The DynDN.eS Blog

About DynDN.eS, eQmail, Gentoo & some other network stuff

User Tools

Site Tools


eQmail 1.09 - configure the new features

eQmail 1.09 introduces some “new” functionalities. This article describes how to use them. Version 1.09 is another step of preventing users to patch (net)qmail by themselves.

Installation

The installation routine conforms with the traditional one by doing  make  and  make setup [check]  . To create the necessary configuration files run  ./config  . If you do an upgrade make a backup of your control directory before, because some configuration files will be overwritten (this will be changed/improved in the next major release).

Important: The default delimiter for address extension is now “+” (plus sign). Edit  conf-break  to change this - this will may be important if you upgrading from a prior version of eQmail or (net)qmail. An upgrade can be done over a (net)qmail installation in general too - nevertheless depending on the applied patches of a former installation some functionality will be lost or needs to be configured different.

I assume that eQmail will be run under daemontools in the examples below.

IPv6

The IPv6 functionality will be enabled/disabled at compilation time. As IPv6 is enabled by default, edit  conf-cc  to change this:

cc -O2 -DINET6 -DTLS=20151215 -I/usr/local/openssl/include

Remove  -DINET6  from the line above to disable it.

TLS required

To allow authentication over a secured connection only you can enable that TLS is required before. To enable this (default: off) set an environment variable in your run file:

export TLSREQUIRED=1
exec tcpserver ....

By using AUTH CRAM-MD5, TLS can be bypassed.

This feature requires that TLS is enabled (default). To disable TLS remove  -DTLS=20151215 -I/usr/local/openssl/include  from  conf-cc  like do it with IPv6.

Submission port

Connections on the submission port (default: 587) usually requires authentication always. Create a second instance of  qmail-smtpd  with the submission port number. Give it a different name, e.g.  qmail-submission  . To change the port number set an environment variable in the run file of the second instance:

export TLSREQUIRED=1
SUBMISSIONPORT=10025
exec tcpcerver ...

It is recommended to set TLS required on the submission port instance.

Execute before qmail-remote

This allows to manipulate outgoing mails, e.g. to do DKIM signing. Edit the file  control/beforemote  to call programs before  qmail-remote  . This feature is kind of fault tolerant - means that  qmail-remote  will be executed if something goes wrong. A more complete documentation can be found here.

See also:

Comments