The Linux Electronic Mail HOWTO: Qmail v1.03

4. Qmail v1.03

Secured, fast and easy to use, this is my preferred MTA (mail transport agent).

Currently, no distribution comes with qmail, so we will focus on compiling and installing qmail, since this is the only tricky part : configuration is really straightforward.

4.1 Getting qmail

Go to www.qmail.org to download latest version.

4.2 Uncompressing sources

Then decompress it running :


mv qmail.tar.gz /usr/local/src
cd /usr/local/src ; tar -zxvf qmail.tar.gz

If you find a bz2 version (new and better compression format), just replace tar by :


bunzip2 qmail.tar.bz2
tar -xvf qmail.tar

4.3 Preparing compilation

Now enter qmail dir to check configuration defaults :


cd qmail; more conf-*

You shouldn't need to change any default, but you can for exemple specificy an alternate installation dir or better compilation flags.

Now run :


mkdir /var/qmail

to create target dir.

If you haven't installed a Debian distribution, you'll need to add qmail own users : qmail's high security depends on that.

Nobody will be able to break your whole mail system or gain root access since qmail is divided into modules running each under their own UID.

So run :


   # groupadd nofiles
   # useradd -g nofiles -d /var/qmail/alias alias
   # useradd -g nofiles -d /var/qmail qmaild
   # useradd -g nofiles -d /var/qmail qmaill
   # useradd -g nofiles -d /var/qmail qmailp
   # groupadd qmail
   # useradd -g qmail -d /var/qmail qmailq
   # useradd -g qmail -d /var/qmail qmailr
   # useradd -g qmail -d /var/qmail qmails

or hand-edit /etc/passwd and /etc/group to add these users by yourself : for example you can respectively add :


        qmail:*:2107:
        nofiles:*:2108:


        alias:*:7790:2108::/var/qmail/alias:/bin/true
        qmaild:*:7791:2108::/var/qmail:/bin/true
        qmaill:*:7792:2108::/var/qmail:/bin/true
        qmailp:*:7793:2108::/var/qmail:/bin/true
        qmailq:*:7794:2107::/var/qmail:/bin/true
        qmailr:*:7795:2107::/var/qmail:/bin/true
        qmails:*:7796:2107::/var/qmail:/bin/true

Now you can run


make setup check

to check your configuration, then :


./config

to configure qmail.

Now you must install some aliases, since /etc/alias is not used by qmail unless you compile and install some optional package.

Here's my setup :


File : ".qmail-MAILER-DAEMON"
&postmaster
File : ".qmail-bin"
&root
File : ".qmail-daemon"
&root
File : ".qmail-decode"
&root
File : ".qmail-dumper"
&root
File : ".qmail-games"
&root
File : ".qmail-ingres"
&root
File : ".qmail-mailer-daemon"
&postmaster
File : ".qmail-manager"
&root
File : ".qmail-news"
&root
File : ".qmail-nobody"
&root
File : ".qmail-operator"
&root
File : ".qmail-postmaster"
&root
File : ".qmail-root"
&guylhem
File : ".qmail-system"
&root
File : ".qmail-toor"
&root
File : ".qmail-uucp"
&root
File : ".qmail-uucp-default"
|preline -dr /usr/bin/uux - -r -gC -a"${SENDER:-MAILER-DAEMON}" lm!rmail "($DEFAULT@$HOST)"

You need to create each of these file in ~alias, replacing &guylhem in .qmail-root by your own login to get root mail.

ATTENTION UUCP USERS !

DO NOT TRUST QMAIL FAQ FOR UUCP, USE MY .qmail-uucp-default INSTEAD ! ELSE YOU WILL NOT BE ABLE TO SEND ANY MAIL BY YOUR UUCP CONNEXION !

Now you'll need to decide in which format your users will get their mail.

Here's my suggestion :

For NFS mounted home dirs, use MAILDIR format with a patch for local mail readers (patchs are available on www.qmail.org)
If no patch is available, prefer MAILFILE format : any mail reader can read a file containing mail, people will only need to create an alias (for bash) or a setenv (for csh) for their mail reader
Avoid /var/spool/mail/$USER format, too unsecure

To fix default format, read each file in /var/qmail/boot then copy the one you best like to /var/qmail/rc.

home or proc are safe choices, but prefer home for security reasons.

4.4 Configuring qmail

In /var/qmail/control, edit :

defaultdomain, me, plusdomain

me is you local FQDN (full qualifyied domain name), for exemple on my machine it is barberouge.linux.lmm.com
defaultdomain will be added to any host name without dots, including defaulthost, for example you can set it to localnetwork so any mail sent to joe@hisbox will be completed to be sent to joe@hisbox.localnetwork instead
plusdomain is the exception : is is added to any host name that ends with a plus sign, including defaulthost (set in me) if it ends with a plus sign.

These 3 examples shows you the power and ease of configuration of qmail !

locals, rcpthosts

If you want to support virtual domain names, just put additional names in these files.

Any mail you receive for these names will be handled locally.

The difference between locals and rcpthosts is the latter isn't considered as a local alias, which is usefull if you receive mail from some free email address like yahoo.com or lemel.fr while you also send mail to other users of these non local services, i.e. you don't want to handle locally mail send to someone@yahoo.com !

virtualdomains

There can you specify defaut outgoing mode, for example :


#:alias-uucp

if you don't want to send outgoing mail by uucp but by smtp (default) or


:alias-ucp

if you send your outgoing mail by uucp.

4.5 Testing qmail

Now it is configured, try :


sh -cf '/var/qmail/rc &'

to launch qmail (it won't interfere with your local MTA), then :


echo to: mylogin | /var/qmail/bin/qmail-inject

You should receive this mail in the format you've chosen in /var/qmail/boot/.

4.6 Removing your other MTA

If this test was successfull, just kill your previous MTA :

killall -STOP daemon_name ; if any children are running, you should killall -CONT their_name, wait, killall -STOP again, and repeat ad nauseam.

If there aren't any children, killall -TERM and then killall -CONT.

Remove it (how you can do this depends on the distribution you installed, for example rpm -e --nodeps on RedHat, Caldera and Suse, or dpkg -r --force-depends on Debian) then run :


# ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
# ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail

Now set up qmail-smtpd in /etc/inetd.conf (all on one line):


smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qmail-smtpd

If you are using a old non-SYSV-init distribution like redhat, just add to your boot scripts :


sh -cf '/var/qmail/rc &'

Usually /etc/rc.local but your mileage may vary.

For actual SYSV-init compliant distributions (RedHat, Caldera, Suse, Debian), add this script to /etc/init.d/ :

DEBIAN version :


#!/bin/sh

test -x /var/qmail/rc || exit 0

case "$1" in
  start)
     echo -n "Starting mta: "
     sh -cf '/var/qmail/rc &'
     echo "qmail."
     ;;
  stop)
     echo -n "Stopping mta: "
     killall qmail-lspawn
     echo "qmail."
     ;;
  restart)
     echo -n "Restarting mta: "
     killall -HUP qmail-lspawn
     killall -ALRM qmail-lspawn
     echo "qmail."
     ;;
  *)
     echo "Usage: /etc/init.d/qmail {start|stop|restart}"
     exit 1
esac

exit 0

REDHAT version :


#!/bin/sh
#
# qmail      This shell script takes care of starting and stopping qmail.
#
# description: qmail is a Mail Transport Agent, which is the program \
#              that moves mail from one machine to another.
# processname: qmail
# config: /var/qmail/control/

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

export PATH=$PATH:/var/qmail/bin

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

[ -f /usr/sbin/sendmail ] || exit 0

# See how we were called.
case "$1" in
  start)
        # Start daemons.
        echo -n "Starting qmail: "
        qmail-start '|preline procmail' splogger qmail &
        touch /var/lock/subsys/qmail
        echo
        ;;
  stop)
        # Stop daemons.
        echo -n "Shutting down qmail: "
        killproc qmail-lspawn
        echo
        rm -f /var/lock/subsys/qmail
        ;;
  restart)
        $0 stop
        $0 start
        ;;
  status)
        status qmail
        ;;
  *)
        echo "Usage: qmail {start|stop|restart|status}"
        exit 1
esac

exit 0

And make symlinks to each /etc/rcN.d/, for example :


ln -sf /etc/init.d/qmail /etc/rc1.d/K19qmail

If the first letter is K, you will kill qmail on this runlevel (1 for single mode or 6 for boot), but if the first letter is S, you will start qmail on this runlevel (each others runlevel).

How to decide whether you should put a K or a S ? Do what the majority of dæmons in this runlevel do !
What number should you put after K or S ? The number next to your network daemon.

RedHat, Caldera and Suze will use /etc/rc.d/ instead of plain /etc/ for Debian distribution, i.e. /etc/rc.d/rc1.d or /etc/rc.d/init.d for example.

4.7 That's all, folks !

No need to reboot (remember, you're using linux, not some other cheap OS !) for the modifications to take effect, just run :


killall inetd
init 1

To go to single user mode, then :


init 2

to go back to your default runlevel (indicated in /etc/inittab with initdefault label).

You could also hand-start qmail script but "init" method will show you if qmail script is well positionned, i.e. lauched after network scripts but before any program depend on email to warn you (like inn).