Qmail 1.03 Patch
Hello, first of all this patch needs to be updated so that SSLv3 is switched off. I did this by adding the following line of code in qmail-smtpd.c and qmail-remote.c.
Qmail is a mail transfer agent MTA that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular.
Qmail is discussed on the qmail mailing list. New versions are announced on the qmailannounce mailing list. The latest published qmail package is qmail-1.03.tar.gz.
- Russell Nelson Do you want to mirror qmail.org. Curious about the red bar or how the mirror manager works. Last modified: Thu Aug 20 :27 EDT 2015.
- Qmail francophone. Please note that this site is a reference for qmail users. It s not designed to be easy to use -- it s designed to be comprehensive.
Please note that this site is a reference for qmail users. It s
not designed to be easy to use -- it s designed to be comprehensive.
There are things in here which have sharp edges. If you re looking
for a tutorial site, visit Dave Sill s excellent Life With Qmail site.
qmail is a modern SMTP server which makes
by Dan Bernstein, who also has
is a secure package. You can download
netqmail 1.06 Redhat RPMs, and Debian. debs, HP-UX, Gentoo, and OpenBSD ports and redistribute qmail for
picture of how qmail is organized. You should read Life with qmail.
list and an announcements list
for qmail users, maintained by Dan Bernstein using qmail, of
course. There s also an archive.
It s also archived at The Aims Group, at Gossamer
Threads, and in Mailbox-format
archives. Charles Cazabon has written some guidelines for posting
to the list. There is also an FAQ, providing answers to frequently-asked
Dan s updated FAQ is also available in other file
A number of large Internet sites are using qmail: USA.net s
outgoing email, Address.com, Rediffmail.com, Colonize.com, Yahoo.
mail, Network Solutions, Verio, MessageLabs searching 100M
emails/week for malware, listserv.acsu.buffalo.edu a big listserv
hub, using qmail since 1996, Ohio State biggest US University,
Yahoo. Groups, Listbot, USWest.net Western US ISP, Telenordia,
gmx.de German ISP, NetZero free ISP, Critical Path email
outsourcing service w/ 15M mailboxes, PayPal/Confinity,
Hypermart.net, Casema, Pair Networks, Topica, MyNet.com.tr,
FSmail.net, Mycom.com, and vuurwerk.nl.
Henning Brauer, Peter Samuel, and Russell Nelson have put together a netqmail-1.06 distribution of qmail. It is
comprised of qmail-1.03 plus the recommended
patches and some documentation.
Commercial support is available for qmail.
Support is available on-site, by phone, or over the Internet.
Craftsperson, offers assessment, installation, support, training,
and documentation for qmail and related software, specializing in
low-maintenance, rock-solid anti-spam, anti-virus solutions for small-
and medium-size organizations.
customer-focused IT services company offering computer system, network, and security consulting and
systems integration. Based in Boston, MA, Saffron Solutions provides
open source software support to customers in the US and Canada.
in Hamburg, Germany provides support, installation and administration
services for qmail and open-source software in Germany and
Richards is a qmail solutions specialist: Straightforward support,
consultancy, maintenance and troubleshooting services for qmail and
and installation of new qmail-based systems - any size, any location.
offers high-quality services and support contracts at the lowest prices. We
offer support for Qmail, Webmail, Courier-Imap, djbdns, etc and a wide
variety of open-source software such as Apache, ProFTPD, Linux, FreeBSD,
source qmail addons, provides expert qmail support and installation
through his firm DRH Internet.
Call toll free at 866-374-4678; internationally 410-461-5316.
qmail support world-wide: remote access or at your location. Call toll
free in the U.S. at 866.528.3530, Internationally at 815.776.9465 or
via Voip at sip:support inter7.com
support for qmail in Canada, the USA and elsewhere over the Internet.
Qmail, Webmail AntiVirus, AntiSpam, and djbdns support. We also offer
high-availability, clustering, redundancy, load balancing layer 4
switching, round-robin dns and failover services for medium/large
ISP s. We also support migration from Windows/Unix platforms to any
Unix platform FreeBSD, OpenBSD, Linux, Solaris, others Call
range of qmail services, from consulting to shared qmail servers and dedicated
qmail servers. In addition to qmail support, BlackMesh provides a full range
of consulting and hosting--from shared to dedicated--services. 888.473.0854
Kong offers qmail based corporate email solutions for the Asian
region. Solutions include corporate email solutions,
anti-spam/anti-virus, high-volume servers, consultancy and system
Ross Cooney from Rozmic provide support for qmail to
European based organisations and ISP s. Rozmic also provide a managed
spam filtration service called EmailCloud which is built upon
Management offers consulting, installaton and adminstrative
services for qmail, djbdns and other software including help with
general server tasks to customers located in Germany and nearby
LinuxIS Consulting provides consulting,
installation, and support services for qmail, djbdns, and most other
DJB-ware and Open Source software. Accepts Visa, M/C, American Express and
provides contractual and by-the-hour support for qmail and other MTAs.
We have a great deal of expertise in qmail on Linux, FreeBSD, and
a href title Consulting, installation and
support for qmail - Excello Excello provides support for wide
range of qmail applications for SMB Enterprise customers in the
Germany and Czech republic. They also run excellent high performance
antispam and antivirus solution on qmail platform known as a href title Hosted antispam solution with
high volume mail server support for ISP s and Enterprise throughout
the world. They have published free qmail support tools. Also
specializing in Anti-Spam solutions, Integration, High Performance
Tuning. Located in Canada, 24/7 support contracts also available.
Consulting Group - Los Angeles based Qmail installation and
support. Support for spam filtering, large deployments, and 24/7
support. Support all unix platforms. Call toll free 888 595-9775.
User-Contributed Documentation
Documentation contributed by users
qmail manual pages converted to HTML as a
Michael Samuel collected some documentation for qmail. It is no
longer accessible and is not being maintained. Arjen van Drie has a mirror.
Paul Gregg has written instructions on how to configure qmail to
handle many mail users multiple email addresses with separate POP3
à qmail, an introduction to qmail for french speaking users.
Chris Johnson wrote something called The qmail newbie s
guide to relaying, which is supposed to answer most of the
relaying questions that come across the qmail list.
Adam D. McKenna has written a qmail HOWTO.
Dave Sill has written Life with qmail.
Erwin Hoffmann was supposed to give a German-language QMAIL
presentation at a congress of the German Unix User Group GUUG
However, the whole congress was canceled thus
the presentation is more or less virtual.
Dave Kitabjian has some diagnostic suggestions for various qmail
Philip Jacob wrote up some instructions on
using checkpoppasswd to create virtual users on virtual hosts,
accessing their mail via pop3.
Davide Giunchi has written an Italian qmail
HOWTO, this Italian language document explains how to install,
configure and run qmail. This isn t a translation of the English
qmail howto but is written from scratch.
qmail-howto. Steven Fettig has translated Chapters 1-4 into
Patrick contributes an xinetd configuration for qmail-pop3d.
Qmail-VmailMgr-Courier-SquirrelMail
installation guide, written by Konstantin Riabitsev.
Martin Östlund has written a Swedish
Rene Schleicher has written a qmail/vpopmail-Installation
Looking for information on how to
disclaimer to your outgoing email.
Rocchetti have written a HOWTO in Italian
describing a qmail installation on FreeBSD with POP3, IMAP, Mailing
list, Antivirus, Antispam support and webmail.
Michel Morelli is running an Italian-language
Paul Niewiadomski has translated
into Polish. Actually, he s Paweł Niewiadomski, but you need
an 8859-2 character set to properly render his name. I can t wait for
UTF-8 to be supported everywhere.
Marco Tizzoni has translated Life With Qmail
Mário Gamito has some Portuguese
Asfihani has written Installing
in Indonesian language. He also covers omail admin, courier-imap
Ciprian has three benchmark articles
comparing sendmail, qmail, and PostFix.
Andrew St. Jean describes his qmail
configuration and using qmail s null client, Courier IMAP, and
courier-imap under daemontools.
Frank Niedermann has written a
Jeffrey Clement wrote up a Debian HOWTO on
setting up qmail, Vmailmgr, CourierIMAP, SpamAssassin, and ezmlm.
Sylvestre Ledru wrote some bits on
installation instructions for qmail on Red Hat 9.
Authentication as part of my canceled Qmail Book which is
available in english language. Readers will find an updated version
of Krysztof Dabrowski s SMTP Auth patch which should cleanly interface
instructions for using qmail as a
Sumanth NS has a qmail UUCP how-to.
toaster. No, not to make crispy bread, but instead to put
together qmail, patches, and ancillary software into one installation.
Lukas Feiler has instructions for
with TLS and SMTP auth, Courier-IMAP/POP3, MySQL, Clam AV,
SpamAssassin - all with virtual domain support.
Mark Steele wrote up some notes
a Qmail front-end for M Exchange server
written an English/Italian HOWTO, which explains how to put together the latest versions
of netqmail, vpopmail, dovecot, roundcube webmail, spamassassin,
clamav, simscan and some and related software.
Author s Enhancement Software for qmail
Enhancements and additions to qmail by its author, Dan Bernstein.
package delivers mail from a Maildir to an SMTP server.
package makes ordinary Unix programs into TCP/IP servers and/or
clients. In particular its tcpserver program should be used with
qmail instead of inetd. This package now includes Dan s rblsmtpd package for blocking spam using the RBL.
Gerrit Pape has written man pages for ucspi-tcp-0.88,
to complement Dan s online HTML documentation.
Interestingly, William Baxter announced ucspi-ipc
and Bruce Guenter announced ucspi-unix within two days
of each other. Same idea, different implementations.
Bruce Guenter also has written ucspi-proxy. It passes
data back and forth between two connections set up by a UCSPI server
William Baxter wrote ucspi-ssl
which uses OpenSSL to encrypt connections.
has written an implementation of
UCSPI-TLS for qmail, which adds STARTTLS RFC 2487 support to
qmail-smtpd and STLS RFC 2595 support to qmail-pop3d while isolating
the encryption in a low-privilege process for security. You can get
patches for qmail, sslserver, and mailfront, along with a detailed
monitors, controls, and logs the execution and output of long-running
programs, often called daemons.
Tetsu Ushijima wrote qmail-conf,
which creates an appropriate set of files to use daemontools to start
analyzes qmail log files in various ways. Russ Allbery has written
which converts the tai64n that daemontools-0.63 produces into the
fractional seconds that qmailanalog expects. Peter Samuel has
implemented the same idea as a patch
to daemontools using Dan s coding style Jay Soffian also wrote
one substantially similar to Peter s. Finally hopefully John Levine
went ahead and fixed qmailanalog to accept
Georg Lehner has made qmailanalog
better integrated with multilog.
emulates sendmail s. forward file processing.
supports forwarding tables under qmail.
Mirko Zeibig has an RPM with fastforward
with a. qmail-default and a standard /etc/aliases-file in it.
package authenticates users using a generic interface. It is required
by qmail s included POP3 server.
Dan has a checklist for users converting from
Dan has written a reference manual for SMTP.
You can t find a more secure DNS server than djbdns. If you thought the DNS was hard
to understand, you re wrong. It s not the DNS that s difficult --
If you just want to publish information via the web or ftp and you
don t want to worry about security holes, consider using publicfile.
ezmlm-showctl prints out the ezmlm
configuration in a readable manner.
User-Contributed Software for Qmail
General software contributed by users and supporters of qmail.
Harald Hanche-Olsen has written some code to do dot-locking. Dot-locking is slightly unreliable, so
Dan doesn t support it in qmail.
Alves hacked on maildir.module-970707 until it worked mostly with
Mattias Larsson wrote a preliminary patch to IMAP4rev1
which lets it work with Maildirs. David Harris has improved that patch
to make a production quality UW-imap server with Maildir support.
And in his turn, Herbie has updated the Maildir patch for the latest UW IMAP server.
David Summers has a qmail-imap Linux RPM.
This is a version of the IMAP/POP server that works with QMAIL, using
Mattias s patches. The three differences are:
Mail is delivered and picked up from user/Mailbox
Mail can be delivered and picked up from user/Maildir/ see README.maildir
CRAM-MD5 authentication has been added to the IMAP server.
Sam Varshavchik wrote a Maildir-only IMAP server
Ali Lomonaco has a patch for finger so it knows to look in HOME
for a Mailbox. It was written for the finger from FreeBSD 2.2.2,
which is probably the standard BSD finger.
Giles Lean didn t like the idea of patching majordomo, so
following a suggestion from J.T. Conklin that he found in the list
archives he wrote a majordomo-inject
script and some documentation on how to use it. Needs Perl 5.004.
J. Mehl has thrown together a bourne shell script to automagically
necessary aliases for a majordomo list with digests in a Qmail
environment that uses Giles majordomo-inject.
UIUC s ph to redirect mail on her mail hub. She wrote a note on how
Russell Nelson s checkhomeownership script will report on
users who don t own their home directories or Maildirs. This is
important to run before starting up qmail, because sendmail doesn t
care a whit whether the user owns their home directory, but home
directory ownership is how qmail decides if the user exists or not.
If you have a mail hub, and you ve botched the home directory
ownership, the users will never be logging into it, so they won t
notice. And you won t notice either, until they run screaming to you
that they haven t gotten the important mail they wanted, and their
correspondent noted that the mail bounced.
scripts that work with maildir2smtp. Now uses APOP-style
Russell Nelson s newbox script to create new
maildrops for users who don t have login accounts on their mail server.
Chris Garrigues wrote a program to pretty-print
T. Wightman has written a delayed-mail
for people receiving. addresses via UUCP. It parses. addresses,
applies a number of simple pattern matching rules to convert them to
FQDN addresses and injects them into qmail.
to eliminate duplicate messages. It has
two modes of operation -- strict and loose. Strict only eliminates
perfect duplicates, whose only difference is in the Received: lines.
Loose eliminates duplicates that have identical From: Date:,
Peter Samuel has expanded on Russell s program and written a
duplicate eliminator that uses dbm hash file s instead of a text
file. It also has improved exception handling and provisions for sites
Allbery uses Majordomo with qmail. He has a FAQ on
David Harris has a system to only allow hosts who have authenticated via the
POP3 server to relay mail using qmail. This does not require
patching the POP or SMTP servers, but is implemented by two programs
which cleanly interface into the system, and can work with most any
Novotny wrote an alternative to Russell Nelson s Open-SMTP patch
for checkpassword. His code is a PAM
module which calls external program to log TCPREMOTEIP. It
requires a PAM-enabled checkpassword.
Mark Willcox wrote postpop, which
is a simpler SMTP after POP solution.
Beltrame has a tool to view the qmail
queue with colored display, view messages in it and delete
messages. It s very simple and written in Perl.
Jeremy Kister wrote a qmail-queue
Burdis has written several qmail programs,
including dotqmail2alias, alias2dot, deliver, and compactor/exploder
Eric Huss has released queue-fix
1.4. It repairs or generates a qmail queue structure. You can
use this to help move your queue location, or if you regenerate the
file system and the inode numbering changes. It will also fix
permissions and ownerships of the files. Eric reports that Matthew
Harrell wrote a patch to queue-fix
which makes it work with Russ Nelson s big-todo patch. Patches upon patches.
Harald Hanche-Olsen has a shell/awk/gnu-find script which renames a queue so that it has the right
filenames corresponding to inodes.
Charles Cazabon wrote queue_repair.
queue-repair is a qmail queue diagnostic and repair tool, written in
Python, and licensed under the GPL.
Jason van Zyl has a patch to the cyrus imap server so that it authenticates out of a
cdb the same hash format that users/assign uses instead of
kerberos or /etc/passwd. And he has a perl script that allow you to
enter users into the system and it takes care of updating the
users/assign file, and the cdb file that cyrus is using to
Bruce Guenter wrote qlogtools, a set of tools
useful in analyzing or producing logs from qmail and other packages.
Monte Mitzelfelt has a program which sorts a qmail
log analyzer tool called IsoQlog.
Bruce Guenter wrote his own implementation of the mini-qmail idea,
has a queue for more reliablity. It supports SMTP and QMQP, so it s a
drop-in replacement for qmail-qmqpc.
Eric Hess needed longer timeouts
for qmqpc. The timeouts are hard coded in qmail-qmqpc. They
tend to be on the low side 10 seconds to connect, 60 seconds to
read/write. He uses some automated systems with qmqp and sometimes
the servers are overloaded and can t respond in that timeframe.
Jay Austad has his qmqpc rotating the server list by a random
amount. This distributes the load over multiple qmqp servers.
There are a number of web interfaces for reading mailboxes:
horde.org s IMP. Requires PHP and an IMAP/POP3 server.
Twig. No frames, no javascript.
is a simple Webmail solution for mail servers based on qmail and
optionally vmailmgr. This a GPL project, maintained by Olivier Müller. The mails are read
directly from Maildirs on the harddisk, which is much quicker than
using protocols like POP3 or IMAP. Other features includes multiple
language support currently English, French, German and Italian,
folders and addressbook support. oMail is programmed in
Perl. Developers and translators are welcome to subscribe to the devel mailing
system for perl qmail vpopmail mysql.
Webmail client for qmail supporting POP3/IMAP accounts. Streamlined
interface supporting Ajax and multiple Webmail templates and themes.
VisualOffice supports Maildir.
Several autoresponders are available:
Vyacheslav Ignatyuk wrote an alpha version of a qmail
manager module for webmin. It s a first alpha version,
Peter Green has some code to Archive and process log files
generated by qmail-send and qmail-smtpd.
William E. Baxter has released qtools, a
suite of utilities for use in. qmail files. The tools support
applying a filter to a message body, message head, or entire message;
conditional delivery of a message to a Maildir; and configuration of
Sam Varshavchik has a local delivery agent called Maildrop that has
a custom filtering language more readable than procmail s.
Russell Nelson has a program called no-alternative, which picks the text/plain
part out of a MIME multipart/alternative message, and forwards it to
Bodin have conspired to write some scripts and documentation to throw
Inter7 has their own MRTG configuration
Chris Dent wrote Qmail::Queue.pm.
Web-administration solution for mail servers based on Dan
Bernstein s qmail and Bruce Guenter s vmailmgr.
Dru Nelson has an incoming message
administrator s program to remove
queued mail that has a certain string in it.
LinuxMagic has written qmail-remove
to remove emails from the queue. If they match a string, they are
moved to a temporary directory.
Mail2DB -- Store incoming mail
in a PostgreSQL database. Mail2DB is suitable
for putting in a. qmail/.forward file and will archive e-mail to a SQL
database. Currently, there is only the storage component. This was
written because somone on a LUG list expressed interest in such a
system, but he only knew PHP which isn t an ideal language for
calling from a. qmail file ;-. Hopefully a user interface will be
Russ Nelson has a qmtpd tarball for people using
0.70 or later daemontools with qmail.
Just drop it into your /service directory, and five seconds later,
you re running qmtpd. Don t forget to set your lowest MX priority to
12801, or all your deliveries will occur using SMTP. This is a
companion to his qmail-remote patch.
application that allow your client to administer the pop accounts in
his domain, easily and with security, without the need to contact
Alex Kramarov has created qmail-print-queue to print
the qmail queue contents - it runs on all messages and displayes
the from:, to: and date: headers; can also dump the full header of the
message if ran with -h switch if mess822 is properly installed. It
is useful in conjunction with monitoring tools like qmail-mrtg and
Andrew Richards has written a set of tools for
managing multiple virtual domains using hashing to distribute maildirs called
checker, useful if you use the mutt MUA and procmail to filter
incoming mail to Maildirs, since there isn t a built in mechanism for
qmail-qsanity-0.52 checks your
queue data structures for internal consistency. If it finds any
problems, it prints a warning to stderr. Plans are to change it to
generate shell commands which will correct the problems.
checks your qmail configuration for common problems. Prints warning
Davide Giunchi wrote qmail-masq uerade.
It will masquerade the internal address with an external one when
sending email from local network users to the external internet users.
Todd A. Jacobs has a program to
Wolfgang Pichler wanted graphs
from logs, so he wrote qmailalizer.
Bruce Guenter wrote mailfront, a package
containing customizeable network front-ends for mail servers;
specifically SMTP and POP3. Supports SMTP auth and POP3 AUTH
Mark Delany wrote set_supplementary_groups, which
lets you gain group permissions for the groups you are in in
/etc/group. In particularly mailman requires this.
Anti-Spam/Valid User checking program, magic-smtpd, a
drop-in replacement for qmail-smtpd over to opensource. Features
checking for Valid Users, Spam conditions, and smtpd RCPT-TO rate
limiting, all at the smtpd level to reduce server loads before it hits
the queue. Supports stock qmail, qmail/vpopmail, and LinuxMagic
invoked just like qmail-pop3d so it fits in smoothely in a vanilla
qmail system. Works fine with vhkpwd or any checkpassword-compatible
program for the control of qmail.
Erwin Hoffmann wrote Newanalyse, helping the
sysadmin in processing multilog logfiles.
Erwin Hoffmann wrote QMVC - Qmail Mail and
Virus Control is an unidirectional Mail Filter and Virus Scanner
for Qmail. It runs from your. qmail file.
Ian Stewart wrote qmail-logfilter,
which discards the DATA phase of an smtp session.
N. Ersen Siseci wrote Zabit, a C-language qmail
qmail-queue replacement to filter mail traffic and more. It
supports body filtering, subject filtering, attachment filtering,
quarantine, white/black list, single line logging for qmail and many
Russ Nelson wrote qmail-dk, which is a qmail-queue
replacement that signs and verifies DomainKeys signatures. Building on Gentoo
Sorrawut Korsuwansiri wrote qmail-track,
which he uses to locate all the logfile records associated with a
particular pair of email addresses.
Inter7 has updated simscan, a qmail-queue
replacement to reject unwanted email. Simscan is a simple program
that enables qmail-smtpd to reject viruses, spam, and block
attachments during the SMTP conversation so the email never makes it
into your computers. It is completely open source and uses other open
source components. Very efficient and written in C.
Dovecot is an open source IMAP and
POP3 server for Linux/UNIX-like systems, written with security
It prints info about the messages in the qmail queue sorted per GID.
He uses it to quickly see if any user sends excessive amounts of
mail/spam and fills the queue.
Skaarup has written a package for
analyzing logfiles for a lot of
Folkert van Heusden wrote multitail, which
monitors multiple logfiles. MultiTail lets you view one or
multiple files like the original tail program. The difference is that
it creates multiple windows on your console with ncurses.
messages using domainkeys after verh has
modified the message, so he added code to qmail-remote to re sign the
which writes email directly into a user s Maildir.
from IMail Server to qmail/vpopmail.
User-Contributed Maildir Support
Maildir-specific software contributed by qmail users. Maildir is a
lock-free mailbox standard which is reliable over NFS.
Mosley has a program which loops on
maildir2mbox so that programs like Elm can continue to receive
mail without needing to exit and reenter. Relies on Ivan Kohler s mbox2maildir.
Kohler has a mbox2maildir program.
Gets its parameters fron the MAIL and MAILDIR environment variables.
script will create Maildirs for all users who receive mail and will
convert their /var/spool/mail mbox-format mailboxes into messages in a
Maildir. Stuart Bain has improved it so it will convert UW-IMAP mboxes into Courier-IMAP
above convert-and-create script to convert a
single user. Gets its parameters from the command line.
Valerio Granato has also done a convert-and-create variation.
Todd Underwood has written Yet Another Mailbox to Mailbox Converter.
The ultimate mbox2maildir has not yet been invented.
However, Robin Whittle has created another mbox2maildir.
This one can do entire directories of mboxes.
Matthew C. Mead has a from program that
prints a summary of mail in a maildir waiting to be read.
Allbery has his own maildir summary
program. Same idea as Matt s but a slightly different philosophy.
that has native support for Maildirs.
Mikko Hänninen has a patch to Mutt which converts GMT dates in the
Bloodhounds International wrote maildir patches for the c-client library now
distributed by Adam McKenna, which is used by Pine and IMAP2. Dean
Gaudet has a patch to it that lets you work with multiple inboxes.
Ragnar Kjørstad has adjusted the maildir patches for pine 4.00 to
And similarly Jozef Hitzinger and Adam
4.58, including Dean Gaudet s maildir-1billion fix
GPL ed MUA, called Mew and IM support
qmail s Maildir. Mew is interface for Emacs/XEmacs. IM is perl
scripts for process mail like MH.
Gregg has a script which runs from a. qmail file that checks a
Maildir for a quota clearly only effective on a userless mailhub.
The script is called mailquotacheck.
Jeff Hayward has a patch to qmail-local which arguably belongs
down below in the patches section except that Paul Gregg s quota check
was already here which treats quota
exceeded as a permanent error, bouncing the message back to the
There are various xbiff X mail notifiers solutions for maildirs:
comment at the top of the script explains why this one is better.
A text-only biff by David Gerber.
The Clarkson University Unix Team has an xbiff and from.
Tetsu Ushijima has a program called maildirdeliver,
which writes a new message into a Maildir. Most of the code is
essentially just stolen from qmail-local.c.
Len Budney wrote a little C program
which implements DJB s maildir algorithm to copy stdin to a file in a
maildir. When exit codes are checked, as by qmail-local or fetchmail
with -w option, it should be as reliable as qmail s own maildir
delivery which heavily influenced the safecat.
Jonathan Kamens has written a replacement for the Emacs movemail program, which understands how to read
mail from a qmail-style maildir.
procmail-3.15 includes support of the maildir format with no
patch. All you need to do is to add a slash to the mail folder names.
Michael Elkins has a tool to synchronize a maildir with a
support in its appendfile transport. Not exactly new news,
Gnus has had native maildir support
since version 5.8. Also see nnmaildir.
directories and moves email directly from
an LDIF file. It also creates the user s public_html directory
which can be used in conjunction with mod_ldap_userdir.
Nikola Vladov wrote a mbox2maildir in C.
Tim Deegan has an RFC1339 remote mail
check daemon that works with Maildir mailboxes.
Jorge Ventura wrote a qextra2mdir. It
takes the extra copy created by FAQ 8.2 and inserts it into a Maildir.
Antonio Casado Rodríguez created
EZ Mailing List Manager EZMLM is a mailing list manager which allows
users to create their own mailing lists with a single command.
B. Ringel have written an ezmlm
FAQ. In addition, Fred L. has also written in his copious free
manual for both list owners and users.
Lindberg has an add-on to ezmlm-0.53
called ezmlm-idx. It gives you headers, trailers, threaded digests,
multi-message get, thread retrieval in MIME multipart/digest with
headers filtered to make the digest rfc1153-like default. It also
has all aspects of message moderation, subscription moderation, and
remote administration of subscriber addresses.
latest author of code to ensure that an ezmlm
list splitter. It forwards subscribe/unsubscribe requests from a
main list to one of a set of sublists based on the target address
hash or domain name. This way, the list can be split into a number
of hosts for load splitting or geographic splitting without
inconveniencing the user who always deals with the main list.
Özgür Kesim has a ezmlm HOWTO for
subscribe/unsubscribe interface to ezmlm.
Michael Hirohama wrote Ezmlm-Thresh, which
allows EZMLM mailing list messages to be limited to a threshold per
interface to ezmlm called ezmlm-web, currently at
2.1. It has improvements over Glen Stewart s version.
Glen Stewart has improved on Guy Antony Halse s EZmlm-Web 1.02.
He s calling his version EZmlm-Web
v1.0.2gs1.2. The gs1.2 version suffix modifications are fairly
extensive and done by Glen Stewart. Some of the most notable changes in this release include:
list owner logon screen password
ListMaster access/control from filtered, configurable IP addresses
Only the ListMaster can create and delete lists
skeleton support for WebGlimpse indexing of selected list archives
spam filter option for list owner addresses
tooltip help for all list configuration settings
case-insensitive list and subscriber address sorting
list owner can change their owner address
configuration tour help for list owners
many other fixes and enhancements
Sergiusz Pawlowicz wrote ezmlm-cgi-py, a
more approachable i.e. Python, not djb-C version of the Freds
Living with Qmail - Tips Advice
Some good advice for new qmail users, contributed by qmail users.
Did you restart qmail. I find that to be a help for a lot of
qmail problems. :- John Mitchell
You should also check the permissions very carefully on all of
the necessary directories and files. John Mitchell
You must also put the virtual domain into
control/rcpthosts or the mailer will bounce the message
with a notice saying that the host wasn t in rcpthosts. John Mitchell
Of course, you must also be the MX for the virtual hosts. I had
a problem in my setup that was driving me nuts until I realized that
my DNS provider had missed an MX update request. John Mitchell
Check all lines in sendmail.cf beginning with M. Any that
contain P IPC or P TCP should also have
You might want to limit posting to mailing lists.
The right-hand-side of entries in
control/virtualdomains should begin with a username. If
you don t use a username, the mail will be handled by alias. But if
you forget, and create a user by that name, then the mail will
suddenly be handled by the user, which is probably not what you
intended to happen. Best to use, in this case, alias as
the username and avoid trouble. Russ Nelson
remember to add preline before
procmail or other filters when moving. forward to. qmail. Ira Abramov
utility, remember that preline expects to pipe the entire
mail message through the specified program. If the specified
program closes standard input before preline has finished, preline
will exit with a transient failure and you ll see the following
deferral: preline:_fatal:_unable_to_copy_input:_broken_pipe/
You ll see this problem if you try to use the sendmail version of
vacation. Use Peter s vacation program
Run qmail from an init.d script Larry Doolittle
You can usually create control/rcpthosts from
sed s/. // virtualdomains cat - locals sort
Sometimes you need to use a database to
forward mail. Create alias/.qmail-default like this:
echo Sorry, no mailbox here by that name 5.1.1 ;
That all goes on one line. Fill in the X part with a program
that looks up the user, and exits with zero and prints the destination
address, or else exits nonzero if no match is found. By the way, the
X program probably should ignore case. For NIS, you would replace the
X in the above command with: ypmatch LOCAL aliases.
Similarly, you could also use a simple linear search text file
named mapping containing lines in the form
if MAP grep -i LOCAL: mapping T echo MAP awk -F: print 2 ;
else echo Sorry, no mailbox here by that name 5.1.1 ;
Anything you print from a program run by a. qmail file ends up in
You can do a reasonable imitation of sendmail delivery, including
.forward and /var/spool/mail, with
exec qmail-start dot-forward. forward
preline -f /bin/mail -f SENDER -d USER splogger qmail
depending on your system s binmail interface. Of course, I recommend
throwing binmail away, but people who need to preserve /var/spool/mail
should still be able to use qmail.
If you want to have private. qmail files which only work on local
mail e.g. a fax gateway, you can put the following test at the
beginning of it all on one line :
if -n sed -n -e /invoked from network/p -e 2q ; then exit 100; else exit 0; fi
That is, peek at the headers, if the message came from the network, bounce
it, otherwise forward it along.
J. Bernstein has three suggestions for allowing your users to
relay when they re not at a known IP address which is the FAQ 5.4 solution :
Use a secret IP address and port number, and you ll have much
better security than user-chosen passwords.
Put a secret string into the HELO string sent by the client. This
will be visible to the fixup script, so you can reject messages with bad
passwords without changing qmail-smtpd---and it s still more widely
Oh, you want real security. Check that all messages are PGP-signed by local users. I wouldn t be
surprised if PGP plugins are available for more clients than XTND XMIT
Buddhdev wrote turnmail, modified by
Russell Nelson for publication here, which wraps around qmail-pop3d
and triggers a serialmail delivery to the connecting host whose user
just authenticated themselves. Or, a Unix system can use fetchmail,
Dan Bernstein suggested that one might give ordinary users access
to qmail-qread through ucspi. Steinar
Haug implemented that suggestion thusly with a client that looks
exec /local/etc/tcpclient -RHl0 -- 127.0.0.1 20025 sh -c exec cat
and he starts the server like this:
tcpserver -u126 -g120 -R 127.0.0.1 20025 /var/qmail/bin/qmail-qread
The default delivery instructions, which are invoked when a. qmail
file is nonexistent or empty, are found in the first parameter of
qmail-start. That s why the install instructions tell you to touch
.qmail-root. qmail-mailer-daemon and. qmail-postmaster.
Buddhdev recommends pullmail, which is a
Windows NT program that pulls mail from a POP3 server, and stuffs it
Delany modifies FAQ 2.3 so he can use the same. qmail file for multiple UUCP sites:
Here is our. qmail-uucpfqdn-default file all on one line
preline -df /usr/bin/uux - -r -gC -a SENDER
echo EXT cut -f2 -d-. rmail EXT3 HOST
And here is a sample virtualdomains entry:
some.domain:uucpfqdn-uuhostname
Dan Bernstein noted that qmail will skip dns queries for incoming
mail with tcpserver -Hl your.host.name; and you can skip
them for outgoing mail with control/smtproutes.
Harald Hanche-Olsen has a solution to the problem of mail that has
wrongly been queued for a remote host because, say, you didn t have a
host in your locals or virtualdomains :
echo tcn.net: 127.0.0.1 /var/qmail/control/smtproutes
Now send qmail-send an ALRM signal.
for UnixWare 2.1.x and 7.0.x, which is not currently supported by
By the way.. the patch above opens up the option of sending mail
to root if you want this then just copy the right files into your
qmail source directory if you don t go into conf-unusual.h and
comment out line 25 that says define ALLOW_ROOT_MAIL 1.
Probably a good idea to comment it out -russ.
Daniel J. Bernstein suggests that if you have buggy clients that
send bare LFs, and you want to treat their messages the same way
sendmail does, you can simply run his fixcrio program instead
of qmail-smtpd for your outgoing mail relay. fixcrio then takes
qmail-smtpd as argument. fixcrio is part of the ucspi-tcp package.
Nagy likes to watch logs in a virtual terminal /dev/tty8. He uses
tee accustamp tailocal /dev/tty8 accustamp cyclog
The extra accustamp seems to be needed to make it work with bash.
Frederik Vermeulen says: If you don t want a specific
undeliverable mail to sit in the queue any longer, you can make it
reach the queuelifetime by running touch -d 1 week ago
on its queue/info file. It will then be bounced after one
Russ Nelson has used qmail-local to deliver to a dynamic Mailbox
or Maildir name. He does it like this:
qmail-local USER HOME LOCAL nodeliver HOST SENDER /path/to/users/maildir/here/
Harald Hanche-Olsen warns people to beware when patching Solaris
machines, because at least one patch restores the
/etc/rc..d/ SK. .sendmail symlink. You might want to remove files
matching that name in your startup scripts.
Vern Hart doesn t like a pile of. qmail files in his home
directory. So he uses users/assign to put them into a subdirectory:
This puts. qmail in his home directory but everything
else is in. qmails/. This changes /.qmail-foo to
/.qmails/foo and really cleans up his home.
Jim Simmons points out that you can stop linuxconf from creating a
potential security hole by removing the /usr/sbin/sendmail line from
/usr/lib/linuxconf/redhat/perm. If you don t do this, linuxconf will
change /var/qmail/bin/sendmail to running suid.
Dag Wieers wants to see all messages that are delivered to his
domain but were bounced because the user or alias does not exist. Since
you cannot forward and pipe in the same dot-qmail he found the following
solution to be his most simple option. qmail-default:
forward dag mind.be /dev/null 2 1
echo Sorry, no mailbox here by that name. 5.1.1 ; exit 100
This way someone can simply check those mails regularly and forward them
to the right person manually which sometimes saves time when people are
you have two services running smtpd, one using recordio and the
other not. He says that it s a great diagnostic tool. Create
/service/qmail-smtpd as you would normally. Create
/service/qmail-smtpd-recordio as a copy with recordio inserted, and
logging to a separate space be sure to chmod this logdir tight
because recordio records complete emails. Create
/service/qmail-smtpd-recordio/down. The switchover is then simply:
svc -u /service/qmail-smtpd-recordio ; svc -d /var/service/qmail-smtpd
Han Boetes blocks sites with no
reverse dns. He uses the following tcp.smtp file. The only thing
I would do differently is to set RBLSMTPD instead of just denying the
Japheth Cleaver has a simple solution for stunnel. using a
multilog has filtering capabilities, see
place you can select what bits of the output to write. For example:
multilog t - - 5 /var/log/qmail/smtpd-err
will do the normal logging to /var/log/qmail/smtpd, and will
record 5xx errors sent by your server to the client in
Qmail-popup redirects stderr to
stdout, thus making it impossible to write a wrapper around
qmail-pop3d which writes to the logfile by writing to stderr. Being a
little cleverer with the shell, you can also redirect FD 7 onto stdout
/var/qmail/bin/qmail-pop3d-wrapper.sh /var/qmail/bin/qmail-pop3d Maildir 2 1 7 1
Once you ve done that, qmail-pop3d-wrapper.sh can log to FD 7, like this:
echo qmail-pop3d: user USER logged in from TCPREMOTEIP: TCPREMOTEPORT 7
Alex Greg likes to see the output
of svstat expressed in dhms instead of seconds.
one-line fix to the errno compilation problem. It works for most DJB
cat error.h sed -es/ extern int errno ;/ include / error.h
Or, djb suggests that you edit conf-cc to read:
cc -O2 -include /usr/include/errno.h
Russ Nelson suggests a method for
stopping qmail reliably. When you need to stop qmail to do
setlock /service/qmail/supervise/lock sh -c
Alternative Checkpassword Implementations
qmail-popup and qmail-pop3d are glued together by a program called
checkpassword. It s run by qmail-popup, reads the username and
password handed to the POP3 daemon, looks them up in /etc/passwd,
verifies them, switches to the username/home directory, and runs
pop3d. At least that s what the standard one does.
Some alternatives are listed below.
Delany has a clever way to test your checkpassword with a bit of
command line re-direction. For example, with username
printf s 0 s 0 s 0 fred bloggs Y123456 /bin/checkpassword id 3
will execute /bin/id if the password is right.
If you haven t a printf then enter the data into a file with your
favourite binary editor, such as emacs, and then it s simply:
perl -e printf s 0 s 0Y123456 0, fred, bloggs
Or use qmail-popup and use the user and pass commands:
/var/qmail/bin/qmail-popup /bin/checkpassword id
Jedi/Sector One has a checklocalpwd.c
that checks a configuration file in addition to the users mentioned in
Jos Backus has a mkpoppass/chkpoppass pair. It uses an
alternate username/password file and is written in perl.
Guenter has a virtual domain mail manager package called vmailmgr. It s designed to manage
multiple domains of mail addresses and mailboxes on a single host.
Co-operates with qmail for mail delivery and program control. Has
corresponding add/deluser and change-passwd commands, and CGI scripts.
Knows about shadow and MD5-encrypted passwords. Uses CDBs for the
virtual domain tables. Supports IMAP via an authentication module for
Russell Nelson s pop-subaddr patch allows multiple maildirs per POP3
user, all of them authenticated with the same password.
Alexey Mahotkin rewrote checkpassword-pam
requires a PAM-enabled checkpassword or any POP3/IMAP system that uses
Guenter has yet another SMTP relay control
package. It uses a setuid program called from checkpassword to avoid
patching checkpassword. Strictly speaking, it s not a patch, but it s
here so people can find it along with the others.
Johnson EI39-1 wrote a virtual domains package with the
following features. Inter7 is now maintaining the current version,
Dynamic delivery - no need to have dozens of. qmail files all over the place. Just a single. qmail-default handles all the deliveries
Shadow password support - something that seemed to be lacking in the other programs
Only takes up 1 entry in /etc/passwd - everything runs under a single UID/GID
Decent documentation - actually, some docs I ve come across for this are pretty good, but I had a bugger of a
time getting the things working probably cos I m using shadow d passwords on my own Linux box.
Delivers direct to a Maildir for use with qmail-pop3d
Ken Jones has a program for administration of virtual domains
using the vchkpw program. It handles pop acccounts, aliases, forwards,
autorepsonder and ezmlm mailing list.
Justin Hopper has a quota implementation for
Simitzis has XTND XMIT mods for
qmail-pop3d that also incorporate some patches found on this site.
André Oppermann has patches to do user lookup deliver and
retrieval via qmail-pop3 using LDAP. Cristiano Venturini has a site
Pedro Melo has a patch to checkpassword-0.81 which uses a CDB file.
version of checkpassword that authenticates users from a cdb
database. It includes perl scripts to maintain the user database file.
security lapse in checkpw, which gets its password from a file in
the user s home directory, and allows both POP
and APOP authentication. Magnus Bodin has a copy if that site happens to
Matthias Andree has a patch to Dan s checkpassword
that allows checkpasswd to use an arbitrary base
directory for finding Maildirs
Sweetland has added Postgres support to his checkpassword and
qmail-getpw replacements. He calls the package sql-xpw. These differ from
Takeshi s code because his is a patch to qmail and this code is not.
checkpassword which authenticates using an NT domain. It is derived from
Andrew Richards has a checkpassword
for Radius, written in C. It s based around Dan s
checkpassword, and uses the Radius client library from FreeBSD, as
well as MD5, since that s how Radius encodes its data.
Larry M. Smith has a vanilla checkpassword.pl.
Piotr Swebodzinski has a checkpassword for tru64 Unix.
for using checkpassword w/ Courier-IMAP.
that wraps around Courier-IMAP s authentication for use by
Andreas Aardal Hanssen has a way
checkpasswords and authenticate against one, and if that
fails, then the other. If none succeed, it returns failure.
checkpassword which authenticates via a pop3 connection.
While this may seem counter-productive, you can use it for smtp-auth
where the smtp server does not have direct access to the user database.
checkpassword that authentifies against a PHPNuke users database. This allows
administrators of these kind of portals to automatize the creation of
pop3 accounts in their system.
allows users to to check and change their passwords using Courier
authentication modules. It can optionally read authentication tokens
from stdin and send logging information to syslog or stderr.
authenticates using a Squid auth helper program.
against a CDB file and works for SMTP-AUTH as well as for Courier
Thomas Mangin s qmail-ldap-multi-auth
patch allows you to run a mix of qmail-ldap and vmailmgr domains on
manage accounts of QMail Ldap Server written in Python command line
Still need something more from qmail. The chances are good that you
can find it here, contributed by users and supporters of qmail.
Paul Fox has created a getpwnam patch for qmail
which causes it to use getpwname to get the uids of its usernames.
condredirect. It allows condredirect to handle the case where the
child has a permanent delivery error -- for example, when the program
condredirect is asked to run doesn t exist.
to date822fmt.c which causes it to emit dates in the local
Chuck Foster implemented code which Bill Nugent updated it to qmail
1.03 to bind the local address for smtp
client sessions to an address which is mapped using the remote address
as a key. This can be useful to bypass a firewall, or if you ve got
split routing, or if you have a better non-publicized route to the
program lets you create bulletins which get added to a user s
mailbox as they log in. Equivalent to an all-customers mailing list,
but takes up much less resources, and lets you withdraw bulletins.
RPM which automatically applies a number of patches found here and
which comes with some scripts.
patches, one to cause qmail-smtpd to log its disposition of mail,
and another to convince qmail-remote to use a fixed IP address other
than the one you get without binding to an address. Andy Repton has
ported the fixed IP address patch to
qmail 1.03. Damir Cifer has better instructions for his port.
Chuck Foster originally wrote a patch for tcpcontrol. That
functionality got subsumed into tcpserver. John Levine has updated it
deny services based on domain names instead of IP addresses.
distinguish between no PTR and wrong PTR DNS records.
deny service to hosts whose forward and reverse DNS do not agree.
Christopher K. Davis has a patch to accept oversize DNS
packets which works on both qmail s dns.c and tcpserver s dns.c.
If you don t want to patch qmail, you can ameliorate the problem
returns only the records you ask for, making for a smaller ANSWER
Guenter has a patch which causes qmail programs to get
their userids, not compiled in via auto_uids.c, but instead by
looking at files in /var/qmail/owners.
Guenter has RPMs of daemontools.
Bruce Guenter wrote supervise-scripts,
to help him start and stop supervise-managed programs in a more
Nick Leverton wrote a patch to qmail-send to cause it to suspend remote
delivery without needing to restart qmail.
Ximenes Zalteca improved Dave s patch so that broken
versions of Eudora which emit a
CAPA command can still work with qmail s POP3 server.
Fred Lindberg has a patch which causes qmail-send to preserving
the MIME-ness when bouncing MIME
messages. It requires and includes a patch to ezmlm, since it
Jose Luis Painceira s patch deletes the body on big
bouncing messages. It s based on Fred Lindberg s patch see
previous item. Note that if you use ezmlm, you may need Fred s patch
for ezmlm-return, which is not included here.
Klaus-Uwe R. Ittner wrote a patch to make serialmail enclose the
message as a MIME part, in analogy with qmail-mime.tar.gz. Useful
for all those unfortunate people who use character sets other than
us-ascii and want to be able to decipher what bounced.
patch. This allows substitution of the recipient local/host parts
into the message. Useful for inserting a customized mailto: URL for
list-unsubscribe into the body of the message. Bernhard Graf has a fix for input
user/password based authentication
mechanism for qmail-smtpd. This lets your microsoft s outlook express
supports outgoing mail server user name and netscape 4.5 and
above-betas users securely roam. Users can use a slightly modified
version of their own checkpassword.c program as outlined in my own vchkpw.c that I use.
Also, two very simple perl scripts to perform pop3-based
Krzysztof Dabrowski has made some improvements to
Mrs. Brisby s SMTP-AUTH, to let it work with CRAM-MD5
restrictions on top of Krzysztof s SMTP-AUTH patch.
Yet Another qmail SMTP AUTH Patch.
Frederik Vermeulen has written a
starttls in qmail qmail-smtpd as server, qmail-remote as
client. This means you can get SSL or TLS encrypted and
authenticated SMTP between the MTAs and between MTA and an MUA
Oliver Hitz wrote a small tool to
SMTP-AUTH CRAM-MD5 authentication.
Petri Kaukasoina wrote a little shared library which should help
on Linux. Linux does not automagically fsync metadata
information necessary tomake a file appear in the filesystem. It
only fsyncs metadata when the the directory is fsynced.
Bruce Guenter s syncdir gives qmail bsd
fsync semantics on a Linux filesystem.
Scott Moorhouse rewrote a patch which someone had written earlier
and which I failed to publish here to work around a Netscape bug, the
symptoms of which are that it does not know how big a message is, so
Frank DENIS wrote a patch to truncate bounce
copy, by author s request, on the off chance that the user may
have kept a copy of the email.
takeshi SoftAgency.co.jp wrote MySQL
QMAIL, including qmail-getpw-mysql and checkpassword-mysql, to
look up users in a mysql database. Iain Patterson has
Michael Devogelaere s qmail-sql now includes ODBC support.
The prolific Bruce Guenter has written qmail-qfilter, which is
a front end for qmail-queue that can send the body of the message
through one or more filters, such as qmail-inject or new-inject.
Matthias Andree has a patch to allow qmail s sendmail wrapper to ignore the -N dsn
option that sendmail has, for compatibility with MUAs that use the
changes to qmail-remote to send using
QMTP. If you wish to receive mail via qmtp, run qmtpd.
Gerrit Pape has Debian packages.
Klaus Reimer has code to change
messages. Note that this has the potential to break QSBMF.
Scott Woods has qmail running on
to make it run on UNICOS, but it s running.
patch is available. This solves the problem seen when a host
has more IP addresses than it knows about. This happens in particular
when you have an IP masquerading load balancer in front of a host.
Mark Delaney noted that he was getting spam with a
null envelope sender. That by itself is insufficient reason to reject
the email. However, when the spam has multiple envelope recipients,
it cannot be a bounce message. So, Charles
Cazabon wrote a patch to enforce single
patch, which solves the silly qmail syndrome. That s where
qmail spends more time processing incoming email than scheduling
deliveries. You can get it with big-todo integrated as
Dr. Erwin Hoffmann has written
client patch alternate location so it works with multiple users. This is of most
use for a desktop qmail installation which needs to relay mail through
a server that requires authentication. The original
author was Jay Soffian documentation,
person to touch that patch was Robert
Giacomo Cariello used to have
Adrian Ho has increased qmail-remote s compliance with
RFC2821. Some smtp servers are now emitting 5XX responses from the
get-go, and mere RFC821 behavior doesn t deal well with them.
James Raftery wants the canonicalized hostname in
the logfile, so he can see the real envelope recipients of
messages after host name canonicalization. If you send a mail to me
at lecter www.redbroock.dcu.ie, your logs will show to remote
lecter www.redbrook.dcu.ie but qmail-remote will actually use
lecter prodigy.redbrook.dcu.ie in the RCPT TO command.
Miguel Beccari has QmailToaster RPM
packages. Features: Mail Server pop3, pop3-ssl, imap4, imap-ssl,
smtp, smtp-ssl, Web Administration Tools vpopmail, vqadmin, Web
Mail Client horde, Mailing lists ezmlm, Autoresponder, Antispam.
authentication support to serialsmtp..
Jan Knepper has a qmail virtual
outgoing IP address patch, based on IP adddress.
IP address patch, but his uses a control file to do the
Will Harris has a patch to make
1870 compliant, i.e. to support the ESMTP SIZE command. Erwin
Andreas Mueller has compiled qmail for HP-UX.
J. de Boyne Pollard suggests that
the bodge that works around a BIND version 4 problem
-f emulation doesn t set the default for the username as sendmail
Insist that your local users use
Balazs Nagy has a concurrent IP
connection limiter for ucspi-tcp. Tomislav Randjic has ported
Joshua Megerman wrote a patch to
per-IP connection limiting in qmail-send and qmail-remote.
Matthew Trout checks SMTP clients
relays before he will accept email from them.
John R Levine has written a SMTP AUTH
patch for ofmipd in mess822-0.58.
Various people have created patches centered around the SMTP
conversation s MAIL FROM: and RCPT TO: verbs.
Frederik Vermeulen got tired of
his users sending oversize attachments, so he wrote an experimental
patch that provides a qmail-queue replacement that detaches large attachments
from an email and replaces them by an URL where the attached files can
be downloaded to avoid large attachments being sent over the internet
Lukas Feiler has merged several patches into his bigqmail patch.
netqmail-1.05-tls-smtpauth-20060105.patch
big-ext-todo EXTTODO patch big-todo patch
Alberto Brealey-Guzman s outgoingips patch
Christopher K. Davis DNS patch
Kazinori Fujiwara has an IPv6 patch
Animesh Bansriyar needed to limit
Dan s rblsmtpd blocks spam using the RBL and other
DNS-based lists. Because of the size of the RSS zone, they have
removed the necessary TXT records that rblsmtpd relies on. Alan Curry
has a patch to rblsmtpd to make it work with
certain A record responses from the bl lookup.
Nelson has a pair of programs to help keep
Jason R. Mastaler has improved TMDA, an anti-spam system.
Lionel Widdifield wrote an anti-spam patch. Someone made some
improvements to Lionel s patch, which Lindsay Haisley has ported to qmail 1.03.
full regexp matching on envelope addresses.With REs Regular
Expresions it becomes quite easy to filter out email addresses that
contain invalid characters or simply aren t a real address. Andrew
insensitive pattern matching and logging when a match is found.
Johnson has a patch to implement tarpitting in
qmail-smtpd. If you don t know what tarpitting is, it s the practice
of inserting a small sleep in an SMTP session for each RCPT TO after
some set number of RCPT TOs. The idea is to thwart spammers who would
hand your SMTP server a single message with a long list of RCPT
ensure that the domain name on the envelope sender is a
valid DNS name. This is not terribly effective against spammers,
but I list it here because some people want it.
Jon Rust wrote qrblcheck, which reads
a message on stdin, grabs the IP address from the Received lines and
checks it against five different DNS-based spamlists.
replacement to filter against DNS spamlists..
It uses Bruce Guenter s QMAILQUEUE patch.
Matching email is not rejected, but instead an X-RBL: header is added,
for filtering at the delivery layer.
O Shaughnessy Evans has a set of
shell scripts that comprise a spam-filtering system called spamrule.
Ask Bjørn Hansen wrote qpsmtpd, a smtp server
with filtering tools. It s written in perl.
Rolf Eike Beer has implemented replacements for qmail-smtpd
and qmail-remote which add features like IPv6, STARTTLS, AUTH,
combines many spam control features. Includes SMTP Auth with
EnderUNIX Team wrote spamGuard, which
scans your log files for too much email from a particular user, and
Russell Nelson has a patch to reject relay probes generated by
so-called anti-spammers. These relay probes have . , and
in the local username part of the address.
Dale Woolridge, James Law, and
patch provides a method to rate limit/stutter spam message throughput
via a highly parameterized control interface. As of release 2.01,
tcpserver is no longer a strict requirement.
James Grinter has instructions on
SpamAssassin. It s a script that runs from a. qmail file.
Noel Mistula wrote checkhab, which checks
for HTML, attachments, and binaries in email, and blocks them.
Gerrit Pape wrote qconfirm, a delivery
confirmation process for a mail address.
create and verify timestamped e-mail addresses. These addresses
expire after a user-configurable period of time; any mail sent to an
techniques to deal with double-bouncing
perl module implements an object oriented interface to a Quick Mail
Transfer Protocol QMTP client which enables a perl program to
time-limited email-address program called datedmail.
Luca Morettoni wrote qmail-rblchk,
which checks the IP address in the Received: line of an email message
on stdin against named DNSBLs.
Jean-Eudes ONFRAY wrote a rhsbl patch for tcpserver. This lets you
block or whitelist email based on the reverse-DNS hostname rather than
Christophe Saout wrote a SPF checker that runs
inside qmail-smtpd and is written using the native dns and string
functions that come with qmail.
Marcelo Coelho has written a patch for SRS. More
W32/Sober-G at the SMTP level.
RCPTCHECK at the RCPT TO. RCPTCHECK is run in the same
environment as qmail-smtpd. Additionally SENDER is set to the
envelope from and RECIPIENT is set to the envelope recipient for the
current rcpt to. Based on the return code exit value of
RCPTCHECK, the rcpt to: address will either be accepted or rejected.
page regarding recipient checking if
qmail is in front of a exchange server.
Thomas Mangin has a greylisting
Jon Lewis has an SMTP banner delay
program. This causes SMTP clients which give up early, or start
pipelining too soon, to have their connections rejected. Typically
these clients are sources of spam.
Russ Nelson wrote the selfhelo patch, which
causes qmail-smtpd to reject email sent using a HELO hostname equal to
your IP address, your hostname, or any hostname without dots.
Clippinger has written a filter for qmail that blocks spam at
connection-time, called spamdyke It s
similar to DJB s rblsmtpd but it provides a lot more features than
rblsmtpd, including blacklisting, graylisting, limiting numbers of
recipients, checking rDNS entries, checking DNS RBLs, vastly superior
logging and more. spamdyke supports SMTP AUTH and TLS, and will even
provide SMTP AUTH to unpatched qmail installations. Recompiling qmail
is not necessary to use spamdyke.
Andrew Richards has written NORCPTHOSTS,
which mandates authentication for relaying hosts. The sender must
authenticate before sending _any_ mail including to rcpthosts listed
domains, regardless of the content of control/rcpthosts. cdb. It s
enabled by an environment variable.
Jan Mojzis uses the postgrey daemon.
talkers in the SMTP dialog. Building on the work of Erwin
Hoffmann and John Simpson, Andrew has a patch to netqmail-1.06 with
qmail-errmsg logging patch to catch and disconnect connections that
try to send SMTP commands before the SMTP greeting has been issued by
The definitions of errno in qmail and tcpserver
do not work with the newest glibc 2.3.1. Debian and redhat are
updating to this glibc. Executables compiled with older glibc s 2.3
abort on startup, and recompilation with 2.3.1 is not possible. Mate
of djb s software. Erwin Hoffmann points out that a one-line sed
script will fix most of DJB s software. Look in the Tips section.
qmail ought to recognize 0.0.0.0 as a local IP
patch from Scott Gifford implements that change.
David Phillips noticed that sendmail s -f option
sets a default From: header, and so should
Bruce Guenter has written a patch which
causes any program that would run qmail-queue to look for an
environment variable QMAILQUEUE. If it
is present, it is used in place of the string bin/qmail-queue when
running qmail-queue. This could be used, for example, to add a
program into the qmail-smtpd- qmail-queue pipeline that could do
filtering, rewrite broken headers, etc.
Send kudos/brickbats/contributions to Russell
Nelson. Some design contributed by Steve Cole
and Olivier Mueller. Some lint ing by Paul Theodoropoulos.
Last modified: Wed Mar 23 :58 EDT 2011
Gratuitious blank lines added so that top.html link works.
The big qmail picture: qmail-ldap: BGPDNS: The big qmail picture Page 1 2 3 4 each 47K, GIF, 19980814 V1.03 The big qmail picture 271K, PowerPoint95.
