summaryrefslogtreecommitdiff
path: root/sqmail-4.3.07/INSTALL
diff options
context:
space:
mode:
Diffstat (limited to 'sqmail-4.3.07/INSTALL')
-rw-r--r--sqmail-4.3.07/INSTALL253
1 files changed, 0 insertions, 253 deletions
diff --git a/sqmail-4.3.07/INSTALL b/sqmail-4.3.07/INSTALL
deleted file mode 100644
index a51c6d7..0000000
--- a/sqmail-4.3.07/INSTALL
+++ /dev/null
@@ -1,253 +0,0 @@
-Configuration and Installation of s/qmail
------------------------------------------
-
-HOW TO INSTALL:
-- s/qmail uses D.J.B's slashpackage convention
- for installing while trying to conserve the
- standard qmail installations:
- * untar the sqmail tar file under '/package'
- * Move to /package/mail/sqmail/sqmail-V.R.F
- and go on with installation
-- Set up the s/qmail package with the following
- step-by-step options or simple run (as 'root'):
- * package/install -- does it all
-
-A) REQUIREMENTS
-
-1. Compiler & make utilities.
-2. fehQlibs are installed (typically as /usr/local/qlibs)
-3. The directory /package is in place.
-4. Header files and libs for *SSL.
-5. The UCSPI-SSL package to be installed.
-6. Header files and libraries for IDN2 support (optional).
-7. Header files and libraries for LDAP support (optional).
-
-Optional but very useful:
-
-8. The UCSPI-TCP6 package (tcprules, rblsmtpd).
-9. DJB's Daemontools installed and working.
-10. MRTG to display logging.
-
-
-B) CONFIGURATION
-
-1. Configuration is done by means of the
- `conf-XX` files in this main directory.
-
-2. Short description:
-
- conf-break -- the character for VERP addresses [-]
- conf-cc -- compiler (no change required)
- conf-delivery -- qmail-start default-delivery
- conf-djbdns -- DJBNDS libs (not supported yet)
- conf-groups*) -- s/qmail groups
- conf-home -- home dir of s/qmail [/var/qmail]
- conf-idn2 -- include optional path for libidn2
- conf-ids*) -- Unix ids for s/qmail
- conf-instances -- QMQ instances to be raised
- conf-ld -- loader options to be adjusted (for i386; AMD64 default)
- conf-log -- target dir of s/qmail logs [/var/log]
- conf-man -- target dir of man pages, usually automatically recognized
- conf-patrn -- s/qmail paternalism [002]
- conf-qmq -- QMQ environment settings
- conf-spawn -- silent concurrency limit [120]
- conf-split -- depth of s/qmail dirs [23]
- conf-svcdir -- supervise's directory [/service]
- conf-ssl -- path to *SSL header files [empty for defaults]
- conf-ucspissl -- path to UCSPI-SSL dirs
- conf-users*) -- user names
-
- Configurations labeled with *) need to be treated together.
-
-3. Depending on your settings, you may need to
- adjust the following:
-
- a) conf-cc: Perhaps remove the -DIDN2 option
- if libidn2 is not installed.
- Other options are:
- -DHIDEVIRTUALUSER
- -DDEFERREDBOUNCES
- -DSHOWLOG
- -DBARELF
- b) conf-ld: Adjust architecture of executables.
- If you use OpenSSL/LibreSSL from sources outside the
- default, you need to include the link path (-L).
- c) conf-idn2: Include optional path to 'libidn2'.
-
-4. s/qmail user settings:
-
- a) conf-ids: The UIDs and GIDs
- b) conf-groups:The s/qmail group names.
- c) conf-users: The s/qmail user names.
-
-5. Directories and system interaction:
-
- a) conf-home
- b) conf-qlibs
- c) conf-ssl
- d) conf-ucspissl
- e) conf-log
- f) conf-man
- g) conf-svcdir
-
-6. Run-time issues:
-
- a) conf-break
- b) conf-patrn
- c) conf-split
- d) conf-delivery
- e) conf-instances (still not working yet)
- f) conf-qmq (still not uptodate jet)
-
-
-C) INSTALLATION
-
-1. Upon configuration and verification
- to meet requirements, simply do
-
- package/install
-
-2. Detail description of installation steps:
-
- package/dir -- sets up the directories
- package/ids -- sets up the s/qmail users
- package/ucspissl -- hooks up the required sources and libs with package ucspi-ssl
- package/compile -- compiles the sources
- package/upgrade -- potentially does the upgrade
- package/legacy -- installs the binaries in the qmail directory
- package/man -- installes the man pages
-
- All done be package/install. Additional (initial) settings:
-
- package/control -- populates the mininmal required control files for running
- package/sslenv -- sets up the SSL/TLS environments together with X.509 certs and key files (from ucspi-ssl)
- package/service -- sets up the run script for daemontools' /service and additionally the logging
- package/scripts setup optional, undocumented and unmaintained scripts
- package/run -- touches qmail/alias/ files and sets default-delivery
-
-3. Installation on OpenBSD
-
- s/qmail should be placed under
- /usr/local/qmail
- -- or --
- mount -u -o suid /var
-
-4. Upgrade from an existing Qmail
-
- s/qmail will keep your current qmail setup (except for the binaries):
-
- * Make sure, to have ucspi-ssl installed
- * Extract s/qmail under /package
- * cd /package/mail/sqmail-V.R.F
- * package/ucspissl
- * package/compile
- * package/legacy
- * package/man
- * package/upgrade
-
- In case your qmail installation is out of default, use the conf-* settings (ie. ids).
- Make sure, that your qmail 'todo' queue and the 'tcpto' table is empty (qmail-tcpto, qmail-tcpok).
-
- You need to change the port separator in the control files from ':' to ';' - if applicable.
-
-5. Deinstallation and re-do installation
-
- Within s/qmail's installation directory (where this file resides)
- simply do:
-
- rm -r compile
-
- Alternatively, you can do
-
- cd compile; make clean
-
- To re-install man-pages:
-
- cd man; rm *.gz; make clean
-
- Now you can continue with re-installation.
-
-6. Additional compile-time options
-
- conf-cc allows you to customize compilation for the following needs:
-
- - Internationalization: Include the option -IDN2.
- Be sure, to have IDN2 installed prior of compilation.
-
- - Virtual user obfuscation: Include the option -DHIDEVRITUALUSER.
- Now, the virtual user extension is excluded in the mail header
- for the displayed addresses. Vpopmail, however, requires this!
-
- - Delayed bounces: Use -DDEFERREDBOUNCES.
- Now, qmail-remote will retry mail delivery even for not DNS
- resolveable host names and IP addresses until queue lifetime
- expires.
-
- - DKIM private key names used for signing are shown
- in qmail-remote logs via option -DSHOWLOG.
-
- - Strict RF 5821 conformance for <CRLF.CRLF> can be
- relaxed by -DBARELF (=> 'SMTP smuggling' still not possible).
-
- - Check conf-cc for more restrictive settings.
-
-
-D) DKIM CONFIGURATION
-
-1. Key generation:
- You need to generate a public/private key pair.
- The private key is used to sign outgoing mails.
- The public key needs to be in the DNS as DKIM TXT record.
- Use the script mkdkimkey (after make in that directory)
- to generate RSA/Ed25519 key pairs in the required format.
-
-2. Signing operation:
- Populate the private key in the directory
- ssl/domainkeys/<domain>
- and symlink it as 'default' (= selector).
- Key roll-over is easily supported with different selectors.
- Create
- control/dkimdomains
- with the entry '=:' defaulting to your domain/MTA.
- Several domain entries with different attributes can be used.
- Upon raising the file 'control/dkimdomains' all outgoing
- emails will be automatically DKIM signed in case the
- sending domains are listed therein.
-
-3. Verification operation:
- Use qmail-dkverify as paramater in your 'smtpd.tcpd' file:
- :allow,QMAILQUEUE="bin/qmail-qmail-dkverify"
- Usually, qmail-dkverify works in annotation mode only, thus
- simply inlcudes a header for further message processing like this:
- X-Authentication-Results: piplus.fehcom.de; dkim=pass; bigchief.fehcom.de
-
- If you however set 'DKIM=+' as environment variable, mails
- failing DKIM verification (wrong signature) will be rejected upon receipt.
- This is not recommended, since mails may be subject of re-writing
- by mail-scanning MTAs.
-
-Note: DKIM is inappropriate with QMTP(S) delivery.
-
-E) MISCELLANEOUS
-
-1. s/qmail comes with a full set of updated man-pages.
-
-2. s/qmail supports SPF and SRS natively without additional libs.
-
-3. qmail-postgrey requires postgrey: [https://postgrey.schweikert.ch/]
-
-4. Further documentation can be found in ./doc
-
-5. Convenience files can be found in ./etc
-
-6. Samples for control files are provided in ./ctl
-
-7. Additional scripts are located in ./scripts
-
-8. Start-scripts (for Daemontools) reside in ./service
-
-
-Visit https://www.fehcom.de/sqmail/sqmail.html to
-access online man-pages and documentation.
-
-Date: January, 14th 2024 (feh)