Qmail + VPopMail + Courier Imap + Horde/imp + QmailAdmin + vQregister Primer
By Лука Билановић | April 11, 2002
introduction Link to heading
The free mail is fully rely on qmail’s virtual domain/users and Maildir feature (better alternative to traditional UNIX mbox which is used by sendmail). Qmail is a secure, reliable, efficient, simple message transfer agent. Qmail’s virtual domains and virtual (non /etc/passwd) users are managed by VPopMail package which work in conjunction with qmail. Qmail and vopopmail are kern of system. Other programs are IMAP server which deliver mail to clients (courier IMAP), and horde/imp which is used as web interface for reading/writing mails. Usernames, passwords Maildir paths and quotas are kept in mysql databases.
Administration of users/domains can be done from CLI (VPopMail) or from web using qmailadmin package (set of fast cgi programs that are written in C).
qmail Link to heading
description & features Link to heading
Qmail is an Internet Mail Transfer Agent (MTA) for UNIX-like operating systems. It’s a drop-in replacement for the Sendmail system provided with UNIX operating systems. Qmail uses the Simple Mail Transfer Protocol (SMTP) to exchange messages with MTA’s on other systems.
There are plenty of reasons for using qmail instead of traditional sendmail:
- Security: qmail is clean written and designed for high security. When sendmail was written Internet was more friendlier place than it’s today. Everyone knew everyone else and there was no need to design program for high security.
- Reliable: qmail’s straight-paper-path philosophy guarantees that a message, once accepted into the system, will never be lost. qmail also optionally supports maildir, a new, super-reliable user mailbox format. Maildirs, unlike mbox files won’t be corrupted if the system crashes during delivery.
- Efficient: On a Pentium under BSD/OS, qmail can easily sustain 200.000 local messages per day - that’s separate messages injected and delivered to mailboxes in a real test! Although remote deliveries are inherently limited by the slowness of DNS and SMTP, qmail overlaps 20 simultaneous deliveries by default, so it zooms quickly through mailing lists.
- Simple: Qmail is vastly smaller than any other Internet MTA.
- Compatibility: Qmail is can be fully replacement for sendmail. It have sendmail interface, mbox mail delivering, .forward forwarding etc … Qmail can do everything what sendmail can do and much more.
installation Link to heading
On this system qmail should be installed in traditional /var/qmail path with default options. Before installations /var/qmail dir should be created and qmail system users and groups should be added:
sudo mkdir /var/qmail
sudo groupadd nofiles
sudo useradd -g nofiles -d /var/qmail/alias alias
sudo useradd -g nofiles -d /var/qmail qmaild
sudo useradd -g nofiles -d /var/qmail qmaill
sudo useradd -g nofiles -d /var/qmail qmailp
sudo groupadd qmail
sudo useradd -g qmail -d /var/qmail qmailq
sudo useradd -g qmail -d /var/qmail qmailr
sudo useradd -g qmail -d /var/qmail qmails
Next thing to do is to start make, configure and installation of start script:
sudo make setup check
sudo ./config
sudo cd ~alias && sudo touch .qmail-postmaster .qmail-mailer-daemon .qmail-root
sudo chmod 644 ~alias/.qmail*
sudo cp /var/qmail/boot/maildir /var/qmail/rc
After installation of qmail, sendmail should be turned off and qmail’s replacement for sendmail should be linked instead of original sendmail executable. First kill sendmail
sudo killall sendmail
Then flush all messages from /var/spool/mqueue
sudo /var/(lib|sendmail)/sendmail -q
Finally replace sendmail with qmail replacement:
sudo cd /usr/lib && sudo mv sendmail sendmail.OLD && sudo ln -sf /var/qmail/bin/sendmail .
If you want automatically qmail starting upon machine restart ( you want that :o) add /var/qmail/rc to /etc/rc.d/rc.local or similar start script.
n.b. if you want that qmail accept network connections check ucspi-tcp section
ucspi-tcp Link to heading
description & features Link to heading
ucspi-tcp is very good replacement for classic inetd (internet super daemon). It was made by D. J. Bernstein (creator of qmail) special for qmail, but it can be used for other network daemons too.
installation Link to heading
Compile and install package by running make and make setup check in src dir.
sudo make
As root, install the ucspi-tcp programs under /usr/local:
sudo make setup check
Start now qmail-smtpd form ucspi-tcp tools with folowing command:
sudo /usr/local/bin/softlimit -m 2000000 \
sudo /usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c 20 \
-u `id -u qmaild` -g `id -g qmaild` 0 smtp \
sudo /var/qmail/bin/qmail-smtpd 2>&1
Also don’t forget to add this line to startup script (/etc/rc.d/rc.local) or similar.
VPopMail Link to heading
description & features Link to heading
VPopMail if GPL software package which provide easy way to manage qmail’s virtual users and domains.
- Support for 1 to 23 million virtual email domains using a “grow as it goes” balanced directory tree.
- Support for 1 to 23 million email users per domain using the same balanced tree structure.
- Automates all qmail configurations into handy and scriptable command line programs and documented API library calls.
- Automates Unix user/group/other permissions of directories and files.
- Supports authenticated relay control of your qmail smtp server.
- Virtual email file/directories can be assigned to any user/group or do the default vpopmail/vchkpw 89/89
- Supports name or IP based virtual domains
installation Link to heading
First we make VPopMail home dir and add vpopmail user and group:
sudo mkdir /usr/local/vpopmail
sudo groupadd -g 89 vchkpw
sudo useradd -g vchkpw -u 89 -d /usr/local/vpopmail vpopmail
VPopMail will be installed with mysql support, so before make one must edit vmysql.h file in root src dir and set all variables (mysql server, database, mysql username and mysql password).
(as root)
vi vmysql.h
Edit following preprocessor directive:
#define MYSQL_SERVER "localhost"
#define MYSQL_USER "root"
#define MYSQL_PASSWD "****"
VPopMail have to be installed with following switches:
sudo ./configure \
--enable-mysql=y \
--enable-mysql-logging=y \
--enable-qmaildir=/var/qmail \
--enable-tcprules-bin=/usr/local/bin/tcprules \
--enable-tcpserver-file=/usr/local/vpopmail/etc/tcp.smtp \
--enable-defaultquota=10000000 \
--enable-logging=y \
--enable-apop=n \
--enable-roaming-users=y \
--enable-relay-clear-minutes=30 \
--enable-clear-passwd=n \
--prefix=/usr/local/vpopmail
Then do make and make install[-strip]
sudo make
sudo make install-strip
After installation new domains can be added with:
sudo /usr/local/vpopmail/bin/vadddomain somedomain.tld
New users can be added with:
sudo /usr/local/vpopmail/bin/vadduser someuser@somedomain.tld
Courier IMAP Link to heading
description & features Link to heading
Courier-IMAP is a server that provides IMAP access to Maildirs. This IMAP server does NOT handle traditional mailbox files (/var/spool/mail, and derivatives), it was written for the specific purpose of providing IMAP access to Maildirs.
- Extremely small footprint. On x86, Courier-IMAP’s main daemon is a fraction of the size of the UW-IMAP server, and has a greatly reduced memory footprint.
- Abstract authentication modules. Authentication of login userid and password is wrapped up into a completely stand-alone module. Several modules are provided to authenticate using the traditional password/shadow files, via the PAM library, from a table on a MySQL server, or from an LDAP server (requires MySQL or OpenLDAP). An experimental authentication module for PostgreSQL is also available. You can also write your own custom userid/password validation program. A “custom” authentication module is included, which authenticates absolutely nothing. Add your own code to it in order to implement a site-specific authentication mechanism.
- Virtual mailboxes. The userdb authentication module uses either a GBDM or DB database to map arbitrary userids to Maildirs. Perl scripts are included to manage this database. There’s also an authentication module that implements the VPopMail virtual mailbox implementation.
- Ability to restrict the maximum number of IMAP logins, and the maximum number of logins from the same IP address. This will prevent denial-of-service attacks where the attacker attempts to overload the server with multiple login connections.
- Shared folders. With additional server-side setup, folders can be shared between groups of accounts.
installation Link to heading
./configure \
--without-authldap \
--without-authshadow \
--without-authcram \
--sysconfdir=/usr/local/etc/courier-imap \
--with-userdb=/usr/local/etc/userdb \
--datadir=/usr/local/share/courier-imap \
--libexecdir=/usr/local/libexec/courier-imap \
--enable-workarounds-for-imap-client-bugs \
--disable-root-check \
--without-authvchkpw \
--without-authpgsql \
--with-authpam \
--prefix=/usr/local \
--with-authchangepwdir=/usr/local/libexec/courier-imap/authlib \
--with-db=db \
--with-makedatprog='/usr/local/libexec/courier-imap/makedatprog' \
--with-mailuser=root \
--without-socks \
--with-authchangepwdir=/var/tmp/dev/null
make
sudo make install-strip
sudo make install-configure
After installation configuration files should be created..
sudo cd /usr/local/etc/courier-imap
sudo cp <filename>.dist <filename>
edit variable authmodulelist to value “authmysql”, and variable version to value “authdaemond.mysql”
(as root)
vi authdaemonrc
edit mysql server name, username, passwd, port, db name, table name, and column names.
(as root)
vi authmysqlrc
start authdaemond.mysql and courier-imap with
sudo /usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
sudo /usr/local/libexec/courier-imap/imapd.rc start
Add previous two lines to /etc/rc.d/rc.local if you want autostart of imapd and authdaemon upon restart of machine.
Horde/imp Link to heading
description & features Link to heading
horde Link to heading
The Horde Project is a group of developers who write Web applications using the Horde Application Framework, itself a product of the Project. The Horde Application Framework is written in PHP, and provides the common tools a Web application requires: classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more.
imp Link to heading
IMP is the Internet Messaging Program (formerly, among other things, the IMAP webMail Program), a PHP-based webmail system and a component of the Horde project. IMP is the most mature of the Horde components, and is the most widely deployed (thus far!). IMP, once installed, accesses mail over IMAP, thus requiring little to no special preparations on the server on which mail is stored. IMP offers most of the features users have come to expect from their conventional mail programs, including attachments, spell-check, address books, multiple folders, and multiple-language support.
installation Link to heading
horde Link to heading
prerequisites Link to heading
Horde/imp require following applications in order to work
- Php compiled with following options
./compile --with-apxs \
--with-gettext \
--with-xml \
--with-mysql \
--with-mcrypt \
--with-imap
- Sendmail or equivalent
- MySQL database
configuring Link to heading
Unpack and rename horde package in apache document root.
cd /usr/local/apache/htdocs
sudo tar zxvf /path/to/horde-2.0.tar.gz
sudo mv horde-2.0 horde
Next thing to do is to make mysql database, mysql horde user and table(s). Edit password in that line to some hard-to-hack password. Save file and run mysql client
(as root)
vi +23 horde/scripts/db/mysql_create.sql
mysql --user=root --password=MySQL-root-password < horde/scripts/db/mysql_create.sql
Now we need to configure php in horde/config
cd horde/config
for file in *.dist; do sudo cp $file `basename $file .dist`; done
Edit all configuration files. Documentation for all options can be found in each of those files. Some horde files contain usernames and passwords for mysql db, and we need to change user, group and permissions for them.
sudo chown root:www horde/config/*
sudo chmod 0440 horde/config/*
imp Link to heading
prerequisites Link to heading
Imp is built on horde framework and requires horde in order to work.
configuring Link to heading
Unpack imp in horde directory
cd /usr/local/apache/htdocs/horde
sudo tar zxvf /path/to/imp-3.0.tar.gz
sudo mv imp-3.0 imp
First we need to register imp application in horde. Registration for application in horde is in config/registry.php. Uncomment the stanza for IMP.
(as root)
vi horde/config/registry.php
If you don’t want to login twice (once in horde, once in imp) uncomment following lines near top of registry.php file.
$this->registry['auth']['login'] = 'imp';
$this->registry['auth']['logout'] = 'imp';
Now we need to configure php in imp/config
cd imp/config
for file in *.dist; do sudo cp $file `basename $file .dist`; done
Edit all configuration files. Documentation for all options can be found in each of those files.
QmailAdmin Link to heading
description & features Link to heading
QmailAdmin is a free software package that provides a web interface for managing a qmail system with virtual domains. A version is available now for use with the VPopMail program. It provides admin for adding/deleting users, Aliases, Forwards, Mailing lists and Autoresponders. Version 0.40 features automatic International language support via the users language settings on their browser.
installation Link to heading
Unpack QmailAdmin package, configure, make and make install
./configure \
--enable-htmldir=/usr/local/apache/htdocs/ \
--enable-cgibindir=/usr/local/apache/cgi-bin/qmailadmin \
--with-htmllibdir=/usr/local/share/qmailadmin \
--enable-cgipath=/cgi-bin/qmailadmin/qmailadmin \
--enable-ezmlmidx=n \
--prefix=/usr/local
sudo make
sudo make install-strip
vQregister Link to heading
description & features Link to heading
vQregister is a CGI which allows new email users to signup on your system. It is extremely configurable, and has many methods of operation. Features:
- An extensive array of features, which replace, and surpass the previous vQsignup
- Configurable to allow random generation of passwords, which are emailed to users.
- Redirect your users (i.e. SqWebmail) after the signup process is complete.
- Fully templatized HTML, and email output.
- Written in good ol’ C.
installation Link to heading
Unpack vQregister, edit Makefile and setup variables, do make and make install.
(as root)
vi Makefile
make
sudo make install
Configure vQregister by editing /usr/local/apache/cgi-bin/vqregister/vqregister.conf
(as root)
vi /usr/local/apache/cgi-bin/vqregister/vqregister.conf
Final step Link to heading
After installation of free mail system, restart machine just to be sure that everything will be started automatically.