Catchy new site http://edge.technet.com has some IIS 7.0 videos!
FREB
http://edge.technet.com/Media/Failed-Request-Tracing-in-IIS7/
Installing PHP Applications on IIS7
http://edge.technet.com/Media/Installing-PHP-Applications-on-IIS7/
Remote Administration and Delegation in IIS7
http://edge.technet.com/Media/Remote-Administration-and-Delegation-in-IIS7/
I’m writing this article to provide a complete, updated guide to install Mailman using Qmail as the MTA and FreeBSD 4.9. I first became familiar with Qmail and FreeBSD in dec 2002. I originally wanted *just* a backup mail server. When I was trying to figure this out, I didn’t find a current article in one place to reference. Open source software is very stable, flexible however at times a novice *nix admin really has to hunt to get all the answers.
First of all this is my personal step-by-step process of building my FreeBSD 4.9 server. Its not without many hours of *trying* to shortcut and not really understand the step by step instructions provided by great resources like http://freebsd.org/handbook or http://www.lifewithqmail.org I highly recommend anyone trying to do FreeBSD or Qmail to buy books to truely get help. Especially if your a *windows person* and are accustomed to having setup, next, next finish types of installs. I’ve bought a few BSD books and the The Qmail Handbook. These are priceless resources. One of my goals is to 100% understand how to build and support this type of build. My original goal was to build a backup mail server, I’ve achieved this. now its going to understand mailman listserv software. Truly take time to support those like Dave Sill, and the FreeBSD group. This example has only been tested with one domain, please let me know if there are problems. [email protected]
Install Apache
cd /usr/ports/www/apache13-modssl
make && make install
Upload netqmail, daemontools, ucspi-tcp
ftp – netqmail-1.05.tar.gz,daemontools-0.76.tar.gz,ucspi-tcp-0.88.tar.gz
At this time you probably want to become root, if you’re not already.
mkdir -p /usr/local/src
mv netqmail-1.05.tar.gz ucspi-tcp-0.88.tar.gz /usr/local/src
mkdir -p /package
mv daemontools-0.76.tar.gz /package
chmod 1755 /package
Now you can unpack the packages.
cd /usr/local/src
gunzip netqmail-1.05.tar.gz
tar xpf netqmail-1.05.tar
cd netqmail-1.05
./collate.sh # watch for errors here
cd ..
gunzip ucspi-tcp-0.88.tar.gz
tar xpf ucspi-tcp-0.88.tar
rm *.tar # optional, unless space is very tight
cd /package
gunzip daemontools-0.76.tar.gz
tar xpf daemontools-0.76.tar
rm *.tar # optional, again
There should now be directories called /usr/local/src/netqmail-1.05, /usr/local/src/ucspi-tcp-0.88, and /package/admin/daemontools-0.76.
Create users and groups
The easiest way to create the necessary users and groups is to create a little script file to do it for you. In the source directory you’ll find a file called INSTALL.ids. It contains the command lines for many platforms, so copying the file to another name and editing that is quick and easy.
cd /usr/local/src/netqmail-1.05/netqmail-1.05
ee IDS, paste the following lines below
pw groupadd nofiles
pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent
pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent
pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent
pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent
pw groupadd qmail
pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent
pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent
pw useradd qmails -g qmail -d /var/qmail -s /nonexistent
Then to run it, either use chmod to make it executable or run it with sh:
First method:
chmod 700 IDS
./IDS
When the script finishes, all of your users and groups will be created and you can go on to the next section. But what do you do if your system isn’t listed in INSTALL.ids? You’ll have to create them manually. Start by using your favorite editor and editing /etc/group. You need to add the following two lines to the end of the file:
qmail:*:2107:
nofiles:*:2108:
Next, using vipw (most systems have it, if not you’ll need to use your editor again but this time on /etc/passwd) add these lines to the end of the file:
alias:*:7790:2108::/var/qmail/alias:/bin/true
qmaild:*:7791:2108::/var/qmail:/bin/true
qmaill:*:7792:2108::/var/qmail:/bin/true
qmailp:*:7793:2108::/var/qmail:/bin/true
qmailq:*:7794:2107::/var/qmail:/bin/true
qmailr:*:7795:2107::/var/qmail:/bin/true
qmails:*:7796:2107::/var/qmail:/bin/true
Do the build
Now you can start building qmail. Change to the /usr/local/src/netqmail-1.05/netqmail-1.05 directory and let’s get started:
cd /usr/local/src/netqmail-1.05/netqmail-1.05
In the Verify Build Environment section, you located your C compiler. If it’s not called cc or the directory it resides in isn’t in your PATH environment variable, you’ll need to edit conf-cc and conf-ld. Say your compiler is gcc, and it’s in your PATH. Simply edit conf-cc and conf-ld and replace “cc” with “gcc”.
Now type the following:
make setup check
After the build is complete, you’ll need to do your post installation configuration. A couple of scripts are provided to make this job a lot easier. For example, if your domain is example.com and the hostname of your computer is dolphin, your config-fast line would look like this:
./config-fast lists.domain.com
Qmail setup is completed
Install ucspi-tcp
Earlier, you unpacked the qmail, ucspi-tcp, and daemontools tarballs. Now change to the ucspi-tcp directory:
cd /usr/local/src/ucspi-tcp-0.88
patch < /usr/local/src/netqmail-1.05/other-patches/ucspi-tcp-0.88.errno.patch
make
make setup check
Install daemontools
Change to the daemontools build directory:
cd /package/admin/daemontools-0.76/src
patch < /usr/local/src/netqmail-1.05/other-patches/daemontools-0.76.errno.patch
cd ..
package/install
*************************
Supervise scripts creation
*************************
ee /var/qmail/rc
#!/bin/sh
# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by default
exec env – PATH=”/var/qmail/bin:$PATH”
qmail-start “`cat /var/qmail/control/defaultdelivery`”
*******************
ee /var/qmail/bin/qmailctl
Copy from
http://www.lifewithqmail.org/qmailctl-script-dt70
***************************
Create Supervise Script Directories
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
***************************
Qmail-smtpd Run
ee /var/qmail/supervise/qmail-smtpd/run
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z “$QMAILDUID” -o -z “$NOFILESGID” -o -z “$MAXSMTPD” -o -z “$LOCAL” ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo “No /var/qmail/control/rcpthosts!”
echo “Refusing to start SMTP listener because it’ll create an open relay”
exit 1
fi
exec /usr/local/bin/softlimit -m 2000000
/usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD”
-u “$QMAILDUID” -g “$NOFILESGID” 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
***************************
Qmail-smtpd run file
ee /var/qmail/supervise/qmail-smtpd/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd
***************************
Qmail-send run file
ee /var/qmail/supervise/qmail-send/run
#!/bin/sh
exec /var/qmail/rc
***************************
Qmail-send log run file
ee /var/qmail/supervise/qmail-send/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail
***************************
chmod 755 /var/qmail/rc
chmod 755 /var/qmail/bin/qmailctl
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
echo ./Maildir/ >/var/qmail/control/defaultdelivery
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
ln -s /var/qmail/bin/qmailctl /usr/bin
mkdir -p /var/log/qmail/smtpd
chown qmaill /var/log/qmail /var/log/qmail/smtpd
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
mv /usr/lib/sendmail /usr/lib/sendmail.old
mv /usr/sbin/sendmail /usr/sbin/sendmail.old
chmod 0 /usr/lib/sendmail.old /usr/sbin/sendmail.old
ln -s /var/qmail/bin/sendmail /usr/lib
ln -s /var/qmail/bin/sendmail /usr/sbin
ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
echo ‘127.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
echo ‘192.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
qmailctl cdb
ee /home/scs/downloads/inst_check.sh
#!/bin/sh
Verify your local qmail alias files
/var/qmail/alias/
.qmail-root
me
.qmail-postmaster
me
This is what my /var/qmail/alias looks like before installing Mailman
lrwxr-xr-x 1 root qmail 17 May 2 18:55 .qmail-mailer-daemon -> .qmail-postmaster
-rw-r-r- 1 root qmail 3 May 5 01:21 .qmail-postmaster
-rw-r-r- 1 root qmail 3 May 5 01:20 .qmail-root
here is what my control files look like in Qmail
[root@lists:/var/qmail/control]# ls -l
-rw-r-r- 1 root qmail 3 May 15 08:42 concurrencyincoming
-rw-r-r- 1 root qmail 11 May 15 08:42 defaultdelivery
-rw-r-r- 1 root qmail 10 May 15 08:25 defaultdomain
-rw-r-r- 1 root qmail 26 May 15 10:17 locals
-rw-r-r- 1 root qmail 16 May 15 08:25 me
-rw-r-r- 1 root qmail 10 May 15 08:25 plusdomain
-rw-r-r- 1 root qmail 26 May 15 10:17 rcpthosts
ee /var/qmail/control/locals
localhost
lists.domain.com
ee /var/qmail/control/me
lists.domain.com
ee /var/qmail/control/rcpthosts
localhost
lists.domain.com
***************************
Install Mailman from the ports
cd /usr/ports/mail/mailman
ee Makefile
change this line from
-with-mail-gid=${MAIL_GID} -with-cgi-gid=${CGI_GID}
Change to
-with-mail-gid=nofiles -with-cgi-gid=www //this might be apache also
make && make install
//The reason I change it to root is the README.QMAIL file that is in /usr/ports/mail/mailman/work/mailman-2.1.4/README.QMAIL
//I’ve not tested running as mailman as “The Qmail Handbook example shows”
//This might already be done if you installed Mailman from the ports.
cd /usr/local/mailman
chown -R root *
//Add this to the bottom of this file — /usr/local/mailman/Mailman/mm_cfg.py
//Per the README.QMAIL file that is in /usr/ports/mail/mailman/work/mailman-2.1.4/README.QMAIL
If the check_perms script reports errors, rerun it using the -f option to fix the errors.
# bin/check_perms -f
//Configure your Web server to allow execution of CGI scripts in /usr/local/mailman/cgi-bin. If you are running Apache, it should be sufficient to add the following directive to the Apache //configuration file, httpd.conf:
ScriptAlias /mailman/ “/usr/local/mailman/cgi-bin/”
Copy the Mailman, Python, and GNU logos to a location accessible to the Web server. For example, if the directory in which Apache looks for icons is /var/www/icons, the following command should do:
cp /usr/local/mailman/icons/* /usr/local/www/icons
Edit /usr/local/mailman/Mailman/mm_cfg.py and add a line that points the variable IMAGE_LOGOS points at the proper base URL for the logos you’ve just copied into place. MTA_ALIASES_STYLE=’qmail’
Point your Web server at the public mailing list archives. Using Apache, the following lines added to httpd.conf should do:
Alias /pipermail/ “/usr/local/mailman/archives/public/”
Options FollowSymLinks
Restart Apache. I use apachectl restart, which should work for most Apache installations, but you might want to use the appropriate init script.
# apachectl restart
/usr/sbin/apachectl restart: httpd restarted
Mailman relies on a number of cron jobs to provide much of its functionality, so the next step is to install the mailman user’s crontab entries. The Mailman distribution contains a prebuilt crontab file, /usr/local/mailman/cron/crontab.in, which can be installed with the following command:
# crontab /usr/local/mailman/cron/crontab.in -u mailman
Start Mailman’s queue runner daemon:
# bin/mailmanctl start
Starting Mailman’s master qrunner.
To ensure that Mailman starts automatically when the system reboots, add its initialization script to your init script system. For simplicity’s sake, I added an invocation of the script to rc.local — the Mailman INSTALL file lists other means of integrating the script into system startup scripts. Here are the lines I added to rc.local:
*****************
*****************
//This also should put something in /usr/local/etc/rc.d/mailman.sh
//this is what the rc file looks like that was put by the ports
//I only post this for reference, you shouldn’t have to put the file
//in the /usr/local/etc/rc.d
#!/bin/sh
#
# mailman This shell script starts and stops GNU Mailman.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place – Suite 330, Boston, MA 02111-1307, USA.
#
# Copy this file to /etc/init.d/ (or /etc/rc.d/init.d/ depending on
# your system) and activate it as such:
#
# On Debian, type “update-rc.d mailman defaults”
# On RedHat, and derivatives, install with “chkconfig -add mailman”
#
# chkconfig: 2345 98 12
# description: Mailman is the GNU Mailing List Manager, a program that
# manages electronic mail discussion groups. For more
# on GNU Mailman see http://www.list.org
# processname: mailmanctl
# config: /usr/local/mailman/Mailman/mm_cfg.py
# pidfile: /usr/local/mailman/data/master-qrunner.pid
PYTHON=/usr/local/bin/python
MAILMANHOME=/usr/local/mailman
MAILMANCTL=$MAILMANHOME/bin/mailmanctl
case “$1” in
‘start’)
#rm -f $MAILMANHOME/locks/*
$PYTHON $MAILMANCTL -s -q start && echo -n ‘ mailman’
;;
‘stop’)
$PYTHON $MAILMANCTL -q stop && echo -n ‘ mailman’
;;
‘restart’)
$PYTHON $MAILMANCTL -q restart
;;
*)
echo “Usage: `basename $0` {start|stop|restart}” >&2
exit 64
;;
esac
exit 0
*****************
*****************
//put this empty file in the /usr/local/mailman directory
touch /usr/local/mailman/.qmail-owner
//Create a list called mailman by using the newlist command
# bin/newlist mailman
Enter the email of the person running the list: [email protected]
Initial mailman password:
## mailman mailing list
mailman: “|/usr/local/mailman/mail/mailman post mailman”
mailman-admin: “|/usr/local/mailman/mail/mailman admin mailman”
mailman-bounces: “|/usr/local/mailman/mail/mailman bounces mailman”
mailman-confirm: “|/usr/local/mailman/mail/mailman confirm mailman”
mailman-join: “|/usr/local/mailman/mail/mailman join mailman”
mailman-leave: “|/usr/local/mailman/mail/mailman leave mailman”
mailman-owner: “|/usr/local/mailman/mail/mailman owner mailman”
mailman-request: “|/usr/local/mailman/mail/mailman request mailman”
mailman-subscribe: “|/usr/local/mailman/mail/mailman subscribe mailman”
mailman-unsubscribe: “|/usr/local/mailman/mail/mailman unsubscribe mailman”
Hit enter to notify mailman owner…
‘Be sure to add the listed aliases to /var/qmail/mail/aliases or wherever the aliases file lives on your system, ‘This puts the files in /var/qmail/alias, notice the /usr/local/mailman/mail/mailman line
‘in the The Qmail Handbook example it says wrapper. According the http://www.python.org/cgi-bin/faqw-mm.py?req=all#1.4
//Create a sample list called mailman by using the newlist command
# bin/newlist pop-fans3
Enter the email of the person running the list: [email protected]
Initial pop-fans3 password:
## mailman mailing list
mailman: “|/usr/local/mailman/mail/mailman post pop-fans3”
mailman-admin: “|/usr/local/mailman/mail/mailman admin pop-fans3”
mailman-bounces: “|/usr/local/mailman/mail/mailman bounces pop-fans3”
mailman-confirm: “|/usr/local/mailman/mail/mailman confirm pop-fans3”
mailman-join: “|/usr/local/mailman/mail/mailman join pop-fans3”
mailman-leave: “|/usr/local/mailman/mail/mailman leave pop-fans3”
mailman-owner: “|/usr/local/mailman/mail/mailman owner pop-fans3”
mailman-request: “|/usr/local/mailman/mail/mailman request pop-fans3”
mailman-subscribe: “|/usr/local/mailman/mail/mailman subscribe pop-fans3”
mailman-unsubscribe: “|/usr/local/mailman/mail/mailman unsubscribe pop-fans3”
Hit enter to notify mailman owner…
//Be sure to add the listed aliases to /var/qmail/mail/aliases or wherever the aliases file lives on your system
echo ‘|preline /usr/local/mailman/mail/mailman post pop-fans3’ > ~alias/.qmail-pop-fans3
echo ‘|preline /usr/local/mailman/mail/mailman mailowner pop-fans3’ > ~alias/.qmail-pop-fans3-admin
echo ‘|preline /usr/local/mailman/mail/mailman mailcmd pop-fans3’ > ~alias/.qmail-pop-fans3-request
echo ‘&pop-fans3-admin’ > ~alias/.qmail-pop-fans3-owner
echo ‘&pop-fans3-admin’ > ~alias/.qmail-owner-pop-fans3
chmod 644 ~alias/.qmail-pop-fans3
chmod 644 ~alias/.qmail-pop-fans3-admin
chmod 644 ~alias/.qmail-pop-fans3-request
chmod 644 ~alias/.qmail-pop-fans3-owner
chmod 644 ~alias/.qmail-owner-pop-fans3
# su – mailman
$ bin/mmsitepass newpass
Password changed.
Your going to want to chose something besides newpass..
This is my list of resources used over the last few years for Qmail and FreeBSD
FreeBSD
Qmail
ee /root/.bashrc
PS1=”[u@h:w]# “
ee /home/scs/.bashrc
PS1=”[u@h:w]# “
cd /usr/ports/net/cvsup-without-gui
make && make install
cp /usr/share/examples/cvsup/standard-supfile /etc/standard-supfile
cp /usr/share/examples/cvsup/ports-supfile /etc/ports-supfile
cd /etc/
cvsup -g -L 2 standard-supfile -h cvsup4.freebsd.org
cvsup -g -L 2 ports-supfile -h cvsup4.freebsd.org
cd /usr/ports/lang/perl5.8
make && make install
cd /usr/src
make buildworld
# cd /usr/src/sys/i386/conf
# mkdir /root/kernels
# cp GENERIC /root/kernels/MYKERNEL
# ln -s /root/kernels/MYKERNEL
# /usr/sbin/config MYKERNEL
Change into the build directory. config(8) will print the name of this directory after being run as above.
# cd ../compile/MYKERNEL
For FreeBSD versions prior to 5.0, use the following form instead:
# cd ../../compile/MYKERNEL
Compile the kernel.
# make depend
# make
Install the new kernel.
# make install
reboot
cd /usr/src
make installworld
cd /usr/ports/ftp/proftpd
make && make install
or use the FTP in inetd…works well too
ee /etc/inetd.conf
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
#ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l
save changes
ps -ax | grep inetd
kill inetd process and restart it.
cd /usr/ports/www/apache13-modssl
make && make install
Unpack the ucspi-tcp package:
gunzip ucspi-tcp-0.88.tar
tar -xf ucspi-tcp-0.88.tar
cd ucspi-tcp-0.88
Compile the ucspi-tcp programs:
make
As root, install the ucspi-tcp programs under /usr/local:
make setup check
Installation daemontools
Create a /package directory:mkdir -p /packageDownload daemontools-0.76.tar.gz into /package. Unpack the daemontools package:
chmod 1755 /package
cd /package
gunzip daemontools-0.76.tarCompile and set up the daemontools programs:
tar -xpf daemontools-0.76.tar
rm daemontools-0.76.tar
cd admin/daemontools-0.76
package/install
Install QmailNow you can unpack the packages.
cd /usr/local/src
gunzip netqmail-1.05.tar.gz
tar xpf netqmail-1.05.tar
cd netqmail-1.05
./collate.sh # watch for errors herecd ..
There should now be directories called /usr/local/src/netqmail-1.05
Create users and groups
The easiest way to create the necessary users and groups is to create a little script file to do it for you. In the source directory you’ll find a file called INSTALL.ids. It contains the command lines for many platforms, so copying the file to another name and editing that is quick and easy.cd /usr/local/src/netqmail-1.05/netqmail-1.05
ee IDS, paste the following lines belowpw groupadd nofiles
pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent
pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent
pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent
pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent
pw groupadd qmail
pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent
pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent
pw useradd qmails -g qmail -d /var/qmail -s /nonexistentThen to run it, either use chmod to make it executable or run it with sh:
First method:chmod 700 IDS
./IDSWhen the script finishes, all of your users and groups will be created and you can go on to the next section. But what do you do if your system isn’t listed in INSTALL.ids? You’ll have to create them manually. Start by using your favorite editor and editing /etc/group. You need to add the following two lines to the end of the file:
qmail:*:2107:
nofiles:*:2108:
Next, using vipw (most systems have it, if not you’ll need to use your editor again but this time on /etc/passwd) add these lines to the end of the file:alias:*:7790:2108::/var/qmail/alias:/bin/true
qmaild:*:7791:2108::/var/qmail:/bin/true
qmaill:*:7792:2108::/var/qmail:/bin/true
qmailp:*:7793:2108::/var/qmail:/bin/true
qmailq:*:7794:2107::/var/qmail:/bin/true
qmailr:*:7795:2107::/var/qmail:/bin/true
qmails:*:7796:2107::/var/qmail:/bin/trueDo the build
Now you can start building qmail. Change to the /usr/local/src/netqmail-1.05/netqmail-1.05 directory and let’s get started:cd /usr/local/src/netqmail-1.05/netqmail-1.05
In the Verify Build Environment section, you located your C compiler. If it’s not called cc or the directory it resides in isn’t in your PATH environment variable, you’ll need to edit conf-cc and conf-ld. Say your compiler is gcc, and it’s in your PATH. Simply edit conf-cc and conf-ld and replace “cc” with “gcc”.
Now type the following:
make setup check
After the build is complete, you’ll need to do your post installation configuration. A couple of scripts are provided to make this job a lot easier. For example, if your domain is example.com and the hostname of your computer is dolphin, your config-fast line would look like this:
./config-fast lists.domain.com
Install Qmail
*************************Supervise scripts creation
*************************
ee /var/qmail/rc
#!/bin/sh
# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by defaultexec env - PATH=”/var/qmail/bin:$PATH”
qmail-start “`cat /var/qmail/control/defaultdelivery`”
*******************ee /var/qmail/bin/qmailctl
Copy from
http://www.lifewithqmail.org/qmailctl-script-dt70***************************
Create Supervise Script Directoriesmkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log***************************
Qmail-smtpd Runee /var/qmail/supervise/qmail-smtpd/run
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z “$QMAILDUID” -o -z “$NOFILESGID” -o -z “$MAXSMTPD” -o -z “$LOCAL” ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo “No /var/qmail/control/rcpthosts!”
echo “Refusing to start SMTP listener because it’ll create an open relay”
exit 1
fi
exec /usr/local/bin/softlimit -m 2000000
/usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD”
-u “$QMAILDUID” -g “$NOFILESGID” 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
***************************
Qmail-smtpd run fileee /var/qmail/supervise/qmail-smtpd/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd
***************************
Qmail-send run file
ee /var/qmail/supervise/qmail-send/run
#!/bin/sh
exec /var/qmail/rc***************************
Qmail-send log run file
ee /var/qmail/supervise/qmail-send/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail***************************
chmod 755 /var/qmail/rc
chmod 755 /var/qmail/bin/qmailctl
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
echo ./Maildir/ >/var/qmail/control/defaultdelivery
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
ln -s /var/qmail/bin/qmailctl /usr/bin
mkdir -p /var/log/qmail/smtpd
chown qmaill /var/log/qmail /var/log/qmail/smtpd
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
mv /usr/lib/sendmail /usr/lib/sendmail.old
mv /usr/sbin/sendmail /usr/sbin/sendmail.old
chmod 0 /usr/lib/sendmail.old /usr/sbin/sendmail.old
ln -s /var/qmail/bin/sendmail /usr/lib
ln -s /var/qmail/bin/sendmail /usr/sbin
ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster /var/qmail/alias/.qmail-mailer-daemonecho ‘127.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
echo ‘192.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
qmailctl cdbee /home/scs/downloads/inst_check.sh
#!/bin/shVerify your local qmail alias files
/var/qmail/alias/.qmail-root
me.qmail-postmaster
meThis is what my /var/qmail/alias looks like before installing Mailman
lrwxr-xr-x 1 root qmail 17 May 2 18:55 .qmail-mailer-daemon -> .qmail-postmaster
-rw-r-r- 1 root qmail 3 May 5 01:21 .qmail-postmaster
-rw-r-r- 1 root qmail 3 May 5 01:20 .qmail-roothere is what my control files look like in Qmail
[root@lists:/var/qmail/control]# ls -l
-rw-r-r- 1 root qmail 3 May 15 08:42 concurrencyincoming
-rw-r-r- 1 root qmail 11 May 15 08:42 defaultdelivery
-rw-r-r- 1 root qmail 10 May 15 08:25 defaultdomain
-rw-r-r- 1 root qmail 26 May 15 10:17 locals
-rw-r-r- 1 root qmail 16 May 15 08:25 me
-rw-r-r- 1 root qmail 10 May 15 08:25 plusdomain
-rw-r-r- 1 root qmail 26 May 15 10:17 rcpthostsee /var/qmail/control/locals
localhost
lists.domain.com
ee /var/qmail/control/me
lists.domain.comee /var/qmail/control/rcpthosts
localhost
lists.domain.com********************
put the qmail.sh in /usr/local/etc/rc.d/qmail.sh
#!/bin/sh
echo -n “qmail-smtpd, “
QMAILQUEUE=”/var/qmail/bin/qmail-scanner-queue.pl” export QMAILQUEUEchmod 755 qmail.sh
reboot server
ee /etc/rc.conf
add this stuff to the rc.conf
sendmail_enable=”NONE”
ipfilter_enable=”YES”
ipfilter_flags=”-Ds”
ipfilter_program=”/sbin/ipf -Fa -f”
ipfilter_rules=”/etc/ipf.conf”
ipmon_enable=”YES”
ipmon_flags=”-Dn /var/log/firewall_logs”
spamd_enable=”YES”
clamav_clamd_enable=”YES”
install spamassassin from ports
if you get an error about not right version of perl type
use.perl portcd /usr/ports/mail/p5-Mail-SpamAssassin
install clamav .80
gunzip clamav.80.tar.gz
tar xpf clamav.80.tar
cd clamav.0.80
add group and user clamav //might have to use /stand/sysinstall
groupadd clamav
useradd -g clamav -s /bin/false -c “Clam AntiVirus” clamav
./configure
make
make install
Getting ready for Qmail-Scanner
Install db3 from ports collection
cd /usr/ports/databases/db3
make && make installInstall tnef-1.1 from the ports collection.
cd /usr/ports/converters/tnef
make && make installInstall unzip from the ports collection.
cd /usr/ports/archivers/unzip
make && make install
Install maildrop from ports
cd /usr/ports/mail/maildrop
make && make install
Download Perl module Time::HiRes from
fetch http://www.cpan.org/authors/id/D/DE/DEWEG/Time-HiRes-01.20.tar.gz
tar xzvf Time-HiRes-01.20.tar.gz
cd Time-HiRes-01.20
perl Makefile.PL
make
make test
su -
cd /Time-HiRes-01.20
make install
Download Perl module DB_File from
fetch http://www.cpan.org/authors/id/P/PM/PMQS/DB_File-1.801.tar.gz
tar xzvf DB_File-1.801.tar.gz
cd DB_File-1.801
perl Makefile.PL
*use.perl system*
make
make test
cd /DB_File-1.801
make install
use.perl port
reboot server
add user and group qscand using /stand/sysinstall (ok whatever i don’t remember the command line, when you only build two servers a user the gui is nice!)
Download qmail-scanner-1.20
http://qmail-scanner.sourceforge.net/
put in /home/scs/downloads/qmail-scanner
gunzip - qmail-scanner.1.22.tgz
tar xvf qmail-scanner.1.22.tar
chown root /usr/bin/suidperl
chmod 4711 /usr/bin/suidperl
./configure -admin scs -domain lists.deviq.com -notify admin -local-domains lists.deviq.com -log-details yes,syslog -add-dscr-hdrs yes -scanners auto -debug no -unzip yes -install
ee /root/.bashrc
PS1=”[u@h:w]# “
ee /home/scs/.bashrc
PS1=”[u@h:w]# “
cd /usr/ports/net/cvsup-without-gui
make && make install
cp /usr/share/examples/cvsup/standard-supfile /etc/standard-supfile
cp /usr/share/examples/cvsup/ports-supfile /etc/ports-supfile
cd /etc/
cvsup -g -L 2 standard-supfile -h cvsup4.freebsd.org
cvsup -g -L 2 ports-supfile -h cvsup4.freebsd.org
cd /usr/ports/lang/perl5.8
make && make install
cd /usr/src
make buildworld
make buildkernel KERNCONF=GENERIC.KERNEL
make installkernel KERNCONF=GENERIC.KERNEL
reboot
make installworld
cd /usr/ports/ftp/proftpd
make && make install
or use the FTP in inetd…works well too
ee /etc/inetd.conf
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
#ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l
save changes
ps -ax | grep inetd
kill inetd process and restart it.
cd /usr/ports/www/apache13-modssl
make && make install
ftp – netqmail-1.05.tar.gz,daemontools-0.76.tar.gz,ucspi-tcp-0.88.tar.gz
At this time you probably want to become root, if you’re not already.
su
umask 022
mkdir -p /usr/local/src
mv netqmail-1.05.tar.gz ucspi-tcp-0.88.tar.gz /usr/local/src
mkdir -p /package
mv daemontools-0.76.tar.gz /package
chmod 1755 /package
Now you can unpack the packages.
cd /usr/local/src
gunzip netqmail-1.05.tar.gz
tar xpf netqmail-1.05.tar
cd netqmail-1.05
./collate.sh # watch for errors here
cd ..
gunzip ucspi-tcp-0.88.tar.gz
tar xpf ucspi-tcp-0.88.tar
rm *.tar # optional, unless space is very tight
cd /package
gunzip daemontools-0.76.tar.gz
tar xpf daemontools-0.76.tar
rm *.tar # optional, again
There should now be directories called /usr/local/src/netqmail-1.05, /usr/local/src/ucspi-tcp-0.88, and /package/admin/daemontools-0.76.
2.5.4. Create users and groups
The easiest way to create the necessary users and groups is to create a little script file to do it for you. In the source directory you’ll find a file called INSTALL.ids. It contains the command lines for many platforms, so copying the file to another name and editing that is quick and easy.
cd /usr/local/src/netqmail-1.05/netqmail-1.05
ee IDS, paste the following lines below
pw groupadd nofiles
pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent
pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent
pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent
pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent
pw groupadd qmail
pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent
pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent
pw useradd qmails -g qmail -d /var/qmail -s /nonexistent
Then to run it, either use chmod to make it executable or run it with sh:
First method:
chmod 700 IDS
./IDS
When the script finishes, all of your users and groups will be created and you can go on to the next section.
But what do you do if your system isn’t listed in INSTALL.ids? You’ll have to create them manually. Start by using your favorite editor and editing /etc/group. You need to add the following two lines to the end of the file:
qmail:*:2107:
nofiles:*:2108:
Next, using vipw (most systems have it, if not you’ll need to use your editor again but this time on /etc/passwd) add these lines to the end of the file:
alias:*:7790:2108::/var/qmail/alias:/bin/true
qmaild:*:7791:2108::/var/qmail:/bin/true
qmaill:*:7792:2108::/var/qmail:/bin/true
qmailp:*:7793:2108::/var/qmail:/bin/true
qmailq:*:7794:2107::/var/qmail:/bin/true
qmailr:*:7795:2107::/var/qmail:/bin/true
qmails:*:7796:2107::/var/qmail:/bin/true
2.5.5. Do the build
Now you can start building qmail. Change to the /usr/local/src/netqmail-1.05/netqmail-1.05 directory and let’s get started:
cd /usr/local/src/netqmail-1.05/netqmail-1.05
In the Verify Build Environment section, you located your C compiler. If it’s not called cc or the directory it resides in isn’t in your PATH environment variable, you’ll need to edit conf-cc and conf-ld. Say your compiler is gcc, and it’s in your PATH. Simply edit conf-cc and conf-ld and replace “cc” with “gcc”.
Now type the following:
make setup check
After the build is complete, you’ll need to do your post installation configuration. A couple of scripts are provided to make this job a lot easier.
If your DNS is configured properly, this script should be all you need at this point:
./config
If, for some reason, config can’t find your hostname in DNS, you’ll have to run the config-fast script:
./config-fast the.full.hostname
For example, if your domain is example.com and the hostname of your computer is dolphin, your config-fast line would look like this:
./config-fast dolphin.example.com
2.6. Install ucspi-tcp
Earlier, you unpacked the qmail, ucspi-tcp, and daemontools tarballs. Now change to the ucspi-tcp directory:
cd /usr/local/src/ucspi-tcp-0.88
patch < /usr/local/src/netqmail-1.05/other-patches/ucspi-tcp-0.88.errno.patch
make
make setup check
2.7. Install daemontools
Change to the daemontools build directory:
cd /admin/package/daemontools-0.76
cd src
patch < /usr/local/src/netqmail-1.05/other-patches/daemontools-0.76.errno.patch
cd ..
package/install
*************************
Supervise scripts creation
*************************
ee /var/qmail/rc
#!/bin/sh
# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by default
exec env – PATH=”/var/qmail/bin:$PATH”
qmail-start “`cat /var/qmail/control/defaultdelivery`”
*******************
chmod 755 /var/qmail/rc
mkdir /var/log/qmail
echo ./Maildir/ >/var/qmail/control/defaultdelivery
*******************
ee /var/qmail/bin/qmailctl
#!/bin/sh
# description: the qmail MTA
PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
case “$1” in
start)
echo “Starting qmail”
if svok /service/qmail-send ; then
svc -u /service/qmail-send /service/qmail-send/log
else
echo “qmail-send supervise not running”
fi
if svok /service/qmail-smtpd ; then
svc -u /service/qmail-smtpd /service/qmail-smtpd/log
else
echo “qmail-smtpd supervise not running”
fi
if [ -d /var/lock/subsys ]; then
touch /var/lock/subsys/qmail
fi
;;
stop)
echo “Stopping qmail…”
echo ” qmail-smtpd”
svc -d /service/qmail-smtpd /service/qmail-smtpd/log
echo ” qmail-send”
svc -d /service/qmail-send /service/qmail-send/log
if [ -f /var/lock/subsys/qmail ]; then
rm /var/lock/subsys/qmail
fi
;;
stat)
svstat /service/qmail-send
svstat /service/qmail-send/log
svstat /service/qmail-smtpd
svstat /service/qmail-smtpd/log
qmail-qstat
;;
doqueue|alrm|flush)
echo “Flushing timeout table and sending ALRM signal to qmail-send.”
/var/qmail/bin/qmail-tcpok
svc -a /service/qmail-send
;;
queue)
qmail-qstat
qmail-qread
;;
reload|hup)
echo “Sending HUP signal to qmail-send.”
svc -h /service/qmail-send
;;
pause)
echo “Pausing qmail-send”
svc -p /service/qmail-send
echo “Pausing qmail-smtpd”
svc -p /service/qmail-smtpd
;;
cont)
echo “Continuing qmail-send”
svc -c /service/qmail-send
echo “Continuing qmail-smtpd”
svc -c /service/qmail-smtpd
;;
restart)
echo “Restarting qmail:”
echo “* Stopping qmail-smtpd.”
svc -d /service/qmail-smtpd /service/qmail-smtpd/log
echo “* Sending qmail-send SIGTERM and restarting.”
svc -t /service/qmail-send /service/qmail-send/log
echo “* Restarting qmail-smtpd.”
svc -u /service/qmail-smtpd /service/qmail-smtpd/log
;;
cdb)
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
chmod 644 /etc/tcp.smtp.cdb
echo “Reloaded /etc/tcp.smtp.”
;;
help)
cat <<HELP
stop — stops mail service (smtp connections refused, nothing goes out)
start — starts mail service (smtp connection accepted, mail can go out)
pause — temporarily stops mail service (connections accepted, nothing leaves)
cont — continues paused mail service
stat — displays status of mail service
cdb — rebuild the tcpserver cdb file for smtp
restart — stops and restarts smtp, sends qmail-send a TERM & restarts it
doqueue — schedules queued messages for immediate delivery
reload — sends qmail-send HUP, rereading locals and virtualdomains
queue — shows status of queue
alrm — same as doqueue
flush — same as doqueue
hup — same as reload
HELP
;;
*)
echo “Usage: $0 {start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help}”
exit 1
;;
esac
exit 0
***************************
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
***************************
ee /var/qmail/supervise/qmail-smtpd/run
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z “$QMAILDUID” -o -z “$NOFILESGID” -o -z “$MAXSMTPD” -o -z “$LOCAL” ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo “No /var/qmail/control/rcpthosts!”
echo “Refusing to start SMTP listener because it’ll create an open relay”
exit 1
fi
exec /usr/local/bin/softlimit -m 2000000
/usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD”
-u “$QMAILDUID” -g “$NOFILESGID” 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
***************************
ee /var/qmail/supervise/qmail-smtpd/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd
***************************
ee /var/qmail/supervise/qmail-send/run
#!/bin/sh
exec /var/qmail/rc
***************************
ee /var/qmail/supervise/qmail-send/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail
***************************
echo ‘127.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
echo ‘192.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
qmailctl cdb
chmod 755 /var/qmail/rc
chmod 755 /var/qmail/bin/qmailctl
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
echo ./Maildir/ >/var/qmail/control/defaultdelivery
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
ln -s /var/qmail/bin/qmailctl /usr/bin
mkdir -p /var/log/qmail/smtpd
chown qmaill /var/log/qmail /var/log/qmail/smtpd
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
mv /usr/lib/sendmail /usr/lib/sendmail.old
mv /usr/sbin/sendmail /usr/sbin/sendmail.old
chmod 0 /usr/lib/sendmail.old /usr/sbin/sendmail.old
ln -s /var/qmail/bin/sendmail /usr/lib
ln -s /var/qmail/bin/sendmail /usr/sbin
echo scs > /var/qmail/alias/.qmail-root
echo scs > /var/qmail/alias/.qmail-postmaster
ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster
ee /home/scs/downloads/inst_check.sh
#!/bin/sh
# Dave Sill, 2022-11-10
# http://lifewithqmail.org/inst_check
# set to n if you’re not running a pop3 server, y if you are
CHECKPOP=n
QMHOME=/var/qmail
LBIN=/usr/local/bin
OK=1
if [ $# -eq 1 ]; then
if [ “$1” = “-v” ]; then
VERB=y
else
VERB=n
fi
fi
if [ ! -d $QMHOME ]; then
echo “! Couldn’t find qmail’s home directory, $QMHOME!”
else
if [ “$VERB” = y ]; then
echo “$QMHOME exists”
fi
for i in alias bin boot control doc man queue supervise users; do
if [ ! -d $QMHOME/$i ]; then
echo “! Couldn’t find $QMHOME/$i!”
OK=0
elif [ “$VERB” = y ]; then
echo “$QMHOME/$i exists”
fi
done
if [ ! -f $QMHOME/rc ]; then
echo “! $QMHOME/rc is missing”
OK=0
elif [ ! -x $QMHOME/rc ]; then
echo “! $QMHOME/rc is not executable”
echo “…try: chmod 755 $QMHOME/rc”
OK=0
elif [ `head -1 $QMHOME/rc|cat -vet` != ‘#!/bin/sh$’ ]; then
echo “! $QMHOME/rc has bad magic cookie”
echo “…try: dos2unix $QMHOME/rc”
OK=0
elif [ “$VERB” = y ]; then
echo “$QMHOME/rc is executable and has a valid magic cookie”
fi
fi
for i in alias qmaild qmaill qmailp qmailq qmailr qmails; do
grep “^$i:” /etc/passwd >/dev/null
if [ $? -ne 0 ]; then
echo “! Couldn’t find $i user in /etc/passwd”
OK=0
elif [ “$VERB” = y ]; then
echo “$i user exists”
fi
done
for i in qmail nofiles; do
grep “^$i:” /etc/group >/dev/null
if [ $? -ne 0 ]; then
echo “! Couldn’t find $i group in /etc/group”
OK=0
elif [ “$VERB” = y ]; then
echo “$i group exists”
fi
done
for i in tcprules tcpserver; do
if [ ! -x $LBIN/$i ]; then
echo “! Couldn’t find $LBIN/$i from ucspi-tcp”
OK=0
elif [ “$VERB” = y ]; then
echo “$i from ucspi-tcp is installed”
fi
done
for i in multilog softlimit setuidgid supervise svok svscan tai64nlocal; do
if [ ! -x $LBIN/$i ]; then
echo “! Couldn’t find $LBIN/$i from daemontools”
OK=0
elif [ “$VERB” = y ]; then
echo “$i from daemontools is installed”
fi
done
if [ ! -d /service ]; then
echo “! /service directory is missing”
OK=0
elif [ “$VERB” = y ]; then
echo “/service directory exists”
fi
if [ -f /etc/inittab ]; then
grep “^SV” /etc/inittab >/dev/null
if [ $? -ne 0 ]; then
echo “! Couldn’t find SV entry in inittab”
OK=0
elif [ “$VERB” = y ]; then
echo “svscan /service is configured to run via /etc/inittab”
fi
PS=”ps -ef”
else
grep “svscanboot” /etc/rc.local >/dev/null
if [ $? -ne 0 ]; then
echo “! Couldn’t find ‘csh -cf ‘/command/svscanboot &’ in /etc/rc.local”
OK=0
elif [ “$VERB” = y ]; then
echo “/command/svscanboot is configured to run via /etc/rc.local”
fi
PS=”ps -waux”
fi
SVRUN=`$PS | grep “svscan /service” | grep -v grep`
if [ -z “$SVRUN” ]; then
echo “‘! svscan /service’ doesn’t seem to be running”
OK=0
elif [ “$VERB” = y ]; then
echo “svscan /service is running”
fi
if [ ! -f $QMHOME/control/defaultdelivery ]; then
echo “! Couldn’t find $QMHOME/control/defaultdelivery”
OK=0
elif [ ! -s $QMHOME/control/defaultdelivery ]; then
echo “! $QMHOME/control/defaultdelivery is empty”
OK=0
elif [ “$VERB” = y ]; then
echo “$QMHOME/control/defaultdelivery looks OK”
fi
if [ ! -f $QMHOME/bin/qmailctl ]; then
echo “! $QMHOME/bin/qmailctl is missing”
OK=0
elif [ ! -s $QMHOME/bin/qmailctl ]; then
echo “! $QMHOME/bin/qmailctl is empty”
OK=0
elif [ `head -1 $QMHOME/bin/qmailctl|cat -vet` != ‘#!/bin/sh$’ ]; then
echo “! $QMHOME/bin/qmailctl has bad magic cookie”
echo “…try: dos2unix $QMHOME/bin/qmailctl”
OK=0
elif [ ! -x $QMHOME/bin/qmailctl ]; then
echo “! $QMHOME/bin/qmailctl is not executable”
echo “…try: chmod 755 $QMHOME/bin/qmailctl”
OK=0
elif [ “$VERB” = y ]; then
echo “$QMHOME/bin/qmailctl looks OK”
fi
if [ ! -L /usr/bin/qmailctl ]; then
echo “! /usr/bin/qmailctl is missing”
echo “…try: ln -s $QMHOME/bin/qmailctl /usr/bin”
OK=0
elif [ “$VERB” = y ]; then
echo “/usr/bin/qmailctl exists”
fi
SVCDIRS=”qmail-send qmail-send/log qmail-smtpd qmail-smtpd/log”
if [ “$CHECKPOP” = “y” ]; then
SVCDIRS=”$SVCDIRS qmail-pop3d qmail-pop3d/log”
fi
for i in $SVCDIRS; do
if [ ! -f $QMHOME/supervise/$i/run ]; then
echo “! $QMHOME/supervise/$i/run file is missing”
OK=0
elif [ `head -1 $QMHOME/supervise/$i/run|cat -vet` != ‘#!/bin/sh$’ ]; then
echo “! $QMHOME/supervise/$i/run has bad magic cookie”
echo “…try: dos2unix $QMHOME/supervise/$i/run”
OK=0
elif [ ! -x $QMHOME/supervise/$i/run ]; then
echo “! $QMHOME/supervise/$i/run file is not executable”
OK=0
elif [ “$VERB” = y ]; then
echo “$QMHOME/supervise/$i/run looks OK”
fi
done
if [ ! -f $QMHOME/control/concurrencyincoming ]; then
echo “! $QMHOME/control/concurrencyincoming is missing”
echo “…try: echo 20 >$QMHOME/control/concurrencyincoming”
OK=0
elif [ “$VERB” = y ]; then
echo “$QMHOME/control/concurrencyincoming looks OK”
fi
LOGDIRS=”/var/log/qmail /var/log/qmail/smtpd”
if [ “$CHECKPOP” = “y” ]; then
LOGDIRS=”$LOGDIRS /var/log/qmail/pop3d”
fi
for i in $LOGDIRS; do
if [ ! -d $i ]; then
echo “! $i is missing”
echo “…try: mkdir -p $i”
OK=0
elif [ “`ls -ld $i|awk ‘{print $3}’`” != “qmaill” ]; then
echo “! $i has wrong owner, should be qmaill”
echo “…try: chown qmaill $i”
OK=0
elif [ “`ls -ld $i|awk ‘{print $1}’`” != “drwxr-xr-x” ]; then
echo “! $i has wrong mode, should be 755”
echo “…try: chmod 755 $i”
OK=0
elif [ “$VERB” = y ]; then
echo “$i looks OK”
fi
done
SVCLINKS=”/service/qmail-send /service/qmail-smtpd”
if [ “$CHECKPOP” = “y” ]; then
SVCLINKS=”$SVCLINKS /service/qmail-pop3d”
fi
for i in $SVCLINKS; do
if [ ! -L $i ]; then
echo “! $i is missing”
echo “…try: ln -s $QMHOME$i $i”
OK=0
elif [ “$VERB” = y ]; then
echo “$i exists”
fi
done
if [ ! -f /etc/tcp.smtp ]; then
echo “! /etc/tcp.smtp is missing”
echo “…try: echo ‘127.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp”
OK=0
elif [ “$VERB” = y ]; then
echo “/etc/tcp.smtp exists”
fi
if [ ! -f /etc/tcp.smtp.cdb ]; then
echo “! /etc/tcp.smtp.cdb is missing”
echo “…try: $QMHOME/bin/qmailctl cdb”
OK=0
elif [ “$VERB” = y ]; then
echo “/etc/tcp.smtp.cdb exists”
fi
AHOME=`grep “^alias:” /etc/passwd | awk -F: ‘{print $6}’`
if [ -z “$AHOME” ]; then
echo “! Couldn’t find user alias’s home directory”
OK=0
else
for i in root postmaster mailer-daemon; do
if [ ! -f $AHOME/.qmail-$i ]; then
echo “! Alias for $i is missing”
echo “…try: echo me >$AHOME/.qmail-$i”
OK=0
elif [ “$VERB” = y ]; then
echo “$i alias exists”
fi
done
fi
if netstat -a | grep smtp | grep -i listen >/dev/null; then
if $PS | grep sendmail | grep -v grep >/dev/null; then
echo “! Sendmail is still running”
echo “…try: $RCDIR/init.d/sendmail stop”
OK=0
elif $LBIN/svok /service/qmail-smtpd; then
if [ “$VERB” = y ]; then
echo “/service/qmail-smtpd is running”
fi
else
echo “! Something is listening on port 25 (not tcpserver/qmail-smtpd)”
echo “…try: disabling current MTA”
OK=0
fi
fi
if [ “$CHECKPOP” = “y” ]; then
if netstat -a | grep pop | grep -i listen >/dev/null; then
if $LBIN/svok /service/qmail-pop3d; then
if [ “$VERB” = y ]; then
echo “/service/qmail-pop3d is running”
fi
else
echo “! Something is listening on port 110 (not tcpserver/qmail-pop3d)”
echo “…try: disabling other POP server”
OK=0
fi
fi
fi
for i in /usr/lib/sendmail /usr/sbin/sendmail; do
if [ -f $i -a ! -L $i ]; then
echo “! $i is a file, should be a link”
echo “…try: uninstalling current MTA or: mv $i $i.old; ln -s $QMHOME/bin/sendmail $i”
OK=0
elif [ ! -f $i ];then
echo “! $i is missing”
echo “…try: ln -s $QMHOME/bin/sendmail $i”
OK=0
elif [ “$VERB” = y ]; then
echo “$i exists”
fi
done
if [ $OK -eq 1 ]; then
echo “Congratulations, your LWQ installation looks good!”
elif [ “$VERB” = y ]; then
echo “! Potential problems were found with your LWQ installation”
fi
chmod 777 inst_check.sh
sh inst_check.sh
***************************
***********
/usr/ports/mail/p5-Mail-SpamAssassin]#
echo ‘|preline /usr/local/mailman/mail/wrapper post pop-fans3’ > ~alias/.qmail-pop-fans3
echo ‘|preline /usr/local/mailman/mail/wrapper mailowner pop-fans3’ > ~alias/.qmail-pop-fans3-admin
echo ‘|preline /usr/local/mailman/mail/wrapper mailcmd pop-fans3’ > ~alias/.qmail-pop-fans3-request
echo ‘&pop-fans3-admin’ > ~alias/.qmail-pop-fans3-owner
echo ‘&pop-fans3-admin’ > ~alias/.qmail-owner-pop-fans3
chmod 644 ~alias/.qmail-pop-fans3
chmod 644 ~alias/.qmail-pop-fans3-admin
chmod 644 ~alias/.qmail-pop-fans3-request
chmod 644 ~alias/.qmail-pop-fans3-owner
chmod 644 ~alias/.qmail-owner-pop-fans3
***************************
Install Spamassassin
cd /usr/ports/mail/p5-Mail-SpamAssassin
make && make install
Add #spamd_enable=”YES” to the /etc/rc.conf
reboot before installing qmail-scanner
Install Perl 5.8
/usr/ports/lang/perl5.8
make && make install
Install ClamAV
if you get an error about not right version of perl type
use.perl port
cd /usr/ports/mail/p5-Mail-ClamAV
make && make install
add this clamav_clamd_enable=”YES” to /etc/rc.conf
Getting ready for Qmail-Scanner
Install db3 from ports collection
cd /usr/ports/databases/db3
make && make install
Install tnef-1.1 from the ports collection.
cd /usr/ports/converters/tnef
make && make install
Install unzip from the ports collection.
cd /usr/ports/archivers/unzip
make && make install
Install maildrop from ports
cd /usr/ports/mail/maildrop
make && make install
Download Perl module Time::HiRes from
fetch http://www.cpan.org/authors/id/D/DE/DEWEG/Time-HiRes-01.20.tar.gz
tar xzvf Time-HiRes-01.20.tar.gz
cd Time-HiRes-01.20
perl Makefile.PL
make
make test
su –
cd /Time-HiRes-01.20
make install
Download Perl module DB_File from
fetch http://www.cpan.org/authors/id/P/PM/PMQS/DB_File-1.801.tar.gz
tar xzvf DB_File-1.801.tar.gz
cd DB_File-1.801
perl Makefile.PL
*use.perl system* maybe
make
make test
cd /DB_File-1.801
make install
Download qmail-scanner-1.20
http://qmail-scanner.sourceforge.net/
put in /home/scs/downloads/qmail-scanner
gunzip – qmail-scanner.1.22.tgz
tar xvf qmail-scanner.1.22.tar
chown root /usr/bin/suidperl
chmod 4711 /usr/bin/suidperl
./configure -admin scs -domain lists.deviq.com -notify admin -local-domains lists.deviq.com -log-details yes,syslog -add-dscr-hdrs yes -scanners auto -debug no -unzip yes -install
Misc Notes.
To bring up the text based installer
Type SysInstall
I’m posting this as a reference to get nessus 2.2.10 installed.
pre-req’s are
openssl
bison
ftp.gtk.com glib-1.2.8.tar.gz
ftp.gtk.com gtk+-1.2.9.tar.gz
then download nessus from http://www.nessus.org run
sh nessus-installer.sh takes about 30 minutes on 450 mhz.
Congratulations ! Nessus is now installed on this host
. Create a nessusd certificate using /usr/local/sbin/nessus-mkcert
. Add a nessusd user use /usr/local/sbin/nessus-adduser
. Start the Nessus daemon (nessusd) use /usr/local/sbin/nessusd -D
. Start the Nessus client (nessus) use /usr/local/bin/nessus
. To uninstall Nessus, use /usr/local/sbin/uninstall-nessus
. A step by step demo of Nessus is available at :
http://www.nessus.org/demo/
I was troubleshooting an issue sql related and ran across a good reference article.
http://www.microsoft.com/technet/prodtechnol/sql/2005/tsprfprb.mspx
I was surfing around www.iis.net and an AD popped up I couldn’t resist! Try IIS7 for free.
Kick the tires.
Cheers,
Steve