Qmail the MTA everybody loves and respect, but because it can seem overwhelming to install and set up, it’s also the one everybody hates as well, until it runs that is. This guide should however get you up running Qmail without to much hassle.
First Things First
To make sure you dont run into any issues there are a few preparations to be made.
Update ports. It’s vital that you are running an updated ports tree. You can update your ports tree like this.
portsnap fetch extract portsnap fetch update
Perl 5.24 is needed. If you run the Bash shell, your good to go as Bash will install Perl during installation. Otherwise run the following.
cd /usr/ports/lang/perl5.24 && make install clean BATCH=yes
When installing qmail it does some checks based on hostname. It’s important your host file is correct. The host file can be found here /etc/hosts you don’t need to have a real “fqdn” name .local will work as well. A typical example could look like below. Now please don’t be stupid and just copy and paste the example below, your a supposed to adjust the values to suit your needs.
::1 localhost localhost.yourdomain.xyz 127.0.0.1 localhost localhost.yourdomain.xyz # This Host xxx.xxx.xxx.xxx domain xxx.xxx.xxx.xxx domain.xyz xxx.xxx.xxx.xxx domain.xyz.
Make sure your perl location is adequate. Quite a few perl scripts will be running, all assuming perl to be located in /usr/bin
cd /usr/bin mv perl perl.old ln -s /usr/local/bin/perl perl
If you plan on using qmail-scanner you will need to replace unzip with a newer version like this.
cd /usr/ports/archivers/unzip && make install clean BATCH=yes cd /usr/bin mv unzip unzip.old ln -s /usr/local/bin/unzip unzip
We also need the following to be present on the system. Portdowngrade, Curl and Wget. You can install those like this.
cd /usr/ports/ftp/curl && make install clean BATCH=yes cd /usr/ports/ftp/wget && make install clean BATCH=yes cd /usr/ports/ports-mgmt/portdowngrade && make install clean BATCH=yes
Right FreeBSD ports is shipped with netqmail and since we need qmail we will have to use portdowngrade to get that one.
cd /usr/ports/mail rm -dfr qmail mkdir /usr/ports/mail/qmail /usr/local/sbin/portdowngrade mail/qmail r355269 cd /usr/ports/mail/qmail make WITHOUT="RCDLINK" install clean rm -dfr /var/qmail/queue
When the option screen pops up nothing should be selected [screenshot]. Next hit “Ok” to proceed.
Note: you may get an error saying:
Your hostname is somehostname.xyz.
Sorry, I couldn’t find your host’s canonical name in DNS.
You will have to set up control/me yourself.
This can safely be ignored as we will reset the control files anyway. Or you can fix it by adjusting your /etc/hosts
Adding users and groups.
pw groupadd nofiles pw groupadd vchkpw -g 89 pw groupadd qscand pw useradd vpopmail -u 89 -g vchkpw -m -d /usr/home/vpopmail -s /sbin/nologin pw useradd qscand -s /sbin/nologin -d /tmp mkdir /var/log/qmail mkdir /var/log/qmail/qmail-send /var/log/qmail/dovecot /var/log/qmail/qmail-smtpd /var/log/qmail/qmail-smtpd-ssl /var/log/qmail/qmail-smtpd-tls /var/log/qmail/qmail-scanner chown -R qmaill:wheel /var/log/qmail chmod -R 750 /var/log/qmail mkdir -p /var/qmail/supervise mkdir /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd-ssl /var/qmail/supervise/qmail-smtpd-ssl/log/ /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3d/log /var/qmail/supervise/dovecot /var/qmail/supervise/qmail-smtpd/log /var/qmail/supervise/qmail-send/log /var/qmail/supervise/qmail-smtpd-tls /var/qmail/supervise/qmail-smtpd-tls/log/ chmod +t /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-smtpd-ssl /var/qmail/supervise/qmail-smtpd-tls /var/qmail/supervise/dovecot
Instead of copy / paste the above you can run the script below.
cd ~root fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-users.sh chmod 755 qmail-users.sh ./qmail-users.sh rm qmail-users.sh
Download the qmail source for patching.
cd ~root fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-1.03.tar.gz tar zxvf qmail-1.03.tar.gz rm qmail-1.03.tar.gz
Note: The needed patches are included in the tarball to make things a bit easier. If you are interested in John Simpson’s latest patches you can find them [here]. I recomend patching with 7.07 stable. If you want to try out 7.08 just replace qmail-1.03-jms1.7.07.patch with qmail-1.03-jms1.7.08.patch below.
cd ~root/qmail-1.03 patch < qmail-1.03-jms1.7.07.patch
Next patch for local mail accounts. This needs to be patched regardless of you having local mail accounts or not.
tar zxvf qmailfix.tgz
And the last patch we need to apply is a 64 bit patch.
patch < qmail64patch
Ok let's test this by doing a test flight.
make man make setup check
Based on qmails perhaps "wrong" assumptions while doing a some system queries we need to empty the control files before we proceed.
:> /var/qmail/control/me :> /var/qmail/control/defaultdomain :> /var/qmail/control/plusdomain :> /var/qmail/control/rcpthosts
We will configure qmail to use the machines hostname. You can find you hostname running this command.
Now run the following and exchange "hostname" with the hostname you got from above. Please people do not actually type "hostname" on the line below - Yes you know who you are...
Let's make sure the file “locals” located in /var/qmail/control/locals is empty.
A few things still needs to be applied.
cd /var/qmail/bin fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-bin.tgz tar zxvf qmail-bin.tgz rm qmail-bin.tgz cd /var/qmail/queue touch /var/qmail/queue/lock/sendmutex chown qmails:qmail /var/qmail/queue/lock/sendmutex
cd /usr/ports/sysutils/ucspi-tcp make WITHOUT="IPV6" WITH="RSS_DIFF SSL" install clean
When the option screen for daemontools pops up just hit "Ok".
cd /usr/ports/sysutils/daemontools make install clean BATCH=yes
Next we need to set up the svscan service.
mkdir /service csh -cf '/usr/local/bin/svscanboot &' echo "csh -cf '/usr/local/bin/svscanboot &'" >> /etc/rc.local rm /usr/local/etc/rc.d/svscan
Check if it's running as intended.
ps -waux | grep svscan |head -2
You should get an output very similar like the one below.
root 6426 0.0 0.1 17096 2504 0 I 1:29PM 0:00.00 /bin/sh /usr/local/bin/svscanboot root 6428 0.0 0.1 12408 1844 0 S 1:29PM 0:00.01 svscan /service
cd /usr/ports/mail/autorespond make install clean
cd /usr/ports/mail/ezmlm-idx make install clean BATCH=yes
When the option screen pops up just hit "Ok".
Let's get the "stock" ezmlm configuration files in place. There is no need to alter those they work fine out of the box.
cp /usr/local/etc/ezmlm/ezmlmglrc.sample /usr/local/etc/ezmlm/ezmlmglrc cp /usr/local/etc/ezmlm/ezmlmrc.sample /usr/local/etc/ezmlm/ezmlmrc cp /usr/local/etc/ezmlm/ezmlmsubrc.sample /usr/local/etc/ezmlm/ezmlmsubrc
Installing Vpopmail With Onchange
Vpopmail does not automatically register changes on the system as to regards of adding / removing domains and adding / removing users. John Simpson wrote a patch 1 among many for qmail. This patch we will apply checks for the appropriate changes that vpopmail needs to know about for us. You can read more about the patch [here]. Before installing we need to prepare a few things first.
cd ~vpopmail fetch http://www.xfiles.dk/content/files/freebsd-qmail/skel.tgz tar zxvf skel.tgz chown -R vpopmail:vchkpw skel/ chmod -R 700 skel/ rm skel.tgz cd /usr/local ln -s /home/vpopmail /usr/local/vpopmail
Now setup vpopmail to run from daemontools.
cd /var/qmail/supervise mkdir -m 1755 qmail-updater mkdir -m 755 qmail-updater/log mkdir /var/log/qmail/qmail-updater cd qmail-updater/log fetch http://www.xfiles.dk/content/files/freebsd-qmail/vpopmail-run mv vpopmail-run run chmod 755 run
Install the qmail-updater files.
cd /var/qmail/supervise/qmail-updater fetch http://www.xfiles.dk/content/files/freebsd-qmail/pipe-watcher fetch http://www.xfiles.dk/content/files/freebsd-qmail/update-qmail fetch http://www.xfiles.dk/content/files/freebsd-qmail/update-qmail-service mv update-qmail-service run chmod 755 pipe-watcher update-qmail run
Next setup qmail-updater to run from daemontools.
ln -s /var/qmail/supervise/qmail-updater /service/
Check if qmail-updater is running.
svstat /service/qmail-updater /service/qmail-updater/log
You should get an output similar to the one below.
/service/qmail-updater: up (pid 9495) 7 seconds /service/qmail-updater/log: up (pid 9492) 7 seconds
Now we can install vpopmail.
cd /usr/ports/mail/vpopmail make CONFIGURE_ARGS="--enable-logging=p --enable-onchange-script" make WITH="ONCHANGE_SCRIPT" install clean
When you get the popup be sure that ONCHANGE_SCRIPT is checked then hit ok to install.
Invoke the onchange script.
cd ~vpopmail/etc fetch http://www.xfiles.dk/content/files/freebsd-qmail/onchange chown vpopmail:vchkpw ~vpopmail/etc/onchange chmod 750 ~vpopmail/etc/onchange chmod +x ~vpopmail/etc/onchange
Open a Open a second session to your server and run the following command in order to monitor the onchange script behaviour.
tail -f /var/log/qmail/qmail-updater/current | tai64nlocal
In the other session add a domain. Check the other session to see if onchange catches the change. If it does we can continue.
cd ~vpopmail/bin ./vadddomain domain.com password
If onchange is working you should see an entry as below on your second session. And we can continue. If you are not getting this output I advise you to stop right here and start again from the "Installing Vpopmail With Onchange" section. Until it works as intended.
2017-04-05 12:19:32.443243500 Starting 2017-04-05 12:19:32.443246500 locals has changed 2017-04-05 12:19:32.443247500 Sending HUP to qmail-send 2017-04-05 12:58:55.676714500 virtualdomains has changed 2017-04-05 12:58:55.676715500 locals has changed 2017-04-05 12:58:55.676716500 Sending HUP to qmail-send
Setting Vpopmail permissions.
cd ~vpopmail/bin chmod 6711 vchkpw chown vpopmail:vchkpw vchkpw
cd /usr/ports/databases/cdb make install clean
Next we need to install the CDB_File perl module. This in done through CPAN. So start up CPAN like this.
And from here we will install the CDB_File perl module.
Once this is done quit cpan using the following command.
Now we can setup validrcptto.
cd /usr/local/bin fetch http://www.xfiles.dk/content/files/freebsd-qmail/mkvalidrcptto chmod 755 mkvalidrcptto
Let's see if validrcptto works and can find the CDB module. Run the following command as a non-priviliged user.
perl -c /usr/local/bin/mkvalidrcptto
If everything is fine you should get an output like below.
/usr/local/bin/mkvalidrcptto syntax OK
Final test if you added a domain earlier validrcptto should be able to generate a list of every email address you have added.
You should see a listing of user(s) and domains similar listed like on the line below.
The ValidRCPTTO script consist of two parts one that reads the information like users and domains from the system. And the other part which is actually writing that information to the cdb file for use with qmail-smtp. In order for part 2 to work it needs an initial cdb file to write to. so let’s create that.
cd /var/qmail/control mkvalidrcptto -c validrcptto.cdb
cd /usr/ports/mail/maildrop make install clean ln -s /usr/local/bin/maildrop-deliverquota /usr/local/bin/deliverquota
When you get the popup be sure that AUTH_VCHKPW is checked then hit ok to install.
Now even after all these years using FreeBSD I still don’t have the slightest idea on how to uninstall and remove sendmail. I wonder if that is actually possible. But I know how to stop it from starting up and preventing sendmail from being used by other programs. So let’s do that, since we will be using qmail from now on.
killall sendmail mv /usr/sbin/sendmail /usr/sbin/sendmail.old chmod 0 /usr/sbin/sendmail.old echo "sendmail_enable=NONE" >> /etc/rc.conf echo "sendmail_submit_enable=NO" >> /etc/rc.conf echo "sendmail_outbound_enable=NO" >> /etc/rc.conf echo "sendmail_msp_queue_enable=NO" >> /etc/rc.conf echo "NO_SENDMAIL=yes" >> /etc/make.conf echo "NO_MAILWRAPPER=yes" >> /etc/make.conf ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
If you are using periodic.conf disable clean-purgestat. Edit the file /etc/defaults/periodic.conf and find the following line.
And change it to "NO"
The last bit consists of a lot of supervising scripts that needs to be put in the right places. And a few control files that needs to be changed in order to reflect your system.
cd /root fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail.tar.gz tar zxvfp qmail.tar.gz rm qmail.tar.gz cd qmail
There a 2 files that needs to be changed before we can proceed. The first file is the one called smtpd_run in that file find the following line and replace xx.xx.xx.xx with your machines IP address.
# options for tcpserver/sslserver IP=xx.xx.xx.xx PORT=25 SSL=0 SSL_CERT="$VQ/control/servercert.pem" SMTP_CDB="/etc/tcp/smtp.cdb" MAX=30 # these require the "tcpserver limits"
Next we need to change the pop3 greeting which we do in this file pop3d_run please change this regardless if you are going to enable the pop3 service or not.
#!/bin/sh PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin export PATH exec tcpserver -H -R -v -c100 \ -x /etc/tcp/smtp.cdb \ 0 110 \ qmail-popup domain.xyz \ /usr/home/vpopmail/bin/vchkpw qmail-pop3d Maildir 2>&1
Set up some necessary mail aliases. Replace “domain.xyz” with the domain you would like these email to go to. Please don't skip this part as things may not work as intended if you do so.
echo [email protected] > /var/qmail/alias/.qmail-root echo [email protected] > /var/qmail/alias/.qmail-postmaster echo [email protected] > /var/qmail/alias/.qmail-mailer-daemon
And finally run the script that puts everything in the right places.
Once done we can delete the qmail folder in /root
cd /root rm -R qmail
If everything is working as intended you should get an output similar like the one below.
Starting qmail Services Starting qmail-send Starting qmail-smtpd Starting qmail-pop3d Starting qmail-updater
We can check what is running by issuing the following command.
You should get a result like the one below.
/service/qmail-send: up (pid 2849) 32 seconds /service/qmail-send/log: up (pid 2850) 32 seconds /service/qmail-smtpd: up (pid 2854) 32 seconds /service/qmail-smtpd/log: up (pid 2853) 32 seconds /service/qmail-pop3d: up (pid 2851) 32 seconds /service/qmail-pop3d/log: up (pid 2852) 32 seconds /service/qmail-updater: up (pid 650) 1374 seconds /service/qmail-updater/log: up (pid 651) 1374 seconds messages in queue: 0 messages in queue but not yet preprocessed: 0
And we are done here.