# QMAIL - Rock solid installation

## bdunn

I am working on a server that is going to be my primary email server and needs to run spamassassin, anti-virus, and either ezmlm or mailman.  I think I'm going to run qmail as I believe I understand qmail the best having run it before.  However, I have been looking at Postfix too.  I have all but ruled out Exim as when I ran it on Debian, it seemed quite a bit slower than qmail.

The question is this:  I see qmail ebuilds.  However, I understand that they may not be very good ebuilds, or that they are just not setup according to 'Life with qmail', so I am wondering if I would be better off just following the 'Life with qmail' directions here.

Once this box is complete and I've been running it for a while, it will be the template for about two dozen other mail servers, so any advice or suggestions or possibly warnings about all of this would be great.  Thanks!

Requirements:

   FAST

   Easy to admin

   Good integration with ezmlm-idx or MailMan

   Good integration with an email virus checker

   Good integration with SpamAssassin

   STABLE

----------

## rac

I use the qmail ebuilds, and am happy with them.  Can you be more specific about what evil rumours you have heard about them?

----------

## Messiah

So am I as I too am very pleased with the ebuilds of qmail.

----------

## bdunn

Well, I used one about 7-8 months ago and had trouble with it, and then I heard some comments on IRC about it not being implemented according to "Life with qmail" - nothing more than that.  If you say these ebuilds are good, I'll go with them and see.

Now I seem to recall a long while ago someone one suggesting that they were going to redo the qmail ebuild - maybe that has happened since then.

----------

## rac

 *bdunn wrote:*   

> I seem to recall a long while ago someone one suggesting that they were going to redo the qmail ebuild - maybe that has happened since then.

 

Quite possible.  I started using Gentoo in late May, so 7-8 months ago is before my time.

----------

## bdunn

Ummmmmmmmmmmm... YES.  That's a new ebuild, and a very good one.  I'm impressed.  This is the single easiest installation of qmail I've ever done.  That's qmail's problem you know - a lot of people consider it difficult to install.  Well, NOT on Gentoo - not anymore!

For anyone reading this interested in installing qmail, be SURE you do each emerge one at a time.  It works!

----------

## Gulliver

hmmm.

I had some really strange problems with qmail last months (mail-allocation), and I didn't managed to get SMTP-Auth working with it.

Now I changed to exim and it works like a charm!

Best mailserver I've ever seen!

----------

## alpha

Check out the bigQ installation script:

http://opensource.izier.com/

I am running it on several Gentoo boxes.  It installs Qmail (with SMTP Auth, and the Qmail-Queue patch), VPopMail, Courier IMap, EZMLM, and sets up SSL support for pop, smtp, and imap.  You edit the installation script and go.  I also had to create the home directory for the vpopmail user, but I think that was the only manual thing I really had to do.

Before I found the script I was installing basically the same packages manually.  I really like the way VPopMail handles virtual domains, and vqadmin and qmailadmin are the best scripts I have found for administering qmail.

----------

## dj_choco

 *alpha wrote:*   

> Check out the bigQ installation script:
> 
> http://opensource.izier.com/
> 
> I am running it on several Gentoo boxes.  It installs Qmail (with SMTP Auth, and the Qmail-Queue patch), VPopMail, Courier IMap, EZMLM, and sets up SSL support for pop, smtp, and imap.  You edit the installation script and go.  I also had to create the home directory for the vpopmail user, but I think that was the only manual thing I really had to do.
> ...

 

Does this create any issues with gentoo/porage dependencies?

Is everything put in /var and /service ?  :Confused: Last edited by dj_choco on Thu Dec 05, 2002 8:57 pm; edited 2 times in total

----------

## bdunn

 *Quote:*   

> Check out the bigQ installation script: 
> 
> http://opensource.izier.com/
> 
> I am running it on several Gentoo boxes.

 

Just for what it's worth, I played around with this over the weekend and found it to be unreliable during the installation.  In addition, the uninstall.sh script it writes during the installation process is also unreliable.  I went through the process several times.  Perhaps it's just a fluke with the current release, or me, but thought I would share the experience.  I'll try again sometime down the road as I think it's a pretty decent idea.

As always, YMMV.

----------

## DArtagnan

may i use qmail on computer that has non-static IP?

----------

## zentek

I have been using Qmail. POP3 and vmailmgr for the past 3 months whit a ADSL whit a dynamic IP address and a dynamic domaine. I am realy pleasse whit it.

There is now ways ill go back whit sendmail.

----------

## DArtagnan

 *zentek wrote:*   

> I have been using Qmail. POP3 and vmailmgr for the past 3 months whit a ADSL whit a dynamic IP address and a dynamic domaine. I am realy pleasse whit it.
> 
> There is now ways ill go back whit sendmail.

 

sendmail? why?

----------

## bone

DArtagnan, I think his statement:

"There is now ways ill go back whit sendmail."

should have read:

"There is no way ill go back with sendmail."

----------

## Rroet

Even better, I use qmail and qmail-pop3d  and appart from that I used Jedi's checklocalpwd program for password verifications.

I don't, I repeat, DON'T use vpopmail or vmailmgr, just because I don't want a reall user stuck on multiple vpop accounts.

I'm using user nobody and a /usr/mail/ directory structure and I use just qmail and qmail-pop3d to set up my virtual users.

If anybody is interested in how it's done I'm willing to explain.

----------

## ricko

Rroet, I would be interested in your solution, can you post it here? Thanks.

----------

## salk

 *Quote:*   

> Check out the bigQ installation script: 
> 
> http://opensource.izier.com/
> 
> 

 

Erm ... posting that on a Gentoo forum, I guess you got it succesfully working ?

Any mod's that I should be warned about ?

----------

## skunkworx

The qmail ebuilds generally do follow Life with qmail, though the most recent stable ebuild, 1.03-r13, deviates in a few significant places, mostly to provide a more Gentoo-ish way of configuring things.

What concerns me and probably many other people is the sheer number of patches that are applied to the qmail source by the latest ebuilds.  Some of these patches are necessary, such as the errno patch, but others are debatable.  Most qmail veterans say you should run as pristine a copy of qmail as possible, and the qmail author himself discoursages unnecessary patching, emphasizing that his security guarantee does not extend to patched code.

Still, it works.  I'm happy with 1.03-r13, and one these days I'll get my documentation updated to go with it.

----------

## evossler

A number of people seem to have had great success emerging qmail, but what I did sure doesn't seem to be working.  In addition to wanting to recieve mail sent to my domain, I would also like to set up SMTP Auth. . . but at the moment I can't even get off the ground.

Maybe somebody can tell me what I've done wrong?  

First things first I unmerged ssmpt which had been installed as a dependency of vcron.

```
emerge unmerge ssmtp
```

Then, (after doing an emerge -p, of course) I did

```
emerge qmail-sumo
```

as this was the package when I did the emerge search that said "emerge this package to get all the qmail modules" or something to that effect.  So it builds, and I would hope all would be well.

I checked out the /var/qmail/control directory, there were no control files in it except for "defaultdelivery"  So I added the files rcpthosts and locals to look like this (Except with my actual domain name instead of "mydomain"):

```

mydomain.net

cleverhostname.mydomain.net

mail.mydomain.net

www.mydomain.net

```

I also added a defaulthost file with "cleverhostname" and a defaultdomain file with "mydomain.net".

Then, I try to run the command qmail-control and get the following:

```

cleverhostname qmail # qmail-control start

 * Could not get dependency info for "qmail-control"!

 * Please run:

 *   # /sbin/depscan.sh

 * to fix this.

 * Could not get dependency info for "qmail-control"!

 * Please run:

 *   # /sbin/depscan.sh

 * to fix this.

 * Starting qmail mta ......

svc: warning: unable to control /var/qmail/supervise/qmail-pop3d: file does not exist

svc: warning: unable to control /var/qmail/supervise/qmail-send: file does not exist

svc: warning: unable to control /var/qmail/supervise/qmail-smtpd: file does not exist                                                                     [ ok ]

 * Starting qmail mta logging ......

svc: warning: unable to control /var/qmail/supervise/qmail-pop3d/log: file does not exist

svc: warning: unable to control /var/qmail/supervise/qmail-send/log: file does not exist

svc: warning: unable to control /var/qmail/supervise/qmail-smtpd/log: file does not exist                                                                 [ ok ]

cleverhostname qmail #

```

After this, no processes appear to be running that are related to qmail and a qmail-control stop gives the message that it has not been started yet.  Also, running depscan.sh does not change anything.

What do I need to do?  I'd appreciate any help that could be offered, as this seems to be an application for which good step-by-step instructions are not so easy to find.

Regards

Eric

----------

## skunkworx

evossler, it sounds like you're using the qmail 1.03-r10 ebuild.  See the link above for the Gentoo qmail documentation I whipped up, and also check out this thread for some tips on getting authenticated SMTP to work.  You might want to include any future questions about authenticated SMTP in that thread instead of this one.

----------

## evossler

Thanks, skunkworx, I'll check out your doc.

Actually, the version on qmail-sumo that I emerged is 1.03-r7.  This in turn emerged qmail verion 1.03-r10, qmail-pop3d version 1.03-r1, and qmail-analog version 0.70-r1.

Was emerging qmail-sumo a mistake?  Should I perhaps have just started with "emerge qmail" ?

Hmm. . . well, when I am at home tonight I will give your doc a thorough read and then try it again.  I'll let ya know how it goes.  I imagine that I'll give 1.03-r13 a shot.  :Smile: 

Thanks!

Eric

----------

## evossler

Skunkworx, thanks for pointing me at your guide, it was a tremendous help.  My confusion came largely from not knowing what parts of LWQ were important to a gentoo user.

Qmail is now running smoothly for all the basic mail operations, I will next turn my attention to getting SMTP auth working.

Thanks again

evossler

----------

## evossler

Skunkworx, thanks for pointing me at your guide, it was a tremendous help.  My confusion came largely from not knowing what parts of LWQ were important to a gentoo user.

Qmail is now running smoothly for all the basic mail operations, I will next turn my attention to getting SMTP auth working.

Thanks again

evossler

----------

## evossler

Skunkworx, thanks for pointing me at your guide, it was a tremendous help.  My confusion came largely from not knowing what parts of LWQ were important to a gentoo user.

Qmail is now running smoothly for all the basic mail operations, I will next turn my attention to getting SMTP auth working.

Thanks again

evossler

----------

## evossler

sorry for the multiple posts. . . bad browser, bad!

----------

## radulucian

since everybody has only good things to say about this combination, maybe one of you gurus could have a look at this posting and come up at least with some ideas ?

https://forums.gentoo.org/viewtopic.php?p=754511#754511

you will have my eternal gratitude

----------

## puke

 *skunkworx wrote:*   

> I'm happy with 1.03-r13, and one these days I'll get my documentation updated to go with it.

 

Skunkworx, your documentation is well done.  But can you include the fact that the ebuild doesn't create the various qmail group accounts (got caught with that).  

Also, I had to copy /var/qmail/bin/qmail-control to /etc/init.d, comment out the start-stop qmtp stuff (most people don't use it) and run depscan.sh before I could use the script for starting and stopping qmail.

Also, I use a smarthost for all my mail, and so have used:

```
echo :smarthost.domain.com > /var/qmail/control/smtproutes
```

Looking forward to the SMTP TLS/AUTH documentation   :Cool: 

----------

## skunkworx

 *puke wrote:*   

>  *skunkworx wrote:*   I'm happy with 1.03-r13, and one these days I'll get my documentation updated to go with it. 
> 
> Skunkworx, your documentation is well done.  But can you include the fact that the ebuild doesn't create the various qmail group accounts (got caught with that). 

 

I'm getting the impression the latest versions of the Gentoo installation tarballs do not add the "qmail" and "nofiles" groups like the earlier ones did, and yet the qmail ebuilds still assume these groups are present.  If that's correct, then it is definitely a bug, and I will make a note of it in my documentation, and also see about getting a bug report in Bugzilla if one isn't there already.  There is already a 1.03-r14 ebuild in the unstable portage tree, so perhaps the developers have already caught the bug.  I'll check that out, too. 

 *puke wrote:*   

> Also, I had to copy /var/qmail/bin/qmail-control to /etc/init.d, comment out the start-stop qmtp stuff (most people don't use it) and run depscan.sh before I could use the script for starting and stopping qmail.

 

Ah, my ignorance shows.  I managed to stay unaware of the qmail-control script; I believe that's a Gentoo addition not part of the original qmail package.

Creating the sim links for qmail-send and qmail-smtpd in /service and then using the svscan init script for starting and stopping all supervised services should be enough to start and stop qmail.  For finer control over individual services, Life with qmail has instructions for creating a script called "qmailctl", which has the same functionality as qmail-start, plus a few extra features.  I've been recommending people simply create the qmailctl script, but I will also update my docs to mention qmail-start as well.  Thanks for the tip.

 *puke wrote:*   

> Looking forward to the SMTP TLS/AUTH documentation  

 

Coming!  :Smile: 

----------

## camt

 *skunkworx wrote:*   

>  *puke wrote:*   Looking forward to the SMTP TLS/AUTH documentation   
> 
> Coming! 

 

I'm also looking forward to this documentation!  I was quite thrilled to find your guide and together with LWQ I got qmail up and running in an evening. (I had run a very basic Qmail install on my old LFS system before, so I had a little bit of experience with it.)

I'm using Courier for POP3d/SSL and IMAPd/SSL - no problems there so far.

The last step is to force authentication and SSL on SMTP connections and I'm all set with how I want it configured.  Your documentation would be greatly appreciated by n00bies like me.  :Mr. Green: 

-- Cameron

----------

## puke

 *skunkworx wrote:*   

>  *puke wrote:*   Looking forward to the SMTP TLS/AUTH documentation   
> 
> Coming! 

 

Well I'm waiting..   :Smile: 

I have two sites screaming out for it, I had it working in sendmail then converted them to qmail.  I'm going to start looking at it, will let you know how I get on.

----------

## skunkworx

I must apologize. Life and work are getting in the way of some projects I'd like to get to, including this one. This one is top on the list, I can promise that much, and as soon as I have all the steps worked out, I'll post here as well. In the meantime, the current documentation, qmail.org, and the qmail mailing list archives (linked from qmail.org) are all excellent collections of tips and tricks if you want to try and set it up before I have the chance.

----------

## skunkworx

It's finished.  Finally.  The guide now has a section on encrypted SMTP.

The bad news is that I kind of punted, because I'm not all that knowledgeable about SSL and certificates.  The good news is, you don't have to be all that knowledgeable to at least get basic encryption working.

For the 1.03-r13 ebuild, it boils down to this:

Emerge qmail with the "ssl" USE flag set, if you haven't already.

Edit /var/qmail/control/servercert.cnf, filling in information specific to your server.

Run /var/qmail/bin/mkservercert (the ebuild config command, the one the emerge process recommends you run after installing qmail, also performs this step).

(Re)start qmail.

At this point, you will have basic encryption with a self-signed SSL certificate.  Any client connecting to your server can request encryption, and your server will try to use encryption when connecting to a remote host that claims to support it.  You can look at the instructions available here, written by the original patch author, for more configuration instructions.  They aren't the clearest instructions in the world, but they will at least give you an idea of what all you can do related to encrypted SMTP.

I plan to continue working on my guide, so I'll try to make that section a little more informative in the future.  Currently, you now know what I know.  I hope it helps!

----------

## tcruicksh

 *skunkworx wrote:*   

> It's finished.  Finally.  The guide now has a section on encrypted SMTP.
> 
> The bad news is that I kind of punted, because I'm not all that knowledgeable about SSL and certificates.  The good news is, you don't have to be all that knowledgeable to at least get basic encryption working.
> 
> For the 1.03-r13 ebuild, it boils down to this:
> ...

 

Dude, THANK YOU for the guide. I got smtp working thanks to it although I'm still working on POPD. Apparantly I overlooked compiling qmail with ssl.

----------

