Guide On How To Install Qmail On FreeBSD

Guide On How To Install Qmail On FreeBSD 2017-08-23T11:25:22+00:00

A Step By Step Guide On How To Install Qmail On FreeBSD
Qmail the MTA everybody loves and respect, but because it can seem overwhelming to install and set up, it’s also the one everybody hates as well, until it runs that is. This guide should however get you up running Qmail without to much hassle.

First Things First

To make sure you dont run into any issues there are a few preparations to be made.

Update ports. It’s vital that you are running an updated ports tree. You can update your ports tree like this.

portsnap fetch extract
portsnap fetch update

Perl 5.24 is needed. If you run the Bash shell, your good to go as Bash will install Perl during installation. Otherwise run the following.

cd /usr/ports/lang/perl5.24 && make install clean BATCH=yes

When installing qmail it does some checks based on hostname. It’s important your host file is correct. The host file can be found here /etc/hosts you don’t need to have a real “fqdn” name .local will work as well. A typical example could look like below. Now please don’t be stupid and just copy and paste the example below, your a supposed to adjust the values to suit your needs.

::1                localhost localhost.yourdomain.xyz
127.0.0.1          localhost localhost.yourdomain.xyz

# This Host

xxx.xxx.xxx.xxx		domain
xxx.xxx.xxx.xxx		domain.xyz
xxx.xxx.xxx.xxx		domain.xyz.

Make sure your perl location is adequate. Quite a few perl scripts will be running, all assuming perl to be located in /usr/bin

cd /usr/bin
mv perl perl.old
ln -s /usr/local/bin/perl perl

If you plan on using qmail-scanner you will need to replace unzip with a newer version like this.

cd /usr/ports/archivers/unzip && make install clean BATCH=yes
cd /usr/bin
mv unzip unzip.old
ln -s /usr/local/bin/unzip unzip

We also need the following to be present on the system. Portdowngrade, Curl and Wget. You can install those like this.

cd /usr/ports/ftp/curl && make install clean BATCH=yes
cd /usr/ports/ftp/wget && make install clean BATCH=yes
cd /usr/ports/ports-mgmt/portdowngrade && make install clean BATCH=yes

Installing Qmail

Right FreeBSD ports is shipped with netqmail and since we need qmail we will have to use portdowngrade to get that one.

cd /usr/ports/mail
rm -dfr qmail
mkdir /usr/ports/mail/qmail
/usr/local/sbin/portdowngrade mail/qmail r355269
cd /usr/ports/mail/qmail
make WITHOUT="RCDLINK" install clean
rm -dfr /var/qmail/queue

When the option screen pops up nothing should be selected [screenshot]. Next hit “Ok” to proceed.

Note: you may get an error saying:

Your hostname is somehostname.xyz.
hard error
Sorry, I couldn’t find your host’s canonical name in DNS.
You will have to set up control/me yourself.

This can safely be ignored as we will reset the control files anyway. Or you can fix it by adjusting your /etc/hosts

Adding users and groups.

pw groupadd nofiles
pw groupadd vchkpw -g 89
pw groupadd qscand
pw useradd vpopmail -u 89 -g vchkpw -m -d /usr/home/vpopmail -s /sbin/nologin
pw useradd qscand -s /sbin/nologin -d /tmp
mkdir /var/log/qmail
mkdir /var/log/qmail/qmail-send /var/log/qmail/dovecot /var/log/qmail/qmail-smtpd /var/log/qmail/qmail-smtpd-ssl /var/log/qmail/qmail-smtpd-tls /var/log/qmail/qmail-scanner
chown -R qmaill:wheel /var/log/qmail
chmod -R 750 /var/log/qmail
mkdir -p /var/qmail/supervise
mkdir /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd-ssl /var/qmail/supervise/qmail-smtpd-ssl/log/ /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3d/log /var/qmail/supervise/dovecot /var/qmail/supervise/qmail-smtpd/log /var/qmail/supervise/qmail-send/log /var/qmail/supervise/qmail-smtpd-tls /var/qmail/supervise/qmail-smtpd-tls/log/
chmod +t /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-smtpd-ssl /var/qmail/supervise/qmail-smtpd-tls /var/qmail/supervise/dovecot

Instead of copy / paste the above you can run the script below.

cd ~root
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-users.sh
chmod 755 qmail-users.sh
./qmail-users.sh
rm qmail-users.sh 

Download the qmail source for patching.

cd ~root
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-1.03.tar.gz
tar zxvf qmail-1.03.tar.gz
rm qmail-1.03.tar.gz 

Note: The needed patches are included in the tarball to make things a bit easier. If you are interested in John Simpson’s latest patches you can find them [here]. I recomend patching with 7.07 stable. If you want to try out 7.08 just replace qmail-1.03-jms1.7.07.patch with qmail-1.03-jms1.7.08.patch below.

cd ~root/qmail-1.03
patch < qmail-1.03-jms1.7.07.patch

Next patch for local mail accounts. This needs to be patched regardless of you having local mail accounts or not.

tar zxvf qmailfix.tgz

And the last patch we need to apply is a 64 bit patch.

patch < qmail64patch

Ok let's test this by doing a test flight.

make man
make setup check

Based on qmails perhaps "wrong" assumptions while doing a some system queries we need to empty the control files before we proceed.

:> /var/qmail/control/me
:> /var/qmail/control/defaultdomain
:> /var/qmail/control/plusdomain
:> /var/qmail/control/rcpthosts

We will configure qmail to use the machines hostname. You can find you hostname running this command.

hostname

Now run the following and exchange "hostname" with the hostname you got from above. Please people do not actually type "hostname" on the line below - Yes you know who you are...

./config-fast hostname

Let's make sure the file “locals” located in /var/qmail/control/locals is empty.

:> /var/qmail/control/locals

A few things still needs to be applied.

cd /var/qmail/bin
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-bin.tgz
tar zxvf qmail-bin.tgz
rm qmail-bin.tgz
cd /var/qmail/queue
touch /var/qmail/queue/lock/sendmutex
chown qmails:qmail /var/qmail/queue/lock/sendmutex

Installing Ucspi-Tcp

cd /usr/ports/sysutils/ucspi-tcp
make WITHOUT="IPV6" WITH="RSS_DIFF SSL" install clean

When the option screen for daemontools pops up just hit "Ok".

Installing Daemontools

cd /usr/ports/sysutils/daemontools
make install clean BATCH=yes

Next we need to set up the svscan service.

mkdir /service
csh -cf '/usr/local/bin/svscanboot &'
echo "csh -cf '/usr/local/bin/svscanboot &'" >> /etc/rc.local
rm /usr/local/etc/rc.d/svscan

Check if it's running as intended.

ps -waux | grep svscan |head -2

You should get an output very similar like the one below.

root    6426  0.0  0.1 17096 2504  0  I  1:29PM  0:00.00 /bin/sh /usr/local/bin/svscanboot
root    6428  0.0  0.1 12408 1844  0  S  1:29PM  0:00.01 svscan /service

Installing Autorespond

cd /usr/ports/mail/autorespond
make install clean

Installing Ezmlm-IDX

cd /usr/ports/mail/ezmlm-idx
make install clean BATCH=yes

When the option screen pops up just hit "Ok".

Let's get the "stock" ezmlm configuration files in place. There is no need to alter those they work fine out of the box.

cp /usr/local/etc/ezmlm/ezmlmglrc.sample /usr/local/etc/ezmlm/ezmlmglrc
cp /usr/local/etc/ezmlm/ezmlmrc.sample /usr/local/etc/ezmlm/ezmlmrc
cp /usr/local/etc/ezmlm/ezmlmsubrc.sample /usr/local/etc/ezmlm/ezmlmsubrc

Installing Vpopmail With Onchange

Vpopmail does not automatically register changes on the system as to regards of adding / removing domains and adding / removing users. John Simpson wrote a patch 1 among many for qmail. This patch we will apply checks for the appropriate changes that vpopmail needs to know about for us. You can read more about the patch [here]. Before installing we need to prepare a few things first.

cd ~vpopmail
fetch http://www.xfiles.dk/content/files/freebsd-qmail/skel.tgz
tar zxvf skel.tgz
chown -R vpopmail:vchkpw skel/
chmod -R 700 skel/
rm skel.tgz
cd /usr/local
ln -s /home/vpopmail /usr/local/vpopmail

Now setup vpopmail to run from daemontools.

cd /var/qmail/supervise
mkdir -m 1755 qmail-updater
mkdir -m 755 qmail-updater/log
mkdir /var/log/qmail/qmail-updater
cd qmail-updater/log
fetch http://www.xfiles.dk/content/files/freebsd-qmail/vpopmail-run
mv vpopmail-run run
chmod 755 run

Install the qmail-updater files.

cd /var/qmail/supervise/qmail-updater
fetch http://www.xfiles.dk/content/files/freebsd-qmail/pipe-watcher
fetch http://www.xfiles.dk/content/files/freebsd-qmail/update-qmail
fetch http://www.xfiles.dk/content/files/freebsd-qmail/update-qmail-service
mv update-qmail-service run
chmod 755 pipe-watcher update-qmail run

Next setup qmail-updater to run from daemontools.

ln -s /var/qmail/supervise/qmail-updater /service/

Check if qmail-updater is running.

svstat /service/qmail-updater /service/qmail-updater/log

You should get an output similar to the one below.

/service/qmail-updater:     up (pid 9495) 7 seconds
/service/qmail-updater/log: up (pid 9492) 7 seconds

Now we can install vpopmail.

cd /usr/ports/mail/vpopmail
make CONFIGURE_ARGS="--enable-logging=p --enable-onchange-script"
make WITH="ONCHANGE_SCRIPT" install clean

When you get the popup be sure that ONCHANGE_SCRIPT is checked then hit ok to install.

Invoke the onchange script.

cd ~vpopmail/etc
fetch http://www.xfiles.dk/content/files/freebsd-qmail/onchange
chown vpopmail:vchkpw ~vpopmail/etc/onchange
chmod 750 ~vpopmail/etc/onchange
chmod +x ~vpopmail/etc/onchange

Testing onchange

Open a Open a second session to your server and run the following command in order to monitor the onchange script behaviour.

tail -f /var/log/qmail/qmail-updater/current | tai64nlocal

In the other session add a domain. Check the other session to see if onchange catches the change. If it does we can continue.

cd ~vpopmail/bin
./vadddomain domain.com password

If onchange is working you should see an entry as below on your second session. And we can continue. If you are not getting this output I advise you to stop right here and start again from the "Installing Vpopmail With Onchange" section. Until it works as intended.

2017-04-05 12:19:32.443243500 Starting
2017-04-05 12:19:32.443246500 locals has changed
2017-04-05 12:19:32.443247500 Sending HUP to qmail-send
2017-04-05 12:58:55.676714500 virtualdomains has changed
2017-04-05 12:58:55.676715500 locals has changed
2017-04-05 12:58:55.676716500 Sending HUP to qmail-send

Setting Vpopmail permissions.

cd ~vpopmail/bin
chmod 6711 vchkpw
chown vpopmail:vchkpw vchkpw

Configuring Validrcptto.

cd /usr/ports/databases/cdb
make install clean

Next we need to install the CDB_File perl module. This in done through CPAN. So start up CPAN like this.

cpan

And from here we will install the CDB_File perl module.

install CDB_File

Once this is done quit cpan using the following command.

exit

Now we can setup validrcptto.

cd /usr/local/bin
fetch http://www.xfiles.dk/content/files/freebsd-qmail/mkvalidrcptto
chmod 755 mkvalidrcptto

Let's see if validrcptto works and can find the CDB module. Run the following command as a non-priviliged user.

perl -c /usr/local/bin/mkvalidrcptto

If everything is fine you should get an output like below.

/usr/local/bin/mkvalidrcptto syntax OK

Final test if you added a domain earlier validrcptto should be able to generate a list of every email address you have added.

mkvalidrcptto

You should see a listing of user(s) and domains similar listed like on the line below.

[email protected]
[email protected]

The ValidRCPTTO script consist of two parts one that reads the information like users and domains from the system. And the other part which is actually writing that information to the cdb file for use with qmail-smtp. In order for part 2 to work it needs an initial cdb file to write to. so let’s create that.

cd /var/qmail/control
mkvalidrcptto -c validrcptto.cdb

Installing Maildrop

cd /usr/ports/mail/maildrop
make install clean
ln -s /usr/local/bin/maildrop-deliverquota /usr/local/bin/deliverquota

When you get the popup be sure that AUTH_VCHKPW is checked then hit ok to install.

Disabling Sendmail

Now even after all these years using FreeBSD I still don’t have the slightest idea on how to uninstall and remove sendmail. I wonder if that is actually possible. But I know how to stop it from starting up and preventing sendmail from being used by other programs. So let’s do that, since we will be using qmail from now on.

killall sendmail
mv /usr/sbin/sendmail /usr/sbin/sendmail.old
chmod 0 /usr/sbin/sendmail.old
echo "sendmail_enable=NONE" >> /etc/rc.conf
echo "sendmail_submit_enable=NO" >> /etc/rc.conf
echo "sendmail_outbound_enable=NO" >> /etc/rc.conf
echo "sendmail_msp_queue_enable=NO" >> /etc/rc.conf
echo "NO_SENDMAIL=yes" >> /etc/make.conf
echo "NO_MAILWRAPPER=yes" >> /etc/make.conf
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail

If you are using periodic.conf disable clean-purgestat. Edit the file /etc/defaults/periodic.conf and find the following line.

daily_clean_hoststat_enable="YES"

And change it to "NO"

daily_clean_hoststat_enable="NO"

Final configuration

The last bit consists of a lot of supervising scripts that needs to be put in the right places. And a few control files that needs to be changed in order to reflect your system.

cd /root
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail.tar.gz
tar zxvfp qmail.tar.gz
rm qmail.tar.gz
cd qmail

There a 2 files that needs to be changed before we can proceed. The first file is the one called smtpd_run in that file find the following line and replace xx.xx.xx.xx with your machines IP address.

# options for tcpserver/sslserver
IP=xx.xx.xx.xx
PORT=25
SSL=0
SSL_CERT="$VQ/control/servercert.pem"
SMTP_CDB="/etc/tcp/smtp.cdb"
MAX=30
# these require the "tcpserver limits"

Next we need to change the pop3 greeting which we do in this file pop3d_run please change this regardless if you are going to enable the pop3 service or not.

#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
export PATH
exec tcpserver -H -R -v -c100 \
-x /etc/tcp/smtp.cdb \
0 110 \
qmail-popup domain.xyz \
/usr/home/vpopmail/bin/vchkpw qmail-pop3d Maildir 2>&1

Set up some necessary mail aliases. Replace “domain.xyz” with the domain you would like these email to go to. Please don't skip this part as things may not work as intended if you do so.

echo [email protected] > /var/qmail/alias/.qmail-root
echo [email protected] > /var/qmail/alias/.qmail-postmaster
echo [email protected] > /var/qmail/alias/.qmail-mailer-daemon

And finally run the script that puts everything in the right places.

./qmail.sh

Once done we can delete the qmail folder in /root

cd /root
rm -R qmail

"Starting Qmail"

qmailctl start

If everything is working as intended you should get an output similar like the one below.

Starting qmail Services

Starting qmail-send
Starting qmail-smtpd
Starting qmail-pop3d
Starting qmail-updater

We can check what is running by issuing the following command.

qmailctl stat

You should get a result like the one below.

/service/qmail-send: up (pid 2849) 32 seconds
/service/qmail-send/log: up (pid 2850) 32 seconds
/service/qmail-smtpd: up (pid 2854) 32 seconds
/service/qmail-smtpd/log: up (pid 2853) 32 seconds
/service/qmail-pop3d: up (pid 2851) 32 seconds
/service/qmail-pop3d/log: up (pid 2852) 32 seconds
/service/qmail-updater: up (pid 650) 1374 seconds
/service/qmail-updater/log: up (pid 651) 1374 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0

And we are done here.

Spell checkers don’t – Grammar checkers don’t either.