# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Header: $ inherit toolchain-funcs eutils fixheadtails flag-o-matic IUSE="ssl zlib debug notlsbeforeauth cluster vmail spp readvars qmail-ldap-control" DESCRIPTION="A modern replacement for sendmail which uses maildirs and includes SSL/TLS, AUTH SMTP, and queue optimization" HOMEPAGE="http://www.qmail-ldap.org" SRC_URI="mirror://qmail/qmail-1.03.tar.gz http://www.nrg4u.com/qmail/qmail-ldap-1.03-20060201.patch.gz http://qmail-spp.sourceforge.net/contrib-patches/qmail-1.03-ldap-1.03-20060201-spp-0.41.diff http://qmail.bayour.com/patches_ldap/qmail-ldap-1.03-20060201-controls20060217.patch.bz2" LICENSE="as-is" SLOT="0" KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~sparc x86" DEPEND="virtual/libc sys-apps/groff ssl? ( >=dev-libs/openssl-0.9.6g ) zlib? ( sys-libs/zlib ) >=net-nds/openldap-2.1.23 >=net-mail/queue-fix-1.4-r1" RDEPEND="!virtual/mta virtual/libc app-shells/bash >=sys-apps/ucspi-tcp-0.88 >=sys-process/daemontools-0.76-r1 >=net-mail/queue-fix-1.4-r1 >=net-nds/openldap-2.1.23" PROVIDE="virtual/mta virtual/mda" S=${WORKDIR}/qmail-1.03 # Where the rules for tcpserver will be kept: TCPRULES_DIR=/etc/tcprules.d explain_vars() { echo "" ewarn "This ebuild comes with some environment variables you can set" ewarn " to control how your ${PN} installation is configured without" ewarn " having to edit the ebuild file and run 'emerge digest'" ewarn " all the time." ewarn " The variables are as follows:" einfo "VMAILUSER" einfo " The user qmail runs as if the 'vmail' use flag is set" einfo " VMAILUSER's UID and GID default to:" einfo " UID: vmail:11184" einfo " GID: vmail:2110" echo "" einfo "example: VMAILUSER=\"fakemail\" emerge qmail-ldap" echo "" echo "" einfo "VMAILHOME" einfo " The home directory for $VMAILUSER, this is where all" einfo " e-mail will be stored if using virtual hosting (set" einfo " the 'vmail' USE flag." einfo " Default: VMAILHOME=\"/vmail\"" echo "" einfo "example: VMAILHOME=\"/var/qmail/vmail\"" echo "" echo "" einfo "VDOMAINS" einfo " This variable controls whether or not vpopmail-style virtual" einfo " domains are enabled. To enable vpopmail virtual domains, " eerror " you must first have the 'vmail' use flag set, then set " einfo " VDOMAINS to one of the following settings:" einfo " \"IP\": IP-based virtual domains" einfo " \"NAMED\": Name-based virtual domains" einfo " \"IP NAMED\": IP and Name-based (both)" echo "" einfo " For a full explanation of this patch, see:" einfo " http://www.sztaki.hu/~bajnokk/qmail-ldap-virtual.html" echo "" einfo "example: VDOMAINS=\"IP NAMED\" emerge qmail-ldap" echo "" echo "" einfo "LDAPFLAGS" einfo " You can customize some compiled in functionality by passing" einfo " LDAPFLAGS to the ebuild. The LDAPFLAGS not already covered" einfo " by USE flags are:" einfo " -DALTQUEUE to use a diffrent qmail-queue program on runtime" einfo " -DBIGBROTHER to use the control/bigbrother file to forward all" einfo " mails coming rom a specified account to another (swiss" einfo " bigbrother law)" einfo " -DBIGTODO to enable the big todo patch" einfo " -DBIND_8_COMPAT needed if the compile fails building dns.c" einfo " because of undeclared defines." einfo " -DCLEARTEXTPASSWD does what it says. A BAD IDEA on production" einfo " systems" einfo " -DDASH_EXT enables the dash_ext patch for extended mail" einfo " addresses" einfo " -DEXTERNAL_TODO uses the external high performance todo" einfo " processing" einfo " -DIGNOREVERISIGN disallows dns wildchar matches" einfo " -DQUOTATRASH includes the Trash in quota calculations" einfo " -DSMTPEXECCHECK enables smtp DOS/Windows executable detection" echo "" einfo "Defaults (if no value is passed on the command line):" einfo "LDAPFLAGS=\"-DALTQUEUE -DBIGTODO -DDASH_EXT -DIGNOREVERISIGN -DQUOTATRASH\"" echo "" einfo "example: LDAPFLAGS=\"-DIGNOREVERISIGN -DQUOTATRASH -DBIGBROTHER\"" echo "" echo "" ewarn "To actually run the ebuild and not see this message, simply define" ewarn " any of the variables listed above, or set the 'readvars' USE flag" ewarn " For example:" einfo "USE=\"readvars\" emerge qmail-ldap" einfo " That way if you really know what you are doing, you can set readvars" einfo " in /etc/portage/package.use and forget about it." echo "" exit 1 } ! use readvars && [[ -z $LDAPFLAGS ]] && [[ -z $VMAILUSER ]] \ && [[ -z $VDOMAINS ]] && explain_vars pkg_setup() { # Gentoo 2006.0 doesn't have qmail system users by default # Thanks to Falador on the forums for pointing this out! # These apparently need to be here because the qmail code checks for some # of these while compiling. Yay! :-P einfo "Creating users and groups for qmail system users if necessary ..." enewgroup qmail 201 enewgroup nofiles 200 enewuser alias 200 /bin/true /var/qmail/alias nofiles "-cSystem account for qmail alias" enewuser qmaild 201 /bin/true /var/qmail nofiles "-cSystem account for qmail" enewuser qmaill 202 /bin/true /var/qmail nofiles "-cSystem account for qmail" enewuser qmailp 203 /bin/true /var/qmail nofiles "-cSystem account for qmail" enewuser qmailq 204 /bin/true /var/qmail qmail "-cSystem account for qmail queue" enewuser qmailr 205 /bin/true /var/qmail qmail "-cSystem account for qmail" enewuser qmails 206 /bin/true /var/qmail qmail "-cSystem account for qmail" } src_unpack() { if use vmail ; then # We set some options for virtual hosting here. # Note that if you don't have "vmail" in your # USE flags, these are all ignored. # What user/group name to use for the virtual user: [ -z "${VMAILUSER}" ] && VMAILUSER="vmail" # What user/group name to use for the virtual user: [ -z "${VMAILUSER}" ] && VMAILUSER="vmail" # The home directory for $VMAILUSER. All user mail # will be kept in a subdirectory of $VMAILHOME [ -z "${VMAILHOME}" ] && VMAILHOME="/vmail" #Which style of VIRTUALDOMAINS do you want to use? # "IP" = IP-based virtual domains # "NAMED" = Name-based virtual domains # "IP NAMED" = IP and Name-based (both) # # NOTE: This has been set up so you can pass "VDOMAINS" as # an environment variable, so you don't need to modify the ebuild # #Leave this blank to disable this option. If you do enable it, #See the "VIRTUAL.readme" file included in the docs!! echo "${VDOMAINS}" | egrep -q "IP|NAMED" || VDOMAINS="" echo fi # If you want to customize your LDAPFLAGS, you can pass # "LDAPFLAGS" on as an environment variable to the ebuild. # Here is a list of LDAPFLAGS not already covered by USE flags: # -DALTQUEUE to use a diffrent qmail-queue programm on runtime # -DBIGBROTHER to use the control/bigbrother file to forward all mails comming # from a specified account to another (swiss bigbrother law) # -DBIGTODO to enable the big todo patch (this can be used together with # EXTERNAL_TODO). Useful for servers with very many non-preprocessed mails # -DBIND_8_COMPAT need if the compile fails building dns.c because of # undeclared defines. This is necessary on MacOS X 10.3. # -DCLEARTEXTPASSWD to use cleartext passwords (bad idea on production systems) # -DDASH_EXT to enable the dash_ext patch for extended mail addresses # -DEXTERNAL_TODO to use the external high-performance todo processing (this # avoids the silly qmail syndrome with high injection rates) # -DIGNOREVERISIGN to disallow dns wildchar matches on gtlds, thanks verisign. # -DQUOTATRASH to include the Trash in the quota calculation (normaly it is not) # -DSMTPEXECCHECK to enable smtp DOS/Windows executable detection # LDAPFLAGS that will always get set in qmail-ldap's Makefile, unless set by you. # Don't change unless you're sure what you're doing! [ -z "${LDAPFLAGS}" ] && LDAPFLAGS="-DALTQUEUE -DBIGTODO -DDASH_EXT -DIGNOREVERISIGN -DQUOTATRASH" # unpack the initial stuff unpack qmail-1.03.tar.gz unpack qmail-ldap-1.03-20060201.patch.gz # this patch merges a few others already EPATCH_SINGLE_MSG="Adding qmail-ldap-20060201 patch" \ epatch ${WORKDIR}/qmail-ldap-1.03-20060201.patch || die if use qmail-ldap-control; then unpack qmail-ldap-1.03-20060201-controls20060217.patch.bz2 EPATCH_SINGLE_MSG="Adding qmail-ldap-controls-20060217 patch" epatch ${WORKDIR}/qmail-ldap-1.03-20060201-controls20060217.patch || die epatch ${FILESDIR}/${PVR}/qmail-ldap-controls20060217-control.c.patch || die sed -i -e ' { s|#CONTROLDB=-DUSE_CONTROLDB -DQLDAP_BAILOUT|CONTROLDB=-DUSE_CONTROLDB -DQLDAP_BAILOUT| s|NEWLDAPPROGLIBS=control.o stralloc.a fs.a|NEWLDAPPROGLIBS=control.o str.a stralloc.a fs.a| }' ${S}/Makefile || die if use ssl; then sed -i -e ' { s|#SECUREBIND=-DSECUREBIND_ALL|SECUREBIND=-DSECUREBIND_ALL| }' ${S}/Makefile || die fi fi # This makes life easy EPATCH_OPTS="-d ${S}" # Modify the Makefile for LDAP libs, shadow passwords, and auto # homedir/maildir make einfo "Patching Makefile for standard Gentoo system" sed -i -e ' { s|LDAPLIBS=-L/usr/local/lib -lldap -llber|LDAPLIBS=-L/usr/lib -lldap -llber| s|#LDAPLIBS=-L/usr/lib -lldap -llber|LDAPLIBS=-L/usr/lib -lldap -llber| s|#MDIRMAKE=-DAUTOMAILDIRMAKE|MDIRMAKE=-DAUTOMAILDIRMAKE| s|#HDIRMAKE=-DAUTOHOMEDIRMAKE|HDIRMAKE=-DAUTOHOMEDIRMAKE| s|#SHADOWLIBS=-lcrypt$|SHADOWLIBS=-lcrypt| s|BACKUPPATH=|#BACKUPPATH=| } ' ${S}/Makefile || die # Add SSL/TLS if, in USE if use ssl; then einfo "Adding SSL/TLS support" sed -i -e ' { s|#TLS=-DTLS_REMOTE -DTLS_SMTPD|TLS=-DTLS_REMOTE -DTLS_SMTPD| s|#TLSINCLUDES=-I/usr/local/include|TLSINCLUDES=-I/usr/include| s|#TLSLIBS=-L/usr/local/lib -lssl -lcrypto|TLSLIBS=-L/usr/lib -lssl -lcrypto| s|#OPENSSLBIN=openssl|OPENSSLBIN=/usr/bin/openssl| } ' ${S}/Makefile || die fi if use zlib; then einfo "Adding data compression support for SMTP/QMQP" sed -i -e 's|#ZLIB=-lz|ZLIB=-lz|' ${S}/Makefile || die LDAPFLAGS="${LDAPFLAGS} -DDATA_COMPRESS -DQMQP_COMPRESS" fi if use cluster; then einfo "qmail-ldap will be compiled to use its built-in clustering" LDAPFLAGS="${LDAPFLAGS} -DQLDAP_CLUSTER" fi if use debug; then einfo "Adding debug support" sed -i -e 's|#DEBUG=-DDEBUG|DEBUG=-DDEBUG|' ${S}/Makefile || die fi use ppc-macos && \ LDAPFLAGS="-DBIND_8_COMPAT ${LDAPFLAGS}" einfo "Adding LDAPFLAGS to Makefile" sed -i -e "s/#LDAPFLAGS=-DQLDAP_CLUSTER -DEXTERNAL_TODO -DDASH_EXT -DDATA_COMPRESS -DQMQP_COMPRESS -DSMTPEXECCHECK/LDAPFLAGS=$LDAPFLAGS/" ${S}/Makefile if use spp ; then # The sed bit is implementing Scott Ryan's fix. Please see the Changelog EPATCH_SINGLE_MSG="Adding support for qmail SMTP plugins (SPP)" \ cat ${DISTDIR}/qmail-1.03-ldap-1.03-20060201-spp-0.41.diff | sed -e 's|if (!allowed)|// if (!allowed)|' >> ${WORKDIR}/qmail-1.03-ldap-1.03-20060201-spp-0.41.diff || die epatch ${WORKDIR}/qmail-1.03-ldap-1.03-20060201-spp-0.41.diff || die fi EPATCH_SINGLE_MSG="Adding qmail queue custom error patch" \ epatch ${FILESDIR}/${PVR}/qmail-ldap-queue-custom-error.patch || die EPATCH_SINGLE_MSG="Setting some sane values in qmail-ldap.h" \ epatch ${FILESDIR}/${PVR}/qmail-ldap.h.patch || die if use vmail ; then einfo "Modifying qmail-ldap to work with virtual mail accounts" sed -i -e 's/"homeDirectory"/"notreallyahomeDirectory"/' ${S}/qmail-ldap.h if [ -n "${VDOMAINS}" ] ; then EPATCH_SINGLE_MSG="Applying patch to allow vpopmail-style virtual domains" \ epatch ${FILESDIR}/${PVR}/qmail-ldap-virtual.20060201.patch || die for virt in ${VDOMAINS} ; do myflags="${myflags} -D${virt}_VIRTUAL" done sed -i -e "s/#VIRTUAL=-DIP_VIRTUAL -DNAMED_VIRTUAL/VIRTUAL=${myflags}/" ${S}/Makefile fi fi echo -n "$(tc-getCC) ${CFLAGS}" >${S}/conf-cc # Bug 92742 (from qmail ebuild) append-ldflags -Wl,-z,now echo -n "$(tc-getCC) ${LDFLAGS}" > ${S}/conf-ld echo -n "500" > ${S}/conf-spawn # fix coreutils messup ht_fix_file ${S}/Makefile } src_compile() { emake it ldap man || die } src_install() { einfo "Setting up directory hierarchy ..." diropts -m 755 -o root -g qmail dodir /var/qmail for i in bin boot control do dodir /var/qmail/${i} done diropts -m 755 -o alias -g qmail dodir /var/qmail/alias einfo "Installing the qmail software ..." insopts -o root -g qmail -m 755 insinto /var/qmail/boot doins home home+df proc proc+df binm1 binm1+df binm2 binm2+df binm3 binm3+df dodoc FAQ UPGRADE SENDMAIL INSTALL* TEST* REMOVE* PIC* SECURITY dodoc SYSDEPS THANKS THOUGHTS TODO VERSION README* dodoc BLURB* LICENSE CHANGES EXTTODO QLDAP* TLS.readme dodoc ${FILESDIR}/samples.ldif if use vmail && [ -n "$VDOMAINS" ] ; then dodoc VIRTUAL.readme fi insinto /var/qmail/bin insopts -o qmailq -g qmail -m 4711 doins qmail-queue insinto /var/qmail/bin insopts -o root -g root -m 750 doins qmail-ldaplookup insopts -o root -g qmail -m 700 doins auth_imap auth_pop qmail-cdb qmail-lspawn qmail-newmrh \ qmail-newu qmail-start insopts -o root -g qmail -m 711 doins qmail-clean qmail-getpw qmail-local qmail-popup qmail-pw2u \ qmail-remote qmail-rspawn qmail-send splogger insopts -o root -g qmail -m 755 doins auth_smtp bouncesaying condredirect condwrite datemail digest elq \ except forward maildir2mbox maildirmake maildirwatch mailsubj pbsadd \ pbscheck pbsdbd pinq predate preline qail qbiff qmail-forward qmail-group \ qmail-inject qmail-pop3d qmail-qmqpc qmail-qmqpd qmail-qmtpd qmail-qread \ qmail-qstat qmail-quotawarn qmail-reply qmail-secretary qmail-showctl \ qmail-smtpd qmail-tcpok qmail-tcpto qmail-verify qreceipt qsmhook sendmail \ tcp-env config-fast insopts -o root -g qmail -m 755 doins ${FILESDIR}/dirmaker ${FILESDIR}/qmail-control ${FILESDIR}/qmail-rulesupdate into /usr einfo "Installing manpages" doman *.[1-8] # use the correct maildirmake # the courier-imap one has some extensions that are nicer [ -e /usr/bin/maildirmake ] && \ MAILDIRMAKE="/usr/bin/maildirmake" || \ MAILDIRMAKE="${D}/var/qmail/bin/maildirmake" einfo "Adding env.d entry for qmail" dodir /etc/env.d insinto /etc/env.d doins ${FILESDIR}/99qmail einfo "Creating sendmail replacement ..." diropts -m 755 dodir /usr/sbin /usr/lib dosym /var/qmail/bin/sendmail /usr/sbin/sendmail dosym /var/qmail/bin/sendmail /usr/lib/sendmail einfo "Setting up the default aliases ..." diropts -m 700 -o alias -g qmail ${MAILDIRMAKE} ${D}/var/qmail/alias/.maildir # for good measure keepdir /var/qmail/alias/.maildir/{cur,new,tmp} for i in mailer-daemon postmaster root do if [ ! -f ${ROOT}/var/qmail/alias/.qmail-${i} ]; then touch ${D}/var/qmail/alias/.qmail-${i} fowners alias:qmail /var/qmail/alias/.qmail-${i} fi done einfo "Setting up maildirs by default in the account skeleton ..." diropts -m 755 -o root -g root insinto /etc/skel newins ${FILESDIR}/dot_qmail .qmail.sample fperms 644 /etc/skel/.qmail.sample ${MAILDIRMAKE} ${D}/etc/skel/.maildir # for good measure keepdir /etc/skel/.maildir/{cur,new,tmp} einfo "Setting up all services (send, smtp, qmtp, qmqp, pop3) ..." insopts -o root -g root -m 755 diropts -m 755 -o root -g root dodir /var/qmail/supervise for i in send smtpd qmtpd qmqpd pop3d; do insopts -o root -g root -m 755 diropts -m 755 -o root -g root dodir /var/qmail/supervise/qmail-${i}{,/log} fperms +t /var/qmail/supervise/qmail-${i}{,/log} insinto /var/qmail/supervise/qmail-${i} newins ${FILESDIR}/${PVR}/run-qmail${i} run insinto /var/qmail/supervise/qmail-${i}/log newins ${FILESDIR}/${PVR}/run-qmail${i}log run diropts -m 755 -o qmaill keepdir /var/log/qmail/qmail-${i} done dodir ${TCPRULES_DIR} insinto ${TCPRULES_DIR} for i in smtp qmtp qmqp pop3; do newins ${FILESDIR}/tcprules/tcp.${i}.sample tcp.qmail-${i} done doins ${FILESDIR}/tcprules/Makefile einfo "Installing the qmail startup file ..." insinto /var/qmail insopts -o root -g root -m 755 doins ${FILESDIR}/rc einfo "Installing some stock configuration files" insinto /var/qmail/control insopts -o root -g root -m 644 doins ${FILESDIR}/${PVR}/conf-* doins ${FILESDIR}/control/Makefile use spp && doins ${FILESDIR}/control/smtpplugins newins ${FILESDIR}/dot_qmail defaultdelivery use ssl && doins ${FILESDIR}/${PVR}/servercert.cnf einfo "Adding qmail.schema to OpenLDAP's schema directory" diropts -o root -g root -m 0755 dodir /etc/openldap/schema insinto /etc/openldap/schema insopts -o root -g root -m 0444 doins qmail.schema einfo "Configuration sanity checker and launcher" into /var/qmail insopts -o root -g root -m 644 dobin ${FILESDIR}/${PVR}/config-sanity-check dobin ${FILESDIR}/qmail-config-system if use ssl; then einfo "SSL Certificate creation script" dobin ${FILESDIR}/${PVR}/mkservercert einfo "RSA key generation cronjob" insinto /etc/cron.hourly doins ${FILESDIR}/${PVR}/qmail-genrsacert.sh chmod +x ${D}/etc/cron.hourly/qmail-genrsacert.sh # for some files keepdir /var/qmail/control/tlshosts/ fi } rootmailfixup() { # so you can check mail as root easily local TMPCMD="ln -sf /var/qmail/alias/.maildir/ ${ROOT}/root/.maildir" if [ -d "${ROOT}/root/.maildir" ] && [ ! -L "${ROOT}/root/.maildir" ] ; then einfo "Previously the qmail ebuilds created /root/.maildir/ but not" einfo "every mail was delivered there. If the directory does not" einfo "contain any mail, please delete it and run:" einfo "${TMPCMD}" else ${TMPCMD} fi chown -R alias:qmail ${ROOT}/var/qmail/alias/.maildir 2>/dev/null } buildtcprules() { for i in smtp qmtp qmqp pop3; do # please note that we don't check if it exists # as we want it to make the cdb files anyway! f=tcp.qmail-${i} src=${ROOT}${TCPRULES_DIR}/${f} cdb=${ROOT}${TCPRULES_DIR}/${f}.cdb tmp=${ROOT}${TCPRULES_DIR}/.${f}.tmp cat ${src} 2>/dev/null | tcprules ${cdb} ${tmp} done } pkg_postinst() { einfo "Setting up the message queue hierarchy ..." # queue-fix makes life easy! /var/qmail/bin/queue-fix ${ROOT}/var/qmail/queue >/dev/null rootmailfixup buildtcprules # for good measure env-update echo einfo "To start qmail at boot you have to add svscan to your startup" einfo "and create the following links:" einfo "ln -s /var/qmail/supervise/qmail-send /service/qmail-send" einfo "ln -s /var/qmail/supervise/qmail-smtpd /service/qmail-smtpd" echo einfo "To start the pop3 server as well, create the following link:" einfo "ln -s /var/qmail/supervise/qmail-pop3d /service/qmail-pop3d" echo einfo "The QMTP and QMQP protocols are also supported, and can be" einfo "started as:" einfo "ln -s /var/qmail/supervise/qmail-qmtpd /service/qmail-qmtpd" einfo "ln -s /var/qmail/supervise/qmail-qmqpd /service/qmail-qmqpd" echo einfo "Additionally, if you wish to run qmail right now, you should " einfo "run this before anything else:" einfo "source /etc/profile" echo einfo "If you are looking for documentation, please consult the following:" einfo " - The installed QLDAP* doc files" einfo " - http://www.qmail-ldap.org/wiki/Documentation" use spp && einfo " - http://qmail-spp.sourceforge.net" einfo " - http://www.lifewithqmail.org" echo einfo "To setup qmail to run out-of-the-box on your system," ewarn "you need to have OpenLDAP properly configured first," einfo "then run:" einfo "ebuild /var/db/pkg/${CATEGORY}/${PF}/${PF}.ebuild config" } pkg_preinst() { mkdir -p ${TCPRULES_DIR} for proto in smtp qmtp qmqp pop3; do for ext in '' .cdb; do old="/etc/tcp.${proto}${ext}" new="${TCPRULES_DIR}/tcp.qmail-${proto}${ext}" fail=0 if [ -f "$old" -a ! -f "$new" ]; then einfo "Moving $old to $new" cp $old $new || fail=1 else fail=1 fi done done if [ "${fail}" = "1" ]; then echo eerror "Some errors were encountered when trying to move your" eerror "tcprules files from /etc/tcp.* to ${TCPRULES_DIR}." eerror "You may have already moved them, but please check." echo fi # Gentoo 2006.0 doesn't have qmail system users by default # Thanks to Falador on the forums for pointing this out! einfo "Creating users and groups for qmail system users if necessary ..." enewgroup qmail 201 enewgroup nofiles 200 enewuser alias 200 /bin/true /var/qmail/alias nofiles "-cSystem account for qmail alias" enewuser qmaild 201 /bin/true /var/qmail nofiles "-cSystem account for qmail" enewuser qmaill 202 /bin/true /var/qmail nofiles "-cSystem account for qmail" enewuser qmailp 203 /bin/true /var/qmail nofiles "-cSystem account for qmail" enewuser qmailq 204 /bin/true /var/qmail qmail "-cSystem account for qmail queue" enewuser qmailr 205 /bin/true /var/qmail qmail "-cSystem account for qmail" enewuser qmails 206 /bin/true /var/qmail qmail "-cSystem account for qmail" if use vmail ; then einfo "Creating user and group for ${VMAILUSER} account ..." enewgroup ${VMAILUSER} 2110 enewuser "${VMAILUSER}" 11184 /bin/bash "${VMAILHOME}" "${VMAILUSER}" "-cVirtual Mail user for qmail-ldap" diropts -m0770 -o ${VMAILUSER} -g ${VMAILUSER} keepdir ${VMAILHOME} fi } pkg_config() { # avoid some weird locale problems export LC_ALL="C" if [ ${ROOT} = "/" ] ; then if [ ! -f ${ROOT}var/qmail/control/me ] ; then export qhost=`hostname --fqdn` ${ROOT}var/qmail/bin/config-fast $qhost cp -f ${ROOT}var/qmail/control/me ${ROOT}var/qmail/control/defaulthost fi einfo "Generating locals.cdb and rcpthosts.cdb in /var/qmail/control" einfo " (cd /var/qmail/control && make) " make -C ${ROOT}var/qmail/control else ewarn "Skipping some configuration as it MUST be run on the final host" fi einfo "Setting safe configuration options for /etc/tcprules.d/* files" LOCALHOST="127.0.0.1" LOCALIPS=`/sbin/ifconfig | grep inet | cut -d' ' -f 12 -s | cut -d : -f 2` TCPSTRING=":allow,RELAYCLIENT=\"\"" no_relay_string=":allow,RBL=\"\",BLOCKRELAYPROBE=\"\",SANITYCHECK=\"\",RETURNMXCHECK=\"\"" use spp && no_relay_string="${no_relay_string},NOSPP=\"\"" if use ssl; then if ! use notlsbeforeauth ; then einfo "Enabling STARTTLS before SMTP AUTH" no_relay_string="${no_relay_string},SMTPAUTH=\"TLSREQUIRED\"" fi else ewarn "Enabling SMTP AUTH **WITHOUT** STARTTLS" no_relay_string="${no_relay_string},SMTPAUTH=\"\"" fi for ip in $LOCALIPS; do myline="${ip}${TCPSTRING}" for proto in smtp qmtp ; do f="${ROOT}${TCPRULES_DIR}/tcp.qmail-${proto}" egrep -q "${myline}" ${f} || echo "${myline}" >>${f} done done for proto in smtp qmtp; do f="${ROOT}${TCPRULES_DIR}/tcp.qmail-${proto}" echo "${no_relay_string}" >> ${f} done # buildtcprules make -C ${ROOT}${TCPRULES_DIR} if use ssl; then ebegin "Generating RSA keys for SSL/TLS, this can take some time" ${ROOT}etc/cron.hourly/qmail-genrsacert.sh eend $? einfo "Creating a self-signed ssl-certificate:" /var/qmail/bin/mkservercert einfo "If you want to have a properly signed certificate " einfo "instead, do the following:" einfo "openssl req -new -nodes -out req.pem \\" einfo " -config /var/qmail/control/servercert.cnf \\" einfo " -keyout /var/qmail/control/servercert.pem" einfo "Send req.pem to your CA to obtain signed_req.pem, and do:" einfo "cat signed_req.pem >> /var/qmail/control/servercert.pem" [ ! -f ${ROOT}var/qmail/control/smtpcert ] && \ echo "control/servercert.pem" > ${ROOT}var/qmail/control/smtpcert fi # Fun with LDAP if ! grep -q ^BASE /etc/openldap/ldap.conf ; then ewarn "Your OpenLDAP server doesn't appear to be configured." ewarn "Creating example LDAP configuration files." [ ! -f ${ROOT}var/qmail/control/ldapbasedn ] && \ echo "dc=your,dc=domain,dc=com" > ${ROOT}var/qmail/control/ldapbasedn [ ! -f ${ROOT}var/qmail/control/ldapserver ] && \ echo "localhost" > ${ROOT}var/qmail/control/ldapserver else einfo "Creating LDAP configuration files based on" einfo " settings in /etc/openldap/ldap.conf" [ ! -f ${ROOT}var/qmail/control/ldapbasedn ] && \ einfo "Creating ${ROOT}var/qmail/control/ldapbasedn" grep ^BASE ${ROOT}etc/openldap/ldap.conf | awk {'print $2'} > ${ROOT}var/qmail/control/ldapbasedn [ ! -f ${ROOT}var/qmail/control/ldapserver ] && \ einfo "Creating ${ROOT}var/qmail/control/ldapserver" grep ^URI /etc/openldap/ldap.conf|awk {'print $2'} | awk -F\/ {'print $3'} > ${ROOT}var/qmail/control/ldapserver fi [ ! -f ${ROOT}var/qmail/control/rbllist ] && \ einfo "Adding RBL server list to ${ROOT}var/qmail/control/rbllist" && \ echo "sbl-xbl.spamhaus.org reject any \"Mail handled by open relay. See http://www.spamhaus.org/sbl\" relays.ordb.org reject any \"Mail handled by open relay. See http://ordb.org/submit/\"" > ${ROOT}var/qmail/control/rbllist [ ! -f ${ROOT}var/qmail/control/ldaplocaldelivery ] && \ einfo "Configuring qmail-ldap to consult local password file if LDAP lookup fails." && \ echo "1" > ${ROOT}var/qmail/control/ldaplocaldelivery [ ! -f ${ROOT}var/qmail/control/dirmaker ] && \ einfo "Putting maildir creation script location in ${ROOT}var/qmail/control/dirmaker" && \ echo "${ROOT}var/qmail/bin/dirmaker" > ${ROOT}var/qmail/control/dirmaker [ ! -f ${ROOT}var/qmail/control/ldaprebind ] && \ einfo "Allowing qmail-ldap to rebind to the LDAP server (allows for stricter ACLs on passwords)" && \ echo "1" > ${ROOT}var/qmail/control/ldaprebind if use vmail ; then local `bzgrep ^VMAILUSER /var/db/pkg/${CATEGORY}/${PF}/environment.bz2` varray=( `egetent passwd ${VMAILUSER} |awk -F : {'print $3" "$4" "$6'}` ) [ ! -f ${ROOT}var/qmail/control/ldapuid ] && \ einfo "Setting ${VMAILUSER}'s uid in ${ROOT}var/qmail/control/ldapuid" echo "${varray[0]}" > ${ROOT}var/qmail/control/ldapuid [ ! -f ${ROOT}var/qmail/control/ldapgid ] && \ einfo "Setting ${VMAILUSER}'s gid in ${ROOT}var/qmail/control/ldapgid" echo "${varray[1]}" > ${ROOT}var/qmail/control/ldapgid [ ! -f ${ROOT}var/qmail/control/ldapmessagestore ] && \ einfo "Setting ${VMAILUSER}'s home directory in ${ROOT}var/qmail/control/ldapmessagestore" echo "${varray[2]}" > ${ROOT}var/qmail/control/ldapmessagestore fi }