Test Qmail functionalities
We first make a basic check thanks to the script qmr_inst_check
/downloads/scripts/qmr_inst_check
You should have such result :
iReboot your server to be sure all the service are started at boot time
When your server is restarted, we will check if it listen to the right ports
You should have at least the bold ones :
tcp LISTEN 0 50 127.0.0.1:3306 *:* users:(("mysqld",pid=981,fd=10))
tcp LISTEN 0 128 *:783 *:* users:(("spamd child",pid=1103,fd=5),("spamd child",pid=1102,fd=5),("/usr/sbin/spamd",pid=802,fd=5))
tcp LISTEN 0 128 *:22 *:* users:(("sshd",pid=458,fd=3))
tcp LISTEN 0 20 *:25 *:* users:(("tcpserver",pid=509,fd=3))
tcp LISTEN 0 128 :::993 :::* users:(("couriertcpd",pid=574,fd=3))
tcp LISTEN 0 128 :::995 :::* users:(("couriertcpd",pid=547,fd=3))
tcp LISTEN 0 128 :::110 :::* users:(("couriertcpd",pid=548,fd=3))
tcp LISTEN 0 128 :::783 :::* users:(("spamd child",pid=1103,fd=6),("spamd child",pid=1102,fd=6),("/usr/sbin/spamd",pid=802,fd=6))
tcp LISTEN 0 128 :::143 :::* users:(("couriertcpd",pid=569,fd=3))
tcp LISTEN 0 128 :::80 :::* users:(("apache2",pid=4626,fd=4),("apache2",pid=4625,fd=4),("apache2",pid=4624,fd=4),("apache2",pid=4623,fd=4),("apache2",pid=4621,fd=4),("apache2",pid=4611,fd=4),("apache2",pid=4610,fd=4),("apache2",pid=4609,fd=4),("apache2",pid=4608,fd=4),("apache2",pid=4607,fd=4),("apache2",pid=4603,fd=4))
tcp LISTEN 0 20 :::465 :::* users:(("sslserver",pid=513,fd=3))
tcp LISTEN 0 128 :::22 :::* users:(("sshd",pid=458,fd=4))
In this case, Qmail should now be able to send and receives e-mails.
Among couriertcpd/tcpserver/sslserver, the ports
- 25 is for SMTP
- 110 is for POP3
- 143 is for IMAP
- 465 is for SMTP-SSL
- 993 is for POP3S (POP3-SSL)
- 995 is for IMAPS (IMAP-SSL)
Receiving e-mails
You should have an answer like this :
Connected to localhost.
Escape character is '^]'.
220 servername.localdomain.tld ESMTP
mail from: <testmail@test.com>
250 ok
rcpt to: <nospam@test.com>
250 ok
data
354 go ahead
From: Test_sender <testmail@test.com>
To: Test_receiver <nospam@test.com>
Subject: Just a stupid SMTP test
Just a test !
.
250 ok 1279384489 qp 3711
quit
221 servername.localdomain.tld
Connection closed by foreign host.
This demonstrate a successful SMTP connection !
For our tests, we need to create a dummy account
/home/vpopmail/bin/vadduser test@test.com brol2
qmailctl reload
We also can create a real account
/home/vpopmail/bin/vadduser an_account@your_real_domain.tld your_account_password
qmailctl reload
You can of course do the same thing via vqadmin and qmailadmin web interfaces
"brol" is a belgian idiom that means "something useless"
You can send a test mail to an_account@your_real_domain.tld from you regular mail client. We 'll retrieve it in the next step but if you don't receive a NDR, it's probably already OK
Sending e-mail through an authentificate connection : Testing TLS
You should have an answer like this:
Connected to localhost.
Escape character is '^]'.
220 servername.domain.tld ESMTP
ehlo localhost
250-servername.domain.tld
250-STARTTLS
250-SIZE 0
250-PIPELINING
250 8BITMIME
starttls
220 ready for tls
quit
quit
In the above SMTP session, I have higlighted the important aspects in DARK RED. After you give the server the initial "ehlo localhost" command, you should get a response back that lists "250-STARTTLS", signaling that the server is in fact equipped for TLS functionality. Then, after you issue the "starttls" command, you should get the :"220 ready for tls" response if the server is able to successfully start the TLS session.
- Verify that the cert actually exists at /var/qmail/control/servercert.pem. If it's not there, go back to step 2 and repeat the cert creation step.
- Verify that the cert is owned by vpopmail:vchkpw. If it's not, then make it so like this :
chown vpopmail:vchkpw /var/qmail/control/servercert.pem
chmod 640 /var/qmail/control/servercert.pem
Now we have verified that the server supports the STARTTLS command, we can use openssl s_client to connect.
This command is equivalent to the previous sequence until the "220 ready for tls" message
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=BE/ST=Brussels/L=Brussels/O=THIBS.COM/OU=ICT/CN=fqdn/emailAddress=your@e-mail.tld
verify return:1
250 8BITMIME
ehlo testing
250-fqdn
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-SIZE 0
250-PIPELINING
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ==
334 UGFzc3dvcmQ6
YnJvbDI=
235 ok, go ahead (#2.0.0)
mail from: <testmail@test.com>
250 ok
rcpt to: <nospam@test.com>
250 ok
data
354 go ahead
From: Test_sender <testmail@test.com>
To: Test_receiver <nospam@test.com>
Subject: Just a simple SMTP TLS test
Just a TLS test !
.
250 ok 1279384489 qp 3711
quit
221 servername.localdomain.tld
Connection closed by foreign host.
As you've probably noticed, the login and password are encoded ( "dGVzdEB0ZXN0LmNvbQ==" stands for "test@test.com" and "YnJvbDI=" stands for "brol2")! You can encode yourself with the script base64
Input you string: test@test.com
Base64 encode is : dGVzdEB0ZXN0LmNvbQ==
Input you string: brol2
Base64 encode is : YnJvbDI=
Input you string: ^C (means press CTRL+C)
Test SMTP-SSL
It's nearly the same test. In this case, we use an SSL server where we connect to a different port number. We have to establish an SSL connection before the SMTP conversation even starts :
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=BE/ST=Brussels/L=Brussels/O=THIBS.COM/OU=ICT/CN=fqdn/emailAddress=your@e-mail.tld
verify return:1
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ==
334 UGFzc3dvcmQ6
YnJvbDI=
235 ok, go ahead (#2.0.0)
mail from: <testmail@test.com>
250 ok
rcpt to: <nospam@test.com>
250 ok
data
354 go ahead
From: Test_sender <testmail@test.com>
To: Test_receiver <nospam@test.com>
Subject: Just a simple SMTP-SSL test
Just a SMTP-SSL test !
.
250 ok 1279384489 qp 3711
quit
221 servername.localdomain.tld
Connection closed by foreign host.
Users comments
Thanks for a great howto. I used to run this on BSD many years ago and recently wanted to move back to my own mail server from an isp hosted. So far everything works great with some minor issues.
Using mailradar to test for openrelay some of the tests fail.
Specifically this one below. Any suggestions on what I may have missed?
[Method 8 @ 1508170376]
<<< 220 mail.domain.com ESMTP
>>> HELO mailradar.com
<<< 250 mail.domain.com
>>> MAIL FROM: <antispam@[10.10.10.1]>
<<< 250 ok
>>> RCPT TO: <"relaytest%mailradar.com">
<<< 250 ok
>>> QUIT
<<< 221 mail.domain.com
[TEST NOT PASSED]
anybody can help me once i try to test qmail coming below erro.
! Couldn't find /usr/local/bin/sslclient from UCSPI-SSL
Try to re-install UCSPI-SSL
! Couldn't find /usr/local/bin/sslserver from UCSPI-SSL
Try to re-install UCSPI-SSL
It seems to work now, it was a GLUE problem on my DNS records... Sorry for the inconvenience, but if someone is in the same case, don't forget to update your GLUE if you change your mail server ip :)
Yes I checked, but nothings appears in the log files (I checked /var/log/qmail/qmail-smtpd/current, /var/log/qmail/qmail-send/current and syslog). Like there's no conversation between my server and Yahoo's.
Strangely, sometimes one mail works. But most of the time, nothing.
Hello Steph,
Did you check /var/log/qmail/qmail-smtpd/current
You can eventually track the mails sent to Yahoo with Tracking
Hello,
I've recently migrate my old qmail server with a new one following this guide, and I've got trouble with Yahoo emails.
If I try to send emails from Yahoo to my server (tried with several of my domains), most of the time, I don't receive them and 24h later I've got the following email in my Yahoo inbox:
Sorry, we were unable to deliver your message to the following address.
<xxx@yyy.com>:
Mail server for "yyy.com" unreachable for too long
- I don't have problems with other servers (Gmail, Live, ...), only Yahoo.
- I know that Yahoo error message is apparently bullshit (we find a lot on that on internet)
- I tried to edit line 69 of /service/qmail-smtpd/run to have RBL_BAD="" and then qmailctl restart to be sure Yahoo wasn't listed on spamhaus or something like that
- When emails are sent from yahoo, I don't see anything regarding an SMTP exchange in /var/log/qmail/qmail-smtpd/current, /var/log/qmail/qmail-send/current or syslog
Does someone have an idea?
Thank you
Hi Seba,
Try to subscribe to their "Junk Mail Reporting Program"and register your IP linked to your account on https://mail.live.com/mail/postmaster.aspx (it's the start page, I do not remember where it is)
Hi Thibs,
I've followed this guide on a fresh installation on a new server and i'm having problems sending emails to Microsoft servers.
Every email I sent goes directly to spam.
I've verified the source code of the message and I saw that did not pass sid and auth verifications.
X-AUTH-Result: NONE
X-SID-Result: NONE
The domain I'm using have the TXT record about SPF like others domains in others servers that are reaching inbox. Not using DKIM
Any idea?
This scrip not function on UBUNTu Server 14.04.1
/downloads/scripts/qmr_inst_check
but qmailwith simscan work fine
thx Stupicz - 30/04/2013 16:34
RBLSMTPD_PROG="rblsmtpd"
RBL_GOOD=""
RBL_BAD="zen.spamhaus.org dnsbl.sorbs.net bl.spamcop.net"
#RBL_BAD="zen.spamhaus.org dnsbl.njabl.org dnsbl.sorbs.net bl.spamcop.net"
LOL: my mistake!
i wrote "starttls" under openssl s_client command.
Sorry!
Hi Thibs,
When i test starttls option i get the following error:
454 TLS not available: TLS already active (4.3.0)
Here the entire process:
openssl s_client -starttls smtp -crlf -connect localhost:25 -quiet
depth=0 /C=UY/ST=Mvd/L=Mvd/O=data/OU=data/CN=rhyasoc/emailAddress=mail@domain.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=UY/ST=Mvd/L=Mvd/O=Data/OU=data/CN=rhyasoc/emailAddress=mail@domain.com
verify return:1
250 8BITMIME
ehlo
250-server.domain.com
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-SIZE 104857600
250-PIPELINING
250 8BITMIME
starttls
454 TLS not available: TLS already active (4.3.0)
This used to work just fine, but now i have this issue.
My client is having problem to send email using 25 with tls.
The message is pretty clear, i have not tls enabled, but how may this happend?
I've search log files and i didn't see any clue that helped me figure this out.
Thanks
Regards
Removed njabl.org DNSBL server from list, now everything works fine.
FYI: March 1, 2013: NJABL is in the process of being shut down. The DNSBL zones have been emptied. After "the Internet" has had some time to remove NJABL from server configs, the NS's will be pointed off into unallocated space (192.0.2.0/24 TEST-NET-1) to hopefully make the shutdown obvious to those who were slower to notice.
@Stupicz
You have to type yourself ehlo localhost or mail from: <testmail@test.com>
Same problem...
root@server:~# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'.
And nothing...
@Mumu : What do you need to wait 5 min for ?
Before you can type "mail from: " ?
If you try
cat /etc/hosts
Do you have at least
127.0.0.1 localhost
?
telnet localhost 25 Trying 127.0.0.1..... Connected to localhost. Escape character is '^]'.
LOL, hit the problem:
/home/vpopmail/bin/vadddomain test.com brol
Error - no authentication database connection. Initial open.
@Tripmod : What was exactly wrong ? Did you follow the instructions described in John's page under "current solution" ? If yes, note that this was also explained in clamav.php
the problem was in qmail-scanner, this http://qmail.jms1.net/clamav/qmail-scanner.shtml solve all my problems 10x for your support
@Tripmod : to be honnest I've never seen this error (but a search on Google shows me that you are not the only one)
Could you please confirm me :
1° The file /home/vpopmail/domains/YOUR-DOMAIN/.qmail-default contain
| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
2° The file /var/qmail/control/defaultdelivery contains
./Maildir
3° The file /etc/tcp.smtp contains at least
127.:allow,RELAYCLIENT=""
Take also a look at http://www.mail-archive.com/qmail@id.wustl.edu/msg44092.html
another hint:
when I try to send email from gmail, I still have no email, but looks my smtp log this actions and exited code of tcpserver is correct eg 0, but where is the email? i try to check my queue with qmqtool, but there no emails, otherwise when I do test from my local install tcpserver exited with status 256
2012-03-08 11:57:04.322490500 tcpserver: pid 21134 from 127.0.0.1 2012-03-08 11:57:04.322884500 tcpserver: ok 21134 xxx-rs.com:127.0.0.1:25 localhost:127.0.0.1::44599 2012-03-08 11:57:09.537765500 qmail-smtpd[21134]: MFCHECK pass [127.0.0.1] test.com 2012-03-08 11:57:09.537768500 qmail-smtpd[21134]: MAIL FROM: 2012-03-08 11:57:13.267361500 qmail-smtpd[21134]: RCPT TO: 2012-03-08 11:57:55.744234500 tcpserver: end 21134 status 256
2012-03-08 12:00:29.975319500 tcpserver: pid 21204 from 87.118.122.80 2012-03-08 12:00:29.976000500 tcpserver: ok 21204 xxx.com:xx.xx.xx.xx:25 xxxxxx.de:xx.xx.xx.xx::55922 2012-03-08 12:00:31.216229500 qmail-smtpd[21204]: MFCHECK pass [xx.xx.xx.xx] xxx-rs.com 2012-03-08 12:00:31.216270500 qmail-smtpd[21204]: Received-SPF: pass (xxx.com: local policy designates xx.xx.xx.xx as permitted sender) 2012-03-08 12:00:31.216280500 qmail-smtpd[21204]: MAIL FROM: 2012-03-08 12:00:31.260515500 qmail-smtpd[21204]: RCPT TO: 2012-03-08 12:00:31.387445500 tcpserver: end 21204 status 0
@Tripmod
Try to check the SMTP log with the command :
tail /var/log/qmail/qmail-smtpd/current
You should see there what's wrong
hi, I followed all instructions, and process of compiling and installation have no errors. when I want to do local test of my fresh installation I get this strange error
root@xxl-rs:~# telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 xxl-rs.com ESMTP mail from: 250 ok rcpt to: 250 ok data 354 go ahead From: Test_sender To: Test_receiver Subject: Just a stupid SMTP test Just a test ! . 451 unable to exec qq (#4.3.0) quit 221 xxl-rs.com Connection closed by foreign host.
additional info: all types of login/ (imap/pop3) are workable, all ports are open, and looks that all mail services is working too, but I still have no recieve and sent emails
Hi Mauricio,
It seems your permission on mailboxes are wrong :
This is how your /home/vpomail/domains/YOUR_DOMAIN should look like :
root@qmailtest:/home/vpopmail/domains/thibs.be# ls -lah
total 20K
drwx------ 4 vpopmail vchkpw 4.0K Oct 20 03:58 .
drwx------ 4 vpopmail vchkpw 4.0K Oct 20 04:12 ..
drwx------ 3 vpopmail vchkpw 4.0K Oct 20 03:58 postmaster
-rw------- 1 vpopmail vchkpw 0 Oct 20 03:58 .qmailadmin-limits
-rw------- 1 vpopmail vchkpw 52 Oct 20 03:58 .qmail-default
drwx------ 3 vpopmail vchkpw 4.0K Oct 20 03:58 thibs
This is how your /home/vpomail/domains/YOUR_DOMAIN/MAILBOXE should look like :
root@qmailtest:/home/vpopmail/domains/thibs.be/thibs# ls -lah
total 12K
drwx------ 3 vpopmail vchkpw 4.0K Oct 20 03:58 .
drwx------ 4 vpopmail vchkpw 4.0K Oct 20 03:58 ..
drwx------ 8 vpopmail vchkpw 4.0K Oct 20 05:02 Maildir
This is how your /home/vpomail/domains/YOUR_DOMAIN/MAILBOXE/Maildir should look like :
root@qmailtest:/home/vpopmail/domains/thibs.be/thibs/Maildir# ls -lah
total 40K
drwx------ 8 vpopmail vchkpw 4.0K Oct 20 05:02 .
drwx------ 3 vpopmail vchkpw 4.0K Oct 20 03:58 ..
drwx------ 2 vpopmail vchkpw 4.0K Oct 20 04:02 courierimapkeywords
-rw-r--r-- 1 vpopmail vchkpw 23 Oct 20 05:02 courierimapsubscribed
-rw-r--r-- 1 vpopmail vchkpw 15 Oct 20 05:02 courierimapuiddb
drwx------ 2 vpopmail vchkpw 4.0K Oct 20 05:02 cur
drwx------ 2 vpopmail vchkpw 4.0K Oct 20 04:27 new
drwx------ 6 vpopmail vchkpw 4.0K Oct 20 04:02 .Sent
drwx------ 2 vpopmail vchkpw 4.0K Oct 20 05:44 tmp
drwx------ 6 vpopmail vchkpw 4.0K Oct 20 05:02 .Trash
If all the mailboxes of all domains are wrong, you probably missed something at this step
Hi Thibs, how are you?
I've installed a new server following your guide and i got this error log's message when i send a test email from my account to server's one.
400000004ea2e1ae00496aec starting delivery 48: msg 1838717 to local cosco.com.uy-copia@cosco.com.uy @400000004ea2e1ae00498644 status: local 1/10 remote 0/120 @400000004ea2e1ae00bcc62c delivery 48: deferral: Unable_to_open_.qmail-copia:_access_denied._(#4.3.0)/ @400000004ea2e1ae00bcd5cc status: local 0/10 remote 0/120
Have you any idea what the problem is?
Kind regards!
Hi Hip0,
I've just checked the step qmail-ucspi.php and I mention
cd /var/qmail/control
chmod 640 servercert.pem
chown vpopmail:vchkpw servercert.pem
I've just re-done an entire install and nowhere those ownerships/permissions are destroyed ...
I have however noticed a potential problem on this page if you followed the optionnal tip If you happen to get an error that states "454 TLS not available".
I've just corrected this tip !
Hi Thibs,
I followed your guide to install a brand new qmail server and I got error caused by:
/service/qmail-smtpdssl/run
in /var/log/qmail/qmail-smtpdssl, there was the following error:
@400000004e9807b10dae2ca4 sslserver: fatal: unable to load certificate
I've posted on my blog an explanation to the issue - http://www.pc-freak.net/blog/how-to-fix-sslserver-fatal-unable-to-load-certificate-qmail-error-on-gnu-linux/
Maybe it's good if you fix it in your install guide as well.
Wish you best!
Georgi
@Master :
Try
qmailctl restart
You should have
Restarting qmail: * Stopping qmail-smtpdssl. * Stopping qmail-smtpd. * Sending qmail-send SIGTERM and restarting. * Restarting qmail-smtpd. * Restarting qmail-smtpdssl.
Try then
qmailctl stat
You should have
/service/qmail-send: up (pid 17762) 63 seconds
/service/qmail-send/log: up (pid 17763) 63 seconds
/service/qmail-smtpd: up (pid 18500) 63 seconds
/service/qmail-smtpd/log: up (pid 17767) 63 seconds
/service/qmail-smtpdssl: up (pid 18496) 63 seconds
/service/qmail-smtpdssl/log: up (pid 17773) 63 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0
If you still have the problem try this :
tail /var/log/qmail/qmail-smtpd/current
You should then see what's wrong
Maru : I've indeed the same as you.
But if you take a look all the "failed test" are not for external adress. So the host cannot be used to send mails outside.
e.g. :
RCPT TO:
You 'll suceed most of the tests if you follow the instructions of this optionnal task : http://qmailrocks.thibs.com/validrcptto.php
I checked open relay test at a below site after install qmailrocks successfully.
http://www.mailradar.com/openrelay/
The result is [TEST NOT PASSED] at the method 5, 6, 8, 9, 10, 14, 15, 16.
What's the problem?
Mabiala : It's just because teste.co.ao do not exist (in my sample I used test.com because this domain exists)
Luck that is the error i get
debian:~# perl /downloads/scripts/base64 Press Enter to exit. Input you string: postmaster@teste.co.ao Base64 encode is : cG9zdG1hc3RlckB0ZXN0ZS5jby5hbw== Input you string: 123456 Base64 encode is : MTIzNDU2 Input you string: ^C debian:~# openssl s_client -crlf -connect localhost:465 -quiet depth=0 /C=AO/ST=Luanda/L=Luanda/O=Teste/OU=Teste/CN=debian/emailAddress=postmaster@teste.co.ao verify error:num=18:self signed certificate verify return:1 depth=0 /C=AO/ST=Luanda/L=Luanda/O=Teste/OU=Teste/CN=debian/emailAddress=postmaster@teste.co.ao verify return:1 220 debian.teste.co.ao ESMTP auth login 334 VXNlcm5hbWU6 cG9zdG1hc3RlckB0ZXN0ZS5jby5hbw== 334 UGFzc3dvcmQ6 MTIzNDU2 235 ok, go ahead (#2.0.0) mail from: 553 sorry, your envelope sender domain must exist (#5.7.1)
You have to write EXACTLY
mail from: <testmail@test.com>
(of course replace by your e-mail adress)
teste:~# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 mailadmin.teste.co.ao ESMTP mail from: 553 sorry, your envelope sender domain must exist (#5.7.1)
I get this error.
I was getting error on qmr_inst_check:
! vpopmail database do not exist!
However it was there. The script greps for datadir in /etc/mysql/my.cnf and looks for vpopmail subfolder under that. But in my case (Ubuntu 20.04) since /var/lib/mysql is the default, it is not set there, and anyway its in an include file /etc/mysql/mysql.conf.d/mysqld.cnf.
My fix was to add "datadir = /var/lib/mysql" to /etc/mysql/my.cnf or mysql.cnf (Ubuntu has softlinks between these for /etc/alternatives/ reasons), and re-run qmr_inst_check and it worked.