1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
/* \mainpage
s/qmail -- fast, secure, and reliable email transmission
========================================================
WHAT IT IS:
----------
- s/qmail is a fork of qmail (1.03) including the
features of the Spamcontrol patch together with
IPv6 capabilities and is 64 bit clean
- s/qmail is API- and plug-in-compatible with qmail,
thus add-ons like vpopmail, ezmlm, and vmailmgr
and many others work without changes
- TLS 1.3 enabled using ucspi-ssl
- X.509 cert pinning and allowing strict TLS mode
- Automatic TLSA lookup
- DKIM signing and verification with RSA and Ed25519
- Wide scale QMTPS support
- Multi-tenancy capabilities
- s/qmail uses the concept of D.J. Bernstein's
coding without compromise
- Linux systemd compatible
INCLUDING:
--------
The following (DJB) packages are included:
- checkpassword (as qmail-authuser)
- fastforward
- qmailanalog
- qmail-mrtg
REQUIREMENTS:
------------
- fehQlibs (-24) -- can't build w/o it
- ucspi-ssl (> 0.12.x) -- won't run without it
- ucspi-tcp6 (generating the cdb)
- daemontools package (supervising the services),
any other will do as well
- libidn2 for EAI support
- OpenSSL > 1.1.1 or LibreSSL > 3.7.0 to support Ed25519 signatures
INSTALLATION:
------------
- Read the INSTALL document
INTERNAL CHANGES FROM QMAIL:
---------------------------
- Group is now 'sqmail' instead of 'qmail'
- Exttodo + Bigtodo is default
- qmail(-queue) supports additional control tokens and return codes
- Old qmail code for sendmail compatibility removed
- Added QMTPS capabilities (receiving and sending)
- IPv6 supported by default
- AMD64 enabled (64 + 32 bit clean), works on ARM/ARM64
- SPF DNS lookup for qmail-smtpd
- SRS: srsforward & srsreverse
- SMTPUTF8 + IDN2 support for qmail-remote
- fehQlibs DNS stub resolver
- qmail-postgrey client
- TLSA DNS lookup for qmail-remote
- Additional queue/dkim staging directories
- Less single character buffering for I/O; convenient buffer sizes
USER INTERFACE CHANGES:
----------------------
- Port separator is ';' instead of ':' (due to IPv6)
- smtproutes supports authentication and localip setting
- Added SPF capabilities for qmail-smtpd + spfquery for testing
- Added DNS test routines: dnsmxip, dnsfq, dnscname, dnstxt, dnstlsa
- Added fastforward package
- Added qmailanalog and qmail-mrtg
- Additional TLS control files for X.509 certificates,
key files, and verification handling
- RECIPIENTS extension from Spamcontol
- Added PAMs for Recipient verification
(qmail-vmailuser, qmail-smtpam)
- Added qmail-authuser PAM for SMTP, POP3, and IMAP4 authentication;
supporting Binc IMAP and Dovecot natively
- Added qmail-qmaint for queue maintenance
- Added 'implicit TLS' support for qmail-remote and qmail-smtpam
Port numbers may now prepended with 's' -> implicit TLS
- qmail-users: changed name from 'users/cdb' to 'users/assign.cdb'
- Added qmail-dksign and qmail-dkverify together with qmail-dkim
- DKIM keys are given at SQMAIL/ssl/domainkeys/<domain>
- Authentication support for BincIMAP (separate package)
- Added qmail-ldapam as installable option (tbd)
DEDICATION
----------
- Niklaus Wirth - creator of PASCAL (A Plea for Lean Software)
- Niklaus Wirth: "Eine Optimierung beim Programmieren erfordert Zeit"
[https://www.heise.de/hintergrund/Niklaus-Wirth-Diese-schnell-erstellten-Programme-enthalten-auch-mehr-Fehler-9587266.html]
s/qmail (4.3) -- this README covers the main s/qmail merits.
See doc/CHANGELOG for version information.
Date: Janary, 8th 2024 (feh)
|
