Home

cron qmail

======================================================
DEBIAN - Mail Server Basic Setup
======================================================

Files:
------

backup-pl.txt
logstatus-sh.txt
serverstate-sh.txt

1) System Administration
---------------------

1.0) Boot your system, and connect to it using a SSH-Client

1.1) System update, to get newest software/security updates.
This is something which should be done periodicaly, a
few times per month. Or maybe just when serious security
threats are announced under http://www.debian.org/security/#DSAS

apt-get update <-- refresh packages lists
apt-get upgrade <-- upgrades installed packages

2.1) Setup 2 cronjobs to monitor the system health and run nightly backups.
Please use the system crontab (/etc/crontab)

You can download the scripts from http://abbts.omx.ch/ .
Install them in /usr/local/sbin (and rename them: they are
called ".txt" to allow a download with wget or curl -> ".pl" or ".sh").

Commands you may need:
- wget (with "--user"... man wget for more information)
- mv to rename the files
- chmod (to make the scripts executable...)
- vi

2.1.1) script1: backup.pl : should be run every night
- create a backup directory: /home/BACKUP
- update the backup script at line: $backup_path
- now the script is making backups of:
/etc (keeps it 20 days)
/boot (5 days)
/usr/local/etc/ (15 days)
/bin (2 days)
/sbin (2 days)
-> update the script to backup your jabber setup: "/var/lib/jabber"
and home directory ("/home/LASTNAME") and make
it keep these backups 10 days long (":10" at the end).

2.1.2) script2: logstatus.sh: : should be run every 2 minutes, requires
serverstate.sh.
-> try to run it by hand, and then look at the contents of
/var/log/status/ it will take and save a "snapshot" of
system's "health" every 2 minutes: useful to debug issues/problems.
Look at the source code of serverstate.sh and try to understand
every command.

=======================================================

2) qmail Mail-Server (SMTP/POP3) Setup
-----------------------------------

2.1) Open http://www.lifewithqmail.com/lwq.html and have a short
look to the whole setup. You will setup the basic qmail
system (queue mangement, configuration), as well as 2
servers: SMTP (to send/relay mail messages) and POP3 (to
retrieve messages from the mailboxes).

2.2) Add personal unix accounts for remote access and mail tests:

adduser vorname (use test passwords like "abcdef",
adduser vorname2 they will be visible on screen later)
adduser vorname3
usw.

2.3) Login via notebook, and become root

ssh -l nachname 10.0.0.xyz
su -

2.4) check your software source to exclude CD/DVD:

kree.ch:~# cat /etc/apt/sources.list

Lines beginning by "deb cdrom" must be commented ("#" in the front)

2.5) Remove Debian default mail software (exim):

/etc/init.d/exim4 stop
apt-get remove exim4 exim4-base exim4-config exim4-daemon-light
(answer yes to the question)

2.6) Install required software to compile qmail

apt-get install libgdbm-dev gcc g++ patch make libc-dev libssl-dev wget bzip2

2.7) Open http://www.lifewithqmail.com/lwq.html#installation and follow
both the instructions from the documentation and from this script
below: the numbers like "(2.4)" are corresponding to the parts in
the lwq.html document.

(2.4) : Source code download

mkdir -p /usr/local/src
cd /usr/local/src

wget http://www.qmail.org/netqmail-1.06.tar.gz
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz

(2.5.2) Uncompress the packages

mkdir -p /package
mv daemontools-0.76.tar.gz /package
chmod 1755 /package

cd /usr/local/src
gunzip netqmail-1.06.tar.gz
tar xpf netqmail-1.06.tar
gunzip ucspi-tcp-0.88.tar.gz
tar xpf ucspi-tcp-0.88.tar
cd /package
gunzip daemontools-0.76.tar.gz
tar xpf daemontools-0.76.tar

(2.5.3) : create directory for the qmail installation

mkdir /var/qmail

(2.5.4) : add the necessary users and groups

groupadd nofiles
useradd -g nofiles -d /var/qmail/alias alias
useradd -g nofiles -d /var/qmail qmaild
useradd -g nofiles -d /var/qmail qmaill
useradd -g nofiles -d /var/qmail qmailp
groupadd qmail
useradd -g qmail -d /var/qmail qmailq
useradd -g qmail -d /var/qmail qmailr
useradd -g qmail -d /var/qmail qmails

cat /etc/passwd (to check if the account are there)

(2.5.5) : Compile and install qmail

cd /usr/local/src/netqmail-1.06
make setup check
./config-fast yourhostname.abbts.ch
(replace "yourhostname.abbts.ch" by your system's name from /etc/hosts)

-> this creates a few files in /var/qmail/control : qmail basic setup

(2.6) ; Compile and install ucspi-tcp (tcp server)

cd /usr/local/src/ucspi-tcp-0.88
patch < /usr/local/src/netqmail-1.06/other-patches/ucspi-tcp-0.88.errno.patch
make
make setup check

(2.7) : Compile and install daemontools (server tools, to manage services)

cd /package/admin/daemontools-0.76
cd src
patch < /usr/local/src/netqmail-1.06/other-patches/daemontools-0.76.errno.patch
cd ..
package/install

"ps fawux" shoud display something like:
root 6209 0.0 0.4 2644 Ss 0:00 /bin/sh /command/svscanboot
root 6211 0.0 0.1 1596 S 0:00 \_ svscan /service
root 6212 0.0 0.0 1424 S 0:00 \_ readproctitle service errors: ...

(2.8.1) Qmail Setup and Configuration

create the rc file according to the lifewithqmail documentation under (2.8.1):
( /var/qmail/rc )

chmod 755 /var/qmail/rc
mkdir /var/log/qmail

echo ./Maildir/ >/var/qmail/control/defaultdelivery

(2.8.2.1) Qmail manager Script

create and edit /var/qmail/bin/qmailctl
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin

(2.8.2.2) For the Logfiles

mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log

create following files according to the lifewithqmail docuentation:
/var/qmail/supervise/qmail-send/run
/var/qmail/supervise/qmail-send/log/run
/var/qmail/supervise/qmail-smtpd/run

echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming

create this according to the lifewithqmail docuentation:
/var/qmail/supervise/qmail-smtpd/log/run

chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run

mkdir -p /var/log/qmail/smtpd
chown qmaill /var/log/qmail /var/log/qmail/smtpd

ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service

-> this last line will start the qmail-send and qmail-smtpd daemons
(ps fawux to check how it looks like in the process list...)

(2.8.2.3) Permissions for the SMTP Server : everybody with IP Address starting
with 127. or 192. or 10. will be allowed to send and relay mails via the server.

echo '127.:allow,RELAYCLIENT=""' >>/etc/tcp.smtp
echo '192.:allow,RELAYCLIENT=""' >>/etc/tcp.smtp
echo '10.:allow,RELAYCLIENT=""' >>/etc/tcp.smtp
qmailctl cdb

(2.8.3) Binaries used by other programs on the system

ln -s /var/qmail/bin/sendmail /usr/lib
ln -s /var/qmail/bin/sendmail /usr/sbin

(2.8.4) Aliases to catch mails sent to root@ or postmaster@
(should exist on any mail server).

echo vorname > /var/qmail/alias/.qmail-root
(replace 'vorname' by one of your system accounts)
echo vorname > /var/qmail/alias/.qmail-postmaster
cd /var/qmail/alias/
ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
ln -s .qmail-postmaster /var/qmail/alias/.qmail-abuse
chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster

(2.9) Check if everything i running:

qmailctl stat

/service/qmail-send: up (pid 7261) 134 seconds
/service/qmail-send/log: up (pid 7264) 134 seconds
/service/qmail-smtpd: up (pid 7254) 134 seconds
/service/qmail-smtpd/log: up (pid 7258) 134 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0

ps fawux should display:

root 6209 0.0 0.4 /bin/sh /command/svscanboot
root 6211 0.0 0.1 \_ svscan /service
root 6306 0.0 0.1 | \_ supervise qmail-send
qmails 6359 0.0 0.1 | | \_ qmail-send
root 6368 0.0 0.1 | \_ qmail-lspawn ./Mailbox
qmailr 6369 0.0 0.1 | | \_ qmail-rspawn
qmailq 6370 0.0 0.1 | | \_ qmail-clean
root 6308 0.0 0.1 | \_ supervise log
qmaill 6360 0.0 0.1 | | \_ /usr/local/bin/multilog t /var/log/qmail
root 6310 0.0 0.1 | \_ supervise qmail-smtpd
qmaild 6362 0.0 0.2 | | \_ /usr/local/bin/tcpserver -v -R -l [...]
root 6312 0.0 0.1 | \_ supervise log
qmaill 6361 0.0 0.1 | \_ /usr/local/bin/multilog t /var/log/[...]

(2.10) Create mailboxes (Maildirs)

Create Mailboxes in your accounts

su - vorname
vorname@abbts1:~$ /var/qmail/bin/maildirmake Maildir

su - vorname2
vorname2@abbts1:~$ /var/qmail/bin/maildirmake Maildir

etc.

(Testing)

0) In another window, start monitoring the logs:

kree.ch:~# tail -f /var/log/qmail/current /var/log/qmail/smtpd/current

1) SMTP Session:

abbts1:~# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 yourhostname.abbts.ch ESMTP
EHLO
250-yourhostname.abbts.ch
250-PIPELINING
250 8BITMIME
MAIL FROM: omtest@somedomain.ext
250 ok
RCPT TO: vorname
250 ok
DATA
354 go ahead
Subject: test Mail

ok so?
gut!

.
250 ok 1200999831 qp 6515
quit
221 yourhostname.abbts.ch
Connection closed by foreign host.

Check if the mail is in the mailbox:

su - vorname
cd Maildir

om@abbts1:~/Maildir$ ls -laR
.:
total 20
drwx------ 5 om om 4096 2008-01-22 11:58 .
drwxr-xr-x 3 om om 4096 2008-01-22 11:58 ..
drwx------ 2 om om 4096 2008-01-22 11:58 cur
drwx------ 2 om om 4096 2008-01-22 12:00 new
drwx------ 2 om om 4096 2008-01-22 12:00 tmp

./cur:
total 8
drwx------ 2 om om 4096 2008-01-22 11:58 .
drwx------ 5 om om 4096 2008-01-22 11:58 ..

./new:
total 16
drwx------ 2 om om 4096 2008-01-22 12:00 .
drwx------ 5 om om 4096 2008-01-22 11:58 ..
-rw------- 1 om om 260 2008-01-22 12:00 1200999612.6464.abbts1

./tmp:
total 8
drwx------ 2 om om 4096 2008-01-22 12:00 .
drwx------ 5 om om 4096 2008-01-22 11:58 ..

cd new
cat 1200999612.6464.abbts1
-> should display the mail.

Check with a "MUA" (Mail User Agent):

rda@kree.ch:~$ cd
rda@kree.ch:~$ mutt -f Maildir/

(Test external delivery)

same as before with: RCPT TO: yourmail_address@readdomain.com
and with
RCPT TO: abbts@omx.ch

Watch the logs, especially if something goes wrong... : you should receive
the mail to your "real" (non abbts) account.

(5.2.1) - Setup of POP3 Server (qmail-pop3d)

now install: checkpassword from: http://cr.yp.to/checkpwd/install.html
-> required for the POP3 Authentication

cd /usr/local/src
wget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz

gunzip checkpassword-0.90.tar
tar -xf checkpassword-0.90.tar
cd checkpassword-0.90
patch < /usr/local/src/netqmail-1.06/other-patches/checkpassword-0.90.errno.patch
make setup check

and now installation of the pop3-server:

mkdir /var/qmail/supervise/qmail-pop3d

create following files according to the lifewithqmail docuentation:
/var/qmail/supervise/qmail-pop3d/run
/var/qmail/supervise/qmail-pop3d/log/run

mkdir /var/qmail/supervise/qmail-pop3d/log
mkdir /var/log/qmail/pop3d
chown qmaill /var/log/qmail/pop3d
chmod 755 /var/qmail/supervise/qmail-pop3d/run
chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
ln -s /var/qmail/supervise/qmail-pop3d /service

update /var/qmail/bin/qmailctl according to points 9. to 14.

qmailctl restart
cat /var/log/qmail/pop3d/current

"ps fauwx" should now display another process "qmail-pop3d" :
this is the POP3 server.

Test:

abbts1:~# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK <6873.1201000830@FQDN>
USER vorname
+OK
PASS abcd
-ERR authorization failed
Connection closed by foreign host.

abbts1:~# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK <6876.1201000838@FQDN>
USER vorname
+OK
PASS ******
+OK
STAT
+OK 1 260
RETR 1
+OK
Return-Path:
Delivered-To: om@yourhostname.abbts.ch
Received: (qmail 6459 invoked from network); 22 Jan 2008 11:00:09 -0000
Received: from localhost (HELO ) (127.0.0.1)
by yourhostname.abbts.ch with SMTP; 22 Jan 2008 11:00:09 -0000
Subject: abc

.
QUIT
+OK
Connection closed by foreign host.
abbts1:~#

If it does not work, try increasing the "softlimit" memory limit like
mentioned under (5.2.1.2), it may help...

=======================================================

Last Test:

Then: Setup the mail account on your own notebook, for example under
Outlook or Thunderbird:

POP3:
username: vorname
password: ******
hostname: IP Address

SMTP:
hostname: IP Address

Then:
- try to retrieve the mails via POP3
- try to send a mail to your account (vorname@yourhostname.abbts.ch)
- try to send a mail to a remote server (you mail address and abbts@omx.ch)

=======================================================