Dec 24 2008

Qpsmtpd FAQ

Published by lucas at 1:37 pm under qpsmtpd

Life is easier since we use qpsmtpd. So we want to write some little tips about it.

  • How to queue messages ?

The easiest way to queue messages is use qmail-queue, but if you don’t have qmail, use your actual mail server in localhost and plugin smtp-forward:

queue/smtp-forward 127.0.0.1 25

Don’t forget to accept all mail from localhost and remove spam and antivirii from your mail server. Now your mail server is acting as MDA. Let qpsmtpd do all filters (antispam, antivirii, …).

  • Auth plugins

Try to use standard method like smtpd or imap. It will allow you to change any piece of software whenever without affect your qpsmtpd setup.

auth/auth_imap 127.0.0.1 993

auth/auth_smtpd 127.0.0.1 25

  • Check valid rcptto

Maybe the most important plugin to avoid dictionary attacks. There are scripts to extract valid users from qmail installation: John M. Simpson has some scripts to dump all users to a cdb file. Link

But if you don’t have qmail you have to do two things in order to have qpsmtpd workproperly:

  1. Dump all domains into config/rcpthosts file. Use shell or perl scripts.
  2. Dump all valid users into validrcptto.cdb file. Don’t forget this file is a cdb. There are tools (like cdbmake) to help you to build a cdb file. Send the valid list to a pipe like this :

E.g.: perl getValidUsers.pl |/usr/local/bin/cdbmake-12 /opt/qpsmtpd/config/validrcptto.cdb /opt/qpsmtpd/validrcptto.tmp

And you will have a validrcptto.cdb file. Be careful and don’t forget mailing lists!!!.

When you have the file generated add this line:

check_validrcptto_cdb /opt/qpsmtpd/config/validrcptto.cdb -

before rcpt_ok plugin

  • How to stop mails from an address to a valid users.

Use this plugin: check_badmailfromto

Create a file (config/badmailfromto) with two columns: from to (separated with ab)

That’s all. Easy as qpsmtpd.

  • How to accept mails from a relay client.

First of all be sure the relay client is a trust client. To accept all mail from the ip, include the ip in config/relayclients file. But the best way to do it is authenticate the client via standard method.

  • How to accepts mails from servers that don’t use rfc.

Strange?, not at all. We are in Spain where an official mail server (Seguridad Social) doesn’t respect rfc. So we had to remove rhsbl plugin from our config.

  • How to avoid spamassassin for relay clients.

Just add this lines in hook_data_post method, after this line:

return (DECLINED) if $transaction->data_size > 500_000;

The code:

if ( $self->qp->connection->relay_client ) {
# failsafe
$self->log(LOGALERT, “Allowing relay client past spamassassin”);
return (DECLINED);
}

So, if it is a relayed client it doesn’t send the message to spamassassin daemon.

As you can see, qpsmtpd is powerful and easy to configure. Give it a chance. Since we use it we are very confident of our mail service and proud of performance. In another post we will comment some tips about performance.

The plugin page must be your reference when implementing qpsmtpd. There is a lot of information about all you need. Thank Ask Bjørn Hansen and the active community very much for your work.

Share:
  • Digg
  • del.icio.us
  • Slashdot
  • BarraPunto
  • Meneame
  • E-mail this story to a friend!
  • Print this article!

Tags: , , , , , , , , , , , , , ,

One response so far

One Response to “Qpsmtpd FAQ”

  1. Ask Bjørn Hansen says:
    December 25, 2008 at 11:09 am

    Actually - there is so much going on in the community that it is unfair to thank me; so many are contributing.

    Glad qpsmtpd is helping you though!

    :-)

    - ask

Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word