Thursday, December 7, 2017

IndiMail Queue Mechanism

Indimail has the ability of configuring multiple local and remote queues. A queue is a location on your hard disk where email are deposited before actual delivery. When you have massive injecting rates, your software may place multiple files in a single directory. This drastically reduces file system performance. IndiMail avoids this by injecting your email in a queue consisting of multiple directories and mails distributed as evenly as possible across these directories.


Balancing of emails across multiple queues is achieved by the program qmail-multi(8), which is actuall just a qmail-queue(8) replacement. Any qmail-queue frontend can use qmail-multi. The list of qmail-queue frontends in IndiMail are
  1. sendmail
  2. qmail-inject
  3. qmail-smtpd
  4. qmail-qmqpd
  5. qmail-qmtpd
  6. qreceipt
  7. condredirect
  8. dotforward
  9. fastforward
  10. forward
  11. maildirserial
  12. new-inject
  13. ofmipd
  14. replier
  15. rrforward



You just need to configure the following environment variables to have the qmail-queue(8) frontends using qmail-multi(8)
1. QUEUE_BASE – Base directory where all queues will be placed
2. QUEUE_COUNT – number of queues
3. QUEUE_START – numeric prefix of the first queue
e.g. If you want IndiMail to use 10 queues, this is what you will do

% su
# for i in qmail-smtpd.25 qmail-smtpd.465 qmail-smtpd.587 qmail-send.25 \
> qmail-qmqpd.628 qmail-qmtpd.209
> do
> echo 10 > /service/$i/variables/QUEUE_COUNT
> echo “/var/indimail/queue” > /service/$i/variables/QUEUE_BASE
> echo “1” > /service/$i/variables/QUEUE_START
> done
#

You also need to make sure that you have ten queues in /var/indimail/queue.

% su
# for i 1 2 3 4 5 6 7 8 9 10
> do
> /usr/bin/queue-fix /var/indimail/queue/queue”$i” > /dev/null
> done
# exit
% ls -ld var/indimail/queue/queue*
drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue1
drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue10
drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue2
drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue3
drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue4
drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue5
drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue6
drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue7
drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue8
drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue9

Now all you need is restart of all services to use the new QUEUE_BASE, QUEUE_COUNT, QUEUE_START environment variables

% sudo svc -d /service/qmail smtpd* /service/qmail-send.25 /service/qmail-qm?pd.*
% sudo svc -u /service/qmail smtpd* /service/qmail send.25 /service/qmail-qm?pd.*

Monday, December 4, 2017

RoundCube with IndiMail


These instructions will work on CentOS, RHEL, Fedora. For Debian/Ubuntu and other distros, please use your knowledge to make changes accordingly. In this guide, replace indimail.org with your own hostname.

Non SSL Version Install/Configuration

(look below for SSL config)
  1. Install RoundCube. On older systems, use the yum command
$ sudo dnf -y install roundcubemail php-mysqlnd



  1. Connect to MySQL using a privileged user. IndiMail installation creates a privileged mysql user 'mysql'. It does not have the user 'root'. Look at the variable PRIV_PASS in /usr/sbin/svctool to know the password.
$ /usr/bin/mysql -u mysql -p mysql
MySQL> create database RoundCube_db;
MySQL> create user roundcube identified by 'subscribed';
MySQL> GRANT ALL PRIVILEGES on RoundCube_db.* to roundcube;
MySQL> FLUSH PRIVILEGES;
MySQL> QUIT;
$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/SQL/mysql.initial.sql



  1. Copy /etc/roundcube/config.inc.php.sample to /etc/roundcube.inc.php
$ sudo cp /etc/roundcube/config.inc.php.sample /etc/roundcubemail/config.inc.php



Edit the lines in /etc/roundcube/config.inc.php
$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';
$config['smtp_server'] = 'localhost';
$config['smtp_port'] = 587;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['support_url'] = 'http://indimail.sourceforge.net';
$config['product_name'] = 'IndiMail Webmail';
$config['plugins'] = array(
'archive',
'sauserprefs',
'markasjunk2',
'iwebadmin',
);
NOTE: the iwebadmin plugin will not work for postmaster account or IndiMail users having QA_ADMIN privileges. man vmoduser(1)
This file should have read permission for apache group
$ sudo chown root:apache /etc/roundcube/config.inc.php
$ sudo chmod 640 /etc/roundcube/config.inc.php



For markasjunk2 to work you need to set permission for apache to write /etc/indimail/spamignore
$ sudo chown apache:indimail /etc/indimail/spamignore
$ sudo chmod 644 /etc/indimail/spamignore


  1. Edit the lines in /etc/roundcube/defaults.inc.php
$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['imap_auth_type'] = 'LOGIN';
$config['smtp_auth_type'] = 'LOGIN';
This file should have read permission for apache group
$ sudo chown root:apache /etc/roundcube/defaults.inc.php
$ sudo chmod 640 /etc/roundcube/defaults.inc.php



  1. Change iwebadmin path in /usr/share/roundcubemail/iwebadmin/config.inc.php
$rcmail_config['iwebadmin_path'] = 'http://127.0.0.1/cgi-bin/iwebadmin';



  1. Change sauserprefs_db_dsnw in /usr/share/roundcubemail/sauserprefs/config.inc.php
$rcmail_config['sauserprefs_db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';



  1. Restore indimail plugins for roundcube

$ sudo yum install ircube


or
$ cd /tmp
$ wget http://downloads.sourceforge.net/indimail/indimail-roundcube-1.0.tar.gz # This file
$ cd /
$ sudo tar xvfz /tmp/indimail-roundcube-1.0.tar.gz usr/share/roundcubemail/plugins
$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/sauserprefs/sauserprefs.sql



  1. change pdo_mysql.default_socket /etc/php.ini
For some reason pdo_mysql uses wrong mysql socket on some systems. Uses /var/lib/mysql/mysql.sock instead of /var/run/mysqld/mysqld.sock. You need to edit the file /etc/php.ini and define pdo_mysql.default_socket
pdo_mysql.default_socket= /var/run/mysqld/mysqld.sock


You can verify if the path has been correctly entered by executing the below command. The command should return without any error
$ php -r "new PDO('mysql:host=localhost;dbname=RoundCube_db', 'roundcube', 'subscribed');"



  1. HTTPD config
    1. Edit file /etc/httpd/conf.d/roundcubemail.conf and edit the following lines
#
# Round Cube Webmail is a browser-based multilingual IMAP client
#Alias /indimail /usr/share/roundcubemail
# Define who can access the Webmail
# You can enlarge permissions once configured
# Apache 2.4
Require ip 127.0.0.1
Require all granted
Require local
# Apache 2.2
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1


This file should be owned by root
$ sudo chown root:root /etc/httpd/conf.d/roundcubemail.conf
$ sudo chmod 644 /etc/httpd/conf.d/roundcubemail.conf


    1. Restart httpd

$ sudo service httpd restart



  1. Login to webmail at http://localhost/indimail

SSL / TLS Version




  1. Install RoundCube. On older systems, use the yum command
$ sudo dnf -y install roundcubemail php-mysqlnd



  1. Connect to MySQL using a privileged user. IndiMail installation creates a privileged mysql user 'mysql'. It does not have the user 'root'. Look at the variable PRIV_PASS in /usr/sbin/svctool to know the password.
$ /usr/bin/mysql -u mysql -p mysql
MySQL> create database RoundCube_db;
MySQL> create user roundcube identified by 'subscribed';
MySQL> GRANT ALL PRIVILEGES on RoundCube_db.* to roundcube;
MySQL> FLUSH PRIVILEGES;
MySQL> QUIT;
$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/SQL/mysql.initial.sql



  1. Copy /etc/roundcube/config.inc.php.sample to /etc/roundcube.inc.php

$ sudo cp /etc/roundcube/config.inc.php.sample /etc/roundcubemail/config.inc.php


Edit the lines in /etc/roundcube/config.inc.php
$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';
$config['default_host'] = 'ssl://indimail.org';
$config['smtp_server'] = 'localhost';
$config['smtp_port'] = 587;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['support_url'] = 'http://indimail.sourceforge.net';
$config['product_name'] = 'IndiMail Webmail';
$config['plugins'] = array(
'archive',
'sauserprefs',
'markasjunk2',
'iwebadmin',
);
NOTE: the iwebadmin plugin will not work for postmaster account or IndiMail users having QA_ADMIN privileges. man vmoduser(1)
This file should have read permissions for apache group
$ sudo chown root:apache /etc/roundcube/config.inc.php
$ sudo chmod 640 /etc/roundcube/config.inc.php



  1. Edit the lines in /etc/roundcube/defaults.inc.php i.e.
$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';
$config['default_host'] = 'ssl://indimail.org';
$config['default_port'] = 993;
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
$config['imap_auth_type'] = 'LOGIN';
$config['smtp_auth_type'] = 'LOGIN';
$config['force_https'] = true;
$config['product_name'] = 'IndiMail Webmail';
$config['useragent'] = 'IndiMail Webmail/'.RCMAIL_VERSION;


This file should have read permission for apache group$config['force_https'] = true;
$ sudo chown root:apache /etc/roundcube/defaults.inc.php
$ sudo chmod 640 /etc/roundcube/defaults.inc.php


  1. Change iwebadmin path in /usr/share/roundcubemail/iwebadmin/config.inc.php
$rcmail_config['iwebadmin_path'] = 'https://127.0.0.1/cgi-bin/iwebadmin';
  1. Change sauserprefs_db_dsnw in /usr/share/roundcubemail/sauserprefs/config.inc.php
$rcmail_config['sauserprefs_db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';
  1. Restore indimail plugins for roundcube
$ cd /tmp
$ wget http://downloads.sourceforge.net/indimail/indimail-roundcube-ssl-1.0.tar.gz # This file
$ cd /
$ sudo tar xvfz /tmp/indimail-roundcube-ssl-1.0.tar.gz usr/share/roundcubemail/plugins
$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/sauserprefs/sauserprefs.sql



  1. Change pdo_mysql.default_socket /etc/php.ini
For some reason pdo_mysql uses wrong mysql socket on some systems. Uses /var/lib/mysql/mysql.sock instead of /var/run/mysqld/mysqld.sock. You need to edit the file /etc/php.ini and define pdo_mysql.default_socket
pdo_mysql.default_socket= /var/run/mysqld/mysqld.sock



You can verifiy if the path has been correctly entered by executing the below command. The command should return without any error
php -r "new PDO('mysql:host=localhost;dbname=RoundCube_db', 'roundcube', 'subscribed');"



  1. HTTPD config
    1. Edit file /etc/httpd/conf.d/roundcubemail.conf and edit the following lines
#
# Round Cube Webmail is a browser-based multilingual IMAP client
#Alias /indimail /usr/share/roundcubemail
# Define who can access the Webmail
# You can enlarge permissions once configured
# Apache 2.4
Require ip 127.0.0.1
Require all granted
Require local
# Apache 2.2
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1


This file should be owned by root
$ sudo chown root:root /etc/httpd/conf.d/roundcubemail.conf
$ sudo chmod 644 /etc/httpd/conf.d/roundcubemail.conf


    1. This is assuming you have already generated indimail cert after indimail installation. If not execute the following command. We will assume that your host is indimail.org
$ sudo /usr/sbin/svctool --postmaster=postmaster@indimail.org –config=cert"
--common_name=indimail.org
Edit the file /etc/httpd/conf.d/ssl.conf i.e.
ServerName indimail.org:443
SSLCertificateFile /etc/indimail/certs/servercert.pem


Now apache server needs access to servercert.pem. Add apache user to the qmail group. You can chose either of the below two options (Options 2 is less secure, as it gives httpd access to qmail files).
Option 1
$ sudo chown indimail:apache /etc/indimail/certs/servercert.pem
$ sudo chmod 640 /etc/indimail/certs/servercert.pem


Option 2
$ sudo usermod -aG qmail apache


Now you should see apache getting qmail group access
$ grep "qmail:x:" /etc/group
qmail:x:1002:qscand,apache


    1. Edit file /etc/php.ini. For some funny reason, the cert needs to be mentioned. i.e.
openssl.cafile=/etc/indimail/certs/servercert.pem
openssl.capath=/etc/pki/tls/certs
        Run the following command to get the cert locations. [ini_cafile] should point to servercert.pem location.
$ php -r "print_r(openssl_get_cert_locations());"
Array
(
[default_cert_file] => /etc/pki/tls/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => /etc/pki/tls/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => /etc/pki/tls/private
[default_default_cert_area] => /etc/pki/tls
[ini_cafile] => /etc/indimail/certs/servercert.pem
[ini_capath] => /etc/pki/tls/certs
)


    1. Follow instructions to setup https
https://wiki.centos.org/HowTos/Https


    1. Restart httpd

$ sudo service httpd restart


    1. It appears that in PHP 5.6.0, functions are now validating SSL certificates(in a variety of ways). First, it appears to fail for untrusted certificates (i.e. no matching CA trusted locally), and secondly, it appears to fail for mismatched hostnames in the request and certificate. Verify that php is using the correct certificate with proper CN. Use the program testssl.php download from the location you downloaded this README/INSTALL file. In Step 9ii you created a certificate with common_name as indimail.org. Use the same host that you gave when creating the certificate.

$ php ./testssl.php indimail.org
Success



  1. Login to webmail
    1. edit /etc/hosts and edit the line for localhost i.e.
127.0.0.1 localhost indimail.org
    1. Restart httpd
$ sudo service httpd restart
    1. Login to webmail at https://indimail.org/indimail
      NOTE: Replace indimail.org with domain that you have configured

Tuesday, April 26, 2016

Using Docker Engine to Run IndiMail / IndiMail-MTA

IndiMail now has docker images. You can read about installing Docker here. Once you have installed docker-engine, you need to start it. Typically it would be
$ sudo service docker start

To avoid having to use sudo when you use the docker command, create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group.
Warning: The docker group is equivalent to the root user; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.
$ sudo groupadd docker 
$ sudo usermod -aG docker your_username

Log out and login again to ensure your user is running with the correct permissions. You can run the unix id command to confirm that you have the docker group privileges. e.g.
$ id -a
uid=1000(mbhangui) gid=1000(mbhangui) groups=1000(mbhangui),10(wheel),545(docker) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

Now we need to pull the docker image for IndiMail. use the docker pull command. The values for tag can be fedora-23, centos7, debian8, ubuntu-15.10, ubuntu-14.03. If your favourite OS is missing, let me know. You can find the list of all images here.
$ docker pull cprogrammer/indimail:tag

(for indimail-mta image, execute docker pull cprogrammer/indimail-mta:tag

You can now list the docker image by executing the docker images command.

$ docker images
REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
cprogrammer/indimail       fedora-23           a02e6014a67b        53 minutes ago      1.774 GB

Now let us run a container with this image using the image id a02e6014a67b listed above by running the docker run command. The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker. In our case, I want the systemctl command to work and the container run like a normal host.

$ docker run -d -h indimail.org --privileged a02e6014a67b /sbin/init

I have now figured out the you don't require the --privileged flag. This flag gives the container access to the host's systemd. A better way is to add SYS_ADMIN capability

$ docker run -ti --cap-add=SYS_ADMIN -e "container-docker" -v /sys/fs/cgroup:/sys/fs/cgroup:ro a02e6014a67b /sbin/init

The above will start a fully functional Fedora 23 OS with IndiMail, MySQL, sshd, httpd services up and running.

We can list the running container by running the docker ps command

$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
fd09c7ca75be        a02e6014a67b        "/sbin/init"        38 seconds ago      Up 37 seconds                           desperate_jones 

We now have a running container and can attach to it and use it like any functional host. Run the docker exec command. The -ti option attaches a pseudo terminal and makes the session interactive.
$ docker exec -ti fd09c7ca75be /bin/bash --login
#
# /var/indimail/bin/svstat /service/*
/service/fetchmail: down 32 seconds
/service/greylist.1999: up (pid 203) 32 seconds
/service/indisrvr.4000: up (pid 178) 32 seconds
/service/inlookup.infifo: up (pid 192) 32 seconds
/service/mysql.3306: up (pid 181) 32 seconds
/service/proxy-imapd.4143: up (pid 191) 32 seconds
/service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds
/service/proxy-pop3d.4110: up (pid 197) 32 seconds
/service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds
/service/pwdlookup: up (pid 195) 32 seconds
/service/qmail-imapd.143: up (pid 222) 32 seconds
/service/qmail-imapd-ssl.993: up (pid 200) 32 seconds
/service/qmail-pop3d.110: up (pid 212) 32 seconds
/service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds
/service/qmail-poppass.106: up (pid 216) 32 seconds
/service/qmail-qmqpd.628: down 32 seconds
/service/qmail-qmtpd.209: up (pid 153) 32 seconds
/service/qmail-send.25: up (pid 182) 32 seconds
/service/qmail-smtpd.25: up (pid 187) 32 seconds
/service/qmail-smtpd.366: up (pid 208) 32 seconds
/service/qmail-smtpd.465: up (pid 194) 32 seconds
/service/qmail-smtpd.587: up (pid 196) 32 seconds
/service/qmail-spamlog: up (pid 221) 32 seconds
/service/qscanq: up (pid 213) 32 seconds
/service/udplogger.3000: up (pid 211) 32 seconds
You now have a fully functional mail server with a pre-configured virtual domain indimail.org and a pre-configured virtual user testuser01@indimail.org. You can use IMAP/POP3/SMTP to your heart's content. If not satisfied, try out the ssl enabled services IMAPS/POP3S/SMTPS or STARTTLS command. If still not satisfied, read the man pages in /var/indimail/man/* :)

You can stop the container by executing the docker stop command.

$ docker stop fd09c7ca75be

You can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation. If you are lazy like me, just read the Getting Started guide.

I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics, that you may be familiar with. Do send few bottles of beer my way if you can.

NOTE: There are few defaults for the indimail docker container image
  • root password is passxxx@xxx
  • mysql user, password for indimail is indimail, ssh-1.5-
  • mysql privileged user, password is mysql, 4-57343-
  • password for postmaster@indimail.org virtual imap/pop3 account is passxxx
  • password for testuser01@indimail.org virtual imap/pop3 account is passxxx

Wednesday, July 20, 2011

Using systemd to start IndiMail

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports snapshots and restoring of the system state, maintains mount and automount points and implements an elaborate transactional dependency-based service control logic. It can work as a drop-in replacement for sysvinit.

The first step is to write the service configuration file for IndiMail as /lib/systemd/system/indimail.service


[Unit]
Description=IndiMail Messaging Platform
After=local-fs.target network.target

[Service]
ExecStart=/var/indimail/bin/svscanboot /service
ExecStop=/etc/init.d/indimail stop
Restart=on-failure
Type=simple

[Install]
WantedBy=multi-user.target


In Fedora 15, upstart has been replaced by a service called systemd. Due to improper rpm package upgrade scripts, some system services previously enabled in Fedora 14, may not be enabled after upgrading to Fedora 15. To determine if a service is impacted, run the systemctl status command as shown below.

# systemctl is-enabled indimail.service && echo "Enabled on boot" || echo "Disabled on boot"


To enable indimail service on boot, run the following systemctl command


# systemctl enable indimail.service

Now to start IndiMail you can use the usual service command

# service indimail start    (to start indimail)

# service indimail stop     (to stop indimail)

You can automate the above service creation for systemd by running the initsvc(1) command


# /var/indimail/bin/initsvc -on  (to enable indimail service)
# /var/indimail/bin/initsvc -off   (to disable indimail service)

You can now also query the status of the running IndiMail service by using the systemctl command


# systemctl status indimail.service
indimail.service - IndiMail Messaging Platform
          Loaded: loaded (/lib/systemd/system/indimail.service)
          Active: active (running) since Wed, 20 Jul 2011 18:18:35 +0530; 10min ago
        Main PID: 4353 (svscanboot)
          CGroup: name=systemd:/system/indimail.service
                  ├ 4353 /bin/sh /var/indimail/bin/svscanboot
                  ├ 4356 /var/indimail/bin/svscan /service
                  ├ 4357 supervise log
                  ├ 4358 supervise clamd
                  ├ 4359 supervise log
                  ├ 4360 supervise freshclam
                  ├ 4361 supervise log
                  ├ 4362 supervise qmail-send.25
                  ├ 4363 supervise log
                  ├ 4364 supervise qmail-pop3d-ssl.995
                  ├ 4365 supervise log
                  ├ 4366 supervise proxy-imapd-ssl.9143
                  ├ 4367 supervise log
                  ├ 4368 supervise qmail-poppass.106
                  ├ 4369 supervise log
                  ├ 4370 supervise proxy-imapd.4143
                  ├ 4371 supervise log
                  ├ 4372 supervise proxy-pop3d-ssl.9110
                  ├ 4373 supervise log
                  ├ 4374 supervise qmail-smtpd.465
                  ├ 4375 supervise log
                  ├ 4376 supervise inlookup.infifo
                  ├ 4377 supervise log
                  ├ 4378 supervise qmail-smtpd.366
                  ├ 4379 supervise log
                  ├ 4380 supervise proxy-pop3d.4110
                  ├ 4381 supervise log
                  ├ 4382 supervise slapd.389
                  ├ 4383 supervise log
                  ├ 4384 supervise qmail-smtpd.587
                  ├ 4385 supervise log
                  ├ 4386 supervise pwdlookup
                  ├ 4387 supervise log
                  ├ 4388 supervise qmail-pop3d.110
                  ├ 4389 supervise log
                  ├ 4390 supervise qmail-qmtpd.209
                  ├ 4391 supervise log
                  ├ 4392 supervise fetchmail
                  ├ 4393 supervise log
                  ├ 4394 supervise qscanq
                  ├ 4395 supervise log
                  ├ 4396 supervise qmail-smtpd.25
                  ├ 4397 supervise log
                  ├ 4398 supervise mysql.3306
                  ├ 4399 supervise log
                  ├ 4400 supervise qmail-spamlog
                  ├ 4401 supervise log
                  ├ 4402 supervise qmail-qmqpd.628
                  ├ 4403 supervise log
                  ├ 4404 supervise qmail-imapd-ssl.993
                  ├ 4405 supervise log
                  ├ 4406 supervise indisrvr.4000
                  ├ 4407 supervise log
                  ├ 4408 supervise qmail-imapd.143
                  ├ 4409 supervise log
                  ├ 4410 supervise greylist.1999
                  ├ 4411 supervise log
                  ├ 4412 /var/indimail/bin/multilog t /var/log/indimail/fre...
                  ├ 4413 qmail-daemon ./Maildir/
                  ├ 4414 /var/indimail/bin/tcpserver -v -H -R -l 0 -x /var/...
                  ├ 4415 /var/indimail/bin/tcpserver -v -c /service/qmail-p...
                  ├ 4416 /var/indimail/bin/multilog t /var/log/indimail/pro...
                  ├ 4417 /var/indimail/bin/multilog t /var/log/indimail/pop...
                  ├ 4418 /var/indimail/bin/multilog t /var/log/indimail/pro...
                  ├ 4419 /var/indimail/bin/multilog t /var/log/indimail/pro...
                  ├ 4420 /var/indimail/bin/multilog t /var/log/indimail/pop...
                  ├ 4421 /var/indimail/bin/tcpserver -v -c /service/qmail-p...
                  ├ 4422 /var/indimail/bin/multilog t /var/log/indimail/pro...
                  ├ 4424 /var/indimail/bin/tcpserver -v -c /service/proxy-p...
                  ├ 4425 /var/indimail/bin/multilog t -* cleanq starting -*...
                  ├ 4426 /var/indimail/bin/tcpserver -v -h -R -l 0 -x /var/...
                  ├ 4427 /var/indimail/bin/tcpserver -v -c /service/proxy-i...
                  ├ 4428 /var/indimail/sbin/inlookup -i 5
                  ├ 4429 /var/indimail/bin/multilog t /var/log/indimail/mys...
                  ├ 4430 /var/indimail/bin/multilog t /var/log/indimail/smt...
                  ├ 4431 /var/indimail/sbin/nssd -d notice
                  ├ 4432 /var/indimail/bin/tcpserver -v -c /service/qmail-i...
                  ├ 4433 /var/indimail/bin/multilog t /var/log/indimail/pwd...
                  ├ 4434 /var/indimail/bin/multilog t /var/log/indimail/smt...
                  ├ 4435 /var/indimail/bin/multilog t /var/log/indimail/pop...
                  ├ 4436 /var/indimail/bin/tcpserver -v -c /service/proxy-i...
                  ├ 4437 /var/indimail/bin/multilog t /var/log/indimail/inl...
                  ├ 4438 /usr/bin/perl /var/indimail/bin/greydaemon -w /var...
                  ├ 4439 /var/indimail/bin/tcpserver -v -c /service/qmail-i...
                  ├ 4440 /var/indimail/bin/tcpserver -v -h -R -l 0 -x /var/...
                  ├ 4441 /var/indimail/bin/multilog t /var/log/indimail/ima...
                  ├ 4442 /var/indimail/bin/tcpserver -v -H -R -l 0 -x /var/...
                  ├ 4443 /var/indimail/bin/multilog t /var/log/indimail/gre...
                  ├ 4444 /usr/local/mysql/libexec/mysqld --defaults-file=/v...
                  ├ 4445 /var/indimail/bin/tcpserver -v -H -R -l 0 -x /var/...
                  ├ 4446 /var/indimail/bin/qmail-cat /tmp/spamfifo
                  ├ 4447 /var/indimail/bin/multilog t /var/log/indimail/fet...
                  ├ 4448 /var/indimail/bin/multilog t /var/log/indimail/qmq...
                  ├ 4449 /var/indimail/bin/multilog t /var/log/indimail/smt...
                  ├ 4450 /var/indimail/bin/multilog t /var/log/indimail/qmt...
                  ├ 4451 /var/indimail/bin/tcpserver -v -H -R -l 0 -x /var/...
                  ├ 4452 /var/indimail/sbin/indisrvr -i 0 -p 4000 -b 40 -n ...
                  ├ 4453 /var/indimail/bin/multilog t /var/log/indimail/ind...
                  ├ 4454 /var/indimail/bin/multilog t /var/log/indimail/smt...
                  ├ 4455 /var/indimail/bin/multilog t /var/log/indimail/cla...
                  ├ 4456 /var/indimail/bin/multilog t /var/log/indimail/svs...
                  ├ 4457 /var/indimail/sbin/clamd
                  ├ 4458 /var/indimail/bin/multilog t /var/log/indimail/del...
                  ├ 4459 /var/indimail/bin/tcpserver -v -c /service/proxy-p...
                  ├ 4460 /var/indimail/bin/multilog t /var/log/indimail/spa...
                  ├ 4461 /var/indimail/bin/multilog t /var/log/indimail/ima...
                  ├ 4462 /bin/sh ./run
                  ├ 4477 /var/indimail/bin/multilog t /var/log/indimail/sla...
                  ├ 4509 /var/indimail/bin/freshclam -v --stdout --datadir=...
                  ├ 4519 /var/indimail/sbin/inlookup -i 5
                  ├ 4520 /var/indimail/sbin/inlookup -i 5
                  ├ 4521 /var/indimail/sbin/inlookup -i 5
                  ├ 4522 /var/indimail/sbin/inlookup -i 5
                  ├ 4523 /var/indimail/sbin/inlookup -i 5
                  ├ 4526 qmail-send
                  ├ 4527 qmail-send
                  ├ 4528 qmail-send
                  ├ 4529 qmail-send
                  ├ 4530 qmail-send
                  ├ 4531 qmail-lspawn ./Maildir/
                  ├ 4532 qmail-rspawn
                  ├ 4533 qmail-clean
                  ├ 4534 qmail-todo
                  ├ 4535 qmail-clean
                  ├ 4536 qmail-lspawn ./Maildir/
                  ├ 4537 qmail-rspawn
                  ├ 4538 qmail-clean
                  ├ 4539 qmail-todo
                  ├ 4540 qmail-clean
                  ├ 4541 qmail-lspawn ./Maildir/
                  ├ 4542 qmail-rspawn
                  ├ 4543 qmail-clean
                  ├ 4544 qmail-todo
                  ├ 4545 qmail-clean
                  ├ 4546 qmail-lspawn ./Maildir/
                  ├ 4547 qmail-rspawn
                  ├ 4548 qmail-clean
                  ├ 4549 qmail-todo
                  ├ 4550 qmail-clean
                  ├ 4551 qmail-lspawn ./Maildir/
                  ├ 4552 qmail-rspawn
                  ├ 4553 qmail-clean
                  ├ 4554 qmail-todo
                  ├ 4555 qmail-clean
                  ├ 4751 /bin/sh ./run
                  └ 4752 sleep 200

Tuesday, July 5, 2011

IndiMail Installation for newbies in < 10 steps


Installing Indimail using YUM/APT Repository

  1. Install OS
    • OpenSUSE
      • openSUSE Leap 42.3
      • openSUSE Leap 42.2
      • openSUSE 13.2
      • openSUSE 13.1
      • SUSE Linux Enterprise 12 SP2
      • SUSE Linux Enterprise 12 SP1
      • SUSE Linux Enterprise 12
    • Red Hat
      • Feodra 27
      • Fedora 26
      • Red Hat Enterprise Linux 7
      • Red Hat Enterprise Linux 6
      • CentOS 7
      • CentOS 6
    • Debian
      • Debian 8.0
      • Debian 7.0
      • Ubuntu 17.04
      • Ubuntu 16.10
      • Ubuntu 16.04
      • Ubuntu 14.04
      • Ubuntu 12.04
  1. Click the below URL for Install Instructions
https://software.opensuse.org/download.html?project=home%3Aindimail&package=indimail
  1. Shutdown MySQL if already running and disable MySQL from being started up by the system % /etc/init.d/mysqld stop % sudo chkconfig mysqld off % /bin/rm -f /service/mysql.3306/down
  2. Start IndiMail
% sudo service indimail start
  1. Check Servicess
% sudo /usr/bin/svstat /service/*
/service/clamd: up (pid 1014) 2985 seconds
/service/dnscache: up (pid 1021) 2985 seconds
/service/fetchmail: down 2985 seconds
/service/freshclam: up (pid 1020) 2985 seconds
/service/greylist.1999: up (pid 1043) 2985 seconds
/service/indisrvr.4000: up (pid 1048) 2985 seconds
/service/inlookup.infifo: up (pid 1057) 2985 seconds
/service/mrtg: up (pid 1023) 2985 seconds
/service/mysql.3306: up (pid 1031) 2985 seconds
/service/proxy-imapd.4143: up (pid 1018) 2985 seconds
/service/proxy-imapd-ssl.9143: up (pid 1041) 2985 seconds
/service/proxy-pop3d.4110: up (pid 1017) 2985 seconds
/service/proxy-pop3d-ssl.9110: up (pid 1037) 2985 seconds
/service/pwdlookup: up (pid 1030) 2985 seconds
/service/qmail-imapd.143: up (pid 1046) 2985 seconds
/service/qmail-imapd-ssl.993: up (pid 1055) 2985 seconds
/service/qmail-logfifo: up (pid 1024) 2985 seconds
/service/qmail-pop3d.110: up (pid 1029) 2985 seconds
/service/qmail-pop3d-ssl.995: up (pid 1054) 2985 seconds
/service/qmail-poppass.106: up (pid 1022) 2985 seconds
/service/qmail-qmqpd.628: down 2985 seconds
/service/qmail-qmtpd.209: up (pid 1044) 2985 seconds
/service/qmail-send.25: up (pid 1026) 2985 seconds
/service/qmail-smtpd.25: up (pid 1050) 2985 seconds
/service/qmail-smtpd.366: up (pid 1019) 2985 seconds
/service/qmail-smtpd.465: up (pid 1027) 2985 seconds
/service/qmail-smtpd.587: up (pid 1012) 2985 seconds
/service/qscanq: up (pid 1036) 2985 seconds
/service/resolvconf: up (pid 1069) 2985 seconds
/service/udplogger.3000: up (pid 1061) 2985 seconds

  1. Play with the System
    1. Add A Domain
% sudo vadddomain example.com password1
    1. Add a User
% sudo vadduser user01@example.com password2
    1. Send email
swaks –to youremail@yourdomain –from user01@example.com –server localhost
  1. RTFM
% man indimail
  1. Buy Beer for Manvendra Bhangui



NOTE: The MySQL database gets installed with the user 'mysql' with all privileges and a user 'indimail' with limited privileges. You will find the passwords for these two users in the script /usr/sbin/svctool. If you modify these, please don't forget to modify /etc/indimail/control/host.mysql

Thursday, June 30, 2011

Eliminating Duplicate Emails during local delivery

Often you will find program like MS outlook, notorious for sending duplicate emails, flooding your inbox. IndiMail allows you to quickly deal with this proprietary nonsense by turning on duplicate eliminator in vdelivermail(8) - the default MDA. To turn on the duplicate eliminator in vdelivermail, you need to set ELIMINATE_DUPS and MAKE_SEEKABLE environment variables.

% su
# echo 1> /service/qmail-send.25/variables/ELIMINATE_DUPS
# echo 1> /service/qmail-send.25/variables/MAKE_SEEKABLE
# svc -d /service/qmail-send.25; svc -u /service/qmail-send.25
# exit

If you do not use vdelivermail and want to use your own delivery agent? Fear not by using ismaildup(1). ismaildup expects the email on standard input and is easily scriptable like the example below in a .qmail file.

   | ismaildup /var/indimail/bin/maildirdeliver /home/manny/Maildir

will deliver mails to /home/manny/Maildir while discarding duplicates.

If you are not happy with the 900 seconds (15 minutes) time interval for checking duplicates, you can change it by setting the DUPLICATE_INTERVAL environment variable. The following will not allow a single duplicate to be entertained within 24 hours

% su
# echo 86400 > /service/qmail-send.25/variables/DUPLICATE_INTERVAL
# svc -d /service/qmail-send.25 ; svc -u /service/qmail-send.25
# exit

Friday, June 24, 2011

Using procmail with Indimail


IndiMail follows the traditional UNIX philosophy.
"Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface"
This allows IndiMail to interface with many programs written by others. IndiMail uses a powerful filter mechanism called vfilter(8). You may already be familiar with procmail. procmail is a mail delivery agent (MDA) capable of sorting incoming mail into various directories and filtering out messages. There are three ways in which you can use procmail with IndiMail.
1. inside .qmail
Users can use
| preline procmail
from ~/.qmail. They will need to use a full path for procmail unless procmail is in the system's startup PATH.
2. Edit .qmail-default
| preline -f procmail -p -m /var/indimail/etc/procmailrc
3. Have an alias
You can use valias(1) to create an alias to call procmail. The following alias calls procmail to deliver the mail using /var/indimail/etc/procmailrc as a procmail recipe
valias -i "|/var/indimail/bin/preline -f /usr/bin/procmail -p -m /var/indimail/etc/procmailrc" testuser@example.com
The following procmailrc puts virus infected mails in /tmp/Maildir and calls maildirdeliver(1) to deliver the mail to /home/mail/T2Zsym/example.com/testuser01/Maildir.
SHELL=/bin/bash
VERBOSE="no"
unset DTLINE
unset RPLINE
:0w
*^X-Virus-Status: INFECTED
/tmp/Maildir/.Virus
:0w
| /var/indimail/bin/maildirdeliver /home/mail/T2Zsym/example.com/testuser01/Maildir
You can replace maildirdeliver in the last line with vdelivermail(8)
| /var/indimail/bin/vdelivermail '' bounce-no-mailbox



IndiMail Queue Mechanism

Indimail has the ability of configuring multiple local and remote queues. A queue is a location on your hard disk where email are deposited ...