s/qmail – fast, secure, and reliable email transmission

WHAT IT IS:

• s/qmail is a fork of qmail (1.03) including the features of the Spamcontrol patch together with IPv6 capabilities and is 64 bit clean
• s/qmail is API- and plug-in-compatible with qmail, thus add-ons like vpopmail, ezmlm, and vmailmgr and many others work without changes
• TLS 1.3 enabled using ucspi-ssl
• X.509 cert pinning and allowing strict TLS mode
• Automatic TLSA lookup
• DKIM signing and verification with RSA and Ed25519
• Wide scale QMTPS support
• Multi-tenancy capabilities
• s/qmail uses the concept of D.J. Bernstein's coding without compromise

INCLUDING:

The following (DJB) packages are included:

• checkpassword (as qmail-authuser)
• fastforward
• qmailanalog
• qmail-mrtg

REQUIREMENTS:

• fehQlibs (-25) – can't build w/o it
• ucspi-ssl (> 0.12.x) – won't run without it
• ucspi-tcp6 (generating the cdb)
• daemontools package (supervising the services), any other will do as well (eg. systemd)
• libidn2 for EAI support
• OpenSSL > 1.1.1 or LibreSSL > 3.7.0 to support Ed25519 signatures

INSTALLATION:

• Read the INSTALL document

INTERNAL CHANGES FROM QMAIL:

• Group is now 'sqmail' instead of 'qmail'
• Exttodo + Bigtodo is default
• qmail(-queue) supports additional control tokens and return codes
• Old qmail code for sendmail compatibility removed
• Added QMTPS capabilities (receiving and sending)
• IPv6 supported by default
• AMD64 enabled (64 + 32 bit clean), works on ARM/ARM64
• SPF DNS lookup for qmail-smtpd
• SRS: srsforward & srsreverse
• SMTPUTF8 + IDN2 support for qmail-remote
• fehQlibs DNS stub resolver
• qmail-postgrey client
• TLSA DNS lookup for qmail-remote
• Additional queue/dkim staging directories
• Less single character buffering for I/O; convenient buffer sizes
• s/qmail's queue and binary files may have different locations, thus
• the 'queue' directory can be detached from the rest system
• Maildir/ is now the default delivery for qmail-local

USER INTERFACE CHANGES:

• Port separator is ';' instead of ':' (due to IPv6)
• smtproutes supports authentication and localip setting
• Added SPF capabilities for qmail-smtpd + spfquery for testing
• Added DNS test routines: dnsmxip, dnsfq, dnscname, dnstxt, dnstlsa
• Added fastforward package
• Added qmailanalog and qmail-mrtg
• Additional TLS control files for X.509 certificates, key files, and verification handling
• RECIPIENTS extension from Spamcontol
• Added PAMs for Recipient verification (qmail-vmailuser, qmail-smtpam)
• Added qmail-authuser PAM for SMTP, POP3, and IMAP4 authentication; supporting Binc IMAP and Dovecot natively
• Added qmail-qmaint for queue maintenance
• Added 'implicit TLS' support for qmail-remote and qmail-smtpam Port numbers may now prepended with 's' -> implicit TLS
• qmail-users: changed name from 'users/cdb' to 'users/assign.cdb'
• Added qmail-dksign and qmail-dkverify together with qmail-dkim
• DKIM keys are given at SQMAIL/ssl/domainkeys/'domain'
• Authentication support for BincIMAP (separate package)
• Added qmail-ldapam as installable option (tbd)

DEDICATION

• Niklaus Wirth - creator of PASCAL (A Plea for Lean Software)
• Niklaus Wirth: "Eine Optimierung beim Programmieren erfordert Zeit" [https://www.heise.de/hintergrund/Niklaus-Wirth-Diese-schnell-erstellten-Programme-enthalten-auch-mehr-Fehler-9587266.html]

s/qmail (4.3) – this README covers the main s/qmail merits.

See doc/CHANGELOG for version information.

Date: September, 5th 2024 (feh)