Update ports.

portsnap fetch extract
portsnap fetch update

Make sure your hostfile is ok. If your machines name cannot be looked up through a DNS request qmail will warn you with an error (that can be ignored however). If you want to run this installation without any glitches you should make sure your host file is up to date and reflects your current machine name. The host file can be found here: /etc/hosts and a typical setup would look something like this.

::1			localhost localhost.yourdomain.xyz
127.0.0.1		localhost localhost.yourdomain.xyz

# This Host

xxx.xxx.xxx.xxx         domain
xxx.xxx.xxx.xxx         domain.xyz
xxx.xxx.xxx.xxx         domain.xyz.

If you plan on using Qmail-Scanner the version of unzip that is shipped with the system will fail. Here's a workaround.

Install the newest version of unzip.

cd /usr/ports/archivers/unzip && make install clean BATCH=yes

Link the new version of unzip i.e. replace the version installed with the system to /usr/bin

cd /usr/bin
mv unzip unzip.old
ln -s /usr/local/bin/unzip unzip

You will need to install the following ports. Bash - Perl 5.20 or higher - Curl - Wget - Bind Tools - Portdowngrade

cd /usr/ports/shells/bash && make install clean BATCH=yes
cd /usr/ports/lang/perl5.20 && make install clean BATCH=yes
cd /usr/ports/ftp/curl && make install clean BATCH=yes
cd /usr/ports/ftp/wget && make install clean BATCH=yes
cd /usr/ports/dns/bind-tools && make install clean BATCH=yes
cd /usr/ports/security/fakeroot && make install clean
cd /usr/ports/ports-mgmt/portdowngrade && make install clean BATCH=yes

Important Note: Check your perl location if it resides in /usr/bin this needs to be changed. You can do it like this.

cd /usr/bin
mv perl perl.old >/dev/null 2>&1
ln -s /usr/local/bin/perl perl

FreeBSD ports uses netqmail and since we need qmail we will have to portdowngrade to get it.

Downgrade and install qmail

cd /usr/ports/mail
rm -dfr qmail
mkdir /usr/ports/mail/qmail
/usr/local/sbin/portdowngrade mail/qmail r355269
cd /usr/ports/mail/qmail
make WITHOUT="RCDLINK" install clean
rm -dfr /var/qmail/queue

When the option screen pops up nothing should be selected. Next hit ok to proceed.

Note: you may get an error saying:

Your hostname is somehostname.xyz.
hard error
Sorry, I couldn't find your host's canonical name in DNS.
You will have to set up control/me yourself.

This can be ignored as we will reset the control files later anyway. Or you can fix it by adjusting your host file see the beginning of this guide.

Add users and groups

pw groupadd nofiles
pw groupadd vchkpw -g 89
pw groupadd qscand
pw useradd vpopmail -u 89 -g vchkpw -m -d /usr/home/vpopmail -s /sbin/nologin
pw useradd qscand -s /sbin/nologin -d /tmp
mkdir /var/log/qmail
mkdir /var/log/qmail/qmail-send /var/log/qmail/dovecot /var/log/qmail/qmail-smtpd /var/log/qmail/qmail-smtpd-ssl /var/log/qmail/qmail-smtpd-tls /var/log/qmail/qmail-scanner
chown -R qmaill:wheel /var/log/qmail
chmod -R 750 /var/log/qmail
mkdir -p /var/qmail/supervise
mkdir /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd-ssl /var/qmail/supervise/qmail-smtpd-ssl/log/ /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3d/log /var/qmail/supervise/dovecot /var/qmail/supervise/qmail-smtpd/log /var/qmail/supervise/qmail-send/log /var/qmail/supervise/qmail-smtpd-tls /var/qmail/supervise/qmail-smtpd-tls/log/
chmod +t /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-smtpd-ssl /var/qmail/supervise/qmail-smtpd-tls /var/qmail/supervise/dovecot

Note: Instead of copy / paste the above you can run the script below.

cd ~root
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-users.sh
chmod 755 qmail-users.sh
./qmail-users.sh
rm qmail-users.sh 

Download the qmail source for patching

cd ~root
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-1.03.tar.gz
tar zxvf qmail-1.03.tar.gz
rm qmail-1.03.tar.gz

Note: The needed patches are included in the tarball to make things a bit easier. If you are interested in John Simpson's latest patches you can find them here John Simpson's combined qmail patches. I recomend patching with 7.07 stable. If you want to try out 7.08 just replace qmail-1.03-jms1.7.07.patch with qmail-1.03-jms1.7.08.patch below.

cd ~root/qmail-1.03
patch < qmail-1.03-jms1.7.07.patch

Next is a fix for local mail accounts

tar zxvf qmailfix.tgz

And the last one is for users running FreeBSD 64-bit kernel.

patch < qmail64patch

Next lets do a test flight.

make man
make setup check

Based on qmails perhaps “wrong” assumptions while doing a dns query we need to empty the control files before we proceed.

:> /var/qmail/control/me
:> /var/qmail/control/defaultdomain
:> /var/qmail/control/plusdomain
:> /var/qmail/control/rcpthosts 

We will configure qmail to use the machines hostname. You can find you hostname running this command.

hostname 

Now run the following and exchange “hostname” with your real hostname.

./config-fast hostname

Last thing to do is to be sure the file “locals” located in /var/qmail/control/locals is empty.

:> /var/qmail/control/locals

A few fixes still needs to be applied.

cd /var/qmail/bin
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail-bin.tgz
tar zxvf qmail-bin.tgz
rm qmail-bin.tgz
cd /var/qmail/queue
touch /var/qmail/queue/lock/sendmutex
chown qmails:qmail /var/qmail/queue/lock/sendmutex

cd /usr/ports/sysutils/ucspi-tcp
make WITHOUT="IPV6" WITH="RSS_DIFF SSL" install clean BATCH=yes

When the option screen for daemontools pops up just hit ok.

cd /usr/ports/sysutils/daemontools
make install clean BATCH=yes

Next we need to set up the svscan service.

mkdir /service
csh -cf '/usr/local/bin/svscanboot &'
echo "csh -cf '/usr/local/bin/svscanboot &'" >> /etc/rc.local
rm /usr/local/etc/rc.d/svscan

Check if things are running.

ps -waux | grep svscan |head -2

You should get an output similar to the one below

root    6426   0.0  0.1 17096 2504  0  I     1:29PM  0:00.00 /bin/sh /usr/local/bin/svscanboot
root    6428   0.0  0.1 12408 1844  0  S     1:29PM  0:00.01 svscan /service

cd /usr/ports/mail/autorespond
make install clean

cd /usr/ports/mail/ezmlm-idx
make install clean BATCH=yes

When the option screen pops up just hit ok

cp /usr/local/etc/ezmlm/ezmlmglrc.sample /usr/local/etc/ezmlm/ezmlmglrc
cp /usr/local/etc/ezmlm/ezmlmrc.sample /usr/local/etc/ezmlm/ezmlmrc
cp /usr/local/etc/ezmlm/ezmlmsubrc.sample /usr/local/etc/ezmlm/ezmlmsubrc

cd ~vpopmail
fetch http://www.xfiles.dk/content/files/freebsd-qmail/skel.tgz
tar zxvf skel.tgz
chown -R vpopmail:vchkpw skel/
chmod -R 700 skel/
rm skel.tgz
cd /usr/local
ln -s /home/vpopmail /usr/local/vpopmail

Run vpopmail from daemontools

cd /var/qmail/supervise
mkdir -m 1755 qmail-updater
mkdir -m 755 qmail-updater/log
mkdir /var/log/qmail/qmail-updater
cd qmail-updater/log
fetch http://www.xfiles.dk/content/files/freebsd-qmail/vpopmail-run
mv vpopmail-run run
chmod 755 run

Install qmail-updater files

cd /var/qmail/supervise/qmail-updater
fetch http://www.xfiles.dk/content/files/freebsd-qmail/pipe-watcher
fetch http://www.xfiles.dk/content/files/freebsd-qmail/update-qmail
fetch http://www.xfiles.dk/content/files/freebsd-qmail/update-qmail-service
mv update-qmail-service run
chmod 755 pipe-watcher update-qmail run

Run qmail-updater from daemontools

ln -s /var/qmail/supervise/qmail-updater /service/

Check if things are running

svstat /service/qmail-updater /service/qmail-updater/log

You should get an output similar as below

/service/qmail-updater: up (pid 9495) 7 seconds
/service/qmail-updater/log: up (pid 9492) 7 seconds

Install vpopmail

cd /usr/ports/mail/vpopmail
make CONFIGURE_ARGS="--enable-logging=p --enable-onchange-script"
make WITH="ONCHANGE_SCRIPT" install clean

When you get the popup be sure that ONCHANGE_SCRIPT is checked then hit ok to install.

cd ~vpopmail/etc
fetch http://www.xfiles.dk/content/files/freebsd-qmail/onchange
chown vpopmail:vchkpw ~vpopmail/etc/onchange
chmod 750 ~vpopmail/etc/onchange
chmod +x ~vpopmail/etc/onchange

Open a second session and run the following command in order to monitor the onchange script behaviour.

tail -f /var/log/qmail/qmail-updater/current | tai64nlocal

In the other session we will add a domain. Follow the output on the other session to see if onchange catches the change. If it does we can continue.

cd ~vpopmail/bin
./vadddomain domain.com password

If onchange is working you should see an entry as below on your second session.

2016-09-05 12:19:32.443243500 Starting
2016-09-05 12:19:32.443246500 locals has changed
2016-09-05 12:19:32.443247500 Sending HUP to qmail-send
2016-09-05 12:58:55.676714500 virtualdomains has changed
2016-09-05 12:58:55.676715500 locals has changed
2016-09-05 12:58:55.676716500 Sending HUP to qmail-send

cd ~vpopmail/bin
chmod 6711 vchkpw
chown vpopmail:vchkpw vchkpw

Validrcptto needs a cdb file and in order to create one we need cdb installed.

cd /usr/ports/databases/cdb
make install clean

Next we need to install the CDB_File perl module. This in done through CPAN. So start up CPAN like this.

cpan

Next install CDB_File

install CDB_File
exit

Now let's grab validrcptto

cd /usr/local/bin
fetch http://www.xfiles.dk/content/files/freebsd-qmail/mkvalidrcptto
chmod 755 mkvalidrcptto

Let's see if validrcptto works and can find the CDB module. Run the following command as a non-priviliged user.

perl -c /usr/local/bin/mkvalidrcptto

If everything is fine you should get an output like below.

/usr/local/bin/mkvalidrcptto syntax OK

Final test if you added a domain earlier validrcptto should be able to generate a list of every email address you have added. Run it like this.

mkvalidrcptto

You should see a listing of users and domains similar like the one below.

[email protected]
[email protected] 

The ValidRCPTTO script consist of two parts one that reads the information like users and domains from the system. And the other part which is actually writing that information to the cdb file for use with qmail-smtp. In order for part 2 to work it needs an initial cdb file to write to. so let’s create that.

cd /var/qmail/control
mkvalidrcptto -c validrcptto.cdb

Mail delivery agent (MDA) with filtering abilities. This is what the description in the Makefile of Maildrop says. But to put it short and simple you can have Maildrop do some of the same things that you would have Procmail doing.

cd /usr/ports/mail/maildrop
make install clean
ln -s /usr/local/bin/maildrop-deliverquota /usr/local/bin/deliverquota

When the options screens pops up make sure AUTH_VCHKPW is checked.

Now I don’t have the slightest idea on how to uninstall Sendmail. But I know how to stop it from being started and being used by other programs. So let’s do that.

killall sendmail
mv /usr/sbin/sendmail /usr/sbin/sendmail.old
chmod 0 /usr/sbin/sendmail.old
echo "sendmail_enable=NONE" >> /etc/rc.conf
echo "sendmail_submit_enable=NO" >> /etc/rc.conf
echo "sendmail_outbound_enable=NO" >> /etc/rc.conf
echo "sendmail_msp_queue_enable=NO" >> /etc/rc.conf
echo "NO_SENDMAIL=yes" >> /etc/make.conf
echo "NO_MAILWRAPPER=yes" >> /etc/make.conf
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail

Note: If you are using periodic.conf it's a good idea to disable clean-purgestat. Edit the file /etc/defaults/periodic.conf and find the following line.

daily_clean_hoststat_enable="YES"

Change it to

daily_clean_hoststat_enable="NO"

The last bit consists of a lot of supervising scripts that needs to be put in the right places. Instead of manually doing so you can grab this script that does the final configuration of qmail for you (allmost that is)

cd /root
fetch http://www.xfiles.dk/content/files/freebsd-qmail/qmail.tar.gz
tar zxvfp qmail.tar.gz
rm qmail.tar.gz
cd qmail

There a 2 files that needs to be changed before we can proceed. First the file called smtpd_run

vi smtpd_run

Change the following line xx.xx.xx.xx to the real IP of the machine.

IP=xx.xx.xx.xx

Next we need to change the pop3 greeting which we do in this file

vi pop3d_run

Replace mail.domain.com with a real domaine or a machine name. This is only the greating so basically this can be anything.

Set up some necessary aliases. Replace “domain.xyz” with the domain you would like these email to go to.

echo [email protected] > /var/qmail/alias/.qmail-root
echo [email protected] > /var/qmail/alias/.qmail-postmaster
echo [email protected] > /var/qmail/alias/.qmail-mailer-daemon

And finally run the script that puts everything in the right place.

./qmail.sh

Once done we can delete the qmail folder in /root

cd /root
rm -R qmail

Important Note If you are running FreeBSD 11 and above your system will not have the following files libssl.so.7 and libcrypto.so.7 which are needed in order to run qmail-smtp. You can check the dependencies of qmail-smtp like this.

ldd /var/qmail/bin/qmail-smtpd

If files are missing it will be shown as below

/var/qmail/bin/qmail-smtpd:
libssl.so.7 => not found (0)
libcrypto.so.7 => not found (0)
libcrypt.so.5 => /usr/lib32/libcrypt.so.5 (0x28080000)
libc.so.7 => /usr/lib32/libc.so.7 (0x2809e000)

If you are missing libssl.so.7 and libcrypto.so.7 then you can grab them here.

fetch http://www.xfiles.dk/content/files/freebsd-qmail/libssl7.tar.gz
tar zxvfp libssl7.tar.gz
rm libssl7.tar.gz
cd libssl7
./install_libssl7.sh

At this point we are ready to start qmail.

qmailctl start

If everything is working as intended you should get an output similar like the one below.

Starting qmail Services

Starting qmail-send
Starting qmail-smtpd
Starting qmail-pop3d
Starting qmail-updater

We can check what is running by issuing the following command.

qmailctl stat

It should output a result like the one below.

/service/qmail-send: up (pid 2849) 32 seconds
/service/qmail-send/log: up (pid 2850) 32 seconds
/service/qmail-smtpd: up (pid 2854) 32 seconds
/service/qmail-smtpd/log: up (pid 2853) 32 seconds
/service/qmail-pop3d: up (pid 2851) 32 seconds
/service/qmail-pop3d/log: up (pid 2852) 32 seconds
/service/qmail-updater: up (pid 650) 1374 seconds
/service/qmail-updater/log: up (pid 651) 1374 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0

And we are done.