Skip to main content

Posts

Showing posts from 2009

Publishing IndiMail Statistics for your domain

You can now configure MRTG Graphs to show statistics for IndiMail . You need to have mrtg installed on your system. If you do not have mrtg, you can execute yum/dnf

% sudo yum install mrtg

on some systems you might need to use dnf

% sudo dnf install mrtg

You need to execute the following steps (assuming your web server document root is /var/www/html)

% sudo /usr/sbin/svctool --mrtg=/var/www/html/mailmrtg --servicedir=/service

After carrying out the above step,  check the status of mrtg service

% sudo svstat /service/mrtg
/service/mrtg/: up (pid 2443) 35254 seconds

Point your browser to /var/www/html/mailmrtg and you should see the graphs.

IndiMail INSTALLATION STEPS

IndiMail can be installed using the source, RPM or using a YUM repository.

If you have learnt the art of being patient the read the file INSTALL-version. You can read the file INSTALL-RPM-version in case you want to install from RPM (version is the version of IndiMail you want to install).

If you are in a hurry to install and setup IndiMail, download the RPM and read the file Quick-INSTALL-version. You can also install IndiMail in 10 Steps.

IndiMail RPM/Debian for various linux distros can be downloaded from
http://download.opensuse.org/repositories/home:/indimail/

The top level directory for current indimail source being maintained can be found at

https://sourceforge.net/projects/indimail/files/indimail


If you are installing from source, apart from downloading indimail-version.tar.gz, you need to download the following additionally

Mandatory Downloads
http://cr.yp.to/software/qmail-1.03.tar.gz
http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
http://downloads.sourceforge.net/indimail/libdkim…

Using spamassassin program with IndiMail

Just few days back a user asked me whether spamassassin can be used with IndiMail.

IndiMail uses environment variables SPAMFILTER, SPAMEXITCODE to configure any spam filter to be used. All that is required for the spam filter is to read a mail message on stdin, output the message back on stdout and exit with a number which indicates whether the message is ham or spam.

The default installation of IndiMail creates a configuration where mails get scanned by bogofilterfor spam filtering. bogofilter exits with value '0' in case the message is spam and with value '1' when message is ham. The settings for SPAMFILTER, SPAMEXITCODE is as below
SPAMFILTER="/usr/bin/bogofilter -p -u -d /etc/indimail"SPAMEXITCODE=0
Assuming that you have installed, setup and trained spamassassin, you can follow the instructions below to have IndiMail use spamassassin.

spamassasin has a client spamc which exits 1 when message is spam and exits 0 if the message is ham. To use spamassassin, just…

Troublesome MySQL Configuration

Quite a few of users who attempt to install IndiMail first time, face the biggest issue with MySQL installation and configuration. Most of the issues relate to the following
MySQL version less than 5.1: MySQL fails to startup under supervise MySQL version less than 5.1: svctool fails to create a default database for IndiMail during rpm installation.
/etc/my.cnf uses socket=/var/lib/mysql/mysql.sock. IndiMail uses /tmp/mysql.sock. Connection to MySQL fails if you use mysql(1) (without -S opton).You get MySQL syntax error when running indimail programs
The solution to the first problem is to delete the lines --general-log-file and the line --slow-query-log from the file /service/mysql.3306/run. After deleting the lines you can issue the command

/var/indimail/bin/svc -u /service/mysql.3306

to start up MySQL.

The solution to the second problem is to create a blank MySQL database by running the following command

/var/indimail/bin/svc -d /service/mysql.3306
/bin/rm -r /var/indimail/mysqldb/data
/usr…

Cost of writing IndiMail

IndiMail is Free Software / Open Source Software

What would it have costed to code IndiMail if it wasn't free and if there wasn't any FS/OSS ?

Using David A. Wheeler's 'SLOCCount' gives the following result. The cost has been arrived by using $12000/year as the average salary of an Indian programmer. Sloccount uses COCOMO Software Cost Estimation Model.

Total Estimated Cost to Develop = $ 3,011,907

SLOC Directory SLOC-by-Language (Sorted)

106466 clamav-0.95.2 ansic=94967,sh=11300,perl=199
73173 qmail-1.03 ansic=68645,perl=2361,sh=2167
58207 indimail-1.6.2 ansic=51563,sh=6644
45914 indium-1.0 tcl=39628,sh=5604,ansic=682
41943 bogofilter-1.2.1 ansic=34807,sh=4629,perl=1842,lex=475,lisp=179
14670 flash-0.9.4 ansic=8346,sh=6324
9762 ucspi-tcp-0.88 ansic=9581,sh=181
9362 altermime-0.3.10 ansic=5963,sh=3399
9317 mpack-1.6 ansic=9292,perl=25
8131 ripmime-1.4.0.9 ansic=8116,sh=15
4256 pam-multi-1.0 ans…

Greylisting in IndiMail

Greylisting is a method of defending email users against spam, by temporarily rejecting any email from a IP/Sender which it does not recognize. As per SMTP, the originating server should after a delay retry. A server implementing greylisting should accept the mail if sufficient time has elapsed. If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and typically cannot afford the time delay to retry.

IndiMail 1.6 onwards implements greylisting using qmail-greyd daemon. You additionally need to have the environment variable GREYIP defined for the qmail-smtpd process. The environment variable GREYIP specifies on which IP and port, qmail-greyd is accepting greylisting requests. qmail-smtpd uses UDP to send a triplet (IP+RETURN_PATH+RECIPIENT) to the greylisting server and waits for an answer which tells qmail-smtpd to proceed ahead or to temporarily reject the mail. qmail-greyd also accepts a list of whitelisted IP address…

Creating Self-Signed Certificate for TLS/SSL encryption

If you have installed indimail using any of the RPM at

http://download.opensuse.org/repositories/home:/mbhangui/

you will get IMAPS, POP3S, SMTPS services installed by default. However Certificate are not installed by default. You may want to study the following google search. If you have not installed IndiMail using the RPM, then you can use svctool to create the IMAPS, POP3S, SMTPS services. Executing svctool without any option will give you a help screen.

You can save yourself a lot of trouble by using svctool to create self-signed certificate for IMAPS, POP3S, SMTPS (or starttls in smtp)

# /var/indimail/svctool --postmaster=postmaster@yourdomain --config=cert

You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank. For some fields there will be a default value, If you just hit Enter, the field will be left…

How to set DKIM signature in IndiMail

What is DKIM
DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit. DKIM has been approved as a Proposed Standard by IETF and published it as RFC 4871. There are number of vendors/software available which provide DKIM signing. IndiMail is one of them. You can see the full list here.
DKIM uses public-key cryptography to allow the sender to electronically sign legitimate emails in a way that can be verified by recipients. Prominent email service providers implementing DKIM (or its slightly different predecessor, DomainKeys) include Yahoo and Gmail. Any mail from these domains should carry a DKIM signature, and if the recipient knows this, they can discard mail that hasn't been signed, or has an invalid signature.


IndiMail from version 1.5 onwards, comes with a drop-in replacement for qmail-queue for DKIM signature signing and verification (see qmail-dkim(8) for more details). You need the following steps to enable DKIM. Indi…

IndiMail now has a RPM and Yum repository

Using Red Hat Package Manager (RPM) is a popular way of installing software on Linux systems. I have been always comfortable with the usual ./configure; make; sudo make install-strip.

Not everyone is comfortable with gory details involved during compilation. So with some effort I started reading RPM manuals on the net. The first two days I found it quite tough getting things together but after the exercise, the knowledge gained has helped me to tweak the configure scripts and makefiles better.

IndiMail now longer uses hard-coded directories inside Makefiles. Libraries for example now go into @libdir@ in Makefile.am. This resolves to /usr/lib on 32 bit systems and /usr/lib64 on 64 bit systems.

The biggest learning came from Open Build Server (OBS). The service provides software developers with a tool to create and release open source software for openSUSE and other Linux distributions easily on different hardware architectures and for a broad user audience. Users can easily find the lates…

IndiMail Release 1.3

INTRODUCTION

IndiMail is a Scalable, Secure, Reliable, Efficient, and a highly
configurable Mailing Solution. IndiMail allows Users in a domain to be
distributed across multiple hosts (without NFS). IndiMail has multiple
queues to provide a high speed queuing. IndiMail uses a heavily modifed version of qmail.

IndiMail also provides programs to manage Virtual Domains and large number of users in Virtual Domains. These users can be distributed across multiple hosts. A high speed query lookup daemon (inlookup) allows IndiMail to handle large number of queries with MySQL as the RDBMS.

By default, IndiMail provides an authentication module for Courier IMAP called authindi. It also provides a Password Lookup Service using Name Service Swith (NSS). This allows any IMAP/POP3 server to work with IndiMail as long as the IMAP/POP3 server provides for authentication of users agains the system's /etc/passwd, /etc/shadow. The Password Lookup Service extends the system's getpwnam() family of funct…