User Tips & Tricks: Difference between revisions
Jump to navigation
Jump to search
(→QMQP) |
(→qmqpd) Tag: Reverted |
||
Line 72: | Line 72: | ||
=== [[qmqpd]] === | === [[qmqpd]] === | ||
<pre> | |||
QMQP is a protocol designed to be used by clients for queuing messages to a smart host that handles the delivery. This relieves clients of the burden of maintaining a queue and retrying temporarily undeliverable messages. The protocol is defined at http://cr.yp.to/proto/qmqp.html. QMQP is similar to QMTP in that it minimizes the round trips necessary for handing messages to servers, but it doesn't implement relay control—so access to QMQP servers must be restricted to trusted clients. QMQP usually uses port 628. | |||
qmail includes both a QMQP server, qmail-qmqpd, and a QMQP client, qmail-qmqpc. | |||
A client system using qmail-qmqpc is known as a mini-qmail installation. | |||
Setting Up a QMQP Service | |||
Setting up a QMQP service is straightforward once you've installed qmail, daemon-tools, and ucspi-tcp as in Chapter 2, "Installing qmail." First, select a qmail server to be the QMQP smart host. All of the following actions must be taken on this host. | |||
Create the service's directory: | |||
# umask 022 # cd /var/qmail/supervise # mkdir qmail-qmqpd # cd qmail-qmqpd # chmod +t . # | |||
Using a text editor, create a new file called run containing: | |||
#!/bin/sh | |||
QMAILDUID='id -u qmaild' | |||
NOFILESGID='id -g qmaild' | |||
MAXQMQPD='head -1 /var/qmail/control/concurrencyqmqp' | |||
if [ -z "$MAXQMQPD" ]; | |||
then | |||
echo MAXQMQPD is unset in | |||
echo /var/qmail/supervise/qmail-qmqpd/run | |||
exit 1 | |||
fi | |||
exec /usr/local/bin/softlimit -m 2000000 \ | |||
/usr/local/bin/tcpserver -v -p -x /etc/tcp.qmqp.cdb -c "$MAXQMQPD" \ | |||
-u "$QMAILDUID" -g "$NOFILESGID" 0 628 /var/qmail/bin/qmail-qmqpd 2>&1 | |||
Note | |||
Under Solaris, use /usr/xpg4/bin/id instead of id. | |||
Make the run script executable and set up the log directory: | |||
# chmod 755 run # mkdir log # cd log # | |||
Using a text editor, create a new file called run in the log directory containing: | |||
#!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog \ t /var/log/qmail/qmqpd | |||
Make the log/run script executable and create the logging directory: | |||
# chmod 755 run # mkdir /var/log/qmail/qmqpd # chown qmaill /var/log/qmail/qmqpd # | |||
Using a text editor, create the /etc/tcp.qmqp access control file. Allow access only from trusted hosts, and explicitly deny access to all other hosts. For example, if you want to allow all hosts on the local network to queue messages, and the local network is 192.168.1.x, the file would contain this: | |||
192.168.1.:allow :deny | |||
Build the machine-readable version of the access control database, | |||
/etc/tcp.qmqp.cdb: | |||
# tcprules /etc/tcp.qmqp.cdb /etc/tcp.qmqp.tmp </etc/tcp.qmqp # | |||
Create the concurrencyqmqp non-standard control file to limit simultaneous QMQP connections. For example, to set the limit to 40: | |||
# echo 40 > /var/qmail/control/concurrencyqmqp # | |||
Link the service directory to /service to activate it: | |||
# ln -s /var/qmail/supervise/qmail-qmqpd /service # | |||
The qmailctl could also be modified to control the QMQP service. | |||
Setting Up a QMQP Client (Mini-qmail) | |||
QMQP can be enabled on a system running qmail simply by replacing qmail-queue with a symbolic link to qmail-qmqpc and listing the QMQP servers in control/qmqpservers. However, a true mini-qmail installation is much simpler and smaller than a full qmail installation: There's no queue, so there's no need to run any daemons. | |||
A mini-qmail installation requires only | |||
qmail-qmqpc, forward, qmail-inject, sendmail, predate, datemail, mailsubj, qmail-showctl, maildirmake, maildir2mbox, maildirwatch, qail, elq, and pinq in /var/mini-qmail/bin | |||
A symbolic link to qmail-qmqpc from /var/mini-qmail/bin/qmail-queue | |||
Symbolic links to /var/mini-qmail/bin/sendmail from /usr/sbin/sendmail and /usr/lib/sendmail | |||
All of the man pages in /var/qmail/man | |||
A list of the IP addresses of the QMQP servers, one per line, in /var/mini-qmail/control/qmqpservers | |||
A copy of /var/qmail/control/me, /var/qmail/control/defaultdomain, and /var/qmail/control/plusdomain from your smart host, so qmail-inject will use appropriate host names in outgoing mail | |||
The local host's name in /var/mini-qmail/control/idhost, so qmail-inject will generate Message-ID's unique to the host | |||
A mini-qmail kit (http://www.din.or.jp/~ushijima/mini-qmail-kit.html) is available, which, combined with the full qmail-1.03 tarball, will install only the pieces that mini-qmail requires. | |||
We'll go through a mini-qmail installation using this kit: | |||
Download the mini-qmail kit using a Web browser or command-line tool. At the time of this writing, the current version is 0.63: | |||
$ wget http://www.din.or.jp/~ushijima/mini-qmail-kit/mini-qmail-kit-0.52.tar.gz —08:32:32— http://www.din.or.jp/%7Eushijima/mini-qmail-kit/mini-qmail-kit-0.52 .tar.gz => 'mini-qmail-kit-0.52.tar.gz' Connecting to www.din.or.jp:80. . . connected! HTTP request sent, awaiting response. . . 200 OK Length: 6,174 [application/x-tar] 0K -> . . .. . . [100%] 08:32:36 (3.51 KB/s) - 'mini-qmail-kit-0.52.tar.gz' saved [6174/6174] $ | |||
Unpack the kit and change to its directory: | |||
$ zcat mini-qmail-kit-0.52.tar.gz | tar xf - $ cd mini-qmail-kit-0.52 $ | |||
Unpack the qmail tarball under the current directory: | |||
$ zcat /tmp/qmail-1.03.tar.gz | tar xf - $ | |||
Build the mini-qmail Makefile: | |||
$ make -f Makefile.mini sed '/^auto_uids\.c:/,/^$/d' qmail-1.03/Makefile > Makefile cat Makefile.mini > Makefile while read file; \ do \ echo ''; \ echo "$file: qmail-1.03/$file"; \ echo "cat qmail-1.03/$file > $file"; \ done < FILES.qmail > Makefile $ | |||
Build the mini-qmail binaries and man pages: | |||
$ make mini cat qmail-1.03/warn-auto.sh > warn-auto.sh cat warn-auto.sh config-mini.sh \ | sed s}QMAIL}"'sed 1q conf-qmail'"}g \ ... nroff -man envelopes.5 > envelopes.0 cat qmail-1.03/forgeries.7 > forgeries.7 nroff -man forgeries.7 > forgeries.0 $ | |||
Install the binaries and man pages: | |||
$ su Password: rootpassword # make setup-mini ./install-mini # | |||
Configure the mini-qmail installation: | |||
# ./config-mini smarthost domain plusdomain localhostname\ > smarthostip # Putting smarthost into control/me. . . Putting domain into control/defaultdomain. . . Putting plusdomain into control/plusdomain. . . Putting localhostname into control/idhost. . . Putting smarthostip into control/qmqpservers. . . # | |||
For example, if the smart host is mail.example.com, with an IP address of 192.168.1.4, and the mini-qmail host is null.example.com, you might use something like this: | |||
# ./config-mini mail.example.com example.com example.com null.example.com \ > 192.168.1.4 Putting mail.example.com into control/me. . . Putting example.com into control/defaultdomain. . . Putting example.com into control/plusdomain. . . Putting null.example.com into control/idhost. . . Putting 192.168.1.4 into control/qmqpservers. . . # | |||
Test the mini-qmail installation. If your username on the smarthost is carolyn, do this: | |||
# echo to: carolyn | /var/mini-qmail/bin/qmail-inject # | |||
Verify that the message was delivered to your mailbox on the smarthost. | |||
Finally, set up links to mini-qmail's sendmail program: | |||
# rm -f /usr/lib/sendmail /usr/sbin/sendmail # ln -s /var/mini-qmail/bin/sendmail /usr/lib/sendmail # ln -s /var/mini-qmail/bin/sendmail /usr/sbin/sendmail # | |||
nullmailer | |||
nullmailer (http://www.untroubled.org/nullmailer/) is a simple MTA for null clients. It can use either SMTP or QMQP. It's similar to mini-qmail, except it implements a queue. If mini-qmail can't reach a server when a message is injected, it returns an error and the sending user or process is responsible for retrying the delivery later. nullmailer queues the message locally and automatically retries to send it to a server. | |||
</pre> |
Revision as of 23:16, 3 April 2024
Account Management
Account Creation and Deletion Date
Attachment size limitations
Automatic account expirations
Bulk User Adding For Qmail Toaster
Maintain Trash and Spam folder
Roaming pop3 users (vpopmail)
Enable/Disable POP3/SMTP/IMAP/Webmail access for a whole domain
Anti Spam
Account verification using badmailto
Adding greylisting to QMT
Disabling SpamAssassin
Install Pyzor
Install Razor
Redirect/bounce mail for sa-learn
Prevent Spam from valid sender/recipient
Scanning External non locally hosted domains
Install Spamdyke
Using Dspam
Client Software
Outlook problems and possible solutions
Mailing Lists
EzMLM Commands
Bulk import emails into EzMLM
Ezmlm Related Stuff
Install Mailman in place of ezmlm
MailingList Archiving
System Administration
CHKUSR - Enable characters for Blackberry devices
Colorfull QMail Logging
Convert Vpopmail alias into qmail alias
Disabling Domain Keys
Failover replication
Hardening your toaster
Install EMPF patch
Integrate qms-analog for nice log stats
MySQL - Tuning for QMT
Qmail Log Backup Script
Rebuilding cdb files
Recovering from a blown upgrade
Rsync your backups
SSL on submission port
TCP Server limits configuration
How to Setup DKIM with Qmail Toaster
How to set up a mail list so that you can email ALL of your domains at one time
Resolving apparent login failures with SMTP and POP
Shutting down Qmail manually
WebMail
Clickable Banner
Squirrelmail Global Address Book
Webmail Client
Build Environment
Software and Infrastructure
Peripheral Software
Desktop
Remote Access
Collaboration (RTC)
AWS
QMQP
qmqpd
QMQP is a protocol designed to be used by clients for queuing messages to a smart host that handles the delivery. This relieves clients of the burden of maintaining a queue and retrying temporarily undeliverable messages. The protocol is defined at http://cr.yp.to/proto/qmqp.html. QMQP is similar to QMTP in that it minimizes the round trips necessary for handing messages to servers, but it doesn't implement relay control—so access to QMQP servers must be restricted to trusted clients. QMQP usually uses port 628. qmail includes both a QMQP server, qmail-qmqpd, and a QMQP client, qmail-qmqpc. A client system using qmail-qmqpc is known as a mini-qmail installation. Setting Up a QMQP Service Setting up a QMQP service is straightforward once you've installed qmail, daemon-tools, and ucspi-tcp as in Chapter 2, "Installing qmail." First, select a qmail server to be the QMQP smart host. All of the following actions must be taken on this host. Create the service's directory: # umask 022 # cd /var/qmail/supervise # mkdir qmail-qmqpd # cd qmail-qmqpd # chmod +t . # Using a text editor, create a new file called run containing: #!/bin/sh QMAILDUID='id -u qmaild' NOFILESGID='id -g qmaild' MAXQMQPD='head -1 /var/qmail/control/concurrencyqmqp' if [ -z "$MAXQMQPD" ]; then echo MAXQMQPD is unset in echo /var/qmail/supervise/qmail-qmqpd/run exit 1 fi exec /usr/local/bin/softlimit -m 2000000 \ /usr/local/bin/tcpserver -v -p -x /etc/tcp.qmqp.cdb -c "$MAXQMQPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 628 /var/qmail/bin/qmail-qmqpd 2>&1 Note Under Solaris, use /usr/xpg4/bin/id instead of id. Make the run script executable and set up the log directory: # chmod 755 run # mkdir log # cd log # Using a text editor, create a new file called run in the log directory containing: #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog \ t /var/log/qmail/qmqpd Make the log/run script executable and create the logging directory: # chmod 755 run # mkdir /var/log/qmail/qmqpd # chown qmaill /var/log/qmail/qmqpd # Using a text editor, create the /etc/tcp.qmqp access control file. Allow access only from trusted hosts, and explicitly deny access to all other hosts. For example, if you want to allow all hosts on the local network to queue messages, and the local network is 192.168.1.x, the file would contain this: 192.168.1.:allow :deny Build the machine-readable version of the access control database, /etc/tcp.qmqp.cdb: # tcprules /etc/tcp.qmqp.cdb /etc/tcp.qmqp.tmp </etc/tcp.qmqp # Create the concurrencyqmqp non-standard control file to limit simultaneous QMQP connections. For example, to set the limit to 40: # echo 40 > /var/qmail/control/concurrencyqmqp # Link the service directory to /service to activate it: # ln -s /var/qmail/supervise/qmail-qmqpd /service # The qmailctl could also be modified to control the QMQP service. Setting Up a QMQP Client (Mini-qmail) QMQP can be enabled on a system running qmail simply by replacing qmail-queue with a symbolic link to qmail-qmqpc and listing the QMQP servers in control/qmqpservers. However, a true mini-qmail installation is much simpler and smaller than a full qmail installation: There's no queue, so there's no need to run any daemons. A mini-qmail installation requires only qmail-qmqpc, forward, qmail-inject, sendmail, predate, datemail, mailsubj, qmail-showctl, maildirmake, maildir2mbox, maildirwatch, qail, elq, and pinq in /var/mini-qmail/bin A symbolic link to qmail-qmqpc from /var/mini-qmail/bin/qmail-queue Symbolic links to /var/mini-qmail/bin/sendmail from /usr/sbin/sendmail and /usr/lib/sendmail All of the man pages in /var/qmail/man A list of the IP addresses of the QMQP servers, one per line, in /var/mini-qmail/control/qmqpservers A copy of /var/qmail/control/me, /var/qmail/control/defaultdomain, and /var/qmail/control/plusdomain from your smart host, so qmail-inject will use appropriate host names in outgoing mail The local host's name in /var/mini-qmail/control/idhost, so qmail-inject will generate Message-ID's unique to the host A mini-qmail kit (http://www.din.or.jp/~ushijima/mini-qmail-kit.html) is available, which, combined with the full qmail-1.03 tarball, will install only the pieces that mini-qmail requires. We'll go through a mini-qmail installation using this kit: Download the mini-qmail kit using a Web browser or command-line tool. At the time of this writing, the current version is 0.63: $ wget http://www.din.or.jp/~ushijima/mini-qmail-kit/mini-qmail-kit-0.52.tar.gz —08:32:32— http://www.din.or.jp/%7Eushijima/mini-qmail-kit/mini-qmail-kit-0.52 .tar.gz => 'mini-qmail-kit-0.52.tar.gz' Connecting to www.din.or.jp:80. . . connected! HTTP request sent, awaiting response. . . 200 OK Length: 6,174 [application/x-tar] 0K -> . . .. . . [100%] 08:32:36 (3.51 KB/s) - 'mini-qmail-kit-0.52.tar.gz' saved [6174/6174] $ Unpack the kit and change to its directory: $ zcat mini-qmail-kit-0.52.tar.gz | tar xf - $ cd mini-qmail-kit-0.52 $ Unpack the qmail tarball under the current directory: $ zcat /tmp/qmail-1.03.tar.gz | tar xf - $ Build the mini-qmail Makefile: $ make -f Makefile.mini sed '/^auto_uids\.c:/,/^$/d' qmail-1.03/Makefile > Makefile cat Makefile.mini > Makefile while read file; \ do \ echo ''; \ echo "$file: qmail-1.03/$file"; \ echo "cat qmail-1.03/$file > $file"; \ done < FILES.qmail > Makefile $ Build the mini-qmail binaries and man pages: $ make mini cat qmail-1.03/warn-auto.sh > warn-auto.sh cat warn-auto.sh config-mini.sh \ | sed s}QMAIL}"'sed 1q conf-qmail'"}g \ ... nroff -man envelopes.5 > envelopes.0 cat qmail-1.03/forgeries.7 > forgeries.7 nroff -man forgeries.7 > forgeries.0 $ Install the binaries and man pages: $ su Password: rootpassword # make setup-mini ./install-mini # Configure the mini-qmail installation: # ./config-mini smarthost domain plusdomain localhostname\ > smarthostip # Putting smarthost into control/me. . . Putting domain into control/defaultdomain. . . Putting plusdomain into control/plusdomain. . . Putting localhostname into control/idhost. . . Putting smarthostip into control/qmqpservers. . . # For example, if the smart host is mail.example.com, with an IP address of 192.168.1.4, and the mini-qmail host is null.example.com, you might use something like this: # ./config-mini mail.example.com example.com example.com null.example.com \ > 192.168.1.4 Putting mail.example.com into control/me. . . Putting example.com into control/defaultdomain. . . Putting example.com into control/plusdomain. . . Putting null.example.com into control/idhost. . . Putting 192.168.1.4 into control/qmqpservers. . . # Test the mini-qmail installation. If your username on the smarthost is carolyn, do this: # echo to: carolyn | /var/mini-qmail/bin/qmail-inject # Verify that the message was delivered to your mailbox on the smarthost. Finally, set up links to mini-qmail's sendmail program: # rm -f /usr/lib/sendmail /usr/sbin/sendmail # ln -s /var/mini-qmail/bin/sendmail /usr/lib/sendmail # ln -s /var/mini-qmail/bin/sendmail /usr/sbin/sendmail # nullmailer nullmailer (http://www.untroubled.org/nullmailer/) is a simple MTA for null clients. It can use either SMTP or QMQP. It's similar to mini-qmail, except it implements a queue. If mini-qmail can't reach a server when a message is injected, it returns an error and the sending user or process is responsible for retrying the delivery later. nullmailer queues the message locally and automatically retries to send it to a server.