There are a number of mail transfer agents (MTAs) that are designed for Linux, but most distributions install sendmail by default because it’s one of the oldest and most mature mail systems available. There are other SMTP servers, however, including postfix and Exim, which are gaining in popularity. There’s another MTA called Qmail, which is regarded as one of the most secure mail systems around.
What it provides
Qmail is more than just a SMTP server. It also provides a POP3 server, so there’s no need to install another package that provides POP3 services. Qmail is a very secure and reliable MTA. Its new mailbox format makes it more resistant to corruption if a system crash occurs during delivery. Qmail is supposed to be one of the most efficient mail servers; on a Pentium computer that runs BSD/OS, Qmail can easily sustain 200,000 local messages per day, with separate messages injected and delivered to mailboxes in a live test. Qmail also overlaps 20 simultaneous deliveries by default, and it handles mailing list messages very quickly.
Qmail is much smaller than other MTAs because it has one delivery mode and one forwarding mechanism instead of having a variety of delivery modes and segregated delivery mechanisms. Qmail is an acceptable replacement for sendmail. Once Qmail is installed and configured correctly, programs that rely on sendmail won’t recognize a difference between the two MTAs.
How it is installed
Unfortunately, Qmail isn’t the easiest package to install. While you can find sendmail, postfix, and other SMTP servers in simple RPM or DEB packages, Qmail must be compiled on the system upon which it’s going to be installed. This task can become a little tricky for people who have never compiled a program or recompiled an RPM package. For this Daily Drill Down, I’m going to describe the steps of installing Qmail as a replacement for your current MTA. The computer I’m using is a Pentium 166mHz with 128MB RAM that runs Linux Mandrake 7.0.
Getting the source
First, you should mirror the Qmail distribution site. Download all of the included subdirectories and files. You won't use all of them, but downloading everything makes it easier to find anything you need. You can obtain all of the subdirectories here. For my example, I’ll mirror the remote directory into the /usr/src/qmail directory.
After you’ve finished mirroring the remote directory, enter the /usr/src/qmail/var-qmail directory. This is where the primary Qmail package is located. Before we install Qmail, however, we need to prepare the system for the installation. Since the installation creates a number of local users, we must stop the ypbind service if the installation computer is an NIS client system. You also need to remove the file that corresponds to the NIS domain by issuing:
rm -f /var/yp/binding/*
Now, we must stop sendmail or your current MTA. If you’re running RedHat, you will have sendmail by default; later versions of Linux Mandrake use postfix by default. To remove sendmail from the system, type:
rpm -e --nodeps sendmail
If you’re using postfix or Exim, exchange the package name with sendmail in the second command that I listed. Now, you’re ready to begin building your Qmail packages. Since you’re still in the /usr/src/qmail/var-qmail directory, build the creation/installation package by running:
rpm --rebuild var-qmail-create-1.03-102memphis.src.rpm
The output from RPM will flash by. When you return to a command prompt, change directories to /usr/src/redhat/RPMS/i586 under RedHat or /usr/src/RPM/RPMS/i586 under Linux Mandrake. The last subdirectory depends upon the architecture of the computer upon which you’re installing Qmail. Since I’m dealing with a Pentium computer, I use the i586 subdirectory. If you were installing Qmail on a 386 system, you would go into the i386 subdirectory.
In this directory, I’ll install the var-qmail-create package, which will install the source code for Qmail. This package also installs a spec file that builds a new RPM package. The RPM package installs the Qmail binaries and sets up the users that Qmail needs on the system. Install the var-qmail-create package:
rpm -ivh var-qmail-create-1.03-102memphis.i586.rpm
Now that the package is installed, switch to the /usr/src/RPM/RPMS/SPECS directory. (Replace /RPM/ with /redhat/ if you’re installing under RedHat.) In this directory, we’ll use the spec file to create our binary RPM file, which we will install later. Type the following command:
rpm -bb var-qmail.spec
RPM launches a number of programs and installs the new users that Qmail needs in order to function properly. It also creates a new RPM package. To install this package, return to the /usr/src/RPM/RPMS/i586 directory. Then, install the Qmail binaries by typing the following command:
rpm -ivh qmail-1.03-102memphis.i586.rpm
Not done yet
Now, Qmail is installed. Unfortunately, our work isn’t done yet. There are other packages that we must install in order for Qmail to run properly. Right now, Qmail will work as a local MTA, but it can’t function as an SMTP or POP3 server. To continue with the installation, change to the /usr/src/qmail/qmail-run directory (from our original FTP mirror). There are three packages in this directory that we must install: functions, daemontools, and ucspi-tcp.
Functions, daemontools, and ucspi-tpc
Functions is a package that provides shell functions in order to ensure that path-like variables are properly set and that no component is duplicated. This package is necessary for Qmail to start and run properly. The daemontools package provides various programs that monitor daemons, including supervise, which monitors services, cyclog which writes and monitors log files, and setuser which runs programs under a specific user's UID and GID. (Similarly to the su program, setuser can only be run by root.) Finally, ucspi-tcp is a partial replacement for Inetd and TCP wrappers. The main program (tcpserver) waits for incoming connections and runs a particular program when a connection is received, much like inetd. However, tcpserver is faster and more robust than inetd because it compiles access rules into a hashed format so that it can deal easily with thousands of different hosts.
To install these programs, either use the precompiled i386 RPM packages or rebuild them for your own architecture if you're using a Pentium computer. You can rebuild the source packages as easily as the Qmail package itself by using the source RPM file (*.src.rpm) and by issuing a rpm --rebuild command. Whether you decide to rebuild the files or install the precompiled binaries, install the three packages in this order:
rpm -ivh functions-3-3.i386.rpm
rpm -ivh daemontools-0.53-103memphis.i386.rpm
rpm -ivh ucspi-tcp-0.84-102memphis.i386.rpm
Finally, you can install the qmail-run package. This package installs the init scripts that start Qmail at boot, and it updates the /etc/inetd.conf file in order to remove any default SMTP and POP3 commands that still exist. It also changes some environment features, such as where Pine looks for mailbox files by default. Since this package only sets up the system and deals with text scripts, you won’t have to rebuild the package. Simply install it, like so:
rpm -ivh qmail-run-4-4.i386.rpm
Now that you have the Qmail SMTP daemon installed on your system, use the initialization scripts to start Qmail. Run the following commands:
When you reboot your system, these services will start automatically. The qmail-run installation sets up the system to boot these services in runlevels 3, 4, and 5. (These are standard runlevels for daemons to start in.)
Now, you need to decide if you want to use the Qmail POP3 server. It’s pretty simple to get the POP3 server working. Since Qmail's mailboxes are slightly different from the standard sendmail/binmail method of storing user spools, you ought to use the Qmail POP3 server if you intend to offer your users POP3 service. Before you can use the POP3 service, you must install the checkpassword package by typing:
rpm -ivh checkpassword-0.81-2.i386.rpm
By default, the Qmail POP3 server isn’t a service that’s activated, so you’ll need to activate the service yourself. Again, it will start in runlevels 3, 4, and 5 by default. Just issue the following simple command:
chkconfig qmail-pop3d.init on
The Qmail POP3 server uses tcpserver to manage the daemon, so you can use the rules files for this service, too. To create the rules for the POP3 daemon, edit the /etc/tcprules.d/qmail-pop3d file. This text format file specifies which tcprules you want activated for the service. For those of you who are new to tcpserver—and anybody who hasn’t used Qmail probably is new to it—the tcprules files are located in the /etc/tcprules.d/ directory. There are two files per service: one is called [daemon-name], and the hashed file is called [daemon-name].cdb. Since tcpserver uses compiled files, you must use the tcprules program in order to compile the ASCII text configuration file into the hashed file that tcpserver uses. By default, there are no qmail-pop3d and qmail-pop3d.cdb files. You need to create them. A very basic file might look like this:
Security and POP3 with tcpserver
Assuming that 22.214.171.124 is your own IP address, it allows connections only from the local adapter and your IP address. It’s rather restrictive, but it’s useful if you’re using POP3 services locally and you don't want everyone else on the Internet to be able to connect to your POP3 server. Save your new qmail-pop3d file and compile it with the following command:
tcprules qmail-pop3d.cdb qmail-pop3d.tmp < qmail-pop3d
Now, you have the hashed file that tcpserver needs in order to operate properly. To start the POP3 server without waiting for a reboot, run:
The POP3 server will wait for incoming connections. Your new, fully functional SMTP and POP3 mailer service will be more secure than any other MTA.
Converting those older mailbox formats
Next, you’ll want to convert the older mailbox format of storing mail to Qmail's maildir format. The old mailbox format stores incoming e-mail in a file called /var/spool/mail/[username]. From Qmail’s point of view, this method is insecure and unreliable. Instead, Qmail uses the maildir format, which is far more reliable. The mailbox format, which involves only one file, has a major flaw. If the system crashes while a program is appending a new message to the mailbox file, the message will be truncated. In some cases, it can be truncated in the middle of a line, and the rest of the message will merge with the next message. The delivering program will probably resend the message because there was a crash. By then, however, it's too late. Your mailbox has become corrupt.
When it comes to new mail messages, the maildir format is crash-proof. It’s much faster and much easier for e-mail clients and Mail User Agents (MUAs) to use. In an NFS environment, Qmail won’t even use the mailbox format for incoming mail. The maildir format, however, works very well over NFS, and you don’t have to lock it in order to make it safe and easy to read. In this environment, several MTAs can deliver mail to you at the same time, and there won’t be any problems or delays because there’s no locking of files. If you’re using the mailbox format, the same rule doesn’t apply because different programs would try to access the same individual file at the same time. Since the maildir format gives one file to each message, e-mail can be delivered, deleted, and read, and other mail processing procedures won’t be affected.
You can change your existing mailbox format to the maildir format easily. Qmail provides a tool called maildirmake, which accomplishes this task for you. You need to run this program as the user in order to complete the conversion. (Qmail can use both the maildir and mailbox formats on a per-user basis.) Use the su program to become the user temporarily and, as root, execute the following commands:
echo ./Maildir/ > ~/.qmail
Unfortunately, these commands don’t convert the messages in the mailbox format to the new maildir format; therefore, you should save these messages to another folder so that you don't have to toggle between two mail storage formats. To switch to the maildir format on your system, as root, you should create the Maildir directory in the new-user template directory. (In Linux Mandrake, it’s the /etc/skel/ directory). Next, replace ./Mailbox with ./Maildir/ in the /var/qmail/rc script and instruct Qmail to use the maildir format by default. For example, look for the line in the script that reads:
qmail-start ./Mailbox splogger qmail
Change it to the following:
qmail-start ./Maildir/ splogger qmail
Qmail can use both the maildir and mailbox formats, but there is one caveat: Qmail uses a different method of storing mailbox files than do traditional SMTP servers. While other SMTP servers use /var/spool/mail/[username], Qmail uses /home/[username]/Mailbox. Qmail’s method provides additional security by storing the mailbox in the user's home directory instead of in the /var directory tree. To use this new format, move the files in /var/spool/mail to the appropriate user's directory. The user's e-mail client (such as Elm or Pine) must be reconfigured somewhat. Then, as root, you must make a symbolic link that points from /var/spool/mail/[username] to /home/[username]/Mailbox for each user. For security reasons, change the permissions on the /var/spool/mail directory to 1777. That way, you’ll prevent users from removing these links. The symbolic links are needed to trick programs that don’t (or can’t) support Qmail's way of handling the mailbox format into writing incoming e-mail to the correct files.
Using single-user mode
If you have a busy system, you should boot into single-user mode and perform some maintenance. It will preserve your system integrity by not starting the Qmail servers and by disallowing user logins. It will make your transition to Qmail much easier. To boot into single-user mode, reboot the system and, at the LILO prompt, type linux single instead of pressing [Enter]. If you have a custom kernel or a different boot label for Linux, like mandrake, type mandrake single and boot into single-user mode. After you reboot, simply type the following lines as root:
mv /var/spool/mail/[username] /home/[username]/Mailbox
ln -s /home/[username]/Mailbox /var/spool/mail/[username]
Once you’ve moved all of the mailbox files, you can reboot the system into whatever runlevel you normally use. Qmail will start storing incoming mail for your users either in the new maildir format or in the converted mailbox format.
You’ll have to update your e-mail client configuration in order to use the new mailbox format. In Pine, change the inbox-path to ~/Mailbox. By default, it’s left blank; it uses the normal /var/spool/mail/[username] mailbox setting to receive mail. You need to configure most e-mail clients similarly, but you may have to modify and recompile the source code for others. If you set the symbolic links correctly, however, you shouldn’t have to worry about it.
If you’ve followed all of these instructions carefully, you’ll have a Qmail system that provides SMTP and POP3 services to your users. It also should work with the reliable maildir format or another secure mailbox format. There are a number of other configuration options that you’ll want to configure if you’re going to use Qmail in a production environment, and I’ll discuss those configuration options in a future Daily Drill Down.
Vincent Danen, a native Canadian in Edmonton, Alberta, has been computing since the age of 10, and he’s been using Linux for nearly two years. Prior to that, he used OS/2 exclusively for approximately four years. Vincent is a firm believer in the philosophy behind the Linux "revolution,” and he attempts to contribute to the Linux cause in as many ways as possible—from his Freezer Burn Web site to building and submitting custom RPMs for the Linux Mandrake project. Vincent also has obtained his Linux Administrator certification from Brainbench. He hopes to tackle the RHCE once it can be taken in Canada.
Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years and is a veteran Mac user.