Last updated September 2008
If you are starting out fresh, or upgrading, looking for a way to support many users in either one or many virtual domains, I suggest you look at the Postfix, Dovecot and MySQL combination rather than the outdated and no longer supported Qmail, if you are after only a single stand alone mail server for just one domain with system users, then Sendmail or Postfix are still a far better choices, my preferance is the later, there is a great relationship between Postfix, Amavisd (replacement for mailscanner) and Dovecot.
All the best in your adventures
In modernising our mail network, I was finding it increasingly hard to justify to even myself to use Qmail any longer, it has been replaced using the Postfix, MySQL and Dovecot-LDA model, which is so much cleaner than Qmail and Vpopmail despite it having worked reasonable in the past for us.
As such, this is the last update for this site. However, I admit it has not had
any real updates in a number of years now anyway, so I fail to see how this information
wont still be relevant in 5 or even 10 years from now given qmail itself
has not been updated since 2000 and is officially abandone-ware.
if you can spare the time, I seriously recommend replacing it, you wont regret it.
This MailScanner with Qmail guide assumes you already have a working Qmail installation, by following these procedures, you'll be up and running in minutes (see known issues).
Qmail-ms is provided separate from MailScanners Web Site, MailScanner was written for Sendmail, and although author Julian Field offers support for likes of Exim etc, he does not provide any support for Qmail, and as Qmail is still heavily used, it seemed unfair Qmail'rs could not take advantage of MailScanners powerful qualities with their exisiting installs.
Firstly, download MailScanner (if you use RH/CentOS,SuSE etc, I *recommend* the source version over the RPM), then download the qmail-ms package.
If you are using Debian (or a variant) you are strongly encouraged to remove the Debian and/or Ubuntu versions as (in keeping with Debian' usual staleness) they are truly outdated, even Ubuntu 8.04 released recently included a 12 month old version of MailScanner (it was also reported to not even work) so don't use it, get the latest source version from the MailScanner website.
Qmail-ms is in addition to your normal Qmail sources, which must still remain completely separate. Qmail-ms is qmail-1.03 with a hand full of sources patched so MailScanner and Qmail can work together, it generates only two files that we need for this to work, you can't just patch your existing source tree because we need the originals as well.
These instructions, including path examples are based on source install of MailScanner (under /opt) if you use RPM just change paths to suite, or rpm -e MailScanner and install the source version.
Play it safe, backup all sources and your /var/qmail/bin contents so you don't
accidentally overwrite your real Qmail sources, and if something goes wrong you can put
back your original binaries.
Back Up Now - You have been warned!
This Document makes reference to cpan -i but if you do not have cpan installed substitute the commands with perl -MCPAN -e 'install module_name' or perl -MCPAN -e 'install Bundle::CPAN' prior to commencing. Credits: Qmail www.qmail.org Sendmail www.sendmail.org MailScanner www.mailscanner.info VPopMail www.inter7.com Dovecot www.dovecot.org SquirrelMail www.squirrelmail.org MySQL dev.mysql.org ClamAV Anti Virus www.clamav.net F-Prot Anti Virus www.f-prot.org SpamAssassin spamassassin.apache.org Downloads: MailScanner Linux/BSD/Solaris Source and RedHat/Fedora RPM. qmail-ms Provides 2 binaries we need to use MailScanner. Known Issues: * Plesk uses a different and unusual Virtual Domain setup and heavily modifies many Qmail files, Qms may or may not work, some people do have it working, but most do not, this is because of Plesks modifications.
Install the following perl modules if they aren't already if you want to use SpamAssassin Required for SpamAssassin: cpan -fi Digest::SHA1 HTML::Parser Net::DNS Mail::SPF::Query IP::Country Net::Ident HTTP::Date Archive::Tar IO::Zlib cpan -i Mail::SpamAssassin WARNING: SpamAssassin can delay your queues and dramatically increase load of very large systems, monitor and fine tune. If you process mail at a rate of over 1 million emails per day, you have been warned. Try disabling bayes, dcc and pyzor, Razor2 works well still. The above is NOT a MailScanner or Qmail issue, it is a SpamAssassin issue. It is also advisable to use the SA3.2.x method of compiled rules. I also recommend use skip_rbls = 1, RBL rejecting should be done in the MTA.
Install MailScanner. cd mailscanner-source-dir ./install.sh --fast *NOTE: If you prefer to manually keep all your system perl mods up to date, and don't want to run the risk of MailScanner installing older mods you can supply the --nomodules option to install.sh You should now read MailScanner and SpamAssassin conf files and change settings to customise for your site.
Get your favorite scanner and install it, also don't forget to update the definitions. Two good scanners I recommend are ClamAV (Free) (Use clamd method) and F-Prot (Commercial)
extract qmail-ms.tar.gz If this is your _very_first_ever_ install of qmail-ms run: "./msconf" Now stop Qmail and run: "make && make setup" Read this closely
Qmails BIG-TODO patches... You will need to make these changes now and when you upgrade MailScanner. Note: X Will be highest "big-todo patch" directory number (eg: 99). Edit qmail-ms/conf.split and replace 23 with X Edit /opt/MailScanner/lib/MailScanner/ConfigDefs.pl and change: qmailhashdirectorynumber 23 -TO- qmailhashdirectorynumber X This will overcome queue mismatches.Of course if it's your first install you will need to make those extra directories,
run: /opt/MailScanner/bin/MailScanner --lint if it all looks good, you will probably see output like this: (output example updated March 19 2008 for current stable release) ~# /opt/MailScanner/bin/MailScanner --lint Trying to setlogsock(unix) Checking version numbers... Version number in MailScanner.conf (4.67.6) is correct. Your envelope_sender_header in spam.assassin.prefs.conf is correct. Checking for SpamAssassin errors (if you use it)... SpamAssassin temp dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp MailScanner.conf says "Virus Scanners = f-prot" Found these virus scanners installed: f-prot =========================================================================== =========================================================================== Virus Scanner test reports: F-Prot said "./1/eicar.com Infection: EICAR_Test_File" If any of your virus scanners (f-prot) are not listed there, you should check that they are installed correctly and that MailScanner is finding them correctly via its virus.scanners.conf. .... If you do see something similar to this, you should be ready to fire up and forget :) Now run: /opt/MailScanner/bin/check_mailscanner Watch your mail logs for errors, if all is good, restart Qmail and check logs again for any permission errors. If it fails, run /opt/MailScanner/bin/MailScanner --lint -D Try resolve the errors displayed, if all else fails, grab the output, subscribe to the mailing list and ask for help, include your debug output and as much info as possible, If MailScanner bails It should not be a qmail problem, so long as permissions are set correctly. Once all up and running, include /opt/MailScanner/bin/check_mailscanner in your Qmail startup script.
When using qmail-ms (or in fact anyone using the source install method) you can easily upgrade MailScanner by obtaining the latest source tarball, extract, then run: ./install.sh --nomodules --fast This will install your new version under /opt where your old one is, now to upgrade cd /opt/MailScanner-NEW_VERSION/etc Paste the following 3 lines and then review carefully the output from the diff: mv MailScanner.conf MailScanner.conf.default ../bin/upgrade_MailScanner_conf /opt/MailScanner/etc/MailScanner.conf MailScanner.conf.default > MailScanner.conf diff /opt/MailScanner/etc/MailScanner.conf MailScanner.conf If you, like me, modify the default filename/filetype conf files, customise reports etc, you can also move them over. It's a very good idea to every so often diff your customised files against an untouched release copy so you can include any new statements, this is more so important for filename/filetype config files. Typically I paste (we are still in the /opt/MailScanner%new-version%/etc directory): cp /opt/MailScanner/etc/filename.rules.conf . cp /opt/MailScanner/etc/filetype.rules.conf . cp /opt/MailScanner/etc/mailscanner-mrtg.conf . cp /opt/MailScanner/etc/spam.assassin.prefs.conf . cd rules/ cp /opt/MailScanner/etc/rules/*.rules . cd ../reports/en cp /opt/MailScanner/etc/reports/en/sender.content.report.txt . cp /opt/MailScanner/etc/reports/en/rejection.report.txt . cp /opt/MailScanner/etc/reports/en/sender.filename.report.txt . Good idea to now check your virus scanner config file, I find it annoying with 'generic' so I comment it out. Now, time to stop MailScanner, rm the softlink for MailScanner in /opt and create a new softlink for MailScanner-NEW_VERSION to MailScanner ... then restart. You should now be running the new version and all should be well, monitor logs for a few minutes to ensure no errors.