Blue Flower

Bill

Bill

Login to qmailadmin as postmaster for your domain and click the set catchall deleted at the bottom of the email account menu, or edit ~vpopmail/domains/domain.com/.qmail-default to look like the following:

| /home/vpopmail/bin/vdelivermail '' delete

(If you are using validrcptto, you will want this set to bounce-no-mailbox)

How to disable double-bounces

To discard double-bounces, follow these steps:

echo yourdomain.tld > /var/qmail/control/doublebouncehost
echo doublebounce > /var/qmail/control/doublebouncto
echo "#" > ~vpopmail/domains/yourdomain.tld/.qmail-doublebounce
qmailctl restart

This will tell qmail to deliver double-bounces to
This email address is being protected from spambots. You need JavaScript enabled to view it..

The "empty" (only has pound sign) .qmail-doublebounce file in that
domain's directory will tell qmail to deliver the message to nowhere.
Now you will no longer be bombarded with useless double bounces.

Enjoy the quiet. :)

Special thanks to Bill Arlofski
waa-qmailrocksATrevpol.com

Monday, 06 July 2015 00:40

Understanding rcpthosts and locals

rcpthosts - domains that we accept mail for - mostly used for vpopmail virtual domains that reside in /home/vpopmail/domains

If rcpthosts does not exist, you are an open relay. If it exists and is empty and there is no "morercpthosts.cdb" file as well, then your server will reject all incoming mail.

locals - domains that we deliver locally - mostly used for local delivery /home/$USER/Maildir

What to put in rcpthosts and locals: domain names
What NOT to put in rcpthosts: IP Addresses

Taken from http://www.lifewithqmail.org

Monday, 06 July 2015 00:39

Using POP before SMTP

Just skip the jsauth smtp patch and compile vpopmail with: ./configure --enable-roaming-users

Monday, 06 July 2015 00:39

How to access the qmail manpages

To add the qmail manpages, edit the following files:

For Bash (/etc/profile)
MANPATH=/var/qmail/bin:$MANPATH

For *sh (/etc/csh.login for csh and /etc/.cshrc for tcsh)
setenv MANPATH "/var/qmail/bin:${MANPATH}

Please logout and log back in for those settings to take effect or type 'source ~/.cshrc'
if you're using tcsh

Monday, 06 July 2015 00:38

How to setup qmail graphs with MRTG

How to get the qmail graphs working with mrtg.
graphs inclue rbl, validrcptto, jgreylist, and more
By William Olson http://freebsdrocks.net http://goodcleanemail.com
------------------------------------------------------------------

# cd /path/to/stats
# fetch http://www.goodcleanemail.com/files/tarballs/qmailmrtg2.tgz
# tar zxvf qmailmrtg2.tgz

Run the following commands to start the graphs at 0

# echo "     0" > /tmp/rbl-found
# echo "     0" > /tmp/valid-found
# echo "     0" > /tmp/jgrey-found
# echo "     0" > /tmp/vir-found

Edit the following files and change the "hostname" to your host in each file at the bottom
the uptime might need to be edited to work on your box

Note: When you are editing mrtg-clam, please note the location of the log file. If you are not using
the setup for FreeBSDrocks.net, this path may need to be changed to /var/log/clamav/clamd.log

mrtg-clam
mrtg-jgrey
mrtg-rbl
mrtg-valid

Now to set the correct file permissions:

# chmod 755 mrtg-clam
# chmod 755 mrtg-jgrey
# chmod 755 mrtg-rbl
# chmod 755 mrtg-valid

Now open up qmailmrtg.cfg and change the WorkDir at the top to the folder where the qmailmrtg will be saved
Change each instance of myhostname to your mailserver name or ip or whatever. Easiest way is to do it like so:

:%s/myhostname/newhostname/g

This is just a find and replace script. What this does is it replaces all instances of myhostname with newhostname

Scroll down to the end of qmailmrtg.cfg and change the following lines:

Target[clam]: `/path/to/stats/mrtg-clam`
Target[valid]: `/path/to/stats/mrtg-valid`
Target[rbl]: `/path/to/stats/mrtg-rbl`
Target[jgrey]: `/path/to/stats/mrtg-jgrey`

run /usr/local/bin/mrtg qmailmrtg.cfg and just make sure you don't have any errors.

Now to put the stats in cron:

*/5 * * * * /usr/local/bin/mrtg /path/to/qmailmrtg.cfg > /dev/null 2>&1

After about 15-20 minutes you should start seeing graphs.

Now to clean up the install:

# cd /path/to/stats
# rm qmailmrtg2.tgz
# rm install-*

Monday, 06 July 2015 00:36

How to enable bayes autolearning

Updated 2/9/10: Updated links so they worked correctly. Removed the references for maildrop and procmail spam filtering as they are now obsoleted.

There are a few things you need to train spamassassin to do before bayes can start learning how to tell the difference between spam and non-spam. The more you train bayes, the better the learning algorithm.

Before continuing on I want to let you know about 1 thing. If you are running the freebsdrocks spamd service, you do not have to change spamd to a non-root user. The service is configured to run as user qscand. Please skip down to the section that starts First to make sure bayes can be turned on, bayes needs to be trained for 200 hams and 200 spams. Run the following command:

Before starting with Bayes, one of the things I would suggest is running SpamAssassin as a non-root account. You can do this by adding an option to the spamd.sh startup script. Edit your SpamAssassin startup script and look for the following line. I give 2 different options depends on what version of SpamAssassin you're running.

Option 1: spamd_flags=${spamd_flags:-"-d -x -r ${spamd_pidfile} "}
Option 2: : ${spamd_flags="-c  "}

Add the -u qscand to make SpamAssassin run as user qscand:

Option 1: spamd_flags=${spamd_flags:-"-u qscand -d -x -r ${spamd_pidfile} "}
Option 2: : ${spamd_flags="-c -u qscand "}

The path or flags file may vary from system to system. When you are done, save and exit and restart spamd. All your spamd processes should now run as qscand.

First to make sure bayes can be turned on, bayes needs to be trained for 200 hams and 200 spams. Run the following command:

# sa-learn --dump magic

0.000 0 5752 0 non-token data: nspam
0.000 0 1702 0 non-token data: nham

As you can see from the above example, I have 5752 spams and 1702 hams
The spam and ham totals must be at least 200 each.

The nspam total is the total amount of spams Bayes has learned.
The nham total is the total amount of hams Bayes has learned.

Here is how to train SpamAssassin hams and spams.

There are a few ways to feed sa-learn spams and hams. The easiest way is
by running the command right from console. Lets just say that you have a
folder in ~vpopmail/domains/domain.ext/test/Maildir/spam. Run the sa-learn
command like so. Replace domain.ext with your domain andreplace user with the actual user on your system :

# sa-learn --spam ~vpopmail/domains/domain.ext/user/Maildir/.Spam/new

To learn hams in ~vpopmail/domains/domain.ext/user/Maildir/new, run

# sa-learn --ham ~vpopmail/domains/domain.ext/user/Maildir/new

You'll get an output similar to the following in wither either case. Actual messages numbers may vary.

Learned from 30 message(s) (30 message(s) examined).

This tells you that out of 30 messages in the new folder, 30 were learned. If you run sa-learn --dump magic, your nspam total will have 30 more new messages learned as spam.

You basically need 200 hams and 200 spams before you can enable bayes autolearning. Once you have done that, add the following lines to your local.cf

# The line below needs to point to the users bayes_path that spamassassin runs as. In this case, the qscand home folder is /tmp
bayes_path /tmp/.spamassassin/bayes
use_bayes 1
bayes_auto_learn 1
bayes_file_mode 0770

The first line tells the bayes path to tell bayes where to store the bayes database. The next line enables bayes. The next line after that enables autolearning. and the next line just forces a chmod of 770 on the bayes database for security reasons.

Restart spamd and within a day or so you will see autolearn appear in your headers. I am not sure why it takes so long for it to come into the header part of the emails. It just does for some reason.

How to install Dcc:

# echo "WITHOUT_SENDMAIL=yes" >> /etc/make.conf
# cd /usr/ports/mail/dcc-dccd
# make install clean

Now lets install Pyzor

# cd /usr/ports/mail/pyzor
# make install clean

When the popup box comes up, Hit Tab and hit Enter on the Keyboard.

And last we need to install Razor Agents

# cd /usr/ports/mail/razor-agents
# make install clean

You will now need to create a config file for razor using a non-root
account. Substitute test with a real non-root user on your system:

# su test
# razor-admin -create (It should just drop to the next line)
# exit

We now need to register razor with the Razor servers. Replace the test
user with the actual username you used above to create the razor
account. Type in a password and hit enter.

# razor-admin -register -user=test -pass yourpass -home=/home/test/.razor

If successful, it should say:

Register successful. Identity stored in /home/user/.razor/identity-user

You can now integrate razor with SpamAssassin. Lets backup your local.cf first:

# cd /usr/local/etc/mail/spamassassin
# cp local.cf baklocal.cf

Now add/modfy the following to local.cf . Again, Replace the test user with
the actual username you used above to create the razor account.

loadplugin Mail::SpamAssassin::Plugin::DCC
dcc_path /usr/local/bin/dccproc
score PYZOR_CHECK 1

We now need to create the /var/dcc folder

# mkdir /var/dcc
# chown qscand:qscand /var/dcc
# chmod 755 /var/dcc

Just to make sure everything is running correctly, run:

# spamassassin --lint

And fix any errors that come up!

We're done!

In order for complete email and headers to be send to someone you must forward the email as an attachment rather than just inline text. Outlook Express and previous versions of Outlook allow you to "Forward As Attachment" by either right clicking on the message or opening the message and choosing that option from one of the menu's at the top. However in their infinite wisdom, Microsoft decided no one needed that option any more, so you now have to either save the file and then attach it to the email OR you can use this method which seems to work in all versions of Outlook (NOT OUTLOOK EXPRESS - it has "Forward As Attachment"):

1 - Create a new email message and type the email address to send it to
2 - minimize your new message window or move it out of the way
3 - click on the spam message and drag it to the new message window
4 - drop the spam message onto the Attachments Icon (normally a paper clip)

You should see the email message in the attachments list and can attach more spam or just send the email.

Special thanks to Cavin Greer

Sunday, 05 July 2015 23:59

How to Setup Courier POP3D-SSL

There are some people out there that want added security for POP users. This document will walk you through configuring POP3DSSL. This will make a nice addition for your freebsdrocks.net site as you already have smtp using TLS or SSL for your users sending mail. The only requirement here is to make sure Courier-Imap 4.x is installed.

First, We create the POP3DSSL Directory and log folders.

# cd /var/qmail/supervise
# mkdir -m 1755 courier-pop3dssl
# cd courier-pop3dssl
# fetch http://freebsdrocks.net/files/courier-pop3dssl-run
# mv courier-pop3dssl-run run
# chmod 755 run
# mkdir -m 755 log
# cd log
# fetch http://freebsdrocks.net/files/service-any-log-run
# mv service-any-log-run run
# chmod 755 run

And now to make a pop3d and a pop3d-ssl conf file and also change a few settings in the pop3d-ssl file

cd /usr/local/etc/courier-imap/

# cp pop3d.cnf.dist pop3d.cnf
# vi pop3d.cnf

make changes to reflect your server information in pop3d.cnf.
Make sure CN=mail.yourserver.com
And change the email address to your address

# cp pop3d-ssl.dist pop3d-ssl

Change the SSLADDRESS to the IP of the server you're running it on.

if you use SSLADDRESS=0, the resulting server will try to listen on that port number (usually 143 or 993) for EVERY IP ADDRESS ON THE SYSTEM. If any other program (such as another instance of the service) is listening on a specific IP with the same port, the SSLADDRESS=0 server will refuse to start... and if the SSLADDRESS=0 service is already running, the other one (with the specific IP) will refuse to start.

Change the POP3DSSLSTART=NO to

POP3DSSLSTART=YES

Now below that section we need to add

MAXDAEMONS=40

Now to make the pop3dssl cert...

# /usr/local/share/courier-imap/mkpop3dcert

Now to start the daemon

# ln -s /var/qmail/supervise/courier-pop3dssl /service/

Now to check the service run

# svstat /service/courier-pop3dssl /service/courier-pop3dssl/log

If both items have been up for more than 1 second, Courier-pop3dssl is installed!

This requires that you are running SquirrelMail 1.4.x or above and Apache 2.2 or higher.

Download the following related files into your squirrelmail plugins folder:

# cd /usr/local/www/squirrelmail/plugins << For FreeBSD (Other systems may vary)
# fetch http://www.goodcleanemail.com/files/tarballs/spam_buttons-2.3-1.4.0.tar.gz
# fetch http://www.goodcleanemail.com/files/tarballs/compatibility-2.0.14-1.0.tar.gz

What we want to do now is create 2 email addresses for vpopmail. We want to create one for ham and one for spam reporting. You can do this as follows:

# ~vpopmail/bin/vadduser thisisspam @ domain.com password
# ~vpopmail/bin/vadduser thisisham @ domain.com password

Make sure password in the 2 examples above are not the actual password. Just create random ones if you like.

Now lets unzip them

# tar zxvf spam_buttons-2.3-1.4.0.tar.gz
# tar zxvf compatibility-2.0.14-1.0.tar.gz

Now to configure spam buttons:

# cd spam_buttons
# cp config_example.php config.php
# vi config.php

The first section under General Options is, well, optional. When you get to the section that says // REPORT-BY-EMAIL OPTIONS, this is where you change a few things:

# $is_spam_resend_destination = ' This email address is being protected from spambots. You need JavaScript enabled to view it.';
# $is_not_spam_resend_destination = ' This email address is being protected from spambots. You need JavaScript enabled to view it.';

Verify the following is set:

//$spam_report_email_method = 'bounce';
$spam_report_email_method = 'attachment';
//$is_spam_subject_prefix = 'SPAM';
//$is_not_spam_subject_prefix = 'HAM';

If you are using my freebsdrocks.net setup, make sure to remove the .qmail files and mailfilter from the vpopmail directory like so

# rm ~vpopmail/domains/domain.com/thisisspam/.qmail
# rm ~vpopmail/domains/domain.com/thisisspam/mailfilter
# rm ~vpopmail/domains/domain.com/thisisham/.qmail
# rm ~vpopmail/domains/domain.com/thisisham/mailfilter

Also, In the config.php and you're using my freebsdrocks setup, You can change the 2 following sections in config.php

$sb_report_spam_by_move_to_folder = 'Inbox.Spam';
$sb_report_not_spam_by_move_to_folder = 'Inbox';

You should now exit and save the file. This script successfully reports and process each message.
However, It does not delete the message when it is being reported.

If you are running Squirrelmail 5.x, Skip the following patch section.

Patch SquirrelMail 1.4.x to enable button display on the message list page. The patch should be run from the spam_buttons directory.

patch -p0 < patches/spam_buttons-squirrelmail-1.4.4.diff

You will now want to enable the plugin by doing the following:

# cd /usr/local/www/squirrelmail/plugins/config
# ./conf.pl

Go to

8. Plugins

Look under Available Plugins: and look for spam_buttons which is usually the last one at the bottom. The number to the left of it is the number you want to type in to enable it. Do that and hit enter and

then you should see it under Installed Plugins. Also enable the Compatability plugin as well before you continue. Press S and hit enter to save the data and hit Q to quit and hit enter. The squirrelmail plugin is now enabled and functional.

The startup scripts I just put in my bin directory in my ~home drive.

# cd ~user
# mkdir bin
# cd bin
# fetch http://www.goodcleanemail.com/files/tarballs/autolearn2.tgz
# tar zxvf
autolearn2.tgz


Edit spamauto.sh and hamauto.sh and change the sections that say:

DOMAIN="domain.com"
SPAMUSER="thisis*am"
MAILDIR="/home/vpopmail/domains/$DOMAIN/$SPAMUSER/Maildir/new"
SA_LEARN_LOG="/var/log/spamlearn.log"

Now you can put hamauto.sh and spamauto.sh in crontab like so:

0 1,13 * * * ~user/bin/hamauto.sh > /dev/null 2>&1
0 1,13 * * * ~user/bin/spamauto.sh > /dev/null 2>&1

This will tell crontab to run both scripts at 1PM and 1AM every day. Change at your discretion.

When this is completed, Users will now be able to report ham and spam. :-)

Page 10 of 14