[2008-11: New installation on 10.3/8.6.0]
[2007-04: Implementing SMTP Authorization with qpsmtpd running under SuSE 10.0 and Plesk 8.0
[2014-01: Here's an update to these instructions.]
[2018-09: Update #2 on Installing qpsmtpd on Xenial, completely replaces 2014-01]
[2020-11: Update #3 on Installing qpsmtpd on Bionic, completely replaces 2018-09]
This is yet another update to my instructions for installing qpsmtpd on a Linux system running under Plesk, this time for Postfix, rather than Qmail.
qpsmtpd is on GitHub, but we need some preliminaries first:
Just in case you don't have cc yet:
apt-get install build-essential
apt-get install libcrypt-openssl-random-perl libcrypt-openssl-rsa-perl
apt-get install libssl-dev
perl -MCPAN -e 'install Crypt::OpenSSL::Random'
# ^ This will install CPAN if you haven't done that already! I chose the automatic configuration.
perl -MCPAN -e 'install Crypt::OpenSSL::RSA'
apt-get install libidn2-dev
# ^ On xenial (16.04) try libidn2-0-dev instead.
perl -MCPAN -e 'install Net::LibIDN2'
perl -MCPAN -e 'install Mail::DKIM'
# ^ This installs a lot of packages and runs lots of tests; be patient, you've seen nothing yet...
apt-get install libxml2-dev
perl -MCPAN -e 'install XML::LibXML'
perl -MCPAN -e 'install Mail::DMARC'
After these preliminaries we can install qpsmtpd according to its README: Install the following "required Perl modules:
perl -MCPAN -e 'install Net::DNS'
perl -MCPAN -e 'install MIME::Base64'
perl -MCPAN -e 'install Mail::Header'
In addition the default plugins require some additional modules.
Fix "'YAML' not installed, will not store persistent state":
cpan 'YAML'
Unfortunately, the following fails — see and follow Failed test 'POD test for blib/lib/Mail/SPF/Util.pm' at /usr/local/share/perl/5.24.1/Test/Pod.pm line 187.
perl -MCPAN -e 'install Mail::SPF'
If you want to use the ident/geoip
plugin, install
(huge install!) and use the following script to download and extract the MaxMind GeoLite2 databases:
perl -MCPAN -e 'install GeoIP2'
perl -MCPAN -e 'install Math::Complex'
#!/usr/bin/env bash cd /usr/local/share/GeoIP for DB in GeoLite2-ASN GeoLite2-City # GeoLite2-Country do echo $DB wget 'https://download.maxmind.com/app/geoip_download?edition_id='${DB}'&license_key=MY_LICENSE_KEY&suffix=tar.gz' --output-document=${DB}.dat.tar.gz tar -xvzf ${DB}.dat.tar.gz --strip-components=1 --wildcards "*.mmdb" done rm GeoLite2*.dat.tar.gz
For the auth_imap
plugin, install
perl -MCPAN -e 'install Net::IMAP::Simple'
Running the watch
and summarize
utilities recommended in the FAQ requires yet another dependency:
perl -MCPAN -e 'install File::Tail'
Read the README file.
Add a group and user called smtpd
, and expand qpsmtpd in his home directory:
groupadd smtpd useradd -d /home/smtpd -s /sbin/nologin -g smtpd -m smtpd cd ~smtpd # remove all skeleton files
Get qpsmtpd. I take the latest development version from GitHub — you may want to use the stable version instead):
git clone https://github.com/smtpd/qpsmtpd.git
I prefer to create the config directory above the qpsmtpd tree and create a soft link where qpsmptd expects it:
mkdir config cp -r qpsmtpd/config.sample/* config ln -s ../config qpsmtpd/config
You may need to customize config/IP
, and possibly remove config/rcpthosts
to get qpsmtpd to use the existing /var/qmail/control/rcpthosts.
If you can't wait to try out qpsmtpd, then it's possible to run it under the current acount at this point, but the following steps will allow you to run it more safely under the new smtpd user: smtpd needs write access to ~smtpd/tmp/ and ~smtpd/log/ but no other directory, so do something like this:
echo /home/smtpd/tmp >~smtpd/qpsmtpd/config/spool_dir chown -R root.smtpd ~smtpd find ~smtpd -type d -exec chmod 750 {} \; mkdir ~smtpd/tmp chown smtpd ~smtpd/tmp chmod 700 ~smtpd/tmp mkdir /var/log/qpsmtpd chown smtpd /var/log/qpsmtpd chmod 700 /var/log/qpsmtpd ln -s /var/log/qpsmtpd ~smtpd/log
Setting spool_dir
is essential for running qpsmtpd — I had to ask the friendly specialists on the qpsmtpd mailing list to get this piece of the puzzle.
Now you can test drive qpsmtpd — this is an essential step because it allows you to see any error messages due to installation problems that you need to solve before you can proceed.
cd qpsmtpd ./qpsmtpd-forkserver -u smtpd
Connect through a second terminal (or telnet remotely, if your firewall allows accessing port 2525):
telnet localhost 2525
qpsmtpd greets you and you can try an interactive SMTP session if you like:
220 example.com ESMTP qpsmtpd 0.3x ready; send us your mail, but not your spam. ehlo dude 250-example.com Hi Unknown [127.0.0.1] 250-PIPELINING 250-8BITMIME 250 STARTTLS quit 221 example.com closing connection. Have a wonderful day. Connection closed by foreign host.
Now proceed to running qpsmtpd. The following relies heavily on hjp's qpsmtpd with postfix - a tutorial (WayBackMachine).
Another good source:
http://blog.infinitylimited.net/running-qpsmtpd-with-postfix-on-gentoo/
# queue the mail to postfix
queue/postfix-queue
Couldn't open "/var/spool/postfix/public/cleanup": Permission denied at lib/Qpsmtpd/Postfix.pm line 115.
16510 FATAL PLUGIN ERROR [queue::postfix_2dqueue]: Unable to open any cleanup sockets! at lib/Qpsmtpd/Postfix.pm line 187.
usermod -a -G postdrop smtpd