Qmail smtp authentication & VirusScan
M.Pendev, May 2003

 

This doc is trying to explain how to use 'smtp auth' to stop email relay using qmail with the help of available patch for smtp authentication.
I am not the author of this patch! The author's web site is www.nimh.org. I like this patch because it is C code not Perl. It is fast and uses less resurces - you do not need to start the whole Perl interpretator for every single outgoing email!

To get the authentication working - download qmail-smtpd.c file and replace the original one. After that follow these steps:

Please note: I am not responsible for any problems or losses because of this doc. Use it on your own risk. If you do not know what you're doing - 'Burger King' is hiring...

1. Compile and install qmail as usual (for your OS).
2. Download and install D. J. B's checkpassword. Set the UID bit.
3. Depends on how your are starting the qmail-smtpd daemon - by inetd or tcpsserver:

inetd:
This is not the recommended way. Consider using tcpserver instead.
Update the line (one row) for smtp into inetd.conf - for FreeBSD it is /etc/inetd.conf - like this:

smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qmail-smtpd /usr/local/bin/checkpassword /usr/bin/true

Note: The above works on FreeBSD, for Linux you need to put the correct paths to 'true' - usually /bin/true and checkpassword.

Give a HUP to inetd if it's already running...

tcpserver:
Install the tcpserver package. Make sure the following line is in a shell script in your system's startup folder, for FreeBSD this would be /usr/local/etc/rc.d/

# Start tcpserver instead of Inetd
/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -c 8000 -u82 -g81 0 smtp /var/qmail/bin/qmail-smtpd /usr/local/bin/checkpassword /usr/bin/true &

Where: -u82 is qmaild user id, -g81 qmail group id
Note: The above works on FreeBSD, for Linux you need to put the correct paths to 'true' - usually /bin/true and checkpassword.

Exaple for a shell script would be:

#!/bin/sh
#
# This script will not kill the tcpserver process !!!

case "$1" in

start)

# Start tcpserver instead of Inetd
/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -c 8000 -u82 -g81 0 smtp /var/qmail/bin/qmail-smtpd /usr/local/bin/checkpassword /usr/bin/true &

echo " qmail-smtpd "
;;

stop)
# kill command here

;;
*)

echo ""
echo "usage: qmail-smtpd.sh {start|stop}" >&2
echo ""
;;
esac
# end of the example

 

Qmail and VirusScan
(not ready yet... coming soon)

25 May, 2003

Miroslav Pendev <miro@cybershade.us> WWW: http://www.cybershade.us May, 2003