Installing and configuring vpopmail

February 15, 2025 by Roberto Puzzanghera 145 comments

• vpopmail version: 5.6.6
• github: sagredo-dev/vpopmail
• Download
• Changelog
• README.vdelivermail
• Inter7's original page

Vpopmail provides an easy way to manage virtual email domains and non /etc/passwd email accounts on your mail servers.

Changelog

• Feb 15, 2025 (v. 5.6.6)
  - bug fix: pwstr.h was not installed by Makefile (tx Bai Borko)
• Feb 9, 2025 (v. 5.6.5)
  - added pwd strength check also for vadduser.c
  - removed -std=c99 -D_XOPEN_SOURCE=500 arguments from CFLAGS in configure.ac to make clang happy
  - several changes to compile on FreeBSD clang v. 18.1.6
• Dec 20, 2024 (v 5.6.4)
  - Password strength enforcement (PR #5, grabbed from Matt Brookings' 5.5.0-dev version)
  - Dropped min pwd length feature.
  - vmysql.h: tables' layout changed in order to have VARCHAR instead of CHAR. Fields containing ip addresses enlarged to VARCHAR(39), to create room for ipv6. Unix timestamps definition changed from BIGINT(20) to INT(11). (commit 44bad58) Have a look to the upgrade notes below.
• Oct 19, 2024 (v.5.6.3)
  - bug fixed: passwords with length > 8 were denied if sha-512 was disabled
• Oct 14, 2024 (v. 5.6.2)
  - fixed a configure break where a trivial C test program exits on error with gcc-14.1 due to missing headers
  - vusaged/domain.c: fixed -Wimplicit-function-declaration compilation warning
  - vmysql.h: dropped the multicolumn PRIMARY KEY in valias table to allow multiple forwards for a given alias.
     In case one already has the valias table defined, this is the sql query for the upgrade:
     ALTER TABLE `vpopmail`.`valias` DROP PRIMARY KEY, ADD INDEX (`alias`, `domain`, `valias_type`) USING BTREE;
     ALTER TABLE `vpopmail`.`valias` ADD `id` INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`);
• Jun 7, 2024
  - the header files of libev are now installed in /usr/local/include/libev (was /usr/local/include) to avoid conflicts with libevent. vusaged configure command was adjusted accordingly.
• Dec 11, 2023
  - vpopmail-5.6.0 released (read the upgrading notes)
• Aug 27, 2023
  - new combined patch. More info here
  * The logic of the defaultdelivery patch/feature has been revised. If configured with --enable-defauldelivery vpopmail will save control/defauldelivery in the user's .qmail and vdelivermail LDA in the domain's .qmail-default file. This will achieve multiple benefits: you have qmail forwards and sieve together and valias available. The valias table schema was changed as well.

read more

Installing Dovecot and sieve on a vpopmail + qmail server

February 15, 2025 by Roberto Puzzanghera 105 comments

• Overview
• Installing
• Configuring
• Download my dovecot's config files
• dovecot.conf
• 10-auth.conf
• auth-sql.conf.ext
• 10-logging.conf
• Logrotate
• 10-mail.conf
• 10-master.conf
• 10-metrics.conf
• 10-ssl.conf
• 15-lda.conf
• 15-mailboxes.conf
• 20-imap.conf
• 20-pop3.conf
• 90-quota.conf

Changelog

• Feb 15, 2025
  - added support for vpopmail configured with --disable-many-domains
  - 90-sieve.conf: global script move-spam.sieve called correctly
• Feb 8, 2025
  - dovecot_postlogin.sh: query changed in order to add new records as well (tx Bai Borko)
  - bug fix: pop3 service was executing imap instead of pop3 (tx Gabriel Torres)
• Jan 29, 2025
  - dovecot upgraded to v. 2.4.0. Old configuration files are not valid anymore and you have to install dovecot from scratch.
• Nov 15, 2024
  - added a postlogin script to update the vpopmail.lastauth SQL table on login (see 10-master.conf, thanks kengheng)
• Dec 29, 2023
  default_pass_scheme = SHA512-CRYPT (was MD5-CRYPT) in dovecot-sql.conf.ext, as vpopmail-5.6.x has now SHA512-CRYPT password by default

Overview

• Info: http://www.dovecot.org/
• Documentation: https://doc.dovecot.org/
• My config files (github)
• Download: https://www.dovecot.org/releases/2.4/
• Version: dovecot-2.4.0

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It's fast, simple to set up, requires no special administration and it uses very little memory.

AWStats

February 13, 2025 by Roberto Puzzanghera 0 comments

A big thanks to Bai Borko for providing the instructions from which I derived the following and for the perl script.

AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. It uses a partial information file to be able to process large log files, often and quickly. It can analyze log files from all major server tools like Apache log files (NCSA combined/XLF/ELF log format or common/CLF log format), WebStar, IIS (W3C log format) and a lot of other web, proxy, wap, streaming servers, mail servers and some ftp servers.

Upgrading qmail

February 11, 2025 by Roberto Puzzanghera 552 comments

• Latest version 2025.02.11 (github)
• Changelog
• Readme

For my convenience I moved the qmail sources to my github space. Nonetheless, all information about qmail and related programs will continue to be posted in this web space, and this pages remain the place to  eventually seek support. From now on, instead of releasing a combined patch for qmail, I'll release a package which is the result of the ancient netqmail-1.06 plus my modifications. The original patches that I accomodated in my qmail package are listed below.

Changelog

WARNING: IF YOU ARE UPGRADING qmail AND YOU ARE USING A VERSION BEFORE 2024.01.11, BE AWARE THAT dk-filter HAS BEEN DROPPED, SO YOU HAVE TO RECONFIGURE DKIM AND MODIFY YOUR rc FILE ACCORDINGLY.

• Feb 11, 2025
  - Several adjustments to get freeBSD and netBSD compatibility. More info in the commit history. Hints/comments are welcome.
  - freeBSD users have to comment out the "LIBRESOLV" variable from the very beginning of the Makefile, as libresolv.so is not needed on freeBSD.
  - Dropped files install-big.c, idedit.c and BIN.* files.
  - Dropped files byte_diff.c, str_cpy.c, str_diff.c, str_diffn.c and str_len.c, which break compilation on clang and can be replaced by the functions shipped by the compiler (tx notqmail).
  - Old documentation moved to the "doc" dir. install.c and hier.c modified accordingly
  - conf-cc and conf-ld now have -L/usr/local/lib and -I/usr/local/include to look for srs2 library
  - conf-cc and conf-ld now have -L/usr/pkg/lib and -I/usr/pkg/include to satisfy netBSD
  - vpopmail-dir.sh: minor correction to vpopmail dir existence check
  - srs.c: #include <srs2.h> now without path
• Dec 01, 2024 (More info here and in the github release notes)
  - Added support for EAI (RFC 5336 SMTP Email Address Internationalization) (#13). Thanks to https://github.com/arnt/qmail-smtputf8/tree/smtputf8-tls. libidn2 package (libidn2-dev on debian) is a new dependence.
  - chkuser is now smtputf8 compliant. It accepts utf8 characters in sender and recipient addresses provided that the remote server advertises the SMTPUTF8 verb in MAIL FROM, otherwise it allows only ASCII characters plus additional chars from the CHKUSER_ALLOWED_CHARS set.
  * dropped variables CHKUSER_ALLOW_SENDER_CHAR_xx CHKUSER_ALLOW_RCPT_CHAR_xx (replaced by CHKUSER_ALLOWED_CHARS)
  * dropped variables CHKUSER_ALLOW_SENDER_SRS and CHKUSER_ALLOW_RCPT_SRS, as we are always accepting '+' and '#' characters
  * added variables CHKUSER_INVALID_UTF8_CHARS and CHKUSER_ALLOWED_CHARS
• Oct 26, 2024
  - qmail-remote.c patched to dinamically touch control/notlshosts/<fqdn> if control/notlshosts_auto contains any number greater than 0 in order to skip the TLS connection for remote servers with an obsolete TLS version. (tx Alexandre Fonceca) (commit)
  - defined CHKUSER_DISABLE_VARIABLE "RELAYCLIENT" in chkuser_settings.h
  - enabled CHKUSER_SENDER_NOCHECK_VARIABLE "RELAYCLIENT" in chkuser_settings.h
  - fixed several compilation breaks/warnings on later gcc compilers (tx Pablo Murillo)
  - invalid auth fix in qmail-smtpd.c's smtp_auth function (tx Alexandre Fonceca for the advice) (commit)
  - qmail path determined dinamically in conf-policy
  - added a patch to remove chkuser and the vpopmail dependency (patches dir)
• Jun 8, 2024
  - conf-channels: default number of channels increased to 4 (was 2). Now qmail offers 2 additional channels with respect to the 2 offered by default (local and remote). More info here
  - maxrcpt: error code changed to 452 due to RFC 4.5.3.1 (was 553). If DISABLE_MAXRCPT is defined it skips the check, otherwise outgoing messages from mailing lists would be rejected. (commit)

daemontools

February 9, 2025 by Roberto Puzzanghera 36 comments

• More info here: http://cr.yp.to/daemontools.html
• Original author: D.J. Bernstein
• github
• version: 0.78.4

daemontools is a collection of tools for managing UNIX services. It monitors qmail services and saves error messages to one or more logs.

Changelog

• Feb 9, 2025 (v0.78.4)
  - several adjustments to get clang version 18.1.6 compatibility
  - restored !/bin/sh in all scripts
• Dec 9, 2023
  - moved my patched daemontools to github and named 0.77 the new version
  - clear service moved to qmail/supervise/clear

Roundcube webmail

February 9, 2025 by Roberto Puzzanghera 16 comments

May 19, 2024: Roundcube webmail 1.6.7 security fix. It is sufficient to update Roundcube to the latest version.

---

• Info: https://roundcube.net
• Version: 1.6.10

Roundcube is a full featured webmail with a nice interface.

Changelog

• Feb 9, 2025
  RC update to v. 1.6.10
• Gen 21, 2024
  RC upgraded to v. 1.6.6
  -new $config['imap_host'] variable
  -all my SMTP config options were stripped from my configuration file and I had to restore them
• Jan 3, 2021
  disabled the SMTP authentication when sending messages via RC. SMTP port changed to 25.

Read the release note at https://github.com/roundcube/roundcubemail/blob/master/CHANGELOG.md for more info.

QmailAdmin

February 8, 2025 by Roberto Puzzanghera 123 comments

• Author:  Inter7
• Version: 1.2.24
• github
• Changelog

qmailAdmin is a free software package that provides a web interface for managing a qmail system with virtual domains. It provides admin for adding/deleting users, Aliases, Forwards, Mailing lists and Autoresponders.

As you can see, for convenience I moved the QmailAdmin sources to my github space. Nonetheless, all information about QmailAdmin will continue to be posted here, and this page remains the place to seek support if needed.

This qmailadmin puts togheter the original Inter7's 1.2.16 version with the following features (updated to 2023.08.27 old patch version):

• qmailadmin-skin, a patch that I created during covid-19 spare time, provides a new responsive skin to the control panel. It modifies everything under the html dir and many .c files in order to adjust the html embedded into the source files. Added a style sheet in the "images" folder and a couple of png files for the qmail logo. It will be much easier to modify the qmailadmin's skin from now on.
• A patch to call cracklib in order to check for the password strenght. This should avoid unsafe accounts created by domain administrators such as "test 123456".
• A nice patch (thanks to Tony, original author unknown) which gets qmailadmin to have authentication failures logged. This makes possible to ban malicious IPs via fail2ban. It is required to create the log file /var/log/qma-auth.log initially and assign write priviledges to apache.
• ezmlm-idx 7 compatibility patch (author unknown), which restores the compatibility with ezmlm-idx-7 (thanks to J.D. Trolinger for the advice).
• a fix to the catchall account (thanks to Luca Franceschini).
• another fix to autorespond.c to correct the way the .qmail files are modified
• qmail-autoresponder support (thanks Nathanaël Semhoun)

Installing and configuring Spamassassin

January 11, 2025 by Roberto Puzzanghera 50 comments

• Info: http://spamassassin.apache.org/
• Docs: http://spamassassin.apache.org/full/4.0.x/doc/
• Latest version: 4.0.1
• Download: http://spamassassin.apache.org/downloads.cgi

SpamAssassin is a mature, widely-deployed open source project that serves as a mail filter to identify Spam. SpamAssassin uses a variety of mechanisms including header and text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases. SpamAssassin runs on a server, and filters spam before it reaches your mailbox.

Troubles with latest DBI::mysql module

Days ago (Jan 06, 2025) the perl DBI::mysql module has been updated to v4.053 and v5.011. Both of them dropped the support for MariaDB and MySQL > 8. Infact v4.053 compilation exits with

/usr/bin/perl: symbol lookup error: /usr/local/lib64/perl5/auto/DBD/mysql/mysql.so: undefined symbol: mysql_real_escape_string_quote

while v5.011 doesn't compile as it seems not to be compliant with my openssl-1.1.1zb (I had the same issue on other distros with openssl-1.1 installed).

I'm restoring v4.052 like this

cpan install DVEEDEN/DBD-mysql-4.052.tar.gz