Netqmail enhancements

Prerequisites

For authentication, either use chkpassword or vpopmail.

Installation

I wanna find a way to install this that doesn't involve completely ignoring FHS.

mkdir /package
chmod 1755 /package
cd /package
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
tar -zxvf daemontools-0.76.tar.gz
mv admin/daemontools-0.76/ daemontools-0.76
rmdir admin/
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/daemontools-0.76.errno.patch
patch -p0 < daemontools-0.76.errno.patch
cd daemontools-0.76/
./package/install
cd ..
rm daemontools-0.76.tar.gz daemontools-0.76.errno.patch
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
tar -zxvf ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.a_record.patch
patch -p1 < ucspi-tcp-0.88.a_record.patch
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.errno.patch
patch -p1 < ucspi-tcp-0.88.errno.patch
wget http://www.qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.nobase.patch
patch -p1 < ucspi-tcp-0.88.nobase.patch
make
make setup check
tar jxvf libspf-1.0.0-p3.tar.bz2
cd libspf-1.0.0p3
./configure && make && make install
tar zxvf qmail-spp.tar.gz
tar zxvf netqmail-1.05.tar.gz
cd netqmail-1.05
./collate.sh
cd netqmail-1.05
patch -Np1 -i ../../netqmail-1.05-tls-smtpauth-20060105.patch
patch -Np1 -i ../../netqmail-maildir++.patch
patch -Np1 -i ../../qmail-1.03-oversize-dns.patch
patch -Np1 -i ../../big-concurrency.patch
patch -Np0 -i ../../qmail-spp-0.41/netqmail-spp-smtpauth-tls.diff
echo "500" > conf-spawn
echo "199" > conf-split
pw groupadd nofiles
pw useradd alias -g nofiles -d /var/qmail/alias -s /sbin/nologin
pw useradd qmaild -g nofiles -d /var/qmail -s /sbin/nologin
pw useradd qmaill -g nofiles -d /var/qmail -s /sbin/nologin
pw useradd qmailp -g nofiles -d /var/qmail -s /sbin/nologin
pw groupadd qmail
pw useradd qmailq -g qmail -d /var/qmail -s /sbin/nologin
pw useradd qmailr -g qmail -d /var/qmail -s /sbin/nologin
pw useradd qmails -g qmail -d /var/qmail -s /sbin/nologin
make
make setup check
make cert
make tmprsadh
touch /var/qmail/control/smtpplugins

At this point, you probably need to pick which startup script you want from /var/qmail/boot and copy it to /var/qmail/rc

cp /var/qmail/boot/home /var/qmail/rc

Most configuration instructions pulled from http://sylvestre.ledru.info/howto/howto_qmail_vpopmail.php with intelligent interpretation and modification.

mkdir /service
chmod 755 /service
mkdir /var/qmail/supervise
chmod 755 /var/qmail/supervise

mkdir /var/qmail/supervise/qmail-smtpd
mkdir /var/qmail/supervise/qmail-smtpd/log
chmod +t /var/qmail/supervise/qmail-smtpd

mkdir /var/qmail/supervise/qmail-send
mkdir /var/qmail/supervise/qmail-send/log
chmod +t /var/qmail/supervise/qmail-send

mkdir /var/qmail/supervise/qmail-pop3d
mkdir /var/qmail/supervise/qmail-pop3d/log
chmod +t /var/qmail/supervise/qmail-pop3d

ln -s /var/qmail/supervise/* /service/

/var/qmail/supervise/qmail-send/run:

#!/bin/sh
exec env - PATH="/var/qmail/bin:/usr/local/bin" qmail-start ./Maildir/

/var/qmail/supervise/qmail-send/log/run:

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-send 2>&1

/var/qmail/supervise/qmail-smtpd/run

#!/bin/sh

# Without SMTPAUTH user 92 is qmaild, group 91 is nofiles
#exec /usr/local/bin/tcpserver -x/usr/home/admin/siteban/tcp.smtp.cdb -p -R -u92 -g91 -v -c100 0 smtp rblsmtpd -r relays.ordb.org /var/qmail/bin/qmail-smtpd 2>&1

# With SMTPAUTH, using vchkpw. Group 98 is vchkpw
exec /usr/local/bin/tcpserver -x/usr/home/admin/siteban/tcp.smtp.cdb -p -R -u92 -g98 -v -c100 0 smtp rblsmtpd -r relays.ordb.org /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /usr/bin/true 2>&1

/var/qmail/supervise/qmail-smtpd/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-smtpd 2>&1

/var/qmail/supervise/qmail-pop3d/run

#!/bin/sh
# Without SMTPAUTH
#exec /usr/local/bin/tcpserver -H -R -v -c100 0 pop3 /var/qmail/bin/qmail-popup pizzabox.cyberleo.net /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1

# The modifications to allow SMTPAUTH to work require a setuid binary, which must not be world-execute.
# So we group this, even though it runs as root and would work anyways, just to be thorough.
/usr/local/bin/tcpserver -H -R -v -c100 -g98 0 pop3 /var/qmail/bin/qmail-popup pizzabox.cyberleo.net /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1

If SMTP is taking around 30 seconds for the initial message to appear, try adding -l0 or -l<server_FQDN> to the tcpserver options. It might not be able to find its own domain name.
/var/qmail/supervise/qmail-pop3d/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s100000 n20 /var/log/qmail/qmail-pop3d 2>&1

Make sure all run files are executable (they are shellscripts, after all) and make sure that the directories in /var/log/qmail exist and are writable by the user specified in the log/run script (qmaill).

/etc/inittab:

Getting the various authentication schemes working was really a pain.

In the end:

-rws--x--- vpopmail vchkpw ~vpopmail/bin/valias
-rws--x--- vpopmail vchkpw ~vpopmail/bin/vchkpw
-rws--x--- vpopmail vchkpw ~vpopmail/bin/vdominfo
-rws--x--- root     vchkpw ~vpopmail/bin/vuserinfo <-- ??? If owned vpopmail, 'Error: unable to setuid'
-rwxr-x--- vpopmail vchkpw ~vpopmail/domains/ <-- Children permissions similar.

Needed:

IP blacklist, domain blacklist
hide addresses from external users
plugins
store email in /var/mail

PHP Warning

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead:"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead"

Warning: "preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead:"