qmail patching

simnux

qmail patching

« on: January 17, 2005, 04:12:01 PM »

I didn't find much relevant here via search, so I'll pose the question:

Would it be safe to upgrade the core qmail package with patches from the likes of:

netqmail - http://qmail.coastalwave.net/netqmail/

qmailtoaster - http://www.qmailtoaster.com/

qmailrocks - http://qmailrocks.org/

netqmail is probably the least invasive in terms of adding a bunch of extra junk. It is just the "approved" patches to qmail 1.03 (Peter Samuel is part of the netqmail effort.)

Qmail Toaster... I dunno. Might be a little overboard for SME. But the core set of qmail patches might be useful as they go further than netqmail.

Ditto that for Qmail Rocks.

Based on the available patches I'm seeing, and their "critical" labeling by djb and others in the know, it seems as if SME should have applied some of these patches previously. (Understanding the qmail license, I can see how this might be too much trouble, though.)

However, that said, I have been handed the following requirements to add to SME in short order (end of February deadline):

-- support SMTP with TLS + AUTH (for both inbound and outbound traffic)

-- collect POP3 and IMAP over SSL (I think fetchmail handles this one nicely already, but will require some template tweaking to integrate properly)

-- SMTP over SSL

-- Spam and virus scanning of both inbound and outbound messages

Not being an email guru and especially not a qmail guru, I am hoping to garner some pointers as to "you need this patch and that patch and set it up this way".

Thanks

Scott

Logged

gregswallow

651
+1/-0

qmail patching

« Reply #1 on: January 18, 2005, 12:06:02 AM »

I'd suggest documenting the work you are doing on qmail on a wiki page on contribs.org after you've started and have at least a little success, and you will probably find there are others that are willing to help. I would agree that starting with the safest of the 3 is the way to go.

You could also check out the 'securemail' contrib on pagefault.org, the spam and antivirus contribs on swerts-knudsen.com, and the fetchmail contrib here: http://www.schirrms.net/sme/SMEFetchMail.php

Logged

dwater

Re: qmail patching

« Reply #2 on: March 11, 2005, 08:21:57 AM »

Hey Scott,

Did you get anywhere with this?

I am looking to make qmail use an 4rd party smtp server which uses authentication and SSL.

I'd love to hear how you got on.

Max.

Quote from: "simnux"

I didn't find much relevant here via search, so I'll pose the question:

Would it be safe to upgrade the core qmail package with patches from the likes of:

netqmail - http://qmail.coastalwave.net/netqmail/

qmailtoaster - http://www.qmailtoaster.com/

qmailrocks - http://qmailrocks.org/

Logged

CharlieBrady

6,918
+3/-0

Re: qmail patching

« Reply #3 on: March 11, 2005, 08:55:01 PM »

Quote from: "simnux"

Would it be safe to upgrade the core qmail package with patches from the likes of:

netqmail - http://qmail.coastalwave.net/netqmail/

qmailtoaster - http://www.qmailtoaster.com/

qmailrocks - http://qmailrocks.org/

I don't know whether it's safe, but I don't believe that it is necessary. Many of those patches add features to qmail-smtpd, and qmail-smtpd is just not used in the SME server.

Quote

netqmail is probably the least invasive in terms of adding a bunch of extra junk. It is just the "approved" patches to qmail 1.03 (Peter Samuel is part of the netqmail effort.)

I don't think any of those patches is required on SME server.

Quote

Based on the available patches I'm seeing, and their "critical" labeling by djb and others in the know ...

Can you provide a reference for any patches labelled "critical" by djb? I'd expect he would put out a new version if he considered there were bugs rated "critical".

Quote

However, that said, I have been handed the following requirements to add to SME in short order (end of February deadline):

That sure is short order.

Quote

-- support SMTP with TLS + AUTH (for both inbound and outbound traffic)

Outbound SMTP AUTH is already handled by a proxy. Search here for "smtp auth proxy".

Inbound SMTP AUTH and SSMTP (SSL) are handled in Shad's 6.5 release.

If you really need inbound TLS (I'd ask why?) then my mailfront version has support.

Quote

-- collect POP3 and IMAP over SSL (I think fetchmail handles this one nicely already, but will require some template tweaking to integrate properly)

6.5

Quote

-- SMTP over SSL

6.5

Quote

-- Spam and virus scanning of both inbound and outbound messages

Plenty of contribs do that, as does Mitel's commercial offering. mailfront already has the QMAILQUEUE functionality which the patches you are asking about add to qmail.

Quote

Not being an email guru and especially not a qmail guru, I am hoping to garner some pointers as to "you need this patch and that patch and set it up this way".

You've been given a tall order for a non-email guru. Fortunately, you don't need to patch much - not qmail at any rate, IMO.

Logged

dwater

Re: qmail patching

« Reply #4 on: March 12, 2005, 01:12:38 AM »

Sorry if I confused you by replying to a thread that is over a year old. I just wanted to know how he had gotten on since I want one (or two) of the features he lists :

Quote from: "CharlieBrady"

...
Quote

-- collect POP3 and IMAP over SSL (I think fetchmail handles this one nicely already, but will require some template tweaking to integrate properly)

6.5

Quote

-- SMTP over SSL

6.5

I think those are the ones I am most interested in, so, it seems, I need to wait for 6.5 (I'm on 6.0 at the moment). I am not in a particular hurry a month or two would be OK. What is the ETA? (I guess I could check that for myself...)

Thanks for the update though. It saves me a lot of work.

Max.

Logged