Hello everyone...
Well I'm going to take the risk and lay out all my qmail set ups in hopes
that I can figure out why it works the way it does.
I'll display my tcp.smtp, tcpserver, and rc scripts, along with inbound
tunnels and outbound mapping on my firewall. It that gets me in trouble, so
be it.
This setup runs and is usually okay time wise. Netscape is noticeably faster
at smtp and pop than Eudora on my Windows clients, but it's livable.
What doesn't make a lick of sense to me is why rcpthosts works the way it
does. However, I did leave qmail up and running and told www.orbs.org to
check my server, and I haven't received a blacklist message yet.
Anyway, here's tcp.smtp and tcp.pop (I'm assuming I need a separate script
for both directions, correct me if I'm wrong)
#relay access for clients
#TCPLOCALHOST="mail.stpeterscollege.ca"
#TCPLOCALHOST="gecko.stpeters.sk.ca"
#TCPLOCALHOST="gecko.stpeterscollege.ca"
127.0.0.1:allow,RELAYCLIENT=""
192.168.1.2-254:allow,RELAYCLIENT=""
#192.168.3.2:allow,RELAYCLIENT=""
#192.168.3.3:allow,RELAYCLIENT=""
:allow
To me, this means that I've got my Protected Service Network and my localhost
available for relaying, but I commented out my Private Service Network, since
there's no need to send mail directly off my servers.
This passes the tcprules check
Now to tcpserver for smtp:
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
exec /usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -H -D -v -p -x /etc/tcp.smtp.cdb \
-u $QMAILDUID -g $NOFILESGID 192.168.3.3 smtp /var/qmail/bin/qmail-smtpd 2>&1
And tcpserver for pop:
#!/bin/sh
#QMAILDUID=`id -u qmaild`
#NOFILESGID=`id -g qmaild`
# /bin/checkpassword must run as root so that it can check passwords
#and also so that it can exec qmail-pop3d as a different user.
# the -u and -g options must be removed.
#HOSTNAME=`gecko.stpeterscollege.ca`
exec /usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -H -D -v -p -x /etc/tcp.pop.cdb \
192.168.3.3 pop-3 /var/qmail/bin/qmail-popup mail.stpeterscollege.ca \
/bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 2>&1
okay, now rcpthosts; I've got the domains in descending order of importance
Since the domain is ultimately going to be stpeters.sk.ca, I've left it in.
Right now the server is set in linuxconf to gecko.stpeterscollege.ca
The really weird part is the only way I can send outgoing mail to the
Internet is to include 'wildcard' domains. Remember, though that I've had
ORBS check this, and Sasktel does to, so it must be okay.
stpeters.sk.ca
stpeterscollege.ca
LOCALHOST
gecko.stpeterscollege.ca
mail.stpeterscollege.ca
.com
.edu
.org
.to
and locals:
stpeters.sk.ca
stpeterscollege.ca
I've never touched the rc script, but it might be important:
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start '|dot-forward .forward
./Maildir/'
and Inbound Tunnel:
207.195.105.60 ---> 192.168.3.3
and Outbound Static Mapping
192.168.3.3 ----> 207.195.105.60
nslookup works fine for the domain stpeterscollege.ca
Well, that ought to do it. Many thanks Charles and Chris for your help with
the pop password script.
Br. Kurt Van Kuren OSB
Instructional Technologist
St. Peters College
Muenster Saskatchewan Canada
