29 Feb 2008 06:44 UTCFri 29 Feb 2008 - 6:44 am UTC
What is required to set up qmail to receive email? I have it all set up to send messages. It works fine for that. But, I'm not sure how to properly set it up to receive email. I'm afraid to open up port 25 on the machine until I know that I'm not exposing an open relay. Are any other ports besides 25 required to received email?
Once it can receive email, where are the rules set up? Do I need to create a new user account on the machine for each email account or can I set up qmail accounts which are independent of the user accounts on the machine? Where are aliases set up?
I know there are various pages that describe this, but they usually have lots of detail about setting qmail up from scratch. I already have it set up properly to send email. I just need to configure it to be able to receive as well.
29 Feb 2008 07:57 UTCFri 29 Feb 2008 - 7:57 am UTC
Your question is unclear to me. Gmail is an online system, independent of your local machine, and can receive email just by having given your gmail address to someone and having them send you an email.
What I think you are asking is what is needed to receive gmail on your local machine. If that's the case, to my knowledge you need a local program on your computer to act as an intermediary with gmail, and you seem to suggest that you have already configured it to send gmail using such a local program. The question would then be how to configure the program on your local machine to receive gmail.
So first, I need to know what email program you have on your computer which you intend to use to receive (and send) gmail. Typical programs include Outlook Express (OE) and Outlook.
Then I need to know which method you want to use. You can set up OE, for example, to check your gmail account directly and download the mail to your computer, either erasing the online copies at that time or leaving copies online. The other option is to instruct gmail to forward emails received at its online address to another email address which OE (or other email program) already checks. Such user accounts already on your machine are typically from your ISP, such as Cox or Comcast, for example.
Or am I completely misunderstanding you?
Let me know where this takes you...
29 Feb 2008 09:21 UTCFri 29 Feb 2008 - 9:21 am UTC
I apologize. A colleague has kindly pointed out that you are referring to Qmail vs Gmail - an example of how we see what we expect.
Some say the ancient South Americans couldn't even see the ships of the invading Spaniards because they simply didn't fit into the world view they had.
I've unlocked the question in hopes that someone is more familiar with qmail.
5 Mar 2008 21:56 UTCWed 5 Mar 2008 - 9:56 pm UTC
The best resource I've ever found is a place called http://qmailrocks.org/ ; it is a huge resource of information for Qmail questions.
To receive email to a server, you will have to set the MX-record of your DNS server to your mail server's IP address. I don't know who your Registrar is, but all of them will have a section where you can change your DNS record. Registrar is of course where you got your domain name from.
An MX record or 'mail exchange' record maps a domain name to a list of mail exchange servers for that domain.
When you set up your Domain Name, you pointed your DNS record to your ISP's address, so that your web pages could be seen (this is the A-record of your DNS). Typically (by default on most Registrars) you’re MX-record was left blank. If the MX-record is blank then the default is to send all communication to your domain host. This includes FTP and everything else.
So your first task is to go to your Domain Registrar and set the MX-record to your server's IP address.
D.J. Bernstein, the author of Qmail has posted a reward for anyone that finds a security hole in Qmail.
It has been collected on, but rarely.
Qmail is probably the safest Mail server to run on your home box, and on that link he has some basic advice, the best one is "Keep it Simple".
Port 25 is the mail port, and unless you fight your server and force it to go someplace else, all communication coming through port 25 goes to your mail server. In other words, you can set your server to go to another port, but don't. At default, anything coming through that port is "mail" and treated as such. No command line is offered, no command is "executed" no access to anything on your server. All bits and bytes are sent to the Mail server.
The mail server looks for a Mail Header record of incoming communication. If it doesn't exist, or if it is mal-formed in any way, it trashes the communication and sends back an error, and logs the error in your Mail server logs.
Adjusting the port to something else, could open a security hole in this system and lead to the problems you are attempting to avoid.
If you wish, you can set the server to operate under TSL or Secure Mode, but what this does is to encrypt the mail, coming in and going out. Again the port is a default port, so if you set this up, use the default settings for the setup.
On Qmailrocks.org in the Installation Checklist it gives this advice for setting up on a server that has a firewall:
IMPORTANT NOTE: Keep in mind the the following ports are what are required to be open for only the QMR install. More than likely, a fully functioning web-server is going to have more ports open for various other services. So, do not use the port listing below to construct a NEW firewall without first determining what other ports you will need to open. If you are are interested in constructing a complete firewall for your server, check out the iptables tutorial at http://www.iptablesrocks.org.
Outbound ports (tcp)
25 - SMTP
110 - POP services
143 - IMAP
783 - Spamassassin
993 - IMAPS
Inbound Ports (tcp)
25 - SMTP
80 - HTTP
110 - POP services
143 - IMAP
443 - HTTPS
783 - Spamassassin
993 - IMAPS
I've read through this installation guide (for the RedHat setup) and it is written rather well, meaning I feel that even those that have a moderate understanding of System Administration would be able to understand most of it.
If your qmail is installed correctly and you are able to send emails (which it sounds like all is working correctly), then I suspect all you need to do is change your MX record to your server, and you will start getting emails (whether you want them or not in some cases).
Your server will not accept Open-Relays by default. You have to tell it (strongly) to relay mail for you. So no worries there.
As far as the multiple email address to single addresss… no, you don't need to setup separate user accounts for all of them (awk! that would be horrible in my case).
Qmail is much easier to setup Aliases with than Sendmail… which is a pain.
http://www.flounder.net/qmail/qmail-howto.html#7 walks through the basics. Don't make it harder than it is; you make the aliases.cbd file and activate it in qmail… nothing more.
So… I'm webadept and I want to setup aliases for webadept-researcher, ask-webadept, ask-glenn, ask-researcher on my server so that all of these addresses come into webadept's account;
I change directory to my Qmail alias folder
then I echo my user name into alias files:
echo webadept > .qmail-webadept-researcher
echo webadept > .qmail-ask-webadept
echo webadept > .qmail-ask-glenn
echo webadept > .qmail-ask-researcher
Now any mail coming into firstname.lastname@example.org will be sent into email@example.com mail que.
You do need to have a user on your computer named webadept for the above to make any sense to Qmail, but the rest of the names do not need to have a user associated with them. Qmail checks its alias data files prior to looking for a user record (which is something you should keep in mind as well).
You need to set up an alias for Root, because anything sent to root directly without an alias file set up, gets trashed and even reboots the qmail server (not your machine, just the Qmail). This is another security feature of Qmail.
I believe this answers all of the questions you have here. If you need further explanation for these let me know.