Qmailtoaster (www.qmailtoaster.com) is a project that aims to make the installation of Qmail onto RPM based systems a snap. All of the packages are distributed in source RPMs so building the packages for your particular distro and architecture is as easy as running a script or a simple command for each package. The RPMs have all of the needed and commonly asked for patches included so you can have a mail server up and running in about an hour. When it's all complete, you'll have a full Qmail mail server installation ready for just about anything. I personally run Qmailtoaster servers for other companies and ISPs who have tens of thousands of users on their systems.
The Qmailtoaster project has been around for over 6 years and has it's own wiki for user contributed information and tips, a mailing list where users and other admins can offer support or suggestions on how to fix just about any issue you may run across. They even now have a "Video Magazine" that is a weekly video produced to show you how to install, configure, tune, and troubleshoot your Qmailtoaster system. An ISO is available that will install CentOS and Qmailtoaster for you as well. On a VMWare system a typical install (for me and my hardware) takes about 8 minutes with the ISO. Did we forget to mention that they have VMWare images available for download as well?
Here is a list of the features included with the Qmailtoaster package:
* Source RPM packages easily rebuilt for multiple distributions
* SMTP with SMTP-AUTH, TLS, REMOTE-AUTH
* DomainKeys, SPF "Sender Policy Framework" and SRS "Sender Rewriting Scheme"
* Integrated SpamAssassin, ClamAV and Simscan
* Warlord virus and worm loader realtime MIME signature scanning
* CHKUSER 2.0 functions for qmail-smtpd
* Qmail-Tap provides email archive capability
* Virtual Domains and Virtual Users using MySQL
* Autoresponder for vacation/away from office messages
* Integrated Mailing List (ezmlm)
* Web-based email system using Squirrelmail
* Web-based administration tools
* POP3, POP3-SSL, IMAP and IMAP-SSL
* Submission port (587) allows roaming users to skip RBL checks and port 25 blocks
* eMPF patch for advanced policy control over email
Qmail is a small, fast, stable, and secure mail server suite written by D.J. Bernstein. Bernstein has offered a reward for years for anyone who found a security hole in the code. That reward has never been claimed that I know of. It is used by both small and large providers for as few as a couple users to clusters with over a million users.
Qmailtoaster has support to build for RHEL/CentOS (3.x, 4.x, 5.x including x86_64 architectures), Fedora (Cores 1-6 with x86_64 support for FC6), Fedora 9 and 10 (also with x86_64 support), Suse 10.0, 10.1 (including x86_64 support for both), Suse 11.1, Mandriva 10.2, 10.3 (including x86_64 support) with more architectures coming all the time.
For this how-to we will be installing Qmailtoaster for CentOS 5.3, but installing for other distros/arches is as easy as changing the build flags.
This article is presented with no warranties of any kind. This is only one of many ways of installing Qmailtoaster or Qmail in general. This is what works for me.
1) Initial system configuration
For the purposes of this article we're going to assume that you have a base install of CentOS 5.3 and have performed all of the updates. One of the first things you need to make sure that is set correctly is your hostname:
hostname --fqdn
It should show your fully qualified domain name (mail.example.com). This fully qualified domain name should be set up in DNS with an A record, and it probably should resolve to your rDNS (reverse DNS) name as well. We won't cover these topics in this article as you should already know what these are.
If your hostname does not match what you want go ahead and fix this now and do a reboot to make sure everything is correct in the system, then check it again. While the system will work without this set correctly, you'll find that a lot of your outbound emails will be denied or put into people's spam folders.
Click here to find out more!
We also need to make sure SELinux is turned off. It unfortunately causes some issues with ClamAV, and since we do want to scan our incoming emails for viruses we want this to work. You can check to see if SELinux is running by the command:
getenforce
If the command returns "Disabled" then you're ready to continue. Otherwise, edit the config file for SELinux:
vi /etc/selinux/config
And change the line that says
SELINUX=enforcing
To:
SELINUX=disabled
You'll probably want to do a reboot to clean everything up at this point. On to the next step.
2) Fill some dependencies and get some scripts
There are some dependencies that must be initially filled for us to be able to build the packages for our system. Luckily the Qmailtoaster team has set up a repository of handy scripts to handle most of these functions for you. We're going to use some of the scripts to make our installation easier/faster.
The first script we want to grab is going to be the script that fills the dependencies. We're going to create a directory to house all of our downloads (scripts and packages) and run the dependency script:
mkdir QMT
cd QMT
wget http://www.qmailtoaster.com/distro/centos/cnt50/cnt50-deps.sh
sh cnt50-deps.sh
Now this may run for a minute or two depending on what packages you already had installed. Once it's complete, we need to fill some perl dependencies for Spamassassin:
wget http://www.qmailtoaster.com/distro/centos/cnt50/cnt50-perl.sh
sh cnt50-perl.sh
This one may require some answers from you as it runs, but using the defaults should be fine. Once the perl dependencies are fulfilled, we grab the next couple scripts and edit them as needed:
wget http://www.qmailtoaster.com/distro/centos/cnt50/cnt50-svcs.sh
wget http://www.qmailtoaster.com/distro/centos/cnt50/firewall.sh
Make sure to edit both of these scripts to suit your needs. The firewall script is probably okay as it is, but you'll want to definitely edit the cnt50-svcs.sh script as this script will set your MySQL root password for you (assuming it's not already set). If you already have a MySQL root password, comment out the section that sets the password for you and continue.
The script will turn some services on and off for you, as well as set up the database needed for Vpopmail. Let's go ahead and run the script (note: the cnt50-svcs.sh script will automatically run the firewall.sh script, so if you do not need the firewall set up for you comment out that command in the script):
sh cnt50-svcs.sh
3) Install a caching DNS server
To cut down on network traffic and make our system run a little faster, it's a good idea to install a caching name server. The Qmailtoaster project does supply a djbdns package that you can use, but for this article we'll use Bind's caching DNS server:
yum -y install caching-nameserver
Let's start the caching nameserver:
service named start
And lastly we make sure that it starts at boot time:
chkconfig named on
You can check to make sure it's running by using the service command:
service named status
4) Download the Qmailtoaster packages
The Qmailtoaster team had written a handy script that will download all of the updated packages for you. You're welcome to click each link under the "Stable Packages" tab and download them individually or copy-n-paste the links for wget, but we'll use the script in this article:
wget http://www.qmailtoaster.com/distro/centos/cnt50/current-download-script.sh
And of course run the script:
sh current-download-script.sh
This will take a few minutes as some of the packages are sizable (~34M for ClamAV). Once the script is done downloading the packages, we're in the home stretch.
5) Install Qmailtoaster
Now is when the real fun begins: let's install our system!
The Qmailtoaster team has written handy install scripts to help you get everything installed as well. If you want to manually install the packages yourself, you would use a command similar to this (we're using the CentOS 5, 32 bit flags for this example):
rpmbuild --rebuild --with cnt50 daemontools-toaster-*
rpm -Uvh /usr/src/redhat/RPMS/i386/daemontools-toaster-*
For other distros/arches, you would different build flags. --with fedora_9 for (you guess it!) Fedora 9, --with cnt5064 for CentOS 5 x86_64, etc. More information is available on the website: www.qmailtoaster.com
Since we're taking the fast lane for this article, we'll use the Qmailtoaster team's install script. Let's go ahead and download that and run it:
wget http://www.qmailtoaster.com/distro/centos/cnt50/cnt50-install-script.sh
sh cnt50-install-script.sh
The script will run through building each package for you, and installing it. At the end of each build/install process it will pause and ask you if you want to continue. This is so that if you do happen to run into an issue, you'll see it and it won't just scroll on by your screen.
Once the script is all done, I recommend a reboot. Congratulations! You should have a fully installed Qmailtoaster system with spam and virus scanning and a whole bag full of advanced features that used to take all day to patch and compile. That was easy!
6) Final Steps
For the final steps in your system, let's make sure that the Qmailtoaster server is up and running:
qmailctl stat
This will show you the Qmailtoaster components, their status, and how long they have been running.
Let's add our first domain:
/home/vpopmail/bin/vadddomain example.com password
There are some web-based tools to administer your system as well. Check out the website for more details on those.
To add users, let's use the Qmailadmin web based package. Simply go to the web page at http://your-server/qmailadmin and login with the username (assuming you created example.com above) postmaster@example.com and the password you defined above. You can now create, modify, and delete email addresses as you see fit. You'll also have access to ezmlm where you can create mailing lists for your domain as well.
There's a lot packed into this installation, so I suggest that you run over to the main site and read the documentation there and also check out the wiki (wiki.qmailtoaster.com). Almost every question you may have is answered in those two places.
If you're still having problems, join their mailing list. There are some really knowledgeable people in there (including the developers) who will answer your questions for you. Commercial support is also available and sources are listed in the wiki.
Enjoy your new email server!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment