# Qmail, courier-imap, vpopmail, squirrel mail

## leprasmurf

OK, I'm at my wits end, and can't stand going through any more forum posts about something completely different from what I am doing trying to find that one/fifty options I'm missing.  I'm trying to become proficient at Gentoo/Linux, but it seems all I can find is something telling me what to do, and not explaining why things work the way they do.  I'm somewhat competent, so please don't say rtfm, or google it, cause I've been doing that on and off for weeks (seriously).  I've tried to different tutorials:

http://www.gentoo.org/doc/en/qmail-howto.xml

https://forums.gentoo.org/viewtopic-t-171499-highlight-qmail.html

now, the problem is, I keep getting a bit confused on which changes have done what.  I know qmail can send out, so I think that means internal qmail, and the smtp is working.  qmail-inject user < EOF bla bla bla EOF works, and I can see the results in Mutt.  When I try to reply to the message sent out, it doesn't work, for an obvious reason.  When I check my external mail that I send a test to, the header reads from: leprasmurf@aphrodite.hades.  This is the fqdn of the local machine, but I'm trying to get the virtual host of leprasmurf.is-a-geek.com to work.  the domain is setup correctly and I've vadduser'd for tim@leprasmurf.is-a-geek.com however, whenever I send a message to tim@leprasmurf.is-a-geek.com it doesn't work.

I have a router, which is providing basic nat functions for my internal machines.  I've forwarded the ports 25, 143, and 110 to the server, don't know if all need to be forwarded, but just for testing purposes at this point.  

If I'm understanding this correctly, Qmail is the MTA and handles the emails, Vpopmail is for virtual domains, courier-imap is for remote/external connectivity, and squirrel mail is of course the web based interface for it all.  What I don't understand is how to test the virtual domain users.  Where are their mailboxes stored?  Do they have to have a local account?

Funny thing is, I can log into squirrelmail with tim@leprasmurf.is-a-geek.com, and that works fine, but when I try to send a test email, I get the following error

```

ERROR:

Requested action not taken: mailbox name not allowed

Server replied: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

```

and emails sent to this account never come in, and eventually I get:

```

This is an automatically generated Delivery Status Notification

Delivery to the following recipient failed permanently:

    tim@leprasmurf.is-a-geek.com

Technical details of failure:

TEMP_FAILURE: Could not initiate SMTP conversation with any hosts:

[leprasmurf.is-a-geek.com (1): Connection timed out]

```

*sigh* ok, I've rambled enough, I'm sure I'm missing some tiny little thing that with the flip of a 0 will make it work.  Please help.

----------

## salac

You should check 3 things:

1. Do your DNS records are correct? This is a very common mistake.

2. Check out the /etc/tcp.smtp or /etc/tcprules.d/tcp.qmail-smtp (depends on version of qmail you use). There are tones of tuts which describes how to deal with tcprules (google a little bit).

3. If you emerged qmail with ipv6 flag, then re-emerged it with ipv6 turned off. The problem is ucspi-tcp package, not the qmail in a whole; you MUST emerge ucspi-tcp WITOHUT ipv6. Ucspi-tcp deals with relaying (permits/forbid addressess to relay mails using *.cdb files). With ipv6 turned on, tcpserver (part of ucspi-tcp) checks only ipv6 addresses and not the good old ipv4. The result is - there is no relaying at all and no one is capable of sending mails through smtp (it will work with ipv6 flag in case the clients in your LAN are with ipv6 addressess, too). This is a known bug.

cheers.

----------

## cselkirk

 *salac wrote:*   

> You should check 3 things:
> 
> 1. Do your DNS records are correct? This is a very common mistake.

 

I checked the MX and it's fine ..

```
% dig MX leprasmurf.is-a-geek.com |grep status

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51328
```

 *salac wrote:*   

> 2. Check out the /etc/tcp.smtp or /etc/tcprules.d/tcp.qmail-smtp (depends on version of qmail you use). There are tones of tuts which describes how to deal with tcprules (google a little bit).

 

You can check out my post here ITR.

 *salac wrote:*   

> 3. If you emerged qmail with ipv6 flag, then re-emerged it with ipv6 turned off. The problem is ucspi-tcp package, not the qmail in a whole; you MUST emerge ucspi-tcp WITOHUT ipv6. Ucspi-tcp deals with relaying (permits/forbid addressess to relay mails using *.cdb files). With ipv6 turned on, tcpserver (part of ucspi-tcp) checks only ipv6 addresses and not the good old ipv4. The result is - there is no relaying at all and no one is capable of sending mails through smtp (it will work with ipv6 flag in case the clients in your LAN are with ipv6 addressess, too). This is a known bug.

 

I'm inclined to agree, infact the above forum link seems to be of a similar nature (though no virtualdomains are involved).

HTH

----------

## leprasmurf

 *Quote:*   

> 1. Do your DNS records are correct? This is a very common mistake.

 

how exactly do I do this with virtual hosting.  Also, I'm using dynamic DNS bring all traffic to my IP address (Ie using nat)

 *Quote:*   

> 2. Check out the /etc/tcp.smtp or /etc/tcprules.d/tcp.qmail-smtp (depends on version of qmail you use). There are tones of tuts which describes how to deal with tcprules (google a little bit).

 

the following is inside each of the tcp.* files and I ran tcprules tcp.xxx.cdb tcp.xxx.tmp < tcp.xxx

```
192.168.1.:allow,RELAYCLIENT=""
```

 *Quote:*   

> 3. If you emerged qmail with ipv6 flag, then re-emerged it with ipv6 turned off. The problem is ucspi-tcp package, not the qmail in a whole; you MUST emerge ucspi-tcp WITOHUT ipv6. Ucspi-tcp deals with relaying (permits/forbid addressess to relay mails using *.cdb files). With ipv6 turned on, tcpserver (part of ucspi-tcp) checks only ipv6 addresses and not the good old ipv4. The result is - there is no relaying at all and no one is capable of sending mails through smtp (it will work with ipv6 flag in case the clients in your LAN are with ipv6 addressess, too). This is a known bug. 

 

my make.conf has use="...-ipv6..."

----------

## leprasmurf

ok, I've kinda had some success:o .  I'm able to send to a local user at my virtual domain (leprasmurf.is-a-geek.com).  Does this mean that I have to have a local user account for each user of my virtual domain, and a subsequent .maildir directory in their homedrive?

I can't log into squirrel mail with this user however, or maybe I'm just not using the right syntax for the user name.

----------

## salac

 *leprasmurf wrote:*   

> ok, I've kinda had some success:o .  I'm able to send to a local user at my virtual domain (leprasmurf.is-a-geek.com).  Does this mean that I have to have a local user account for each user of my virtual domain, and a subsequent .maildir directory in their homedrive?
> 
> I can't log into squirrel mail with this user however, or maybe I'm just not using the right syntax for the user name.

 

I'm not using courier imap/pop3 on my mail servers, instead of it I am running qmail-pop3. Currently there is no need for imap so my configuration is qmail+clamav+spamassassin+qmailscanner+vpopmail+qmailadmin at all mail servers under my 'juridstiction' (with somewhat modified vpopmail ebuild file). In my case, all users from all virtual domains are just that - virtual users; they dont have local accounts and their mails are stored in /var/vpopmail/domains/somevirtualdomain/somevirtualuser/.maildir. Speaking of mail host with few virtualdomains ( ie. virtualdomain1 & virtualdomain2) all things can be done through vpopmail using 'vadddomain' and 'vadduser' scripts (just as in gentoo-howto you've been reading). 'vadddomain vdomain pass' does all important stuff for you - it modifies /var/qmail/control/rcpthost and /var/qmail/control/virtualdomains files, makes /var/vpopmail/domains/vdomain, makes postmaster for that virtual domain with password 'pass' and writes data in mysql table. 'vadduser vuser@vdomain' makes a user directory (/var/vpopmail/domains/vdomain/vuser) and also stores data in mysql.

When you want to grab mail for virtualuser with mail address vuser@vdomain, then you MUST use not 'vuser' but 'vuser@vdomain' for username in a mail client. The only exception from this can be your 'default' virtual domain stored in /var/vpopmail/etc/defaultdomain (read a vpopmail docs for more details).

Hope this will help.

----------

## leprasmurf

I figured out how to test my virtual users with mutt (ie mutt -f /var/vpopmail/virtual domain/vuser/) and I can send email that way.  I've played with my courier-imap stuff and realize that if I can log into my webmail with the virtual user at the virtual domain, that vpopmail is working.  I'm just not able to figure out why I get the error

```
Requested action not taken: mailbox name not allowed

Server replied: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
```

for testing purposes, I tried to sent to virtual user@virtual domain, and it "sent", was never recieved, but sent.  Does this mean that rcpthosts has to have a * wildcard to allow sending to anywhere or something?

----------

## cselkirk

No, rcpthosts should only contain hosts you will recieve mail for. Does your rcpthosts contain all domains (local and virtual) that you host?

This looks like could be related the +ipv6 bug .. remerge sys-apps/ucspi-tcp with -ipv6.

```
echo "sys-apps/ucspi-tcp -ipv6" >> /etc/portage/package.use

emerge ucspi-tcp

/etc/init.d/svscan restart
```

The only other point of of failure is how you are dealing with virtualdomains, I guess dot.qmail'd to /var/vpopmail/virtualdomain/vuser/ but you should post a line from /var/qmail/control/virtualdomains (that is if -ipv6 doesn't fix things).

HTH

----------

## leprasmurf

/etc/make.conf use information

```
aphrodite etc # cat make.conf

USE="3dfx 3dnow X aim alsa apache2 avi crypt divx4linux dvd dvdr emacs encode ftp gif gnome gtk icq imap [b]-ipv6[/b] java jpeg kde libwww lirc mad maildir mmx mozilla mpeg msn mysql mythtv nls nptl oggvorbis opengl oss perl php png python real samba spl sse ssl theora usb v4l v4l2 xine xv xvid yahoo"
```

emerge ---newuse qmail -Dvp

```
aphrodite authlib # emerge --newuse qmail -Dvp

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild   R   ] mail-mta/qmail-1.03-r13  (-selinux) +ssl 0 kB

Total size of downloads: 0 kB
```

even trying to manually use -ipv6

```
aphrodite authlib # USE="-ipv6" emerge qmail -Dvp

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild   R   ] mail-mta/qmail-1.03-r13  (-selinux) +ssl 0 kB

Total size of downloads: 0 kB
```

/var/qmail/control/virtualdomains

```
aphrodite control # cat virtualdomains

leprasmurf.is-a-geek.com:leprasmurf.is-a-geek.com
```

/var/qmail/conrtol/rcpthosts

```
aphrodite control # cat rcpthosts

aphrodite.hades

leprasmurf.is-a-geek.com
```

/etc/courier/authlib

```
authmodulelist="authvchkpw"

authmodulelistorig="authuserdb authpam authshadow authcustom authvchkpw"

daemons=5

authdaemonvar=/var/lib/courier/authdaemon

DEBUG_LOGIN=0

DEFAULTOPTIONS=""
```

more evidence IPv6 is not used

```
aphrodite authlib # equery uses ucspi-tcp

[ Searching for packages matching ucspi-tcp... ]

[ Colour Code : set unset ]

[ Legend    : Left column  (U) - USE flags from make.conf              ]

[           : Right column (I) - USE flags packages was installed with ]

[ Found these USE variables for sys-apps/ucspi-tcp-0.88-r9 ]

 U I

 + + ssl     : Adds support for Secure Socket Layer connections

 - - ipv6    : Adds support for IP version 6

 - - selinux : !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur

 - - doc     : Adds extra documentation (API, Javadoc, etc)
```

hair color

```
brown
```

dna sample of first born

```
ajksflksdjlkewnt,mnboiuwe......
```

there, I think that covers everything.  What the <expletive deleted> am I doing wrong??? :Shocked: 

----------

## jtaylor72

I had the same error....

I set my outgoing server settings (Evolution) to use ssl always, authentication type of LOGIN and it works.

----------

## Freelance

Indeed, the error is fixed by enabling login for smtp in your mail CLIENT.

Not necessarly SSL but just make sure you LOGIN in smpt in your mail client. Most clients only configure pop/imap login on account so you may need to specify it.

----------

