-
Notifications
You must be signed in to change notification settings - Fork 75
Install
pw user add smtpd -m
cd ~smtpd
fetch https://github.com/smtpd/qpsmtpd/archive/v0.92.tar.gz
tar -xzf v0.92.tar.gz
mv qpsmtpd-0.92 smtpd
cd smtpd
cp -r config.sample config
perl bin/install_deps.pl
There's quite a few required dependencies, and a number of optional ones too. The installer attempts to install them all. If some don't install, it's probably okay. We'll get errors in the logs soon that tell us if anything is broken.
If an existing SMTP server is already listening to port 25, modify the run.tcpserver file and change the port to another port you can use for testing, such as 2500, or 2525.
cat run.tcpserver | sed -E -e 's/PORT=25/PORT=2500/' > run
chmod 755 run
./run
At this point, QP is up and running and listening on port 25(00). Open another terminal session and connect to QP with netcat.
nc mail.example.com 25(00)
Netcat should return the output of QP, and it'll look like this:
220 mail.example.com ESMTP qpsmtpd 0.92 ready; send us your mail, but not your spam.
You should also see output in your first terminal session that looks somewhat like this:
tcpserver: status: 0/10
tcpserver: status: 1/10
tcpserver: pid 21539 from 192.nn.nn.nnn
tcpserver: ok 21539 mail.example.com:NNN.NN.NN.NN:2500 mypc.example.com:192.NN.NN.NNN::57490
21539 Loaded Qpsmtpd::Plugin::logging::warn=HASH(0xbcad28)
21539 dspam: error, dspam CLI binary not found: install dspam and/or set dspam_bin
21539 Connection from mypc.example.com [NNN.NN.NN.NNN]
21539 dspam: error, dspam CLI binary not found: install dspam and/or set dspam_bin
21539 (connect) ident::geoip: US
21539 (connect) fcrdns: forward network match
21539 (connect) fcrdns: pass
21539 (connect) earlytalker: pass, not spontaneous
21539 (connect) relay: skip, no match
21539 (connect) dnsbl: pass
21539 220 mail.example.com ESMTP qpsmtpd 0.92 ready; send us your mail, but not your spam.
QP is complaining about dspam not being found. You can ignore that, or install dspam. For now let us continue with the SMTP conversation:
EHLO mypc.example.com
And the server will respond with something like:
250-mail.example.com Hi mypc.example.com [192.nn.nn.nnn]
250-PIPELINING
250-8BITMIME
250 AUTH PLAIN LOGIN CRAM-MD5
And now lets end the connection:
QUIT
221 mail.example.com closing connection. Have a wonderful day.
In the last line, the SMTP server was advertising its capabilities. Our server is not yet advertising STARTTLS, to enable secure connections. Fix that by following the instructions on the Install.Starttls page.
At this point, QP is installed but we haven't specified a queue, so QP doesn't know what to do with messages that arrive. Edit the plugin configuration page and specify a queue:
cd ~smtpd/smtpd
vi config/plugins
The queue plugins are listed at the bottom of the file. Examples are provided for maildir, qmail-queue, and smtp-forward. There are additional queue plugins in the plugins/queue directory:
# ls plugins/queue/
exim-bsmtp postfix-queue smtp-forward
maildir qmail-queue
Restart QP.
cd ~smtpd
mkdir tmp
chmod 770 tmp
chown smtpd:clamav tmp
cd tmp
echo pwd > ~smtpd/smtpd/config/spool_dir
echo 0770 > ~smtpd/smtpd/config/spool_perms
The permissions are set up so that clamd, which will be called by the clamdscan plugin is able to read and write in the spool directory.
See the Install.Authentication page.
Set up qmail-deliverabled
Set up DKIM keys for domain(s)
cd ~smtpd/smtpd/config/dkim
./dkim_key_gen.sh example.com
Repeate the key generation for each domain you want to sign for.
Install the GeoIP City Lite database for enhanced functionality.
cd /usr/local/share/GeoIP
fetch http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
fetch http://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz
That's it. The GeoIP plugin will detect the city data and prefer it. Your log entries will look change from the first to the second pattern:
ident::geoip: US
ident::geoip: NA, US, Kansas City, 751 km
Well, the second pattern assumes that you installed Math::Complex, which provides the Trig functions necessary to calculate geodesic distance. The only reason to do that (besides raw geekery) is to use the too_far option with the GeoIP plugin. See the geoip plugin docs for details (perldoc plugins/ident/geoip).
Enable clamdscan in config/plugins
sed -I .bak -E -e 's/# virus/clamdscan/virus/clamdscan/'
Disable in config/plugins, or install and set it up
Forkserver
Shut down your existing SMTPd. Run QP manually.
./run.forkserver
Test. If everything works correctly, set QP up to run supervised:
ln -s ~smtpd/smtpd /var/service/