diff options
Diffstat (limited to 'sqmail-4.3.07/INSTALL')
-rw-r--r-- | sqmail-4.3.07/INSTALL | 253 |
1 files changed, 0 insertions, 253 deletions
diff --git a/sqmail-4.3.07/INSTALL b/sqmail-4.3.07/INSTALL deleted file mode 100644 index a51c6d7..0000000 --- a/sqmail-4.3.07/INSTALL +++ /dev/null @@ -1,253 +0,0 @@ -Configuration and Installation of s/qmail ------------------------------------------ - -HOW TO INSTALL: -- s/qmail uses D.J.B's slashpackage convention - for installing while trying to conserve the - standard qmail installations: - * untar the sqmail tar file under '/package' - * Move to /package/mail/sqmail/sqmail-V.R.F - and go on with installation -- Set up the s/qmail package with the following - step-by-step options or simple run (as 'root'): - * package/install -- does it all - -A) REQUIREMENTS - -1. Compiler & make utilities. -2. fehQlibs are installed (typically as /usr/local/qlibs) -3. The directory /package is in place. -4. Header files and libs for *SSL. -5. The UCSPI-SSL package to be installed. -6. Header files and libraries for IDN2 support (optional). -7. Header files and libraries for LDAP support (optional). - -Optional but very useful: - -8. The UCSPI-TCP6 package (tcprules, rblsmtpd). -9. DJB's Daemontools installed and working. -10. MRTG to display logging. - - -B) CONFIGURATION - -1. Configuration is done by means of the - `conf-XX` files in this main directory. - -2. Short description: - - conf-break -- the character for VERP addresses [-] - conf-cc -- compiler (no change required) - conf-delivery -- qmail-start default-delivery - conf-djbdns -- DJBNDS libs (not supported yet) - conf-groups*) -- s/qmail groups - conf-home -- home dir of s/qmail [/var/qmail] - conf-idn2 -- include optional path for libidn2 - conf-ids*) -- Unix ids for s/qmail - conf-instances -- QMQ instances to be raised - conf-ld -- loader options to be adjusted (for i386; AMD64 default) - conf-log -- target dir of s/qmail logs [/var/log] - conf-man -- target dir of man pages, usually automatically recognized - conf-patrn -- s/qmail paternalism [002] - conf-qmq -- QMQ environment settings - conf-spawn -- silent concurrency limit [120] - conf-split -- depth of s/qmail dirs [23] - conf-svcdir -- supervise's directory [/service] - conf-ssl -- path to *SSL header files [empty for defaults] - conf-ucspissl -- path to UCSPI-SSL dirs - conf-users*) -- user names - - Configurations labeled with *) need to be treated together. - -3. Depending on your settings, you may need to - adjust the following: - - a) conf-cc: Perhaps remove the -DIDN2 option - if libidn2 is not installed. - Other options are: - -DHIDEVIRTUALUSER - -DDEFERREDBOUNCES - -DSHOWLOG - -DBARELF - b) conf-ld: Adjust architecture of executables. - If you use OpenSSL/LibreSSL from sources outside the - default, you need to include the link path (-L). - c) conf-idn2: Include optional path to 'libidn2'. - -4. s/qmail user settings: - - a) conf-ids: The UIDs and GIDs - b) conf-groups:The s/qmail group names. - c) conf-users: The s/qmail user names. - -5. Directories and system interaction: - - a) conf-home - b) conf-qlibs - c) conf-ssl - d) conf-ucspissl - e) conf-log - f) conf-man - g) conf-svcdir - -6. Run-time issues: - - a) conf-break - b) conf-patrn - c) conf-split - d) conf-delivery - e) conf-instances (still not working yet) - f) conf-qmq (still not uptodate jet) - - -C) INSTALLATION - -1. Upon configuration and verification - to meet requirements, simply do - - package/install - -2. Detail description of installation steps: - - package/dir -- sets up the directories - package/ids -- sets up the s/qmail users - package/ucspissl -- hooks up the required sources and libs with package ucspi-ssl - package/compile -- compiles the sources - package/upgrade -- potentially does the upgrade - package/legacy -- installs the binaries in the qmail directory - package/man -- installes the man pages - - All done be package/install. Additional (initial) settings: - - package/control -- populates the mininmal required control files for running - package/sslenv -- sets up the SSL/TLS environments together with X.509 certs and key files (from ucspi-ssl) - package/service -- sets up the run script for daemontools' /service and additionally the logging - package/scripts setup optional, undocumented and unmaintained scripts - package/run -- touches qmail/alias/ files and sets default-delivery - -3. Installation on OpenBSD - - s/qmail should be placed under - /usr/local/qmail - -- or -- - mount -u -o suid /var - -4. Upgrade from an existing Qmail - - s/qmail will keep your current qmail setup (except for the binaries): - - * Make sure, to have ucspi-ssl installed - * Extract s/qmail under /package - * cd /package/mail/sqmail-V.R.F - * package/ucspissl - * package/compile - * package/legacy - * package/man - * package/upgrade - - In case your qmail installation is out of default, use the conf-* settings (ie. ids). - Make sure, that your qmail 'todo' queue and the 'tcpto' table is empty (qmail-tcpto, qmail-tcpok). - - You need to change the port separator in the control files from ':' to ';' - if applicable. - -5. Deinstallation and re-do installation - - Within s/qmail's installation directory (where this file resides) - simply do: - - rm -r compile - - Alternatively, you can do - - cd compile; make clean - - To re-install man-pages: - - cd man; rm *.gz; make clean - - Now you can continue with re-installation. - -6. Additional compile-time options - - conf-cc allows you to customize compilation for the following needs: - - - Internationalization: Include the option -IDN2. - Be sure, to have IDN2 installed prior of compilation. - - - Virtual user obfuscation: Include the option -DHIDEVRITUALUSER. - Now, the virtual user extension is excluded in the mail header - for the displayed addresses. Vpopmail, however, requires this! - - - Delayed bounces: Use -DDEFERREDBOUNCES. - Now, qmail-remote will retry mail delivery even for not DNS - resolveable host names and IP addresses until queue lifetime - expires. - - - DKIM private key names used for signing are shown - in qmail-remote logs via option -DSHOWLOG. - - - Strict RF 5821 conformance for <CRLF.CRLF> can be - relaxed by -DBARELF (=> 'SMTP smuggling' still not possible). - - - Check conf-cc for more restrictive settings. - - -D) DKIM CONFIGURATION - -1. Key generation: - You need to generate a public/private key pair. - The private key is used to sign outgoing mails. - The public key needs to be in the DNS as DKIM TXT record. - Use the script mkdkimkey (after make in that directory) - to generate RSA/Ed25519 key pairs in the required format. - -2. Signing operation: - Populate the private key in the directory - ssl/domainkeys/<domain> - and symlink it as 'default' (= selector). - Key roll-over is easily supported with different selectors. - Create - control/dkimdomains - with the entry '=:' defaulting to your domain/MTA. - Several domain entries with different attributes can be used. - Upon raising the file 'control/dkimdomains' all outgoing - emails will be automatically DKIM signed in case the - sending domains are listed therein. - -3. Verification operation: - Use qmail-dkverify as paramater in your 'smtpd.tcpd' file: - :allow,QMAILQUEUE="bin/qmail-qmail-dkverify" - Usually, qmail-dkverify works in annotation mode only, thus - simply inlcudes a header for further message processing like this: - X-Authentication-Results: piplus.fehcom.de; dkim=pass; bigchief.fehcom.de - - If you however set 'DKIM=+' as environment variable, mails - failing DKIM verification (wrong signature) will be rejected upon receipt. - This is not recommended, since mails may be subject of re-writing - by mail-scanning MTAs. - -Note: DKIM is inappropriate with QMTP(S) delivery. - -E) MISCELLANEOUS - -1. s/qmail comes with a full set of updated man-pages. - -2. s/qmail supports SPF and SRS natively without additional libs. - -3. qmail-postgrey requires postgrey: [https://postgrey.schweikert.ch/] - -4. Further documentation can be found in ./doc - -5. Convenience files can be found in ./etc - -6. Samples for control files are provided in ./ctl - -7. Additional scripts are located in ./scripts - -8. Start-scripts (for Daemontools) reside in ./service - - -Visit https://www.fehcom.de/sqmail/sqmail.html to -access online man-pages and documentation. - -Date: January, 14th 2024 (feh) |