 Nov 17 17:00 .
drwxr-xr-x  17 xistence  xistence  1024 Nov 17 17:00 ..
Breached# cd test
Breached# touch file
Breached# ls -al
total 4
d---------   2 root      xistence   512 Nov 17 17:01 .
drwxr-xr-x  17 xistence  xistence  1024 Nov 17 17:00 ..
-rw-r--r--   1 root      xistence     0 Nov 17 17:01 file


The problem is because /var/qmail/control/locals does not exist. Once this file is created, all should work without a problem.

By chmodding the directory domains to 755 you are allowing anyone and everyone to take a peek at what domains you host.

[Breached: ~]$ ls -al /usr/local/vpopmail/domains
lrwxr-xr-x  1 root  wheel  17 Apr 26  2004 /usr/local/vpopmail/domains -> /usr/storage/mail
[Breached: ~]$ ls -al /usr/local/vpopmail/domains/
ls: : Permission denied
[Breached: ~]$ ls -al /usr/storage/mail/
ls: : Permission denied

X-Istence

I fixed the vpopmail issue. There as no local file in control. Everything works now except sending to external addys I get the "553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)" error. I noticed other people have mentioned it. What was the fix??? I must be overlooking something simple.

Any ideas?

It seems you want to relay. What you are however not doing is authenticating when you are about to send mail.

You will need to set it in your preferences for your mail client somewhere, and then it will work. Look for an option named "SMTP authentication" or something similar. If you need extra help, search on google for "SMTP authentication for sending mail with {CLIENT NAME}"

Sorry if this is a silly question (I am a noob), but how do you setup an alias for local accounts to send to a remote email account with qmail?  I put the email address I wanted the local root account to have mail sent to in /var/qmail/alias/.qmail-root (like it said on the qmail website), but it doesn't seem to work.  Since the guide doesn't use sendmail (and specifically disables it), updating the /etc/mail/aliases file and running newaliases doesn't do the trick either.  Any info would be great.  Thanks for the great guide!

mrmouse, did you add the domain or hostname to the locals file?

And /etc/mail/aliases is a sendmail file, and is not used by qmail. /var/qmail/alias/.qmail-root is the right file to create.

It should contain something like &remote@remotedomain.com. qmail refuses to deliver to uid 0.

I had tried that, but I must not have put in the correct info initially.  I added:

localhost
myhostname.mydomain.com

to /var/qmail/control/locals

and

setup the .qmail-root file.

Works!  Thanks again, you're awesome!

"the binc-imap configuration is not complete enough to work.  It will be complete tomorrow."

I'm having trouble with bincimap. Wondering if this has anything to do with it.

I can't log in to it.

OK Welcome to Binc IMAP Copyright (C) 2002-2004 Andreas Aardal Hanssen at 2004-12-16 00:45:19 CST
1 LOGIN Dan password
1 NO LOGIN failed: Login failed. Either your user name or your password was wrong. Please try again, and if the problem persists, please contact your system administrator.

Vpopmail and qmailadmin all work, just trying to get webmail working. tried the Horde guide, but had authentication problems. So I think the first step is to solve this error i get when trying to connect telnet.

Any ideas??

Dan

you need to use your full email address to login:

dan@domain.com

Then it will work. And that comment is an old one, i should remove it some time :P.

*dah* to me ;) Thanks again.

Hi,

Excellent work !!
It seems to be ok for me except that I feel a problem with SMTP...

If I send an email to an address that I have declared, I never receive it.
And the fact is that I have nothing listenning on the port 25.

Regarding my processes, I have an entry with
supervise smtpd

I also have sytematically a defunct process which I did not have before... It could be linked...

The problem is that I don't know where to take a look to try to find my mistake...
Any idea ?
Thanks a lot for this big work very usefull !

Happy new Year !
Olivier

mmm... the file /var/qmail/service/smtpd/run is empty.
I think I have missed something...
Is there a way to got the original one ?

Last edit failed, pico had added line breaks all over the place.

Should be good now, repeat the section under configuring qmail.

Ignore most errors, just make sure to shutdown svscan.

Thanks for the great guide. I've installed it on a 5.1.2 system before and it worked great. This time I'm using your guide to install it on a 5.1.3. system. Everything works great execpt for imap. I can get mail when I use the pop protocol but when I'm using imap I get the "login failed" error. I have no clue where to look for the solution since I can't find any entry in logfiles about this denial. I double checked if a used the user@domain.com format so that's not it...Can somebody give some advice??

Sigh..forgetting some info....

pacsforum# ps -aux |grep imap
root       488  0.0  0.1  1188  548  ??  I     4:10PM   0:00.00 supervise binc-imap
root       497  0.0  0.1  1212  572  ??  I     4:10PM   0:00.01 /usr/local/bin/tcpserver -vDHR -c200 -xtcp.cdb -- 0 143 /usr/local/bin/bincimap-u
root     16385  0.0  0.1  1476  816  p0  S+   11:59AM   0:00.00 grep imap

binc-imap is running...
I compared the 5.1.3 with the 5.1.2 system and the only difference I can find is some bincimap files in de IMAPdir's and Maildirs (like .bincimap-subscribed, bincimap-cache and bincimap-uidvalidity) Don't know if these are created on first loging cause I can't find their creation in the guide

ppfff...found it....There's a typo in your guide...(I think). In the bincimap run file there's a missing right after /usr/local/bin/bincimap-up --logtype=multilog.

Working fine now  :)

Thank you StPurple, i have added the offending back into the script, and things should work fine again.

I have facing one problem. My qmail is working porperly; but my maillog show the follwoing error:
Jan 11 23:33:41 matrix spamd[5273]: handle_user: unable to find user 'username@domain.com'!
But the patricular user with the domain exists. The mail is sending properly and i can see the "X-Qmail-Scanner-Mail-From", "X-Qmail-Scanner" in the mail header.
Beside this i have these line in the maillog whenever any user receive any mail:
Jan 11 23:07:48 matrix spamd[4762]: Cannot write to /root/.spamassassin/user_prefs: Permission denied
It's seems that i have done some wrong in the configuration of spamassassin.
Any idea??

you have modified my guide to include qmail-scanner, you are on your own. I have not, and will never use qmail-scanner. Please contact the appropriate mailling list for more information.

Wow...it works like a dream.

Have you ever thought about including af virus scanner ?

Conq: Yes i have.

I would like to implement a virus scanner in the delivery process, not in the smtpd process. I am still looking for a way to implement this successfully.

If you would like to do virus scanning, look into http://inter7.com/ 's simscan. They also have an extensive mailling list where you can go for questions, and i have heard nothing but good things about them. With it you can implement spam and virus scanning at the smtpd level.

http://inter7.com/?page=simscan

Thanx, i will try to look at inter7.

You can configure vpopmail to store users and domains in mysql database...
To do so you must install vpopmail like that:
make install clean -DWITH_DOMAIN_QUOTAS -DWITH_SPAMASSASSIN SPAM_THRESHOLD=10 -DWITH_MYSQL

(There are many others install options for vpopmail. If You wish to look at them, just cut the Makefile of vpopmail. I also use:  -DWITH_LEARN_PASSWORDS -DWITH_CLEAR_PASSWD to feed my needs.)

Then You must create a database and user for vpopmail in mysql:
# mysql
> create database vpopmail;
> GRANT select,insert,update,delete,create,drop ON vpopmail.* TO vpopmailuser@localhost IDENTIFIED BY 'password';
> q

Next edit the /usr/local/vpopmail/etc/vpopmail.mysql
and change the user and password that You typed in mysql. The file has following format: host|port|user|password|database

# chmod 640 /usr/local/vpopmail/etc/vpopmail.mysql

...and You are ready to rock!!!

when i get mail i have to use user@mydomain.com as the login... i was wondering why i can't just use the username?  

because it is a virtualdomain, there could be several domains that could have the same user, which one would you want your mail for? That is why vpopmail requires the username[at]domain.com. If you used qmail with just system users, using checkpasswd, and not this guide in the first place, you could use just your username.

Hi Thanks for providing a great guide. I am however (being a total noob) experiencing some problems. Having completed the installation I find that when I do a ps aux I get this line:

root       197  0.0  0.1   868  300  ??  I     7:30PM   0:00.00 /usr/local/bin/readproctitle service errors: ........................................................................................

And I can't work out why.

Also qmailadmin won't work - I added a new user with vpopmail but when I put in the requisite url I get a 404.

Lastly Is it ok to run this system in conjunction with webmin/virtualmin?

Thanks Bob

First off: That line is perfectly normal.

Second: Qmailadmin might have been moved to http://domain.com/qmailadmin/qmailadmin, i will check this, i am working on a revised copy of my guide anyways.

Thirdly: That i do not know. There should be no side effects, or at least there are none that i can think off.

It worked just wonderfully, EXCEPT for one little problem.
I can send e-mail just perfectly, even if I telnet to my host on port 25, and it just closes the conection right on my face (strange? I'm all newbie here), and I'm not being able to recieve any e-mail, I send an e-mail from a known working web-mail server(like gmail), and I don't recieve neither the e-mail, neither an error on the gmail!!! I can connect using IMAP and/or POP3, and if I manually browse the /usr/local/vpopmail/domains/ I see I really didn't recieved any e-mail.

Any help would be apreciated :)

Thx a lot, and congrats on this GREAT paper!!!

Zarnick

What does:

svstat /var/service/*

show you?

Might want to check that your ISP is not blocking ports, or any other firewall you configured yourself.

This is the output of svstat /var/service/*
/var/service/binc-imap: up (pid 498) 50163 seconds
/var/service/pop3d: up (pid 496) 50163 seconds
/var/service/qmail: up (pid 491) 50163 seconds
/var/service/smtpd: up (pid 489) 50163 seconds
/var/service/spamd-service: up (pid 499) 50163 seconds

And this is the output of my ipfw:
00100 divert 8668 ip from any to any via xl0
00200 deny icmp from any to any icmptypes 13
00300 deny icmp from any to any icmptypes 14
00400 deny tcp from any to any tcpflags syn,fin
00500 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
00600 allow ip from any to any dst-port 22 in via rl0
00700 deny ip from any to any dst-port 137,138,139,81
00800 deny ip from any to 10.0.0.0/24 dst-port 22
00900 deny ip from any to any dst-port 22
01000 allow ip from 10.0.0.0/24 22 to any dst-port 22 via rl0
01100 allow tcp from any to 10.0.0.4 dst-port 80 in recv xl0
01200 allow ip from any to any
65535 deny ip from any to any

I know, I know, I have to work harder on the firewall, is is not as secure as I think.
And I now that the ISP does not block, since I already had one version of qmail+vpopmail+mysql, but runing on a Slackware box, and since I happily upgraded the Slackware to FreeBSD, this is the only issue that is hanging in the half :)

Thx a lot!

By the way, is there any good webmail that works with this configuration of qmail?

Thx!
Zarnick

Hrm, this is very weird, i would not have a clue, is tcpserver running on port 25?

sockstat -4 | grep 25

Check your /var/service/smtpd/run file for any wrong doings.

If you can not find any, i would have no clue.

Here's the output of sockstat:
www      httpd      1258  3  tcp46  *:80                  *:*
www      httpd      1258  4  tcp46  *:443                 *:*
www      httpd      1257  3  tcp46  *:80                  *:*
www      httpd      1257  4  tcp46  *:443                 *:*
www      httpd      1252  3  tcp46  *:80                  *:*
You see, I don't think the problem could be at smptd, since I can send e-mail, what I can't do, is recieve them. ;)
Really, no clue at all?
www      httpd      1252  4  tcp46  *:443                 *:*
qmaild   tcpserver  489   3  tcp4   *:25                  *:*

If you really don't heave any clue, how can I deinstall all of this, so I can try another tutorial?
sigh...tought this would solve my problem...O well...

Thx.

Well!!! :)
Just fixed the smtpd problem :)
The tcp file was empty and so the env/CONCURENCY
filled them, and did a make, and now the smtpd is working perfectly, however I'm still not geting any mail, even if I send an e-mail to a non-existent user, I recieve no e-mail telling that this user does not existe :(

Thx Zarnick.

YUP YUP URRA!
Everythings works smooth...just one thing, I'm not being prompet for a login/password to send e-mail, is this normal?

Thz a lot.

Depends on how you configured your client, and how you setup your smtp ip's and wether you have a proper rcpthosts setup.

You receive email on port 25, so that is why i was wondering if smtpd is working, you seem to have fixed it though.

Thanks, I will try to...han...hack...my own server, to see if over the web, it isn't password protected, and I will post here again. ;)
And, do you know any good webmail for this config?

Thx a lot!

Ok, so...tryed to send a "spam" by telneting into port 25, and it seems that spamasassin got the e-mail, and marked as spam, plus it didn't sent over the web, only to my internal server, cool. Now all that I need is a simple webmail. Thx a lot, your guide ROCKZ!

For webmail, there are a lot of options.  You can choose from squirrelmail, <a href="http://www.bsdguides.org/guides/freebsd/mailserver/imp.php">Horde/IMP</a>, Nuralstorm, ilohamail, etc.  You just need to make sure it supports vpopmail for virtual domains.

Okay, I've got everything working fine except for ONE thing that's bugging the heck out of me.  When I send mail, there is a five second delay.  Upon examining my log files, this is what I see:

Feb 24 21:59:48 alkaline vpopmail[315]: vchkpw-smtp: password fail xxxxx
Feb 24 21:59:53 alkaline vpopmail[316]: vchkpw-smtp: (PLAIN) login success xxxxx

Why in the world would the password check fail, then five seconds later succeed?  Any help would be appreciated.  Note, I'm not using IMAP, spamassassin or qmailAdmin.

Because your client is first trying CRAM-MD5, something i should have disabled in the patch, and then trying PLAIN after it does not succeed when using CRAM-MD5. Set the client to specifically use PLAIN login.

I actually set my client (Thunderbird 0.9) NOT to use TLS, but I guess I could try a different client and see if maybe it's a bug in Thunderbird.  I will keep you posted.

On the flipside, how would one enable the TLS (CRAM-MD5) with your setup.

TLS is not CRAM-MD5, but to enable it, you would need to compile vpopmail with clear passwords.

> TLS is not CRAM-MD5, but....

Well, in Thunderbird you either have "NO", "TLS if AVAILABLE", "TLS" or "SSL."  I have it set to NO.

Will this work with 5.3?
I get an error message that make fetch is not recognised as a command. (3rd command set)

make fetch works like a charm.

I just ran over my guide again, and it works without any problems at all.

mine says "don't know how to make fetch" Am I missing some other package or port?

Nope, a clean install should work.

actual message is
make: don't know how to make fetch. stop

it is a fresh install from the mini install disk - any ideas??

Are you in the correct directory when trying to make fetch?  You should be in /usr/ports/mail/qmail when you do make fetch.

Ah - the simple things that bite you. That was the problem. Thanks

an amazingly great mailserver solutions is this. I've toasted qmail with the manuals from qmailrocks.org, but these installations were terrible slow and loaded with features we really don't need at all.

One (crucial IMO) thing i'm missing here is how to implement an antivirus package (like clamAV). Anyone any experiences with it an how to do this?

Thanks in advance!

Http://inter7.com/ offers simscan for just that purpose. It has good documentation and it's own maillling list.

I personally did not put it into my guide, as i find that virus and spam scanning slows down the smtp messaging system, and i personally do it farther down the chain when a message is about to be delivered to someone.

To ewonde: take a look at: http://freebsd.cg.nu/qmail+amavis.html

thnx! gonna give it a try.

Simscan seems to be much easier to install and fits well to my requirements. Hope to find a "how-to" doc ;-)

Thnx!

I first had this error:
Failure while attempting to remove_line() the locals file
Error. Failed to add domain to assign file
Error: Could not update file

then I read the fix above. After that I got the error that the domain already excist, so I tried the fix for that above. that didn't work :o( after a loth of trying I got the solution I had to do:
#/usr/local/vpopmail/bin/vadddomain MyDomain.nl Password
(the password behind your domain) and it worked!
Just thought to share my solution with you guys. Don't really understand why this IS working, looks a bit weird to me.

Hey awesome guides!
I have got a bit of a problem though... I have been following the guide to the letter, and struck this problem when trying to add a domain in the "Configuring vpopmail" section.  This is the same result as I got yesterday after which i did all the rms listed below and did make deinstalls on everything before redoing the guide from scratch.   What am I doing wrong?

snip===>
mail3# /usr/local/vpopmail/bin/vadddomain mail3.pchost.com.au
Please enter password for postmaster:
enter password again:
Failure while attempting to remove_line() the locals file
Error. Failed to add domain to assign file
Error: Could not update file
mail3#
<====snip
I am running a fresh install of FreeBSD 5.3 and have only completed the "Apache+SSL, PHP, and MySQL " guide from this site since installing.

Hey awesome guides!
I have got a bit of a problem though... I have been following the guide to the letter, and struck this problem when trying to add a domain in the "Configuring vpopmail" section.  This is the same result as I got yesterday after which i did all the rms listed below and did make deinstalls on everything before redoing the guide from scratch.   What am I doing wrong?

snip===>
mail3# /usr/local/vpopmail/bin/vadddomain mail3.pchost.com.au
Please enter password for postmaster:
enter password again:
Failure while attempting to remove_line() the locals file
Error. Failed to add domain to assign file
Error: Could not update file
mail3#
<====snip
I am running a fresh install of FreeBSD 5.3 and have only completed the "Apache+SSL, PHP, and MySQL " guide from this site since installing.

netphreak: Several comments above yours contain the same information. Specifically a post made by golodh on April 29, 2004 at 3:25:36 pm MST is what you want to read.

oops... thought I read all the previous comments, thanks for that prob is fixed now. Great stuff thanks for your help!!!

Hey this tutorial is awesome, is it possible that anyone could refer me to a webmail type setup to suit this install, the simpler the better, any help would be hugely appreciated, thanks

you can use any webmail script which supports IMAP and or POP3.

Hey Guys,
Cool guide. Worked like a charm first go!

One thing though. I would like to be able to have both virtual accounts through vpopmail and also system user email accounts. I am a noob to an extent so go easy.

The problem is that I have a server with existing email accounts that I would like to bring across to the server with this setup. However there are quite a few accounts and it would be ridiculous to contact all the clients and tell them their username has changed. At the same time I would like to gradually move towards the email address as username approach.

If anyone could help it would be much appreciated.

How can I fetch the mail in for example Outlook Express? What are the settings for this? I have tried a few things but I simply don't have a clue...

Your username is the full email address, password is whatever you set.  In order to send mail, you need to check the box to enable smtp authentication.

i can't get it to work, i set my incoming server to: pop3.mydomain.nl and outgoing to smtp.mydomain.nl but it don't work I keep getting this error while checking for mail:
An error accured while connecting to the e-mail server. Your password is not accepted Account: 'pop3.mydomain.nl', Server: 'pop3.mydomain.nl', Protocol: POP3, Reaction from the server: '-ERR authorization failed', Port: 110, Secured(SSL): No, Serverfailure: 0x800CCC90, Foutnummer: 0x800CCC92

Hi,

Great guide working really nicely as a POP server, only issue that I have is that I can't use imap mail :(

It seems that the service is running:

#svstat /var/service/*
/var/service/binc-imap: up (pid 68734) 1208699 seconds
/var/service/pop3d: up (pid 68725) 1208699 seconds
/var/service/qmail: up (pid 68731) 1208699 seconds
/var/service/smtpd: up (pid 68726) 1208699 seconds
/var/service/spamd-service: up (pid 68950) 1208403 seconds

but when I try to telnet to localhost 143 I get:

#telnet 192.168.7.2 143
Trying 192.168.7.2...
Connected to marge.domain.tld.
Escape character is '^]'.
Connection closed by foreign host.

and if I do:
#ps -ax | grep imap
68733  ??  I      0:00.06 supervise binc-imap
68734  ??  I      0:00.05 /usr/local/bin/tcpserver -vDHR -xtcp.cdb -- 0 143 /usr/local/bin/bincimap-up --logtype=multilog --conf

As far as I can see I think that I have followed the guide to the letter but maybe not, perhaps somebody could advise please?

Many thanks!

Hi all!
How to skrew on to this exelent buliding a Clamav antivirus??

With respect, Karl

I know this guide doesnt cover the subject, and maby thats why Im having such difficulties.. But concearnig mysql authentication whith vpopmail I cant get vqadmin to work. I seams like all the tables except for "dir_control" are missing in the vpopmail database. I though that vpopmail added all the tables automatically, but maby I thought wrong.. Anyhow, I can log in to the interface, but cant add any users.. My apache log says: vmysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist wich isnt much of a big surprise..

nieanithaur: I can't help you. Contact the vpopmail mailling list. They will probably tell you to install from the LWQ, and vpopmail from scratch, just read the docs, it should be explained, and look for whatever the SQL stuff is that vpopmail needs in it's source code tar.gz.

Hi,

Sorry by avance because I don't speak well English.
I've got a question :

After done all this guide I can send email, I can receive email by POP, I can login via imap but not receive mail via emap ...

can you help me please ??

I have replace : depot = "IMAPdir" by depot = "Maildir++"

but It doesnt work ;(

PS :

monstre# svstat /var/service/*
/var/service/binc-imap: up (pid 537) 4878 seconds
/var/service/pop3d: up (pid 533) 4878 seconds
/var/service/qmail: up (pid 526) 4878 seconds
/var/service/smtpd: up (pid 524) 4878 seconds
/var/service/spamd-service: up (pid 536) 4878 seconds
monstre# ps -ax | grep imap
  530  ??  I      0:00.00 supervise binc-imap
  926  ??  S      0:00.08 kdeinit: kdeinit: kio_imap4 imap /tmp/ksocket-root/kl
  933  ??  S      0:00.84 kdeinit: kdeinit: kwrite /usr/local/etc/bincimap/binc
  939  ??  S      0:00.01 /usr/local/bin/bincimap-up --logtype=multilog --conf=
  940  ??  S      0:00.01 /usr/local/bin/bincimapd
  941  ??  S      0:00.77 kdeinit: kdeinit: kwrite /usr/local/etc/bincimap/binc
  985  p1  R+     0:00.00 grep imap
monstre#

Did you run my script after adding the new account?

Hi X-Istence ;)

I don't know, about which script are you speaking ?
and how run it ?

One's again sorry for my english ;)

The imapdir.sh script that you installed on your server when you ran this tutorial.

Hi X-Istence ;)

Thanks for your answer..

Yes I have ran this script.
This is what I have on my computer :
/usr/local/vpopmail/domains/mydomain.fr/vespa
Inside there is :
ImapDir
MailDir

When I go in ImapDir I have :
Inbox
When I go in "Inbox"
I'm in
/usr/local/vpopmail/domains/mydomain.fr/vespa/Maildir
when I go in Maildir I have :

Cur
New
Tmp

For me it look good but it doesn't give me my mail via imap only via pop...

Have you got an idea ??

It should be called IMAPdir, in your config file for binc-imap you also need IMAPdir to be the depot type, and you should be set.

After a succesfull upgrade from 5.3 to 5.4-p3 I'm experiencing problems with the spamd-service. (everything was running fine for several months already) Spamd seems to keep restarting itself. Anyone else experiencing something similar?

Hmmm....I found that some other things aren't correct either. I think things started going wrong from the first moment I upgraded qmail with a "normal" portupgrade. Since you give those directives and settings to the different ports when making them, what should be the way to upgrade those used ports?

Qmail should be upgraded by using the ports and first running

make deinstall

Then install it with the compiling options as above.

My mailserver was based on this very nice howto ...

chkuser would be a simple and great addon..

If there is high volume spam coming in either "cathcall delete" or chkuser can help,
otherwise bounce queue can be a problem...

I think chkuser also allows people to joejob your mail server, by knowing which accounts are alive and which accounts do not even exist. It makes spamming that much easier. If you wish to have it, then patch qmail before installing it with make install as above, or check in the Makefile if chkuser has been added as a possible patch by the qmail port maintainer.

I get an error message:
root@box:/var/qmail/bin# /var/qmail/bin/qmail-pop3d-conf /usr/local/vpopmail/bin/vchkpw qmaill /var/qmail/service/pop3d
su: /var/qmail/bin/qmail-pop3d-conf: Permission denied

I would have assumed it be a permissions thing, but I dont see any conflicts unless I am overlooking something obvious.

-rwxr-xr-x  1 root  qmail  15020 Aug  3 14:13 /var/qmail/bin/qmail-pop3d-conf

dead project?

It seems there are some problems with filtering emails in case of using .qmail files. Does someone have solution? Thanks.

Lexie: I noticed this as well, i am still looking what the problem may be. I will be notifying the port maintainer ASAP. As for a solution? Recompile vpopmail without SA support, and use maildrop or some other solution to ask SA to scan the email.

Hello there !
Thanks a lot for this document.

I'm a french new user of FreeBSD, so excuse my bad english and my low level with the system.
I encounter an error when I want to "make fetch all install force-enable-qmail WITH_QMAILQUEUE_PATCH=yes WITH_BIG_TODO_PATCH=yes WITH_BIG_CONCURRENCY_PATCH=yes WITH_OUTGOINGIP_PATCH=yes"

The error is : "make: don't know how to make base64.h. Stop
*** Error code 2

Stop in /usr/ports/mail/qmail."

In my mind, the only thing I did diffrently than the document is to download the smtpd-auth patch here : http://members.elysium.pl/brush/qmail-smtpd-auth/dist/qmail-smtpd-auth-0.31.tar.gz
My FreeBSD is a 5.4 RELEASE and frequently updated, so all ports must be uptodate.

Someone can help me ?

Sorry, I forgot a thing :
when I have made the "make extract" of /usr/ports/mail/qmail , I had the choice in a menu to add the options you add after with the commands "WITH_QMAILQUEUE_PATCH=yes WITH_BIG_TODO_PATCH=yes
WITH_BIG_CONCURRENCY_PATCH=yes WITH_OUTGOINGIP_PATCH=yes"
What is better ?

It does not matter what method you use. The difference between the smtpd-auth patches may be the way they function, you can't apply both. I have never used that auth patch, so i don't know how it functions. I know my patch works, so you should use that instead, as i am unable to guarantee that the patch you are using will take the same arguments for it's passwd checking procedure, which might make you an open relay.

Ok, thanks.
My problem wasn't really a problem ^^". It's just because I'm weak with no "easy click install" (like Windows programs). I've lot to learn.

So, I've made here exactly what you wrote, applying your patch and I've an error :
"make: don't know how to make force-enable-qmail. Stop"
May I have to install a special tool to do that ? Or have I made a mistake ? Is it due to the system I use ? (FreeBSD 5.4)

I'm really sorry to ask so stupid questions -_-"

No, that is because of the fact that the Makefile has changed again, just ignore the error and continue installing.

Hi guys.. Thanks for a really nice guide.. although i have a problem.

When i send a mail for test@elvis78.dk ex.

I get this error:

Hi. This is the qmail-send program at kimmer.dk.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<test@elvis78.dk>:
Sorry, no mailbox here by that name. (#5.1.1)

--- Below this line is a copy of the message.

Its like its not connected to vpopmail ? How to i merge qmail and vpopmail ?

it should say: Sorry, no mailbox here by that name. (#5.1.1) vpopmail etc etc...

Although i can see it waits for me in queue for qmail (i can see that in qmail, but can only send to local users, virtual domains wont work)

I have followed the guide 100%

And another thing.. how do i get the smtp-auth thing to work ? smtp server works now.. and i have compiled with the patch.. but i dont ask me for password in Outlook.

Hope you guys can help.

Kind Regards
Kim

Kim: did you use vadddomain? Also, for AUTH, it won't be required if you are sending to local domains, and or remote domains, but if you want to relay, you need to set it up.

If you followed the guide a 100%, both of these issues would be non-issues, as both were explained, and or set up the way they should be set up.

X-Istence: I did use ./vadddomain elvis78.dk
Although i just deleted the domain and added it again.. And it works now. Thx :D

How do i setup the auth thing ? Cant find any documentation on the guide ?

Auth is setup if you followed the guide. It was some modifications to the qmail-smtpd run file, which are seen as all those sed commands you executed. It should work now for any domain under control of vpopmail.

Thanks.

Just one more question.

Can i get my FreeBSD to automaticly run: /usr/local/vpopmail/domains/imapdir.sh
Whenever a user is added ?

hi... great guide, when i run ./imapdir.sh i get:

./imapdir.sh: 3: Syntax error: "|" unexpected

i had managed to set the mail server up, i sent mail through my other mail account and checked qmailadmin and it shows that it got the mail i sent from my other account. am i all good to go or do i really have to do ./imapdir.sh?

another, if i like to create a webmail interface for my mail server, can i automatically go with the "IMP webmail" tutorial?

please help. thanks

i'm using FreeBSD 5.4 with vpopmail 5.4.6 and qmailadmin 1.2.0...

So, I finally, with greatfull help to this document, finished to install the mailserver.
I am now trying to see them with a webmail. I heard some good things about squirrelmail. So I installed it and I easy can send mails but, I don't see received mails.
I think my problem is I receive my mails with POP (because when I use Outlook with POP, I see them), but I want to receive them in IMAP.
Have I forgot something or must I to configure specially some stuff ?

(Excuse my bad english and my weaknesses again.)

Pouic: You need to run imapdir.sh.

Omegahash: Make sure you pasted it into cat, using the code i used, using the shell tcsh. Using edit, and pasting it into the the file will not work, as there are escapes in the code, which would cause it to fail.

That's what I made :
# cd /usr/local/vpopmail/domains/
# ./imapdir.sh

The result :
mkdir: IMAPdir: File exists
ln: INBOX: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX/Maildir: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX/Maildir: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX/Maildir: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX: File exists
mkdir: .spamassassin: File exists

This says that the script is good I think.

But, I can't even receive mails with IMAP.
When I use Outlook, if I don't create a POP account, I don't receive mails, and it's the same with my webmail.

Hrm. What error do you get, if any? In your users folder, check for the folder Maildir, and also for the Folder IMAPdir. In IMAPdir there should be an symlink like this:

INBOX -> ../Maildir

If there is not, remove whatever is there currently, and type the following in that directory:

ln -s ../Maildir INBOX

If it still fails after that, i would have no clue what is wrong. (My script should do this automatically, so it would be weird for it to fail).

I havn't this "INBOX -> ../Maildir". So after have done what you said, it's working well ^^. Thanks a lot :)

But, I don't understand why it had not work before that :/
I just copy your script and execute like you said.
The script is in this folder : /usr/local/vpopmail/domains
and in my dimain folder I have now two folders ".spamassassin/" and "IMAPdir/"
I think that is not good ?
In this IMAPdir folder, I have the INBOX -> ../Maildir symlink.
Is it possible the script it had done that ?

The script is exactly the same as yours :
#!/bin/sh
OLDPWD=$PWD
for i in `find /usr/local/vpopmail/domains/ -type d -maxdepth 1 | grep -v '^.$'`; do
        cd $i
                for e in `find . -type d -maxdepth 1 | grep -v '^.$'`; do
                        cd $e
                        mkdir IMAPdir
                        chmod 700 IMAPdir
                        chown vpopmail:vchkpw IMAPdir
                        cd IMAPdir
                        ln -s ../Maildir INBOX
                        cd ..
                        mkdir .spamassassin
                        chmod 700 .spamassassin
                        chown vpopmail:vchkpw .spamassassin
                        cd ..
                done
        cd ..
done
cd $OLDPWD

I don't see a problem with it. Just do it by hand if it fails again.

hi to all, i've managed to set the mailserver up.. after a week of working on it using this guide...hehehe... thanks very much to X-Istence for the patience...

the only thing troubling me is the masking of my address..  my current email address after this guide is omegahash@xxxxxx.xxx@mail.xxxxxx.xxx. does any one know how to fix this to just omegahash@xxxxxx.xxx.

thanks...

sorry for flooding. i just refreshed the page and it automatically addedd my post again and again. i didn't know it behaves like this. sorry

I have never seen that problem omegahash. Go back and redo the virtualdomains part, and the adding of your domain.

ok, everything seems fine now. but when i send mail i get the error: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1). i remember a post about this problem here but the answer wasn't published.

thanks for the help.

omegahash: When do you get that error? When you are sending mail to outside your domain, like hotmail, gmail, or other mail servers? Or do you get it when you try to send an email to your own domain?

when i send mail outsie my domain. sending mail to my own domain works fine.

You need to enable SMTP auth in your mail client, so that you can send outside of your own domain.

should i redo the whole guide or do i have to just modify/create something.

The guide is for server configuration.  All you are missing right now is client configuration.  You just need to configure your mail client (Outlook, Thunderbird, etc.) to use SMTP Authentication using your email address and password.

Hi, I'v done everything like in the guide but there's a problem... when I send emails there comes no error but the email never arrives... its the same from outside allso, I send emails from outside and I never get those emails. Is there anything I can do for this?

regards,
T.

What do your logs say.

tail -F /var/log/qmail/current

Also, check to make sure your ISP is not blocking port 25.

mail# tail -F /var/log/qmail/current
@40000000433aa8b634e7f00c delivery 32: deferral: 216.136.204.125_does_not_like_recipient./Remote_host_said:_450_Client_host_rejected:_cannot_find_your_hostname,_[80.80.174.34]/Giving_up_on_216.136.204.125./
@40000000433aa8b634fc81ac status: local 0/10 remote 0/20
@40000000433aa99535b4e4cc starting delivery 33: msg 380 to remote RoxanneWiesel@impossibles.net
@40000000433aa99535b64c2c status: local 0/10 remote 1/20
@40000000433aa9d13b23464c delivery 33: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
@40000000433aa9d13b244fec status: local 0/10 remote 0/20
@40000000433aaa4700393a64 starting delivery 34: msg 328 to remote freebsd-fs-bounces+fd1f4b21eec2f775eb172c556121d24fbec1ea3b@freebsd.org
@40000000433aaa47003aa994 status: local 0/10 remote 1/20
@40000000433aaa48127b4ce4 delivery 34: deferral: 216.136.204.125_does_not_like_recipient./Remote_host_said:_450_Client_host_rejected:_cannot_find_your_hostname,_[80.80.174.34]/Giving_up_on_216.136.204.125./
@40000000433aaa48127c71dc status: local 0/10 remote 0/20
@40000000433aae4513a31f5c starting delivery 35: msg 380 to remote RoxanneWiesel@impossibles.net
@40000000433aae4513a6440c status: local 0/10 remote 1/20

this is the output... I'v asked my ISP they said they don't block port 25 :S
What I noticed is that when I reboot my server it sends all my email-s but It don't recieve any... So i rebooted today my server and I got those emails from yesterday

regards,
T.

It is not sending those messages because the freebsd.org server is denying your host-name, as it can't find it. Fix that, and mail will go through as planned. as for the impossibles.net ones, the remote SMTP is not replying to your requests, thus it is not able to send the email to them.

Emails are handled every second, so if an email comes in, and shows up in that log as being "local" then you should receive it almost instantaneously. Rebooting does the same as when you run:

svc -a /var/service/qmail

it tells qmail to try to deliver all emails again.

Now it started working alone :| I don't know what happened... but I have now another problem and that is with imap, I can get emails only via pop3, imap doesnt work and also when I check on webmail (squirrelmail) it doesnt get emails...

thanks in advance :)
T.

thanks for the help.. finally been able to make it work... great guide with great "tech support" heheheheh... hope to help you in return...

taulant: $10 says you did not run IMAPdir.sh after creating the domain/users. (I am broke :P). Run the script, and it should work.

Omegahash: great. Yeah, i should start doing the tech support for money, i could use it :P

I did that and still its not working :(

mail# ./imapdir.sh
mkdir: IMAPdir: File exists
ln: INBOX: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX/Maildir: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX/Maildir: File exists
mkdir: .spamassassin: File exists
mkdir: IMAPdir: File exists
ln: INBOX: File exists

do you know what else could be a problem?

thanks for your help

taulant: Check if the INBOX symlink exists in the IMAPdir folder, and if it is correctly pointing to where it is supposed to be.

If need be, do it by hand. Remove IMAPdir/INBOX, and add it again by hand by going into the IMAPdir directory, and issuing: ln -s ../Maildir INBOX

lrwxr-xr-x  1 root      vchkpw   10 Sep 28 23:07 INBOX -> ../Maildir

Its like this...

Looks fine. There was another person with the same problem, I have no clue why the problem is occurring. I know it works on my systems.

When installing on FreeBSD 5.4 and 6-BETA5 I found that svscan was having trouble running spamassasin. Every time I ran:
svstat /var/service/*
I would see long running times for everything except spamd-service (always 1 or 2 seconds meaning that it was constantly exiting and being started again).

I ran /var/service/spamd-service/run manually and saw that the config file was generating errors. It seems that spamassasin doesn't like 5 or 6 of the options given in this guide. When I commented our all the lines mentioned as errors spamassasin started working.

Apart from that, fantastic guide!

What options was it not liking? They made some changes to the port, and added some options to remove certain parts, which might cause it to barf.

Hi its me again:)
I changed my server and I installed freebsd and everything on it from the begining and I installed mailserver also but I have now another problem :/
I can recieve email via IMAP only with my first email address I added so the 2-nd one I added its not working :S do you have any idea what could be the problem?

regards and thanks in advance,
T.

I installed everything following this guide. Now I installed squirrelmail and configured it. When I go to configtest.php I don't get any error's but when I try to login I get this error
----------------------------
Bad request: IMAP server does not appear to support the authentication method selected. Please contact your system administrator.
----------------------------
What is wrong? how can I solve it?

Hmmm, ive never seen that error, I have it running on several servers with squirrelmail. In your config, check what authentication method you have set.

defiant# cat config.php | grep auth
$hide_auth_header         = false;
$smtp_auth_mech = 'none';
$imap_auth_mech = 'login';
defiant# cat config_default.php  | grep auth
* Advanced IMAP authentication options control
* Advanced SMTP authentication options control
* SMTP authentication mechanism
* auth_mech can be either 'none', 'login','plain', 'cram-md5', or 'digest-md5'
* @global string $smtp_auth_mech
$smtp_auth_mech = 'none';
* IMAP authentication mechanism
* auth_mech can be either 'login','plain', 'cram-md5', or 'digest-md5'
* @global string $imap_auth_mech
$imap_auth_mech = 'login';
* @global bool $hide_auth_header
$hide_auth_header = false;

Try setting the $imap_auth_mech back to 'login', if it is set to that, then I am sorry, but I would be unable to help.

I already tried that once. I change it to 'login', and then I always get the error after logging in:
------------------------------
Unknown user or password incorrect.
------------------------------
Whatever mail-user I try. I make a new user with qmail and keep getting the same error.

How are you logging in?

Using:

<username>

or

<username>@<domain>


With the password?

Damnit, it ate my comment:

Using:

[username]

or:

[username]@[domain]

with the password?

I tried both...

You need to use [user][at][domain] and the password. Are you adding the accounts to vpopmail using the ./vadduser utility, or what are you doing?

If you set everything up correctly you should be able to login no problems at all. Can you log in with a normal mail client like Thunderbird/Mail.app/Outlook?

When I configure thunderbird for this mail I don't get any error!

I am using squirrelmail for my webmail and I also got that message when i started. To fix the problem just enable the php_openssl.dll in your php.ini then check if $imap_auth_mech = 'login'. Also remember to change '$imapServerAddress = 'localhost'' to the ip or domain of your mail server if setting up squirrelmail on  a different box.

This looks like a great tutorial and I'd like to try it.

I'm currently running sendmail with about 50 users. Do I need to do anyting in preperation to using your tutorial, such as disable sendmail?

Thanks,
PJ

Hi,

Just an update, I just ran through the guide fresh on FreeBSD 6.0-RELEASE.

My spamd-service wasn't starting, because I'd cut-n-pasted from this guide and you're backslash escaping an exclimation mark that you don't need to (at two points in this guide:
  echo '#!/bin/sh'..

If you notice insane amounts of usage by perl after activating spamd it might be the same problem i had.

/usr/local/bin/spamd says
#!/usr/local/bin/perl5.8.7 -T -w
change that to just
#!/usr/local/bin/perl

i didn't notice the logs that were filling up (most likely what slowed my server down). Solution came from http://forum.qmailrocks.org/archive/index.php/t-349.html

It would be fine if you uncomment the line where the bayes_path is defined because this cause two defunct processes on my process status and the qmail doesnt start because spamassassin never started.
Yours,
Leonardo

This guide works on 6.1

I want to give credit to the author. Its been over 3 years since I ran a qmail server and it was on Solaris. I did a lot of cut and paste from this guide... it works but I hate re-learning this way. I have to go back and figure out why the author did things the way he did  ::embarrassed::  lol!

Anyway.. good stuff!

I tried this guid on FreeBSD 6.1 and its working better than in 5.4 :) now Imap and webmail are working perfectly... but I have another problem now... when I try to use qmailadmin it wont let me log-in :( it says Invalid Login. Anyone have a clue about this?

regards,
T.

Hi i'm kinda new to this whole mail server thing so i'm just woundering can i have more than one domain and if thats possible how do i add them. the thing is i have 3 domains one that's mine and two that i share with fiends and it would be cool if i could use them all on one mail server instead of just forward the adresses.

P-A, Yes you can add as many as you wish.
/usr/local/vpopmail/bin/vadddomain yourdomain.com
/usr/local/vpopmail/bin/vadddomain yourfriendsdomain.com

etc :)

Wow this is a great guideline!! Thanks so much..

Everything is working well but I need to be able to allow
myself the ability to send via my mail server.

I get the

"The message could not be sent because one of the recipients was rejected by the server. ..........SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79"

Error..

I tried adding "65.19.236.99:allow,RELAYCLIENT=""" to tcp.smtp which is my static IP and recomipling it with

/usr/local/bin/tcprules tcp.cdb tcp.tmp < tcp

but I'm still getting the same error.

I do NOT want to open up relaying to the world but would like to allow myself the ability of sending via. my mail server.

Any help would be great!!

Kind Regards,
Axten

The qmail patch that was installed allows for relaying using SMTP Authentication.  You just have to enable SMTP Authentication in your mail client to use your pop3 user/pass and then you can send email anywhere providing you authenticated properly.

Hey i have a little problem but i searched this article and i didn't find anything...
It looks like that
when i open http://yourserversname.com/cgi-bin/qmailadmin/qmailadmin
it askes me if i want to download file qmailadmin which is a application/octet-stream
i use mozilla firefox and i just don't get it
please help me
thx

actually i have it like that http://mydomain.org/cgi-bin-dist/qmailadmin/

i'm really sory for so many posts but i'm going loco with that qmail and i think i've finnaly found the right place to learn sth
Have i made mistake when i installed qmailadmin like that
cd /usr/ports/mail/qmailadmin
make all install clean CGIBINDIR=www/cgi-bin-dist WEBDATADIR=www/data-dist

I have a problem with smtp-auth.
No matter what email address or password I give to my mail client, I am able to send mail through my remote qmail server. I cannot send mail without using smtp-auth... so the auth part works partly... but does not require a valid username/password :(

I use FreeBSD 6.2 and followed the guide step by step, except that I did not download your qmail-smtpd-auth patch, but used the one that comes with ports (qmail-smtpd-auth-0.31). I just selected it along with the other patches (QMAILQUEUE, BIG_TODO, BIG_CONCURRENCY, OUTGOINGIP) during make.

Is my smtp-auth not working properly because I used a different patch or could something else be wrong?

Thanks for a great guide :)

Why someone used my qmail-remote to send spam?
qmailr 19495  0.0  0.1  1212   640  ??  S     5:16AM   0:00.00 qmail-remote ncft.com.cn sales@ncft.com.cn
qmailr 19509  0.0  0.1  1212   640  ??  S     5:16AM   0:00.00 qmail-remote hongyan.com sales@hongyan.com
qmailr 19516  0.0  0.1  1212   640  ??  S     5:16AM   0:00.00 qmail-remote cd-expert.com.cn sales@cd-expert.com.cn
How can I stop this s**t?

Thanks

Because You have problems with smtp-auth and Chinese people are abusing Your server
to send spam.

The smtp-auth patch need to be tested carefully before You are sure,
Your server is safe.

STEP 1: REPAIR SMTP-AUTH

The server does use base64 encoded strings so You need
a tool to encode-decode the massages. There is a cmdline version
named 'cmd5checkpw-0.22.tar.gz' or You can use this:
64base encode-decode

let's code:

mailer-daemon is equal to bWFpbGVyLWRhZW1vbg==
VXNlcm5hbWU6  is equal to Username:
UGFzc3dvcmQ6  is equal to Password:

SO TEST:
#telnet <your-server> 25
YOU: EHLO blablabla
ANS: 250-sun.teleshop.fr
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
YOU: AUTH LOGIN
ANS (USERNAME): 334 VXNlcm5hbWU6
YOU (mailer-daemon): bWFpbGVyLWRhZW1vbg==
ANS (PASSWORD): 334 UGFzc3dvcmQ6
YOU (mailer-daemon): bWFpbGVyLWRhZW1vbg==
ANS: 235 ok, go ahead (#2.0.0)
YOU: QUIT

If You get an 535 authorization failed (#5.7.0), this is OK.
However, if You get an 235, shit is hitting the fan (Your case).

Because:
You can AUTH with every random user and password.

Why ?

You have a mistake in Your Daemontools run script of qmail-smtpd:

WRONG:
...
/var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /usr/bin/true 2>&1

RIGHT:
...
/var/qmail/bin/qmail-smtpd $LOCALNAME /usr/local/vpopmail/bin/vchkpw /usr/bin/true 2>&1
...

you can verify this by man qmail-smtpd.

To debug Your SMTP I do this:

a) I use syslog-ng because it provides rotating logs.
b) I create a FIFO and I use recordio (man recordio) to send all
    messages of smtpd to the LOG. I agree, i store mail twice.
    But I want to track back every problem...

mkdir /usr/local/log/mail
mkdir /usr/local/log/mail/qmail
mkdir /usr/local/log/mail/qmail/services
mkdir /usr/local/log/mail/qmail/services/smtpd
mkdir /usr/local/log/mail/qmail/services/qmail
mkdir /usr/local/log/mail/qmail/io
mkdir /usr/local/log/mail/qmail/io/smtpd
cd /var/log
ln -s /usr/local/log/mail
mkdir /var/qmail/pipe
chmod 700 /var/qmail/pipe
mkfifo /var/qmail/pipe/io-smtpd.pipe
chmod go-rw /var/qmail/pipe/*.pipe

And in syslog-ng.conf:
#==================================================================================================
# MAIL: QMAIL-SMTPD
# --------------------------------------------------------------------------------------------------
source mail_qmail_io_smtpd {
         pipe ("/var/qmail/pipe/io-smtpd.pipe");
};
destination mail_qmail_io_smtpd {
        file(
          "/usr/local/log/mail/qmail/io/smtpd/$R_YEAR/$R_MONTH/$R_YEAR-$R_MONTH-$R_DAY.mail_qmail_io_smtpd.log"
        );
};
log {
  source(mail_qmail_io_smtpd);
  destination(mail_qmail_io_smtpd);
  flags(final);
};
==================================================================================================

And this is my run-script:

#!/bin/sh
exec 2>&1
envdir ./env
sh -c '
    case "$REMOTENAME" in h) H=;; p) H=p;; *) H=H;; esac
    case "$REMOTEINFO" in r) R=;; [0-9]*) R="t$REMOTEINFO";; *) R=R;; esac
    exec
    envuidgid root
    softlimit ${DATALIMIT+"-d$DATALIMIT"}
    /usr/local/bin/tcpserver
        -pvDU"$H$R"
        ${LOCALNAME+"-l$LOCALNAME"}
        ${BACKLOG+"-b$BACKLOG"}
        ${CONCURRENCY+"-c$CONCURRENCY"}
        -xtcp.cdb
        -- "${IP-0}" "${PORT-25}"
        recordio 2>/var/qmail/pipe/io-smtpd.pipe
        /var/qmail/bin/qmail-smtpd $LOCALNAME
        /usr/local/vpopmail/bin/vchkpw /usr/bin/true 2>&1
'

You can test again with the procedures:

TEST 1: fake user and pass  should be 535 authorization failed
TEST 2: good user and pass should be 235 ok, go ahead (#2.0.0)
TEST 3: good user and fake pass should be 535 authorization failed

STEP 2: CLEAN YOUR QUEUE
(replace <abuser> with greeting of his HELO):

find /var/qmail/queue/mess -type f -print0 | xargs -0 grep -lR 'HELO <abuser>' | xargs -0 rm -f
rm /var/qmail/queue/bounce/*

So I hope I cleared this out.  You can thank me with this:

OFF-TOPIC: Please set Your SPF records in Your domains.
                  It's a barrier against spammers.

There is a SPF check patch for QMAIL. if You enable QMAIL with SPF check.
ref: man qmail-smtpd

Theonly thing You do is:
a)  add a TXT field in Your DNS with the wizzard You can find at
     http://www.mtgsy.net/dns/spfwizard.php
b)  put an extra environment variable in ENV of qmail-smtpd
     #echo 4 > /var/service/smtpd/env/SPFBEHAVIOR

And Your mails should have this in the headers:
Received-SPF: ....

Greetings,
Jurgen

When I run the script i get this error...

/usr/local/vpopmail/domains/imapdir.sh
/usr/local/vpopmail/domains/imapdir.sh: 3: Syntax error: "|" unexpected

I am behind a router. Are there any ports I need to forward? I have a domain registered with godaddy.com is there anything i need to do on there site for a mail service? I am using it for the website which I used your guide. I was wondering how do i get to send and recieve email do I need Horde or Do i need thunderbird?

Also what do I need to do to make it

smtp.thecircuitbox.com
pop3.thecircuitbox.com

?

Hi guys

I have a problem where it looks like spammers are using the box to relay email.

I have checked the suggestions above and i do get the following when i telnet on 25

220 mydomain ESMTP
EHLO
250-mydomain
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-PIPELINING
250 8BITMIME

This means i setup the SMTP auth right?

Now i have tested my mail server with the abuse.net service. Not sure if it is a good test or not but it does tell me that

Relay test 6
>>> RSET
<<< 250 flushed
>>> MAIL FROM:<spamtest@mydomain>
<<< 250 ok
>>> RCPT TO:<securitytest%abuse.net@mydomain>
<<< 250 ok

the first 5 tests get the

<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

so it seems i have a problem or is it a qmail problem?

Can anyone point me in the right direction to resolve this?

I don't even need to send mail from the server it should all be in the LOCAL queue anyway so maybe there is a way to turn the smtp-remote off?

please help me.....

porks: see Jurgen's comment above. You need to modify the run script for qmail-smtpd.

Hello,

At first, thank you for your great guide. Serving 10 domains using it. Only got a few problems:
1) With Jurgens solution, ($LOCALNAME) it works only for the default domain, other virtual domains cannot use smtp if using his solution.
2) Spam Asassin checks messages for spam only for default domain too, it doesnt touch e-mail messages for other vpopmail virtual domains.

With best regards and awaiting your answer,

Resnais

As everyone else said, thanks for your great guide. I am totally brand new at this stuff and was able to follow your instructions completely and successfully except for one thing...

I am able to send and receive email using the account I setup in your guide and can use the account in my outlook with no problem.

The problem is, I can not access the qmail admin webpage. I think I put something wrong in the section about your cgi-bin. I don't know where those settings are to check or change them.

my cgi-bin appears to be in /usr/local/www/apache22/cgi-bin

i think I screwed up the other thing in that same command about the datadir.

How can I find those settings and knowing what I think my cgi-bin location is how do I point it there? I am pretty sure that is why it is not working.

Any help would be appreciated.. Sorry for being so new at this. I just installed freebsd on a machine last week to try to learn how to get around in it because I have a managed server that I pay for with my hosted domains on it and I don't wan to practice on that one so I set one up and trying to duplicate the services that are running on that one, which is vpopmail, qmail, qmailadmin, horde, etc..

20071009:
  AFFECTS: users of mail/vpopmail
  AUTHOR: roam@FreeBSD.org

  The vpopmail port has been upgraded to version 5.4.20.  There are several
  important changes that may affect your vpopmail installation and may need
  you to handle manually:

  - THE MYSQL CONNECTION INFORMATION IS NO LONGER DEFINED AT COMPILE-TIME!
    The WITH_MYSQL_{USER,PASSWD,SERVER,DB} variables should NOT be defined
    when you build the port; place that information in the vpopmail.mysql
    file after vpopmail has been installed!
  - the default domain is also no longer defined at compile time - you need
    to place it in the defaultdomain file after the installation.
  - the defaultdomain and vpopmail.mysql files are no longer blindly removed
    on deinstallation, they are only removed if they have not been modified
  - in vpopmail 5.4.18, the database schema was changed - some fields were
    extended from 64 to 96 characters.  If you do not apply those changes
    to your database, as explained in the vpopmail/doc/UPGRADE file, your
    vpopmail installation may silently fail or lose the trailing portions
    of domain names and usernames.
  - in vpopmail 5.4.19, the upstream authors integrated large parts of
    Alex Dupre's SpamAssassin support, without the SPAM_THRESHOLD part.
    If you use vpopmail along with the SpamAssassin FreeBSD port support,
    take extra care to ensure that your installation still processes
    e-mail messages in the same way.
  - vpopmail 5.4.19 added support for maildrop as a mail delivery agent.
    This is available in the FreeBSD port if WITH_MAILDROP is defined.
    There is also a new user-limit flag for maildrop delivery.
  - vpopmail 5.4.19 added support for MySQL connections via Unix sockets
    instead of TCP sockets to the server.  To do that, change the second
    value (the port number) in vpopmail.mysql to the full pathname of
    the MySQL socket (e.g. /tmp/mysql.sock).
  - vpopmail 5.4.20 extended the LDAP support; please see README.ldap for
    more information, and specify the LDAP connection information in
    the vpopmail/etc/vpopmail.ldap file after the installation.

First of all, great guide. I've used it on two different machines with pretty good results. I say pretty good because the second machine is having a problem that I absolutely can't solve, and I'm hoping that someone who sees this thread may be able to offer some insight.

About twice a day during the day (i.e. when multiple users are active, has not yet happened at night), binc-imap stops working. By stops working, I mean it is still running, but not functioning correctly. Squirrelmail shows "Error: Connection dropped by imap server" when users try to log in and telnet localhost 143 gives

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

Instead of the usual

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Welcome to Binc IMAP Copyright (C) 2002-2005 Andreas Aardal Hanssen at 2009-01-16 14:35:51 -0500

svc -t /var/service/binc-imap doesn't fix the problem, the only way I have found to get the imap server back (other than rebooting) is to delete the /var/qmail/service/binc-imap directory and re-populate it using the steps in this guide.

My guess is it may have something to do with the supervise directory or the files within, since simply rebooting will get the imap server running correctly again. But, I can't find anything in the logs (and trust me, I have been grepping like mad for a week!) that relates to the problem.

Any insight or proposed solutions would be greatly appreciated.

It was bad file permissions on the /var/qmail/service/binc-imap directory, if anyone's curious.

is this guide still the best way to do things almost 5 years later?  

I would think some updates or important patches have been released since then that this guide doesn't take into account.  It wold be awesome if somebody experienced could draft a new one guide to replace this one or just give an OK to this guide still being complete and not missing any important patches.

Thanks!