Today I decided it was time to get rid of both backscatter and the useless spamfiltering of mail that will bounce anyway.
Obviously I’m not running a vanilla qmail, but a patched version (by John M. Simpson) of Qmail that adds lovely antispam features such as checks for reverse dns records, SPF records, fixes a ton of annoyances and generally makes Qmail a lot nicer.
On top of that I run Spamdyke to apply graylisting for some domains, add blacklists/whitelists and do some more spam checking. (continue reading…)
Let’s start with a problem description. We start out with a -working- mailer:
A pretty simple qmail/vpopmail installation with Courier IMAP and the pop3d that comes with qmail. This is administered by users with the qmailadmin frontend and allows for creation of mailboxes and forwards by postmasters. Together with spamdyke and spamassassin it works pretty well. So why change it?
The problem: First of all, Courier is a piece of shit. The various parts of it have broken in various ways over the years (authd hanging for no apparent reason or suddenly eating a ton of memory, stuff like that). Not only that, but they decided that vpopmail wasn’t worth supporting anymore, so their latest release of courier-authlib simply doesn’t handle vpopmail anymore. (don’t ask me why, can’t find any details on it).
Second of all, it would be cool to give our users the ability to create their own custom mail filters on our server. Stuff that you can do in thunderbird or through webmail, so they can setup their mailbox filters and vacation messages and whatever without me having to help them. (well…. we’ll see about that). Needless to say we could do that by giving them access to the .qmail files, but those are way out of their league. Not only that, it would be a security nightmare. So to solve that, we’re trying the Sieve disaster. I mean language… or something. (continue reading…)
Yesterday evening I was curiously looking at some tcpdump traffic that went through our dom0 of Xenbro. There seemed to be a ton of weird DNS requests. And with weird I mean spamlike domains, like familiesfirstmedical.com. After wondering for a bit I realized they were coming from our service domU that runs mail for the junerules.com domain. (continue reading…)
Now that we have Xenbro up and running with a domain attached to it and a bunch of toy domU’s running, we soon ran into the need for a dns server and mailer.
Needless to say I don’t like the default Sendmail and Bind junk very much (wonder why Slackware still ships it…), and my experiences with Exim and Postfix aren’t all too great either.
Sure, they work, but they’re too complex for my liking. I like to know what’s going on, so I still use my trusty old Qmail and Djbdns for mail and dns.
However, since those packages haven’t been updated in years, some newer features are missing. So I patch them 4 times over and stab them a bit so they work the way I like 😉 (continue reading…)