qmail is an Email server designed by Dan Bernstein. We base
our mail services on the last available version of Andre Oppermans
qmail-ldap, release 31, 20120221. qmail-ldap allows qmail to
get account information from an LDAP directory.
Prerequisites
- resolution
- hostname
- local software
- ipsvd
- runit
sudo -i # Install compile dependences apt-get install nettle-dev libldap2-dev libsasl2-dev libgnutls28-dev libssl-dev
# Set up required users and groups apt install qmail-uids-gids
# Create Debian compatibility link: ln -nfs /var/qmail /var/lib/qmail
# Add the administrator to the qmail group adduser $USER qmail
exit
# Log out and in again to get access to the
qmailgroup.Installing
sudo true # Get qmail-ldap sources cd /opt || cat >&2 darcs get http://at.magma-soft.at/darcs/qmail-ldap # Compile and Install cd /opt/qmail-ldap || >&2 make sudo make setup check # Create convenience/conformance links for c in qmail-qstat qmail-showctl qmail-qread; do ln -fs /var/qmail/bin/$c /usr/local/bin; done sudo ln -fs /var/qmail/control /etc/qmail sudo ln -fs /var/qmail/bin/sendmail /usr/sbin/sendmail
Set up
Minimal configuration:
sudo chgrp staff /var/qmail/control sudo chmod g+ws /var/qmail/control cd /var/qmail/control echo ldapi:/// > ldapserver hostname -f > me hostname -f > rcpthosts
qmail-send - get mail off the server
- qmail-smtpd - get mail from the Internet and from users
Additional/Cluster set up
control directory
sudo true cd /var/qmail/control || cat >&2 # Basics echo magma-soft.at > doublebouncehost echo postmaster-db > doublebounceto hostname -f > locals echo magma-soft.at > plusdomain # LDAP echo dc=magma-soft,dc=at > ldapbasedn echo cn=$(hostname),ou=qmail,dc=magma-soft,dc=at > ldaplogin echo qmailUser > ldapobjectclass echo ./Maildir/ > ldapmessagestore echo 0 > ldaplocaldelivery echo 1 > ldaprebind echo 1 > ldapcluster # mbox user on homeserver, needed as fallback on all servers echo 2000 > ldapuid echo 2000 > ldapgid touch smtpclustercookie chmod 775 smtpclustercookie # prepare secrets files touch ldappassword chmod 460 ldappassword sudo chown qmaild ldappassword # Paste smtpclustercookie value here, save with Ctrl+D cat > smtpclustercookie # Paste ldappassword value here, save with Ctrl+D cat > ldappassword
locals: all domains - even if not received on this host, will be dispatched via cluster.rbl -
rblllistrcpthosts:localsare already included with qmail-ldap. Only add “virtual” domains.Clean up unused qmail-ldap files
rm qmail-smtpd.rules qmail-pop3d.rules qmail-imapd.rules qmail-qmqpd.rules
Set up the aliases.
Set up TLS
MX server
Route all messages through homeserver and receive/dispatch email for the mail domain:
cd /var/qmail/control || cat >&2 cat > smtproutes <<EOF # $USER $(date -uIs) :a.mta.magma-soft.at EOF domainname >> locals
In order to forward to the cluster, ?qmqpd must be set up there and access given to the IP of the MX server.
Notes:
- The shnippet supposes, that the ?domainname of the host ist
the mail domain for which email is to be received. Modify
localsto your needs, if this is not the case.
qmail-ldap access user
On the provider slapd,
ldap.magma-soft.at, add asimpleSecurityObjectwith dn:cn=$(hostname),ou=qmail,dc=magma-soft,dc=at userPassword=$PASSWORDOn the local slapd in
cn=configfind theolcDatabaseconfiguration witholcSuffic: dc=magma-soft,dc=atand the following access control before the last entry:to * by dn.onelevel=ou=qmail,dc=magma-soft,dc=at read by * breakThis binddn must be able to find all
qmailUsersby theirmailandmailAlternateAddressentries.Add the following
olcDbIndexattributes:mail,mailalternateAddress,ou eq uniqueMember eqToDo
- The standard qmail-ldap Makefile has an ’ all’ target, which we do not really want, neither do we need/want all the .cdb’s. Maybe change it in the source. locals and rcpthosts are really small on our system.
Subpages