HomePage » Mail
Mail servers I've had fun with
Sendmail
Qmail
Postfix
Exim
pop3 & IMAP
vpopmail
Spam
Exchange
OfflineImap
SSL on courier and qmail
This is extremely raw. Will clean this up when I get around to it.SSL and courier
1) Generate a self-signed certificateopenssl genrsa -des3 -out server.key 2048 openssl rsa -in server.key -out server.key.plain openssl req -new -x509 -key server.key -out server.crt -days 360 -set_serial 200711
2) Make a pem file
cat server.key.plain server.crt > server.pem openssl gendh >> server.pem chmod 400 server.*
3) Edit imapd-ssl / pop3d-ssl file
TLS_CERTFILE=/path/to/server.pem
START=YES
4) Start imapd-ssl and pop3d-ssl
5) Verify with openssl
openssl s_client -connect localhost:993 openssl s_client -connect localhost:995
SSL and qmail
1) Get ucspi-ssl http://www.superscript.com/ucspi-ssl/ucspi-ssl-0.70.tar.gz2) Get ucspo-tls patch http://www.suspectclass.com/~sgifford/ucspi-tls/files/ucspi-ssl-0.70-ucspitls-0.1.patch
3) Extract ucspi-ssl and patch it
tar zxf xxx.tar.gz
patch -p1 < ../ucspi-ssl-0.70-ucspitls-0.1.patch
4) Compile and install it
package/compile base
package/install base
5) Patch netqmail package/install base
netqmail-1.06: http://www.qmail.org/netqmail-1.06.tar.gz
netqmail-tls patch: http://www.suspectclass.com/~sgifford/ucspi-tls/files/netqmail-1.05-ucspitls-0.3.patch
patch -p2 < ../netqmail-1.05-ucspitls-0.3.patch
6) Create qmailssl user
groupadd qmailssl
useradd -g qmailssl -d /var/qmail qmailssl
7) Create /var/qmail/ssl/env
SSL_USER=qmailssl SSL_GROUP=qmailssl SSL_DIR=/var/qmail/ssl # Enable UCSPI-TLS UCSPITLS=1 # The rest are set based on the above three SSL_CHROOT="$SSL_DIR" CERTFILE="$SSL_DIR/cert" KEYFILE="$SSL_DIR/key" DHFILE="$SSL_DIR/dhparam" SSL_UID=`id -u "$SSL_USER"` if [ $? -ne 0 ]; then echo "No such user '$SSL_USER'" >&2; exit; fi SSL_GID=`id -g "$SSL_GROUP"` if [ $? -ne 0 ]; then echo "No such group '$SSL_GROUP'" >&2; exit; fi # Export the variables used by other scripts export SSL_CHROOT SSL_UID SSL_GID UCSPITLS CERTFILE KEYFILE DHFILE
8) Copy /var/qmail/supervise/qmail-smtpd to qmail-smtpd-ssl and edit the run file inside
8.1) add . /var/qmail/ssl/env to the top
8.2) replace tcpserver with sslserver -e -n
8.3) Change smtp to 587 if you wish to run smtp on port25, and smtps on port587
8.4) Generate certificate in /var/qmail/ssl
umask 077
openssl req -new -x509 -keyout key.enc -out cert -days 360
openssl rsa -in key.enc -out key
openssl dhparam -out dhparam 1024
umask 022
8.5) Start qmailopenssl req -new -x509 -keyout key.enc -out cert -days 360
openssl rsa -in key.enc -out key
openssl dhparam -out dhparam 1024
umask 022
Procmail filter
#Recipe 1 #Remove Make Money Fast spam :0 * ^Subject:.*make money fast /dev/null #Recipe 2 #Accept e-mail from sfu addresses :0 * ^From:.*sfu\.ca /var/mail/kipling #Recipe 3 #Accept everything addressed to me :0 * ^TO_kipling /var/mail/kipling #Recipe 4 #Store everything else in junk_box file :0 $HOME/junk_box
mutt sending mail
Set up sender in ~/.muttrcset realname="foobar" set from="foobar@blah.tld" set use_from=yes
Sending attachments
mutt -i inline_attachment -a mime_attachment -s "subject line" recp1@domain.tld recp2@domain.tld < /dev/null
