qmailでSMTPs

ubuntu

いろいろ方法はあるようですが、ucspi-tcp-sslを使いました。


ucspi-tcp-ssl-20050405.patch.gzをダウンロードして展開、ucspi-tcp-0.88のソースにパッチをあてて、makeします。
errnoのパッチをあてたソースにはうまく適用できないようなので、ucspi-tcp-0.88のアーカイブを再度展開してあてました。

$ patch < ucspi-tcp-ssl-20050405.patch
patching file FILES
patching file Makefile
patching file TARGETS
patching file addcr.1
patching file argv0.1
patching file date@.1
patching file delcr.1
patching file error.h
patching file finger@.1
patching file fixcrio.1
patching file hier.c
patching file http@.1
patching file mconnect.1
patching file recordio.1
patching file tcp-environ.5
patching file tcpcat.1
patching file tcpclient.1
patching file tcprules.1
patching file tcprules.c
patching file tcprulescheck.1
patching file tcprulescheck.c
patching file tcpserver.1
patching file tcpserver.c
patching file who@.1
$ make

新しくできたtcpserverを/usr/local/bin/にコピーします。
# make setup checkしても上書きしてくれません。

$ sudo /bin/cp -r tcpserver /usr/local/bin


サーバ証明書を作ります。

$ make cert
openssl req -new -x509 -nodes \
-out cert.pem -days 366 \
-keyout cert.pem
Generating a 1024 bit RSA private key
......++++++
....................++++++
writing new private key to 'cert.pem'

        • -

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.

        • -

Country Name (2 letter code) [GB]:SV
State or Province Name (full name) [Berkshire]:San Salvador
Locality Name (eg, city) [Newbury]:San Salvador
Organization Name (eg, company) [My Company Ltd]:INTI
Organizational Unit Name (eg, section) : Comptacion
Common Name (eg, your name or your server's hostname) :
Email Address []:

作成した証明書(cert.pam)を/var/qmailにコピーし、パーミッションを600にします。

$ sudo cp cert.pem /var/qmail
$ sudo chmod 600 /var/qmail/cert.pem

/var/qmail/rcに以下を追加します。
SMTPの行と比べ、2箇所が「smtps」になってます。

tcpserver -v -u [qmaildのuid] -g [qmaildのgid] -n /var/qmail/cert.pam \
-x /etc/tcp.smtp.cdb 0 smtps /var/qmail/bin/qmail-smtpd \
/bin/checkpassword /bin/true 2>&1 | \
/var/qmail/bin/splogger smtps 3 &

ポート番号は465です。

qmail メールサーバの構築 (Expert UNIX Series)

qmail メールサーバの構築 (Expert UNIX Series)