info needed by clients

 incoming mail server: tighar.org

          POP3s (TLS): port 110

          IMAPs (TLS): port 143

          SMTPs server: tighar.org, port 465

basic commands

qmailctl stop

qmailctl start

qmailctl restart

qmailctl stat

qmailctl {start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help



Following commands can delete all mails from your qmail mail server queue.

qmailctl stop
find /var/qmail/queue/mess -type f -exec rm {} \;
find /var/qmail/queue/info -type f -exec rm {} \;
find /var/qmail/queue/local -type f -exec rm {} \;
find /var/qmail/queue/intd -type f -exec rm {} \;
find /var/qmail/queue/todo -type f -exec rm {} \;
find /var/qmail/queue/remote -type f -exec rm {} \;
qmailctl start

run script for TLS/authentication

The crucial line. I got rid of softlimit, for good or for ill. I also had to remove the fully qualified domain name after …qmail-smtpd. Dunno why that prevented vchkpw from working.

exec \

/usr/local/bin/tcpserver -v -R -l "$LOCAL" -c "$MAXSMTPD" \

-u "$QMAILDUID" -g "$NOFILESGID" 0 465 \

/var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw bin/true 2>&1

Thunderbird configuration for SMTP auth

  • Server name: tighar.org
  • Port: 465
  • Use name and password



Some helpful notes.

All the configuration options (obtained by running ./configure –help).

  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)

  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]

  --disable-dependency-tracking  speeds up one-time build

  --enable-dependency-tracking   do not reject slow dependency extractors

  --enable-non-root-build    Build vpopmail as a non-root user, only if you know what you are doing. see README.non-root

  --enable-qmaildir=DIR      Directory where qmail control and user directories are installed /var/qmail.

  --enable-qmail-newu=PATH   Full path to qmail-newu program.

  --enable-qmail-inject=PATH Full path to qmail-inject program.

  --enable-qmail-newmrh=PATH Full path to qmail-newmrh program.

  --enable-vpopuser=USER     User name allocated to vpopmail vpopmail.

  --enable-vpopgroup=GROUP   Group name allocated to vpopmail vchkpw.

  --enable-roaming-users     Enable POP-before-SMTP functionality.

  --enable-tcprules-prog=PATH    Full path to tcprules program /usr/{local/}bin/tcprules.

  --enable-tcpserver-file=PATH   File where tcpserver -x relay information is stored /home/vpopmail/etc/tcp.smtp.

  --disable-rebuild-tcpserver-file  Disable rebuilding of tcpserver relay control file.

  --enable-relay-clear-minutes=#    Expire time for roaming users after pop authentication [180].

  --enable-learn-passwords   If no password is stored for a user, learn it the first time they authenticate.

  --disable-md5-passwords    Use DES crypt() instead of MD5 encryption for passwords.

  --disable-file-locking     Don't use file locking.

  --enable-file-sync         Enable file sync after each message is delivered.

  --disable-make-seekable    Don't try to make input to vdelivermail seekable.

  --disable-clear-passwd     Don't store a cleartext version of the password in addition to the encrypted version.

  --disable-users-big-dir    Disable hashing of user directories.

  --enable-sqwebmail-pass    Store a copy of the user's password in the the user's maildir for use by pre-v3 sqwebmail.

  --enable-qmail-ext         Enable qmail email address extension support.

  --enable-ip-alias-domains  Enable mapping of default domain via reverse ip lookup table.

  --enable-onchange-script   Enable onchange script. See README.onchange for more info.

  --enable-spamassassin      Enable spamassassin. See  README.spamassassin for more info.

  --enable-spamc-prog=PATH   Full path to spamc program /usr/{local/}bin/spamc.

  --enable-maildrop          Enable maildrop. See  README.maildrop for more info.

  --enable-maildrop-prog=PATH    Full path to maildrop program /usr/{local/}bin/maildrop.

  --enable-domains-dir=TEXT  Directory in ~vpopmail to store domains (default=domains).

  --enable-incdir=DIR        Your MySQL/Oracle 'include' directory.

  --enable-libdir=DIR        Your MySQL/Oracle 'lib' directory.

  --enable-auth-module=MOD   Nominate how to store the vpopmail account information (cdb (default), mysql, pgsql, ldap, oracle, or syba                      se).

  --enable-passwd            Enable /etc/passwd (or shadow) accounts in addition to virtual domains.

  --enable-logging=OPT       Log to syslog: n=nothing, e=errors only (default), y=all attempts, p=errors with passwords, v=verbose (all                       attempts, with passwords).

  --enable-log-name=TEXT     Set syslog name vpopmail.

  --disable-auth-logging     Don't record time and ip of last auth attempt. Valid only for CDB, MySQL, PGSQL, LDAP.

  --enable-sql-logging       Enable authentication logging to MySQL/Postgres.

  --enable-mysql-limits      Use MySQL to store limits instead of .qmailadmin-limits files.

  --enable-mysql-replication Enable support for replicated MySQL auth servers.

  --enable-valias            Store email aliases in SQL table instead of .qmail files.

  --disable-many-domains     Creates a table for each virtual domain instead of storing all users in a single table. Only valid for MyS                      QL and PostgreSQL
cd /usr/local/src/{vpopmail folder}

./configure \

--enable-vpopuser=vpopmail \

--enable-vpopgroup=vchkpw \

--disable-roaming-users \

--enable-tcprules-prog=/usr/local/bin/tcprules \

--enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \

--enable-logging=p \

--disable-passwd \

--enable-clear-passwd \

--disable-domain-quotas \

--enable-auth-module=mysql \

--enable-auth-logging \

--enable-sql-logging \

--enable-valias \

--disable-mysql-limits \


configure options for vpopmail that relate to roaming users :



--enable-relay-clear-minutes=minutes  <- defaults to 180


make install-strip

vpopmail permissions

chmod 775 ~vpopmail? That is probably more permissive than originally intended. I don't remember now why I wrote that…

1. fix permissions for dovecot

Run John Simpson's vfixpermissions script. Without this fix, trying to login via IMAP or POP results in the error message: “setgid 89 failed”.

2. set sticky bit for vchkpw


chown vpopmail:vchkpw ~vpopmail/bin/vchkpw

chmod 4711 ~vpopmail/bin/vchkpw

chmod u+s ~vpopmail/bin/vchkpw

3. relax permissions for vpopmail.mysql

I used chmod 775 ~vpopmail/etc/vpopmail.mysql. I'm sure it's too loose for best security, but I'm not willing to track down the right setting just now.



./configure \

  --enable-vpopmaildir=/home/vpopmail \

  --enable-htmldir=/var/www/html \

  --enable-cgibindir=/var/www/cgi-bin \

  --enable-imageurl=http://tighar.org/images/qmailadmin \

  --enable-imagedir=/var/www/html/images/qmailadmin \

  --enable-qmaildir=/var/qmail \

  --enable-vpopuser=vpopmail \

  --enable-vpopgroup=vchkpw \

  --enable-autoresponder-path=/usr/local/bin \



       cgi-bin dir = /var/www/cgi-bin

          html dir = /var/www/html

         image dir = /var/www/html/images/qmailadmin

         image URL = http://tighar.org/images/qmailadmin

      template dir = /usr/local/share/qmailadmin

         qmail dir = /var/qmail

      vpopmail dir = /home/vpopmail

   autorespond dir = /usr/local/bin

         ezmlm dir = /usr/local/bin/ezmlm

         ezmlm idx = yes

   mysql for ezmlm = yes

              help = yes

      modify quota = no

   domain autofill = no

 modify spam check = no

help files

mkdir /var/www/html/images/qmailadmin/help

cp -rp * /var/www/html/images/qmailadmin/help

note: ./configure option --enable-htmldir=/var/www/html




AS NON-ROOT USER (I used joomla):

su joomla


./configure \

  --with-vpopmail \

  --with-mysql \

  --with-ssldir=/etc/pki/tls-ssl \

  --with-storages=maildir \



exit # return to root id

gmake install 


for later updates:

hg pull

hg update


sudo gmake install 


useradd -M -d /nohome -s /bin/false -c 'Dovecot user' dovecot
  • -M make no home directory
  • -d directory (nohome for dovecot)
  • -s shell
  • -c comment (name)


Location of file: /usr/local/etc/dovecot.conf

Some snippets that took me a couple of tries to get organized correctly.


## Mailbox locations and namespaces


# Location for users' mailboxes.


# See <doc/wiki/Variables.txt> for full list.


# <doc/wiki/MailLocation.txt>


   mail_location = maildir:~/Maildir

# System user and group used to access mails. If you use multiple, userdb

# can override these by returning uid or gid fields. You can use either numbers

# or names. <doc/wiki/UserIds.txt>

mail_uid =89

mail_gid =89


## Mail processes



# http://qmail.jms1.net/dovecot.shtml

# http://forum.qmailrocks.org/showthread.php?t=5872

# http://ansani.it/2008/08/14/qmailtoaster-dovecot-imap/

# Enable mail process debugging. This can help you figure out why Dovecot

# isn't finding your mails.

mail_debug = no

verbose_proctitle = yes

first_valid_uid = 89

last_valid_uid = 89

first_valid_gid = 89

last_valid_gid = 89


## IMAP specific settings


protocol imap {

     listen =

     ssl_listen =




## POP3 specific settings


protocol pop3 {

     listen =

     ssl_listen =



## Authentication processes


auth default {

  mechanisms = plain

  passdb checkpassword {

    args = /home/vpopmail/bin/vchkpw


  userdb prefetch {

    # args = uid=89 gid=89 home=/home/vpopmail/domains/%d/%u


  count = 1


SquirrelMail configuration


cron job

Slight mod needed for cron job to clean up attachments directory. Following the most recent installation script, /var/local/squirrelmail/attach/ is my attachment directory.

Nice instructions for the cron job from Setting up Qmail on Redhat 9. To delete any files that are more than 2 days old from the SquirrelMail attachment dir, run cronjob -e and append the following line:

0 0 * * * find /var/local/squirrelmail/attach/* -atime +2 -exec /bin/rm {} \; 

Couldn't connect to localhost

configtest.php returned Error connecting to IMAP server “localhost:143”.Server error: (0).

I switched the setting in config.php to tighar.org on port 993 from localhost on 143. Then it worked very well.

The interesting lines from the configuration:

$domain                 = 'tighar.org';

$imapServerAddress      = 'tighar.org';

$imapPort               = 993;

$imap_auth_mech         = 'login';

$use_imap_tls           = true;

clear proctitle error messages


mkdir /var/service/resetproctitles

  cd /var/service/resetproctitles

  touch down

  echo '#!/bin/sh' > run

  echo echo -n $(for i in `seq 1 500`; do echo -n .; done) >> run

  chmod 755 run

  ln -s /var/service/resetproctitles /service/resetproctitles

see if it's working

test mail with telnet

telnet tighar.org 25


MAIL FROM: newuser@canisius.edu

RCPT TO: martin.


Subject: testing with telnet

This is a test.  I hope it gets rejected.

That is the way things are SUPPOSED to work!




A quick way to test sendmail

mailx -s "mailx test message" newuser@canisius.edu

  type the body


  EOT (Ctrl+d)

mailx and mail rely on sendmail

Disable quotas for tighar.org

qmail + vpopmail cheat sheet by Nick Vargish:

/usr/local/src/vpopmail-5.4.27/vmoduser -q NOQUOTA user@tighar.org

/usr/local/src/vpopmail-5.4.27/vmoduser -q NOQUOTA tighar.org

vmoduser is in our build directory:

tighar/qmail.txt · Last modified: 2023/08/12 19:17 by
Recent changes RSS feed Creative Commons License Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki