Setting up Qmail Server on CentOS 6

On 05/07/2013, in MailServer, by m.kamal

Note: This article covers most options of qmail installation & configuration, as we have gathered most needed Qmail packages to a powerful mail server, and satisfy all system administrator needs. Wish you all the best of luck. Let’s start..,

Qmail

is a secure, reliable, efficient, simple message transfer agent. It is meant as a replacement for the entire sendmail-binmail system on typical Internet-connected UNIX hosts.

Secure: Security isn’t just a goal, but an absolute requirement. Mail delivery is critical for users; it cannot be turned off, so it must be completely secure.

Reliable: qmail’s straight-paper-path philosophy guarantees that a message, once accepted into the system, will never be lost. qmail also supports maildir, a new, super-reliable user mailbox format. Maildirs, unlike mbox files and mh folders, won’t be corrupted if the system crashes during delivery. Even better, not only can a user safely read his mail over NFS, but any number of NFS clients can deliver mail to him at the same time.

Efficient: On a Pentium under BSD/OS, qmail can easily sustain 200000 local messages per day—that’s separate messages injected and delivered to mailboxes in a real test! Although remote deliveries are inherently limited by the slowness of DNS and SMTP, qmail overlaps 20 simultaneous deliveries by default, so it zooms quickly through mailing lists.

Simple: qmail is vastly smaller than any other Internet MTA. Some reasons why:

(1) Other MTAs have separate forwarding, aliasing, and mailing list mechanisms. qmail has one simple forwarding mechanism that lets users handle their own mailing lists.

(2) Other MTAs offer a spectrum of delivery modes, from fast+unsafe to slow+queued. qmail- send is instantly triggered by new items in the queue, so the qmail system has just one delivery mode: fast+queued.

(3) Other MTAs include, in effect, a specialized version of inetd that watches the load average. qmail’s design inherently limits the machine load, so qmail-smtpd can safely run from your system’s inetd.

Replacement for sendmail: qmail supports host and user masquerading, full host hiding, virtual domains, null clients, list-owner rewriting, relay control, double-bounce recording, arbitrary RFC 822 address lists, cross-host mailing list loop detection, per-recipient checkpointing, downed host backoffs, independent message retry schedules, etc. In short, it’s up to speed on modern MTA features. qmail also includes a drop-in “sendmail” wrapper so that it will be used transparently by your current UAs.

2. Required packages

There are five packages needed for this qmail install.

2.1 netqmail-1.06.tar.gz

qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts. As of October 2001, qmail is the second most common SMTP server on the Internet, and has by far the fastest growth of any SMTP server.

2.2 ucspi-tcp-0.88.tar.gz

It is a tool similar to inetd. ucspi-tcp listens in 25 port and spawns qmail-smtpd when required. ucspi-tcp stands for Unix Client Server Program Interface for TCP.

2.3 daemontools-0.76.tar.gz

daemontools is actually a tool to manage & monitor daemons linux. It is used in qmail as well to manage qmail daemons.

2.4 checkpassword-0.90.tar.gz

checkpassword provides a simple, uniform password-checking interface to all root applications. It is suitable for use by applications such as login, ftpd, and pop3d.

2.5 qmail-smtpd-auth-0.31.tar.gz

This patch enables SMTP AUTH protocol with following auth types: LOGIN, PLAIN and CRAM-MD5.

3. Qmail Install

Install required package:

yum install gcc gcc-c++ make patch pam-devel openssl*  wget vim-common vim-enhanced -y

3.1 Get the files

Download files and place them into the /usr/local/src directory. This document refers to that directory for install procedures.

cd /usr/local/src

wget http://www.qmail.org/netqmail-1.06.tar.gz

wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz

wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz

wget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz

wget http://members.elysium.pl/brush/qmail-smtpd-auth/dist/qmail-smtpd-auth-0.31.tar.gz

Now create /package directory and move daemontools-0.76.tar.gz to /package.

mkdir /package

mv /usr/local/src/daemontools-0.76.tar.gz /package

3.2 Create users and groups

Run following commands one by one, to create required users & groups

groupadd nofiles

useradd -g nofiles -d /var/qmail qmaild

useradd -g nofiles -d /var/qmail qmaill

useradd -g nofiles -d /var/qmail qmailp

useradd -g nofiles -d /var/qmail/alias alias

groupadd qmail

useradd -g qmail -d /var/qmail qmailq

useradd -g qmail -d /var/qmail qmailr

useradd -g qmail -d /var/qmail qmails

3.3 Compile & Install

Untar the Qmail source

cd /usr/local/src

tar -xzvf netqmail-1.06.tar.gz

Apply the SMTP patch

cd /usr/local/src

tar -xzvf qmail-smtpd-auth-0.31.tar.gz

cd qmail-smtpd-auth-0.31/

cp README.auth base64.c base64.h ../netqmail-1.06

patch -d ../netqmail-1.06 < auth.patch

Compile & install qmail.

cd /usr/local/src/netqmail-1.06

make setup check

4. Configure Qmail

4.1 Post Installation setup

Post installation configuration can be done by running following script.

./config-fast server.domain.com

4.2 Configure Qmail aliases.

Create a user named “admin” to receive all administrator emails.

useradd admin;

cd ~alias;

echo admin > .qmail-postmaster;

echo admin > .qmail-mailer-daemon;

echo admin > .qmail-root;

echo admin > .qmail-abuse;

chmod 644 ~alias/.qmail* ;

Create Maildir for “admin” user

su  admin

/var/qmail/bin/maildirmake ~/Maildir

4.3 Configure Qmail to use Maildir

Now we need to configure qmail to use the Maildir Format.
Create “/var/qmail/rc” with following contents.

#!/bin/sh

# Using stdout for logging

# Using control/defaultdelivery from qmail-local to deliver messages by default

exec env – PATH=”/var/qmail/bin:$PATH” \

qmail-start “`cat /var/qmail/control/defaultdelivery`”

Make “/var/qmail/rc” executable

chmod 755 /var/qmail/rc

Create “/var/qmail/control/defaultdelivery” file.

echo ./Maildir/ >/var/qmail/control/defaultdelivery

4.4 Replace Sendmail binaries

chmod 0 /usr/lib/sendmail ;

chmod 0 /usr/sbin/sendmail ;

mv /usr/lib/sendmail /usr/lib/sendmail.bak ;

mv /usr/sbin/sendmail /usr/sbin/sendmail.bak ;

ln -s /var/qmail/bin/sendmail /usr/lib/sendmail ;

ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail

5. Install ucspi-tcp

Untar the ucspi-tcp source.

cd /usr/local/src/

tar -xzvf ucspi-tcp-0.88.tar.gz

Patch ucspi-tcp with “ucspi-tcp-0.88.errno.patch” provided with net qmail.

cd ucspi-tcp-0.88

patch < /usr/local/src/netqmail-1.06/other-patches/ucspi-tcp-0.88.errno.patch

Install ucspi-tcp.

make

make setup check

6. Install checkpassword(In case you want to install qmail-pop2d instead of dovecot. don’t do this step)

Untar checkpassword source.

cd /usr/local/src

tar -xzvf checkpassword-0.90.tar.gz

Patch checkpassword with “checkpassword-0.90.errno.patch” provided with net qmail.

cd checkpassword-0.90

patch < /usr/local/src/netqmail-1.06/other-patches/checkpassword-0.90.errno.patch

Install checkpassword.

make

make setup check

7. Install daemontools

Untar the daemontools source

cd /package

tar -xzvf daemontools-0.76.tar.gz

Patch daemontools with “daemontools-0.76.errno.patch” provided with net qmail.

cd /package/admin/daemontools-0.76/src

patch < /usr/local/src/netqmail-1.06/other-patches/daemontools-0.76.errno.patch

Install daemontools

cd ..

package/install

8. Qmail Startup script

The “qmailctl” script is used as startup script for qmail.

8.1 Download qmailctl

cd /var/qmail/bin/

wget http://lifewithqmail.org/qmailctl-script-dt70

8.2 Setup qmailctl

mv  qmailctl-script-dt70 qmailctl

chmod 755 /var/qmail/bin/qmailctl

ln -s /var/qmail/bin/qmailctl /usr/bin

9. Setup qmail-send & qmail-smtpd

9.1 Create supervise script directories for qmail daemons

Create supervise directories for qmail-send, qmail-smtpd & qmail-pop3d.

mkdir -p /var/qmail/supervise/qmail-send/log

mkdir -p /var/qmail/supervise/qmail-smtpd/log

mkdir -p /var/qmail/supervise/qmail-pop3d/log

9.2 Create supervise script for qmail-send

Create supervise script for qmail-send with name “/var/qmail/supervise/qmail-send/run”.

The file should have following contents.

#!/bin/sh

exec /var/qmail/rc

9.3 qmail-send log daemon supervise script

Create qmail-send log daemon supervise script with name “/var/qmail/supervise/qmail-send/log/run”.

The script should have following contents

#!/bin/sh

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail

9.4 qmail-smtpd daemon supervise script

Create qmail-smtpd daemon supervise script with name “/var/qmail/supervise/qmail-smtpd/run”.

The script should have following contents

#!/bin/sh

QMAILDUID`id -u qmaild`

NOFILESGID`id -g qmaild`

MAXSMTPD`cat /var/qmail/control/concurrencyincoming`

LOCAL`head -1 /var/qmail/control/me`

if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then

echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in

echo /var/qmail/supervise/qmail-smtpd/run

exit 1

fi

if [ ! -f /var/qmail/control/rcpthosts ]; then

echo “No /var/qmail/control/rcpthosts!”

echo “Refusing to start SMTP listener because it’ll create an open relay”

exit 1

fi

exec /usr/local/bin/softlimit -m 9000000 \

/usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD” \

-u “$QMAILDUID” -g “$NOFILESGID” 0 smtp /var/qmail/bin/qmail-smtpd 2>&1

 

Create the concurrencyincoming control file.

echo 20 > /var/qmail/control/concurrencyincoming

chmod 644 /var/qmail/control/concurrencyincoming

9.5 qmail-smtpd log daemon supervise script

Create qmail-smtpd log daemon supervise script with name “/var/qmail/supervise/qmail-smtpd/log/run”.

The script should have following contents

#!/bin/sh

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd

9.6 Create the log directories and add execute permissions on the run scripts.

mkdir -p /var/log/qmail/smtpd

chown qmaill /var/log/qmail

chown qmaill /var/log/qmail/smtpd

chmod 755 /var/qmail/supervise/qmail-send/run

chmod 755 /var/qmail/supervise/qmail-send/log/run

chmod 755 /var/qmail/supervise/qmail-smtpd/run

chmod 755 /var/qmail/supervise/qmail-smtpd/log/run

 

10. Create soft link for the daemons in /service folder

10.1 Add qmail-send to /service folder

ln -s /var/qmail/supervise/qmail-send /service/qmail-send

10.2 Add qmail-smtpd to /service folder

ln -s /var/qmail/supervise/qmail-smtpd /service/qmail-smtpd

Note 1: The /service directory is created when daemontools is installed.

Note 2: The qmail system will start automatically shortly after these links are created.

** Before running command qmailctl, You should run “daemontools” with  following command

/command/svscanboot &

OR

Start daemontools with Upstart on CentOS 6 as it doesn’t work with sysvinit:

Remove the added line from /etc/inittab :
SV:123456:respawn:/command/svscanboot

- Create a new file /etc/init/svscan.conf , with the startup code in it:

start on runlevel [345]
respawn
exec /command/svscanboot

- Tell init to re-read its configuration files and start svscanboot:

# initctl reload-configuration
# initctl start svscan

If you  want to run it  now, do: qmailctl start

11. Install Vpopmail

11.1 Download Vpopmail

cd /usr/local/src/build

wget http://downloads.sourceforge.net/project/vpopmail/vpopmail-stable/5.4.28/vpopmail-5.4.28.tar.gz?use_mirrorbiznetnetworks

11.2 Extract Vpopmail

tar -xzvf vpopmail-5.4.28.tar.gz

11.3 Compile & build Vpopmail

wget http://garr.dl.sourceforge.net/project/vpopmail/vpopmail-stable/5.4.33/vpopmail-5.4.33.tar.gz

[root@Qmail src]# tar xvzf vpopmail-5.4.33.tar.gz

[root@Qmail src]# cd vpopmail-5.4.33

[root@Qmail vpopmail-5.4.33]# groupadd -g 89 vchkpw

[root@Qmail vpopmail-5.4.33]# mkdir /var/vpopmail

[root@Qmail vpopmail-5.4.33]# useradd -g vchkpw -u 89 -d /var/vpopmail vpopmail

./configure –enable-clear-passwd=y –enable-logging=y –enable-auth-logging=y –enable-roaming-users=y enable-ip-alias-domains=y

make

make install-strip

 

12. Installing Dovecot[pop3&imap(110/tcp&143/tcp)](*Recommended*) OR pop3d[pop3(tcp/110)only]

12.1 Installation of qmail-pop3d

cd /usr/local/src

tar xvzf checkpassword-0.90.tar.gz

patch < /usr/local/src/netqmail-1.06/other-patches/checkpassword-0.90.errno.patch

make

make setup check

mkdir /var/qmail/supervise/qmail-pop3d

 

vim /var/qmail/supervise/qmail-pop3d/run

#!/bin/sh

exec /usr/local/bin/softlimit -m 2000000 \

/usr/local/bin/tcpserver -v -R -H -l 0 0 110 /var/qmail/bin/qmail-popup \

FQDN /var/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1

mkdir /var/qmail/supervise/qmail-pop3d/log

vim /var/qmail/supervise/qmail-pop3d/log/run

#!/bin/sh

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \

/var/log/qmail/pop3d

 

chmod +t /var/qmail/supervise/qmail-pop3d

mkdir /var/log/qmail/pop3d

chown qmaill /var/log/qmail/pop3d

chmod 755 /var/qmail/supervise/qmail-pop3d/run

chmod 755 /var/qmail/supervise/qmail-pop3d/log/run

ln -s /var/qmail/supervise/qmail-pop3d /service

vim /usr/bin/qmailctl

12.2 Add the following to qmailctl’s “start” section:

if svok /service/qmail-pop3d ; then

svc -u /service/qmail-pop3d /service/qmail-pop3d/log

else

echo “qmail-pop3d supervise not running”

fi

12.3 Add the following to qmailctl’s “stop” section:

echo ” qmail-pop3d”

svc -d /service/qmail-pop3d /service/qmail-pop3d/log

12.4 Add the following to qmailctl’s “stat” section:

svstat /service/qmail-pop3d

svstat /service/qmail-pop3d/log

12.5 Add the following to qmailctl’s “pause” section:

echo “Pausing qmail-pop3d”

svc -p /service/qmail-pop3d

12.6 Add the following to qmailctl’s “cont” section:

echo “Continuing qmail-pop3d”

svc -c /service/qmail-pop3d

12.7 Add the following to qmailctl’s “restart” section:

echo “* Restarting qmail-pop3d.”

svc -t /service/qmail-pop3d /service/qmail-pop3d/log

Restart Qmail by ‘qmailtl restart’, and test mail server with other machine as a client with thunderbird

If you faced any problem, you can check logs files

SMTP logs:

# tailf /var/log/qmail/smtpd/current

AUTH Mail for both pop3 and smtp:

# tailf /var/log/maillog

** You might find ERROR like,

vpopmail[25940]: vchkpw-pop3: vpopmail user not found

** To solve it Run command below,

chmod ug+s /var/vpopmail/bin/vchkpw

13. Install Dovecot

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It’s fast, simple to set up, requires no special administration and it uses very little memory.

13.1 Download dovecot

cd /usr/local/src

wget http://www.dovecot.org/releases/1.2/dovecot-1.2.6.tar.gz

13.2 Extract dovecot

tar -xzvf dovecot-1.2.6.tar.gz

13.3 Compile & build dovecot

cd dovecot-1.2.5

./configure –with-ioloopIOLOOP –with-notifyNOTIFY –with-sslopenssl –with-passwd –with-passwd-file –with-shadow –with-pam –with-checkpassword –with-vpopmail –with-static-userdb

make

make install

13.4 Create certificate

mkdir -p /etc/ssl/certs/

mkdir -p /etc/ssl/private/

cd /usr/local/src/build/dovecot-1.2.5/doc/

chmod 755 mkcert.sh

./mkcert.sh

This will create /etc/ssl/certs/dovecot.pem & /etc/ssl/private/dovecot.pem

13.5 Create /etc/pam.d/dovecot

Contents of /etc/pam.d/dovecot is given below.

auth required pam_unix.so nullok

account required pam_unix.so

13.6 Create dovecot.conf file

cp -pv /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf

13.7 Edit dovecot.conf

Modify /usr/local/etc/dovecot.conf as given below.

protocols imap imaps pop3 pop3s

disable_plaintext_auth no

ssl_cert_file /etc/ssl/certs/dovecot.pem

ssl_key_file /etc/ssl/private/dovecot.pem

first_valid_uid 89

first_valid_gid 1

passdb vpopmail {

}

userdb vpopmail {

}

 

13.8 Create Dovecot startup script

Create /etc/init.d/dovecot with following contents.

#!/bin/bash

# /etc/rc.d/init.d/dovecot

# Starts the dovecot daemon

# chkconfig: – 65 35

# description: Dovecot Imap Server

# processname: dovecot

# Source function library.

. /etc/init.d/functions

test -x /usr/local/sbin/dovecot || exit 0

RETVAL0

prog”Dovecot Imap”

start() {

echo -n $”Starting $prog: ”

daemon /usr/local/sbin/dovecot

RETVAL$?

[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dovecot

echo

}

stop() {

echo -n $”Stopping $prog: ”

killproc /usr/local/sbin/dovecot

RETVAL$?

[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/dovecot

echo

}

# See how we were called.

case “$1″ in

start)

start

;;

stop)

stop

;;

reload|restart)

stop

start

RETVAL$?

;;

condrestart)

if [ -f /var/lock/subsys/dovecot ]; then

stop

start

fi

;;

status)

status /usr/local/sbin/dovecot

RETVAL$?

;;

*)

echo $”Usage: $0 {condrestart|start|stop|restart|reload|status}”

exit 1

esac

exit $RETVAL

 

Now, make /etc/init.d/dovecot executable

chmod 755 /etc/init.d/dovecot

13.9 Create dovecot user

useradd dovecot

13.10 Start dovecot

/etc/init.d/dovecot start

14. Vpopmail commands

Vpopmail tools are located in /var/vpopmail/bin/

 

authvchkpw clearopensmtp dotqmail2valias vaddaliasdomain vadddomain vadduser valias vchangepw

vchkpw vconvert vdeldomain vdelivermail vdeloldusers vdeluser vdominfo vipmap vkill vlist vmkpasswd

vmoddomlimits vmoduser vpasswd vpopbull vpopmaild vsetuserquota vusagec vuserinfo

 

14.1 Adding a domain

Domain can be added using following command

/var/vpopmail/bin/vadddomain testdomain.net

14.2 Adding an email account.

Email address is added using following command

/var/vpopmail/bin/vadduser [email protected]

15. Tweak Qmail installation for SMTP authentication

15.1 Configure qmail-smtpd run file

cd /service/qmail-smtpd

cp -pv run run.bak

Modify run file as given below.

#!/bin/sh

QMAILDUID`id -u qmaild`

NOFILESGID`id -g qmaild`

MAXSMTPD`cat /var/qmail/control/concurrencyincoming`

LOCAL`head -1 /var/qmail/control/me`

if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then

echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in

echo /var/qmail/supervise/qmail-smtpd/run

exit 1

fi

if [ ! -f /var/qmail/control/rcpthosts ]; then

echo “No /var/qmail/control/rcpthosts!”

echo “Refusing to start SMTP listener because it’ll create an open relay”

exit 1

fi

exec /usr/local/bin/softlimit -m 100000000 \

/usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD” \

-u 508 -g 508 0 smtp /var/qmail/bin/qmail-smtpd server.domain.com /var/vpopmail/bin/vchkpw /bin/true 2>&1

 

Note 1: 508 is the UID & GID of vpopmail

 grep 508 /etc/passwd

vpopmail:x:508:508::/var/vpopmail:/bin/bash

Note 2: Don’t forget to replace server.domain.com with your hostname in FQDN format.

15.2 Configure vchkpw

cp -pv /var/vpopmail/bin/vchkpw /var/vpopmail/bin/vchkpw.bak

chmod 755 /var/vpopmail/

chmod 4755 /var/vpopmail/bin/vchkpw

chown root.root /var/vpopmail/bin/vchkpw

qmailctl stop

qmailctl start

qmailctl stat

16 Restart services

Now, we have to restart Qmail & Dovecot.

16.1 Restart Qmail

qmailctl stop

qmailctl start

16.2 Restart Dovecot

/etc/init.d/dovecot restart

 

17. Spamassassin, ClamAV, Ripmime, and SimScan Installation.

SpamAssassin is a mail filter to identify spam. It is an intelligent email filter which uses a diverse range of tests to identify unsolicited bulk email, more commonly known as Spam. These tests are applied to email headers and content to classify email using advanced statistical methods. In addition, SpamAssassin has a modular architecture that allows other technologies to be quickly wielded against spam and is designed for easy integration into virtually any email system..

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates.

Freshclam is the automatic database update tool for Clam AntiVirus. It can work in two modes:

  1. interactive – on demand from command line
  2. daemon – silently in the background.

ripMIME – email attachment / decomposition tool.

Description

ripMIME is a command line tool used to aid in the extraction of email borne attachments to files which can be processed using other UNIX tools. ripMIME supports both the RFC MIME standards as well as being able to behave according to various MUA ‘features’ which are often used as exploitation holes.

SimScan is a program developed by Inter7, the same people who wrote vpopmail, qmailadmin, and several other programs which are commonly used on qmail servers. It serves the same purpose for which many people use qmail-scanner, however because it’s written in C instead of Perl it runs much more quickly, making it a better choice for high-volume mail servers.

Now it is time to make our e-mail server more secure, so to do that we will install Spamassassin, ClamAV, Ripmime, and SimScan.

18. SpamAssassin installation:

18.1 Upgrading spamassassain:

qmailctl stop

perl -MCPAN -e shell

cpan[1]> o conf prerequisites_policy ask

cpan[1]> force install Mail::SpamAssassin Mail::SpamAssassin::Plugin::Razor2

cpan[1]> quit

sa-update

spamdctl start

qmailctl start

18.2 Installing spamassassain from Perl prebuild package:

perl -MCPAN -e shell

o conf commit prerequisites_policy ask

install Mail::SpamAssassin

quit

OR

18.2 Installing spamassassain from SOURCE:

yum install mod_perl.x86_64 mod_perl-devel.x86_64 perl-CPAN

cd /usr/local/src

wget http://archive.apache.org/dist/spamassassin/Mail-SpamAssassin-3.3.2.tar.gz

tar -xzvf Mail-SpamAssassin-3.3.2.tar.gz

cd /usr/src/qmail/Mail-SpamAssassin-3.3.2

# perl -MCPAN -e shell

o conf prerequisites_policy ask

force install Digest::SHA HTML::Parser Net::DNS NetAddr::IP Time::HiRes Archive::Tar IO::Zlib Digest::SHA Mail::SPF IP::Country Razor2 Net::Ident IO::Socket::INET6 IO::Socket::SSL Compress::Zlib Mail::DKIM DBI LWP::UserAgent HTTP::Date Encode::Detect

o conf prerequisites_policy ask

 

perl Makefile.PL

make

make install

At this moment Spamassassin will complain about some dependences, but if no error message appear we can go ahead and continue the installation with no problems.

groupadd spamd

useradd -g spamd -d /etc/mail/spamassassin -s /bin/false -m spamd

chown -R spamd.spamd /etc/mail/spamassassin

Ok, now we need to create a directory and set Spamassassin to the initialization:

 mkdir /var/run/spamd

chown -R spamd /var/run/spamd

sa-update -D

18.3 Run spamd:

spamd -x -u spamd -H /etc/mail/spamassassin -s /var/log/spamd.log -d –pidfile/var/run/spamd/spamd.pid &

Let’s create a script for the Spamassassin initialization.

Copy and paste the following script to the file /etc/init.d/spamdctl:

#!/bin/sh

# description: the spamassassin daemon

case “$1″ in

start)

echo “Starting the spamassassin daemon (spamd)…”

spamd -x -u spamd -H /etc/mail/spamassassin -s /var/log/spamd.log -d –pidfile/var/run/spamd/spamd.pid

;;

stop)

echo “Stopping the spamassassin daemon (spamd)…”

kill `cat /var/run/spamd/spamd.pid`

;;

restart)

echo “Restarting the spamassassin daemon (spamd)…”

spamdctl stop

spamdctl start

;;

help)

cat <<HELP

stop — stops the spamassassin daemon

start — starts the spamassassin daemon

restart — stops and restarts spamd

HELP

;;

*)

echo “Usage: $0 {start|stop|restart|help}”

exit 1

;;

esac

exit 0

To make sure that smpad is running type the following command:

 ps aux | grep spamd

18.4 Added spamd on logrotate:

touch /etc/logrotate.d/spamd

Open the file and paste the text bellow:

vim /etc/logrotate.d/spamd

# Spamassassin Logrotate

/var/log/spamd {

daily

notifempty

missingok

postrotate

/usr/bin/killall -HUP spamd 2> /dev/null || true

endscript

}

19. Installing clamAV:

cd /usr/local/src

wget http://mirror.trouble-free.net/sources/clamav-0.97.6.tar.gz

tar -xzvf clamav-0.97.6.tar.gz

cd clamav-0.95.3

groupadd clamav

useradd -g clamav clamav

./configure

make

make install

19.1 Configuring freshclam:

 touch /var/log/freshclam.log

chmod 600 /var/log/freshclam.log

chown clamav /var/log/freshclam.log

cd /usr/local/src

wget http://shupp.org/software/toaster-scripts-0.9.1.tar.gz

cp /usr/local/src/toaster-scripts-0.9.1/freshclam /etc/init.d/freshclam

chmod 755 /etc/init.d/freshclam

ln -s /etc/init.d/freshclam /etc/rc.d/rc3.d/S100freshclam

chkconfig –add freshclam

chkconfig freshclam on

chkconfig freshclam –list

19.2 Adding freshclam to logrotate:

 cp /usr/local/src/toaster-scripts-0.9.1/freshclam.logrotate /etc/logrotate.d/freshclam

mkdir -p /var/qmail/supervise/clamd/log

mkdir -p /var/log/clamd

chown clamav /var/log/clamd

cp /usr/local/src/toaster-scripts-0.9.1/clamd.run /var/qmail/supervise/clamd/run

cp /usr/local/src/toaster-scripts-0.9.1/clamd.log.run /var/qmail/supervise/clamd/log/run

chmod 755 /var/qmail/supervise/clamd/run

chmod 755 /var/qmail/supervise/clamd/log/run

19.3 Edit the file freshclam.conf and follow the steps bellow:

vim /usr/local/etc/freshclam.conf

UpdateLogFile /var/log/freshclam.log

LogTime yes

LogSyslog yes

Let’s start the daemon clamd:

ldconfig

ln -s /var/qmail/supervise/clamd /service

/etc/init.d/freshclam start

!ERROR: Can’t change dir to /usr/local/share/clamav

*TO Solve follow steps below:

[root@Qmail src]# mkdir /usr/local/share/clamav

[root@Qmail src]# chmod 755 /usr/local/share/clamav

[root@Qmail src]# /etc/init.d/freshclam start

20. Installing ripmime:

 cd /usr/local/src

wget http://www.pldaniels.com/ripmime/ripmime-1.4.0.10.tar.gz

tar -xzvf ripmime-1.4.0.10.tar.gz

cd ripmime-1.4.0.10

make

make install

21. Simscan installation:

 cd /usr/local/src

wget http://garr.dl.sourceforge.net/project/simscan/simscan/simscan-1.4.0/simscan-1.4.0.tar.gz

tar -xzvf simscan-1.4.0.tar.gz

cd simscan-1.4.0

wget http://qmail.jms1.net/simscan/simscan-1.4.0-combined.3.patch

Running ripmime patch:

 patch -p0 < simscan-1.4.0-combined.3.patch

All right! If everything is worked as expected with this configuration simscan will delete automaticaly all the spam messages. In order to relax and control this process you can change the hit to the option –enable-spam-hits{number} (ex –enable-spam-hits{7}).

For any other type of configuration you can use:

./configure –help | less

./configure –enable-clamavy –enable-attachy –enable-dropmsgy –enable-spamy –enable-spamc-usery –enable-qmail-queue/var/qmail/bin/qmail-queue –enable-ripmime –enable-receivedy –enable-userclamav –enable-spam-auth-usery

!configure: error: Unable to find your clamav databases, specify –enable-clamavdb-path

TO Solve it add the path of clamdb as below,

–enable-clamavdb-path=/usr/local/share/clamav

 make

make install

echo “:clamyes,spamyes,spam_passthruyes,attach.vbs:.lnk:.scr:.wsh:.hta:.pif” > /var/qmail/control/simcontrol

/var/qmail/bin/simscanmk -g

echo ’127.:allow,QMAILQUEUE”/var/qmail/bin/simscan”‘ > /etc/tcp.smtp

qmailctl stop

qmailctl cdb

qmailctl start

qmailctl stat

22. Install AutoResponders:

cd /usr/local/src

wget http://www.inter7.com/devel/autorespond-2.0.5.tar.gz

tar zxvf autorespond-2.0.5.tar.gz

cd autorespond-2.0.5

gcc -Wall -o autorespond autorespond.c

cp autorespond /usr/local/bin

23. Install Ezmlm (Mailing List):

cd /usr/local/src

wget http://untroubled.org/ezmlm/archive/7.1.1/ezmlm-idx-7.1.1.tar.gz

tar zxvf ezmlm-idx-7.1.1.tar.gz

cd ezmlm-idx-7.1.1

make

make man

make setup

24. Install QmailAdmin (Web Control Interface):

cd /usr/local/src

wget http://garr.dl.sourceforge.net/project/qmailadmin/qmailadmin-devel/qmailadmin-1.2.16.tar.gz

tar zxvf qmailadmin-1.2.16.tar.gz

cd qmailadmin-1.2.16

./configure

make

make install-strip

25. Install Sqwebmail (Web Based Email Checking):

cd /usr/local/src

wget http://garr.dl.sourceforge.net/project/squirrelmail/stable/1.4.22/squirrelmail-webmail-1.4.22.tar.gz

cd squirrelmail-webmail-1.4.22

./configure -with-cachedir -enable-webpassvpopmail -with-moduleauthvchkpw

make configurecheck

make

make check

make install

# crontab -e

40 * * * * /usr/local/share/sqwebmail/cleancache.pl 2>&1 > /dev/null

chmod R 755 /usr/local/apache/htdocs/webmail
chmod R a+rx /usr/local/share/sqwebmail

26.  Adding MX recorde to DNS server:

Edit DNS zone file

# vim domain.com.db

$TTL    86400
@       IN SOA  server.domain.com.      root.domain.com. (
20000524        ; Serial
3600            ; Refresh
900             ; Retry
3600000         ; Expire
3600 )          ; Minimum

@                               IN NS           ns.domain.com.
server.domain.com.              IN A            200.200.200.201
mail                            IN A            200.200.200.202
domain.com.                     IN MX           10 mail

 

So far your server is totally functional, you can now create email accounts for users of your domain(s).

 

Setting up Qmail Server on CentOS 6
8 votes, 3.12 avg. rating (62% score)
Tagged with:  

Leave a Reply