Qmail Howto | Go Back
11) Installing and configuring VMailMgr
To install VMailMgr, we need to run configure and make just like we do on any other source distributions:
# cd /usr/local/src
# tar zxf vmailmgr-0.97.tar.gz
# cd vmailmgr-0.97
# ./configure
# make
# make install
# cd ..
# tar zxf vmailmgr-tools-0.2.tar.gz
# cd vmailmgr-tools-0.2
# make
# ./installer
If you receive an error for vmailmgr-tools compilation, edit vcheckquota.c, go to line 36 and simply put the sentence “Warning: the soft…blah blah” in one line. Type make again and the problem should go away. Let’s configure VMailMgr to work with our domain.
# groupadd email
# mkdir /home/email
# chmod 755 /home/email
Apart from the main installation, we’ll have to configure VMailMgr as well. This step is required for controlling user quotas, auto-responder and some
other things.
# mkdir /etc/vmailmgr
# chmod 755 /etc/vmailmgr
# cd /etc/vmailmgr
# ln -s /etc/vmailmgr /usr/local/etc/vmailmgr
# echo ./Maildir/ > default-maildir
# echo maildir > maildir-arg-str
# echo passwd > password-file
# echo /tmp/.vmailmgrd > socket-file
# echo users > user-dir
Create a file called vdeliver-predeliver (vi vdeliver-predeliver), then copy-paste the following:
#!/bin/sh
/usr/local/bin/vcheckquota
Then, change permissions of the files in the folder:
# chmod 755 /etc/vmailmgr/*
The directory /etc/vmailmgr is created for vmailmgr configuration files. The echo commands given above control the way vmailmgr will be handling directories and mail processing. Basically, we are telling vmailmgr that the password file for keeping users’ passwords will be “passwd” and the directory that will contain individual user accounts will be “users”. The “vdeliver-predeliver” lines will launch “vcheckquota”, which will check a user’s quota limits before delivering a message. You can change the above settings to fit your needs, but I would recommend using the default settings provided in this guide.
Now we need to create a set of scripts that should help us out a lot in adding and removing virtual domains. Download the file add_virt from this server and place it in /usr/local/bin.
The script is pretty simple. The first line sets a variable DGID (group ID) to “email”, which is used while executing useradd to add a virtual domain to the system. The second line sets DHOME to “/home/email”, which will be the base directory for all virtual domains you’ll be creating in the future. QHOME is the directory where qmail is installed. The next four lines check if the user is root (remember, only root account will be able to execute this script). If nothing is given in command line, the script will print “Usage: add_virt newdomain.com”, for those who don’t know or forgot the script usage. Next, the script checks if the virtual domain already exists, by going through the system /etc/passwd file. Don’t worry, the scipt will not screw up or damage your passwd file. Vmailmgr uses *nix authentication to verify virtual domains. However, it does not necessarily mean that you are leaving security holes. After creating the first test user, I will show you how to disable shell access to all created virtual domains for security purposes. When all the checks are completed successfully, the script will attempt to create the virtual domain you specified in command line. It will first launch useradd and add the domain. Then, it will prompt you to change the password for the created virtual domain. Next, the script will add the domain to /var/qmail/control/virtualdomains and /var/qmail/control/rcpthosts. The next line executes vsetup, which takes care of setting up a virtual domain for its first use. And finally, the last three commands will restart qmail, so that the new settings take effect. If everything went without a glitch, the script will print out “All done! Domain newdomain.com created.”
Now, get the second file remove_virt and also place it in /usr/local/bin.
This script does the reverse of add_virt - i.e. it will remove the specified virtual domain from the system. Again, QHOME is where your qmail is installed. Another check for root user is run to prevent regular users from attempting to execute this script. If nothing is specified in command line, the script prints “Usage: remove_virt domain.com”. Next, a quick check that tests the existence of the virtual domain in /etc/passwd is run. If the domain is found, the root account will be asked to confirm the deletion of the specified domain and all of its users. If “y” is received, the account is deleted from the system via userdel. If nothing or “n” is received, the script exits with “Aborted.” message. Once userdel removes the system account, the script changes directory to /var/qmail/control and removes the deleted virtual domain from “virtualdomains” and “rcpthosts” files (the grep and mv lines). The last three commands restart qmail, for changes to take effect. If everything went smoothly, the script prints out “All done! Domain deleteddomain.com deleted.”
Good, now we need to chmod those scripts, so that they are be executable. Plus, let’s test those scripts by creating a virtual domain (yourserver.com):
# chmod 755 /usr/local/bin/add_virt
# chmod 755 /usr/local/bin/remove_virt
# add_virt yourserver.com
Base Username [yourserver_com]:
Creating new domain ‘yourdomain.com’.
Domain base user created in /home/email/yourdomain.com.
Please provide domain password for VmailMgr.Changing password for user yourdomain_com.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Adding domain to control/virtualdomains…done
Adding records to control/rcpthosts…done
Setting up the domain dir for vmailmgr…
vsetup: created users directory.
vsetup: wrote ‘.qmail-default’ file.
vsetup: added alias ‘mailer-daemon’
vsetup: added alias ‘postmaster’
vsetup: added alias ‘root’
…done
Restarting Qmail…
All done! Domain yourdomain.com created.
After your type add_virt yourserver.com you’ll be asked for a password. Type the domain password and remember it - we’ll need it for domain administration later on. The script output will be similar to what you see above. If you get an error saying bash: /root/.bashrc: Permission denied in the middle of the script, just ignore it.
Let’s now create a test user at our domain. This user will be created solely for testing purposes. We’ll delete it after we are sure that everything is working properly.
# su - yourserver_com
# vadduser test
Enter the user’s new password:
Please type it again for verification:
vadduser: user ‘test’ successfully added
The account is created successfully. Remember or write down the password you specified - we’ll need the password later for testing our mail server. Once you are done adding the user, type “exit” to return to superuser shell.
Now we need to disable the created virtual domains’ shell access for security purposes. Launch your favorite editor and open /etc/passwd. Find the line with your created virtual domain. It will look something like this: yourserver_com:x:5007:5002::/home/email/yourserver.com:/bin/bash. Replace “/bin/bash” with either “/sbin/nologin” or “/bin/false”. This makes sure that even if someone steals your domain password, he/she will not be able to use the shell.
October 16th, 2008 at 11:09 pm
Nice tutorial. This is only the patch that I haven’t encountered a problem.
I hope you can add a patch such as validrcptto. This is nice patch. However, I’m getting a hunk failed when I’m trying to patch it after patching all the patch on your tutorial. Probably, some code doesn’t conform to validrcptto patch. I’m not a C programmer so I’m getting a hard time fixing the problem. Please inform me via my email ntserafica@yahoo.com if you have the patch.
This could be a great gift this coming christmas :)
October 3rd, 2008 at 7:19 am
So what if I want a more minimalistic solution. Basically I have a mail server that only needs to serve one site, and primarily outgoing mail. So no fancy stuff needed like multiple users and auto-responders.
I would like to have a suite of admin tools, for instance, being able to manually send an email that’s been stuck in the queue and watching the remote mail server response, ideally have a php script parse this information.
Hours on Google have really only given me scripts for the end-user, none for really managing the admin part of qmail.
September 5th, 2008 at 4:04 pm
> - Qmail Patches from http://megaz.arbuz.com
Where is the patches, i find but…
June 29th, 2008 at 2:03 pm
Nice tutorial. If anyone needs help, you can contact my via email on my website.
I could do it for free.
June 20th, 2008 at 7:22 pm
This was helpful. Thank you.
May 30th, 2008 at 10:10 am
Hi Nasim:
Have you tried to use CourierIMAP 4.3.1 (with AuthLib)?
I would appreciate your comments about it.
Thanks.
May 25th, 2008 at 2:29 am
Hi Nazim,
Sometimes I have an error when sending email(addresses which I used before or new):
An error occurred while sending mail.The mail server responded: sorry, that domain isn’t in my list of allowed rcpthosts(#5.7.1). Please check the message recipients and try again.
I thought that it something to do with timing out authentication so I have removed 900 from /etc/relay-ctrl/expiry(step 12->Installing Relay-CTRL; pagehttp://megaz.arbuz.com/2002/12/20/qmail-howto/4) but I’m still getting this error.
I’ll appreciate if you could advice on what could be wrong, please.
Thanks a lot in advance,
yuriy
May 24th, 2008 at 11:59 pm
Hi Nazim,
Problem with setting second virtual domain was sorted out. It turned out that one needs to restart qmail server after adding another virtual domain.
Also I have sorted an issue with 550 error page(I have wrote about it in one of my previous posts).
With virtual domain .qmail-default file should exist for each user. So solution was pretty simple: copy original .qmail-default to .qmail-USERNAME in /home/email/yourdomain/ folder. Also my /etc/tcp.smtp looks like this:
127.:allow,RELAYCLIENT=”",RBLSMTPD=”",QMAILQUEUE=”/var/qmail/bin/qmail-queue”
:allow,QMAILQUEUE=”/var/qmail/bin/qmail-scanner-queue.pl”,VERIFY=”"
May 6th, 2008 at 11:11 am
Hi Nazim.
I can telnet to my server and do all steps you have listed alright. It’s just when I’m trying to set additional virtual domain it stops receiving emails(one can still send emails though) even to the first virtual domain. When I remove the second virtual domain it will start to receive emails but only after couple hours.I reckon that it’s Qmail-Scanner coursing this problem. I probably leave this issue to sort later on(I’m planning to install another test server but will keep in mind using more than one domain then).
I have couple more issues which require immediate attention and I was trying to sort them out but no luck so far.
1. I need to set our email server to give a 550 error for an invalid address. I have used Andrew Richards’ qmail-verify patch(http://free.acrconsulting.co.uk/email/qmail-verify.html). I can see qmail-verify daemon is running on our server but it’s not rejecting non-existing users(so it’s accepting anything with our domain). The problem could be that /home/email/[virtual_domain]/.qmail-default telling that anything coming with this domain is valid.
But because I’m using virtual domain .qmail-default pipes to /usr/local/bin/vdeliver.So vdeliver is deciding who is right users on our server. Andrew suggested to remove /home/email/[virtual_domain]/.qmail-default but when I did it email server stopped to receive emials. Do you know what parameters I need to pass to /usr/local/bin/vdeliver in /home/email/[virtual_domain]/.qmail-default so qmail-verify can properly filter email users?
2. Due to the increase in the number of ISP’s blocking port 25 for third party mailservers I need to set on mail server additional port to answer SMTP request. I was looking on google and found the following link http://www.skorpionweb.org/archives/2005/09/running_qmail_s.php.
So I followed the logic in this article and set separate tcpserver which listens to different port:
1) Created /var/qmail/rc2 :
#!/bin/sh
PATH=”/var/qmail/bin:/usr/local/bin”
export PATH
cd /
qmail-start ./Maildir | setuidgid qmaill \
multilog t n50 s1000000 \
/var/qmail/logs/qmail2 &
2) Created /usr/local/bin/runmail2:
exec softlimit -m 10000000 \
envdir /etc/relay-ctrl relay-ctrl-chdir \
tcpserver -v -H -R -l $HOSTNAME -x /etc/tcp.smtp.cdb -c200 -u5002 -g5000 0 587 qmail-smtpd 2>&1 &
3) Created /var/qmail/logs/qmail2 and chown it to qmaill:nofiles.
Now I can start separate tcpserver with port 587 and everything looks healthy with but when I change port 25 to 587 and try to send mail I have got an error “…The server may be unavailable or refusing connection…”
I wonder whether I need to set another instance of qmail-smtpd(may be qmail-smtpd2, just guessing here).
Thanks a lot again for your time and effort to keep this site going & helping folks like myself :-)
Kind regards, yuriy