6.4 Using the Qmail mail server

There are some issues that users of the qmail mail transport agent have encountered. None of the core maintainers use qmail, so all of this information has been contributed by the Mailman user community, especially Martin Preishuber and Christian Tismer, with notes by Balazs Nagy (BN) and Norbert Bollow (NB).

You might need to set the mail-gid user to either qmail, mailman, or nofiles by using the --with-mail-gid configure option.

BN: it highly depends on your mail storing policy. For example if you use the simple ~alias/.qmail-* files, you can use `id -g alias`. But if you use /var/qmail/users, the specified mail gid can be used.

If you are going to be directing virtual domains directly to the mailman user (using ``virtualdomains'' on a list-only domain, for example), you will have to use --with-mail-gid=gid of mailman user's group. This is incompatible with having list aliases in ~alias, unless that alias simply forwards to mailman-listname*.

If there is a user mailman on your system, the alias mailman-owner will work only in ~mailman. You have to do a touch .qmail-owner in ~mailman directory to create this alias.

NB: An alternative, IMHO better solution is to chown root ~mailman, that will stop qmail from considering mailman to be a user to whom mail can be delivered. (See ``man 8 qmail-getpw''.)

In a related issue, if you have any users with the same name as one of your mailing lists, you will have problems if list names contain "-" in them. Putting .qmail redirections into the user's home directory doesn't work because the Mailman wrappers will not get spawned with the proper GID. The solution is to put the following lines in the /var/qmail/users/assign file:

  +zope-:alias:112:11:/var/qmail/alias:-:zope-:
  .

where in this case the listname is e.g. zope-users.

NB: Alternatively, you could host the lists on a virtual domain, and use the /var/qmail/control/virtualdomains file to put the mailman user in charge of this virtual domain.

BN:If inbound messages are delivered by another user than mailman, it's necessary to allow it to access ~mailman. Be sure that ~mailman has group writing access and setgid bit is set. Then put the delivering user to mailman group, and you can deny access to ~mailman to others. Be sure that you can do the same with the WWW service.

By the way the best thing is to make a virtual mail server to handle all of the mail. NB: E.g. make an additional "A" DNS record for the virtual mailserver pointing to your IP address, add the line lists.kva.hu:mailman to /var/qmail/control/virtualdomains and a lists.kva.hu line to /var/qmail/control/rcpthosts file. Don't forget to HUP the qmail-send after modifying ``virtualdomains''. Then every mail to lists.kva.hu will arrive to mail.kva.hu's mailman user.

Then make your aliases:

          .qmail              => mailman@...'s letters
          .qmail-owner        => mailman-owner's letters

For list aliases, you can either create them manually:

          .qmail-list         => posts to the 'list' list
          .qmail-list-admin   => posts to the 'list's owner
          .qmail-list-request => requests to 'list'
          etc

or for automatic list alias handling (when using the lists.kva.hu virtual as above), see contrib/qmail-to-mailman.py in the Mailman source distribution. Modify the ~mailman/.qmail-default to include:

          |preline /path/to/python /path/to/qmail-to-mailman.py

and new lists will automatically be picked up.

You have to make sure that the localhost can relay. If you start qmail via inetd and tcpenv, you need some line the following in your /etc/hosts.allow file:

      tcp-env: 127. 10.205.200. : setenv RELAYCLIENT

where 10.205.200. is your IP address block. If you use tcpserver, then you need something like the following in your /etc/tcp.smtp file:

      10.205.200.:allow,RELAYCLIENT=""
      127.:allow,RELAYCLIENT=""

BN: Bigger /var/qmail/control/concurrencyremote values work better sending outbound messages, within reason. Unless you know your system can handle it (many if not most cannot) this should not be set to a value greater than 120.

More information about setting up qmail and relaying can be found in the qmail documentation.

BN: Last but not least, here's a little script to generate aliases to your lists (if for some reason you can/will not have them automatically picked up using contrib/qmail-to-mailman.py):

This script is for the Mailman 2.0 series:

#!/bin/sh
if [ $# = 1 ]; then
    i=$1
    echo Making links to $i in the current directory...
    echo "|preline /home/mailman/mail/mailman post $i" > .qmail-$i
    echo "|preline /home/mailman/mail/mailman mailowner $i" > .qmail-$i-admin
    echo "|preline /home/mailman/mail/mailman mailowner $i" > .qmail-$i-owner
    echo "|preline /home/mailman/mail/mailman mailowner $i" > .qmail-owner-$i
    echo "|preline /home/mailman/mail/mailman mailcmd $i" > .qmail-$i-request
fi

Note: This is for a new Mailman 2.1 installation. Users upgrading from Mailman 2.0 would most likely change /usr/local/mailman to /home/mailman. If in doubt, refer to the --prefix option passed to configure during compile time.

#!/bin/sh
if [ $# = 1 ]; then
    i=$1
    echo Making links to $i in the current directory...
    echo "|preline /usr/local/mailman/mail/mailman post $i" > .qmail-$i
    echo "|preline /usr/local/mailman/mail/mailman admin $i" > .qmail-$i-admin
    echo "|preline /usr/local/mailman/mail/mailman bounces $i" > .qmail-$i-bounces
    # The following line is for VERP
    # echo "|preline /usr/local/mailman/mail/mailman bounces $i" > .qmail-$i-bounces-default
    echo "|preline /usr/local/mailman/mail/mailman confirm $i" > .qmail-$i-confirm
    echo "|preline /usr/local/mailman/mail/mailman join $i" > .qmail-$i-join
    echo "|preline /usr/local/mailman/mail/mailman leave $i" > .qmail-$i-leave
    echo "|preline /usr/local/mailman/mail/mailman owner $i" > .qmail-$i-owner
    echo "|preline /usr/local/mailman/mail/mailman request $i" > .qmail-$i-request
    echo "|preline /usr/local/mailman/mail/mailman subscribe $i" > .qmail-$i-subscribe
    echo "|preline /usr/local/mailman/mail/mailman unsubscribe $i" > .qmail-$i-unsubscribe
fi