CTS Logo

Coyote Technical Services, LLC specializes in the building of mail servers using qmail (http://www.qmail.org), vpopmail (http://www.inter7.com/vpopmail/) and courier-imap (http://www.inter7.com/courierimap/).  Over the years, we have developed a preference for a specific combination of patches to qmail.  The patches that we have found useful are:



qmail-smtpd-auth 0.31

qmail-smtpd-auth is a patch for qmail that enables it to support SMTP AUTH protocol with the following auth types: LOGIN, PLAIN and CRAM-MD5.  It's based on a previous patch by Mrs.Brisby that implemented the LOGIN type.  This version is enhanced and allows easy adding of new auth methods.

Big concurrency

Written by Johannes Erdfelt of S.u.S.E to allow qmail to use a concurrency greater than 240.

Oversize DNS packets

This patch, written by Christopher K. Davis, allows qmail to accept oversize DNS packets.

qmail verh 0.07

This allows substitution of the recipient local/host parts into the message. Useful for inserting a customized mailto: URL for list-unsubscribe into the body of the message.

RFC2821 compliance

Written by Adrian Ho, this patch has increased qmail-remote's compliance with RFC2821.  Some smtp servers are now emitting 5XX responses from the get-go, and mere RFC821 behavior doesn't deal well with them.

Null Envelope Sender

Mark Delaney noted that he was getting spam with a null envelope sender.  That by itself is insufficient reason to reject the email.  However, when the spam has multiple envelope recipients, it cannot be a bounce message.  So, Charles Cazabon wrote this patch to enforce single recipients on bounces.

qmail canonicalised recipient logging

qmail-remote fulfills the canonicalisation requirements of SMTP for qmail -- that is, the standard prohibits host names in RCPT TO (recipients) from being aliases.  qmail-remote, like sendmail, rewrites aliases in RCPT to the canonical name found in DNS.  The logs however only show the address before canonicalisation.  This patch to qmail-remote.c fixes qmail-remote to have delivery reports (and bounce messages) log the real recipient.

Change the appearance of bounce messages

Written by Klaus Reimer.  Note that this has the potential to break QSBMF.

badrcptto v1.01

This patch blocks e-mail for specific users in an e-mail domain you accept mail for, before the e-mail even transfers the line.  This lets you reject e-mail at the smtp envelope (rcpt) phase, which can produce a considerable bandwidth savings when someone sends a lot of e-mail to a non-existing user, so instead of recieving the body of the e-mail and then rejecting it in qmail-send, you can reject it before receiving the body.  This can be very useful in a setup where you have one qmail box accepting all the e-mail, and then passing it on to another (q)mail box behind it.

qmail queue

Bruce Guenter wrote this patch which causes any program that would run qmail-queue to look for an environment variable QMAILQUEUE.  If it is present, it is used in place of the string "bin/qmail-queue" when running qmail-queue.  This could be used, for example, to add a program into the qmail-smtpd->qmail-queue pipeline that could do filtering, rewrite broken headers, etc.

0.0.0.0 local IP

Scott Gifford's patch to recognize 0.0.0.0 as a local IP address, which is part of RFC 822.

Outgoing IP

Originally written by Markus Stumpf, and ported to qmail 1.03 by Andy Repton, this patch allows a fixed IP address to be specified on multi-homed machines when sending outgoing mail.

qmail-smtpd-chkusr

This patch works with vpopmail to accept messages if the recipient is a valid user, and alias/forward/autoresponder or an ezmlm mailing list, reducing the number of bounce messages the server has to process. We use the patch-1.0 version, which has to be hand applied due to the non-unified diff format.

local timezone

John Saunders' a patch which causes qmail to emit dates in the local timezone.

Valid DNS Name

Nagy Balazs' patch to ensure that the domain name on the envelope sender is a valid DNS name. This ensures that you do not receive email which you cannot bounce, should that prove necessary.

delete the body

A patch by Jose Luis Painceira that deletes the body of bounce messages and just includes the headers. Useful for bounced messages with large attachments.

fsync library

A shared library which should help qmail reliability on Linux. Linux does not automagically fsync metadata (information necessary tomake a file appear in the filesystem). It only fsyncs metadata when the the directory is fsynced. Written by Petri Kaukasoina.

qmail-maildir++

Included in the vpopmail contribs directory, this patch adds maildirquota (Maildir++) support to qmail-pop3d and qmail-local.

STARTTLS

Frederik Vermeulen has written a patch implementing RFC2487 (starttls) in qmail (qmail-smtpd as server, qmail-remote as client). This means you can get SSL or TLS encrypted and authenticated SMTP between the MTAs and between MTA and an MUA like Netscape4.5.

DOS/Windows Executable Blocker

Russell Nelson has an antivirus patch for qmail-smtpd, with some contributions from Charles Cazabon. This patch blocks all known MIME-encoded windows executable attachments at the MTA level by looking for the first few "signature" bytes.

glibc errno patch

Mate Weirdl's patch to make qmail compatible with glibc 2.3.1 and higher due to changes in errno. He has patches for all of DJBs software on his site.

Bugfix for qmail-local

Erik Sjölund pinted out a bug in qmail-local, and Mate Wierdl make a patch for it.

badmailfrom log

Johan Almqvist wrote a patch that logs badmailfrom hits.

RFC1870 compliance

Will Harris has a patch to make qmail fully RFC 1870 compliant, i.e. to support the ESMTP SIZE command.