Install qmail, ucspi-tcp and ucspi-ssl
Here we are ! We 'll proceed with core install !
We 'll use the source package for Qmail itself written by Dan Bernstein. While Qmail is available as Debian source package, it ends up being installed with parts of it in very different places which would render much of the available documentation invalid. Thus, we�re going to stick with the source package instead. It�s a little old by itself but we�re going to supercharge it with John Simpson�s combined patch set shortly.
FYI: A very good visual representation of how Qmail works can be found in �The Big Qmail Picture�
Extract the sources
tar -zxvf /downloads/qmail-1.03.tar.gz
Qmail
Patch it with John M. Simpson's combined patches (includes every patch which is part of netqmail-1.05 ... but also some others as you can see in the details section!)
patch < /downloads/patches/qmail-1.03-jms1-7.10.patch
Compile it
make setup check
Make the man pages and config files available like the usual Debian way
ln -s /var/qmail/control /etc/qmail
Now let's generate a secure certificate that will be used to encrypt your server's TLS encrypted SMTP sessions...
OPTIONAL : Even if you plan to use an officially signed certificate, please do the following and DO NOT use make cert here. You'll have the opportunity to use the same signed certificate for both TLS and courier at this step
make cert
Country Name (2 letter code) [AU]:BE
State or Province Name (full name) [Some-State]:Brussels
Locality Name (eg, city) []:Brussels
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your Company name
Organizational Unit Name (eg, section) []:IT
Common Name (eg, YOUR name) []:Your FQDN server
Email Address []:Your e-mail adress
Adapt certificate permissions
cd /var/qmail/controlchmod 640 servercert.pem
chown vpopmail:vchkpw servercert.pem
rm clientcert.pem
cp servercert.pem clientcert.pem
chown root:qmail clientcert.pem
chmod 640 clientcert.pem
UCSPI-TCP and UCSPI-SSL
UCSPI-TCP (aka tcpserver) is a client/server program that manages TCP connections (like inetd or xinetd but this one has really useful features to work in combinaison with Qmail).
For more information on it, its home page is located here: http://cr.yp.to/ucspi-tcp.html
UCSPI-TCP has already been installed with a Debian package (here) but the SSL version has to be installed manually (it's not in the repository for licensing reason)
chmod 1755 /packages
cd /tmp
tar -zxvf /downloads/ucspi-ssl-0.95a.tgz
mv /tmp/host/superscript.com/net/ucspi-ssl-0.95a/ /packages
cd /packages/ucspi-ssl-0.95a/
rm -rf /tmp/host/
sed -i 's/local\///' /packages/ucspi-ssl-0.95a/src/conf-tcpbin
sed -i 's/usr\/local/etc/' /packages/ucspi-ssl-0.95a/src/conf-cadir
sed -i 's/usr\/local\/ssl\/pem/etc\/ssl/' /packages/ucspi-ssl-0.95a/src/conf-dhfile
openssl dhparam -check -text -5 1024 -out /etc/ssl/dh1024.pem (It takes long)
package/compile
package/install
package/man
Users comments