Virtual Domains and qmail

Here's a way to get control of your mail with secure, high performance and freely available software called qmail.
Forwarding a Virtual Domain User's Mail

If mail for a new user in a virtual domain is to be forwarded to an existing on-site user or to an off-site user, you don't need to create an account for the new user. You can create a .qmail-xxx file in the virtual domain master user's home directory to forward the mail. The master user is the user we created above, who is currently receiving all mail for the virtual domain. For the address john.smith@abc.com, you create a file ~abc/.qmail-john:smith, containing the address to which John's mail is to be forwarded in this way:

&smith.john@home.boston.ma.us

Note that any periods in the user's Internet name are replaced with colons in the .qmail-xxx file name. The forwarding address which is stored within the .qmail-xxx file does not have periods replaced with colons.

POP3 Mail for a Virtual Domain User

If a user of a virtual domain will be picking up his mail using POP3, you must create an account and an incoming mail directory for him. The POP3 daemon, which comes with qmail, cannot pick up mail from an ordinary mbox formatted file.

# adduser jsmith
# chmod g-w ~jsmith
# chmod o-w ~jsmith
# cd ~jsmith
# maildirmake Maildir
# chown -R jsmith.users Maildir

The chmod commands in the above script ensure that no one can write to jsmith's home directory except jsmith himself. qmail enforces this requirement as a security measure, but it can be relaxed with a compile-time option—see ALIAS_PATERNALISM in the conf-unusual.h file.

Note that under Linux distributions which include the adduser command, like Slackware, you can do a maildirmake in /etc/skel, so new users will automatically get a Maildir.

As in the previous section, you need to create a .qmail-xxx file in the home directory of the virtual domain's master user to forward mail to each individual user. To forward mail for john.smith@abc.com to the local user jsmith we would create a file, ~abc/.qmail-john:smith, containing the line:

&jsmith

To indicate where his incoming mail should be stored, we would create a .qmail file in the home directory for jsmith, containing:

/home/jsmith/Maildir/
This step is required because the qmail POP server expects to find a user's mail in a specially constructed directory (the default name of which is Maildir), and we have to tell qmail to put it there.

Once you start storing incoming mail in a nonstandard place, you have to tell the local mail programs where to find it. The standard Linux mail programs cannot read mail from the Maildir format, so qmail includes several wrapper programs to move any incoming mail into mbox format (qail, qine, qlm, for mail, pine and elm respectively). You can rename the real mail user agents and link these wrappers to the usual names, so your users won't even see a difference. These wrappers need a bit of information to operate correctly. To take care of this, add this type of lines to the /etc/profile file:

export MAILDIR=$HOME/Maildir
export MAIL=$HOME/Mailbox
export MAILTMP=$HOME/Mailbox.tmp

The final thing you have to do is install qmail's POP3 daemon. It is split into three programs, one of which deals with user names and passwords. Those of you with shadow passwords installed will appreciate this modularity. A password checking program, checkpassword, which works with ordinary Linux /etc/passwd files, is available at the same URL as the qmail distribution. The POP3 line in your /etc/inetd.conf will have to be modified. How to do this is described in detail in the FAQ that comes with qmail.

If you feel the above changes are too disruptive, an alternative is to patch your existing POP3 daemon to look for a user's incoming mail in an mbox-formatted file in the user's home directory, rather than a similar file in /var/spool/mail. One such package is available at ftp://summersoft.fay.ar.us/pub/qmail/. The only thing you lose by using a patched POP server rather than the POP server distributed with qmail is the much more reliable Maildir mail storage format.

Forwarding Virtual Domain User Mail Without a Master User

If you want to forward all mail for a new virtual domain, but you have no reason to create a master user ID for that domain (e.g., you're not providing web services), you can do this using the special alias user ID. Instead of adding the line abc.com:abc to /var/qmail/control/virtualdomains, add the line:

abc.com:alias-abc

This designates the alias user as the responsible party for all mail to the abc.com domain. qmail's default installation sets the alias user's home directory to /var/qmail/alias, so control of all e-mail for abc.com is done in this directory.

You can create a file ~alias/.qmail-abc-default to forward all mail for abc.com to a specific user. You can also create a series of files, like ~alias/.qmail-abc-webmaster and ~alias/.qmail-abc-john:smith, to forward mail for specific people at abc.com.

Note that the alias user (or any other user) can control mail for multiple virtual domains. To control abc.com and anotherdomain.org, put the following lines in the /var/qmail/control/virtualdomains file:

abc.com:alias-abc
anotherdomain.org:alias-anotherdomain

You'll need these files in the ~alias directory:

~alias/.qmail-abc-john:smith
~alias/.qmail-abc-nancy:jones
~alias/.qmail-abc-webmaster
~alias/.qmail-anotherdomain-sam:adams
~alias/.qmail-anotherdomain-webmaster
Note that unlike sendmail, you can have two users with the same Internet user name, as long as they're in different virtual domains. In the above example, there's a webmaster@abc.com and a webmaster@anotherdomain.org.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Qmail is good mail server daemon!

speedwayhke's picture

Qmail is good mail server daemon.It's easy configure than sendmail.especial in virtual domain.

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix