Hello everyone...

Well I'm going to take the risk and lay out all my qmail set ups in hopes 
that I can figure out why it works the way it does.  
I'll display my tcp.smtp, tcpserver, and rc scripts, along with inbound 
tunnels and outbound mapping on my firewall. It that gets me in trouble, so 
be it.

This setup runs and is usually okay time wise. Netscape is noticeably faster 
at smtp and pop than Eudora on my Windows clients, but it's livable.
What doesn't make a lick of sense to me is why rcpthosts works the way it 
does.  However, I did leave qmail up and running and told www.orbs.org to 
check my server, and I haven't received a blacklist message yet.


Anyway, here's tcp.smtp and tcp.pop (I'm assuming I need a separate script 
for both directions, correct me if I'm wrong)

#relay access for clients
#TCPLOCALHOST="mail.stpeterscollege.ca"
#TCPLOCALHOST="gecko.stpeters.sk.ca"
#TCPLOCALHOST="gecko.stpeterscollege.ca"
127.0.0.1:allow,RELAYCLIENT=""
192.168.1.2-254:allow,RELAYCLIENT=""
#192.168.3.2:allow,RELAYCLIENT=""
#192.168.3.3:allow,RELAYCLIENT=""
:allow

To me, this means that I've got my Protected Service Network and my localhost 
available for relaying, but I commented out my Private Service Network, since 
there's no need to send mail directly off my servers.

This passes the tcprules check 

Now to tcpserver for smtp:

#!/bin/sh
     QMAILDUID=`id -u qmaild`
     NOFILESGID=`id -g qmaild`
     exec /usr/local/bin/softlimit -m 2000000 \
      /usr/local/bin/tcpserver -H -D -v -p -x /etc/tcp.smtp.cdb  \
-u $QMAILDUID -g $NOFILESGID 192.168.3.3 smtp /var/qmail/bin/qmail-smtpd 2>&1

And tcpserver for pop:

#!/bin/sh
#QMAILDUID=`id -u qmaild`
#NOFILESGID=`id -g qmaild`
# /bin/checkpassword must run as root so that it can check passwords
#and also so that it can exec qmail-pop3d as a different user.
# the -u and -g options must be removed.
#HOSTNAME=`gecko.stpeterscollege.ca`
     exec /usr/local/bin/softlimit -m 2000000 \
      /usr/local/bin/tcpserver -H -D -v -p -x /etc/tcp.pop.cdb \
      192.168.3.3 pop-3 /var/qmail/bin/qmail-popup mail.stpeterscollege.ca \
/bin/checkpassword  /var/qmail/bin/qmail-pop3d  Maildir 2>&1


okay, now rcpthosts; I've got the domains in descending order of importance
Since the domain is ultimately going to be stpeters.sk.ca, I've left it in.
Right now the server is set in linuxconf to gecko.stpeterscollege.ca
The really weird part is the only way I can send outgoing mail to the 
Internet is to include 'wildcard' domains. Remember, though that I've had 
ORBS check this, and Sasktel does to, so it must be okay.

stpeters.sk.ca
stpeterscollege.ca
LOCALHOST
gecko.stpeterscollege.ca
mail.stpeterscollege.ca
.com
.edu
.org
.to

and locals:

stpeters.sk.ca
stpeterscollege.ca

I've never touched the rc script, but it might be important:

#!/bin/sh

     exec env - PATH="/var/qmail/bin:$PATH" \
     qmail-start '|dot-forward .forward
     ./Maildir/'

and Inbound Tunnel:
207.195.105.60 ---> 192.168.3.3
and Outbound Static Mapping
192.168.3.3 ----> 207.195.105.60

nslookup works fine for the domain stpeterscollege.ca

Well, that ought to do it.  Many thanks Charles and Chris for your help with 
the pop password script.


Br. Kurt Van Kuren OSB
Instructional Technologist
St. Peters College
Muenster Saskatchewan Canada

Reply via email to