I'm leaving this page up for the benefit of those who've linked to it. But be advised that we are retiring Qmail. Despite the best efforts of its user community, Qmail has fallen into disrepair. Its author stopped maintaining it five years ago, but the email environment kept getting more difficult. Qmail has architectural problems that can't be fixed without such extensive add-ons and patching that its quality assurance is compromised. Those problems were just an annoyance five years ago, but they're enough to encourage other sites to block your messages today.
Unfortunately for Qmail users, Qmail's quirky copyright has prevented effective ongoing maintenance without its author's cooperation. A copylefted MTA can be forked into a new project if necessary. But Qmail just accumulates its heap of patches, and there's no way for the user to know which patch might break which other patch. Most of the patches and add-ons at Qmail.org have been, themselves, abandoned by their authors.
This list is in the format used by
D J Bernstein's
When a computer on the Internet wants to forward mail to us, it opens
port 25 and connects to our
tcpserver looks up the
sender's IP address in the database prepared by
Chronic spam sources cause
tcpserver to export a message in
the environment variable
RBLSMTPD. Whitelisted sources
get an empty
tcpserver passes the connection to
rblsmtpd, which queries Spamhaus.
If the sender is okay (whitelisted in
tcprules or no entry in Spamhaus),
rblsmtpd queries NJABL.
If either database returns a block list entry,
rblsmtpd pretends to be an SMTP server and tells the sender to go away.
If all three tests pass, the second
qmail-smtpd which receives the message.
We don't run Qmail from
is not reliable.
inetd out of the way, comment the
smtp'' line out of
and send your
inetd process a hangup signal to make it
let go of port 25. For example,
vi /etc/inetd.conf kill -1 `cat /var/run/inetd.pid`
This contraption is best run from a script invoked by a daemon supervisor
supervise. If you don't have
you can just run the script in the background. The
looks like this:
#!/bin/sh PATH=/var/qmail/bin:/usr/sbin \ tcpserver -x/etc/tcp/r.cdb 0 25 \ rblsmtpd \ -b -r sbl-xbl.spamhaus.org\ -b -r dnsbl.njabl.org\ qmail-smtpd 2>&1The
PATHis restricted to the places the three programs (and the other Qmail binaries) are located. The arguments to
tcpservertell it where to find the static blacklist, and to listen to all hosts on port 25.
(Of course, if you're concerned some skript kiddy might look for stuff
in /var/qmail/bin you might want to install Qmail someplace else. Read
INSTALL in the Qmail source and edit
before compiling anything.)