(c) 2003-2012 Salvatore Toribio for this combo-patch (toribio - pusc.it)
This cumulative patch for qmail comes with NO WARRANTY, you can redistribute and modify it freely, just put a link to this page.
Original qmail-1.03 from Daniel J. Bernstein could be download from: qmail-1.03.tar.gz.
I started working in this patch in July 2003 for my own use, I tried to apply some patches that I wanted to use as antispam tools and I found that some of them were no compatible so I added them manually, then I started to add some logs by my own and fix some cosmetic things like qmail-showctl, some man pages and the documentation's install. And added other patches.
At the end I have included all the patches already included in netqmail-1.05
Download it (qmail.st-combo.15.patch) or:
wget http://cr.yp.to/software/qmail-1.03.tar.gz wget http://toribio.apollinare.org/qmail/qmail.st-combo.15.patch tar xzf qmail-1.03.tar.gz -C /var/tmp cp qmail.st-combo.15.patch /var/tmp/ cd /var/tmp patch -p0 < qmail.st-combo.15.patch
You will get this output:
patching file qmail-1.03/FILES patching file qmail-1.03/Makefile patching file qmail-1.03/README.isoc.patch patching file qmail-1.03/README.qq-custom-error patching file qmail-1.03/README.qregex patching file qmail-1.03/README.st-patch patching file qmail-1.03/TARGETS patching file qmail-1.03/VERSION patching file qmail-1.03/cdb_seek.c patching file qmail-1.03/cdbmake_add.c patching file qmail-1.03/dns.c patching file qmail-1.03/error.3 patching file qmail-1.03/error.h patching file qmail-1.03/hier.c patching file qmail-1.03/install-big.c patching file qmail-1.03/ipme.c patching file qmail-1.03/qmail-control.9 patching file qmail-1.03/qmail-local.c patching file qmail-1.03/qmail-pop3d.c patching file qmail-1.03/qmail-popup.c patching file qmail-1.03/qmail-remote.8 patching file qmail-1.03/qmail-remote.c patching file qmail-1.03/qmail-showctl.c patching file qmail-1.03/qmail-smtpd.8 patching file qmail-1.03/qmail-smtpd.c patching file qmail-1.03/qmail.c patching file qmail-1.03/qmail.h patching file qmail-1.03/qregex.c patching file qmail-1.03/qregex.h patching file qmail-1.03/remoteinfo.c patching file qmail-1.03/sendmail.c patching file qmail-1.03/spawn.c patching file qmail-1.03/timeoutconn.c
I have added the patches in this order:
qmailqueue-patch from Bruce Guenter
qmail-1.03-mfcheck.4.patch from Balazs Nagy
The conection is closed after the 553 code is sent.
Modified the qmail.c and qmail-smtpd.c to send the code
"553 We have reasons to believe this mail is spam (#5.7.1)"
when rejecting spam-mails with qmail-scanner st.
accept-5xx.patch from Adrian Ho
qregex.patch-20040601 (with some modifications)
Badmailto blocks after the DATA command and close the conection.
Badmailfrom skips empty return-paths an qmail bounces (#@).
Added some logs to qmail-smtpd that help me to track some messages arriving to qmail-scanner without sender and recipients.
qmail-1.03.errno.patch and qmail-1.03.qmail_local.patch from Mate Wierdl
(and Erik Sjoelund)
outgoingip.patch from Andy Repton and Sergio Gelato
sendmail-flagf.patch from David Phillips
qmail-0.0.0.0.patch from Scott Gifford
qmail-isoc.patch from James Craig Burley
qmail-queue-custom-error.patch from Flavio Curti
Allows qmail-queue to exit using custom error-messages, which can be displayed on SMTP connections.
See file README.qq-custom-error after patching for details.
Oversize DNS packets patch from Christopher K. Davis
I found that qmail-send sometimes is not able to send messages to some servers due to the dns response
for that servers is bigger than 512 bytes, and then qmail-send exits with a temporary failure, but it is not really temporary...
Lately (20120911) some broken dns drop the connection when they receive a T_ANY question,
that qmail uses to check for CNAME (and old feature that maybe nobody is using nowadays),
so, even with the patch for oversize DNS packets, it is not possible to send emails to some
domains, and in the qmail-send log you'll find CNAME lookup failed temporarily.
So I added a small patch that skips the error.
outgoingip In a multihomed box, the ip qmail-send will use. mfcheck Set it to '1' to check if the domain in the envelope sender address exists. Set it to '0' or remove it to disable the check. It could also be enabled/disabled setting the enviroment variabile MFCHECK in the tcp.rules file. badmailfrom badmailto badhelo This three files contains regex that will be matched against envelope addresses and the helo to reject mails. They could be skipped for certains IPs setting the 'empty' enviroment variables BADMAILFROM, BADMAILTO and NOBADHELO in the tcp.rules file. See README.qregex or qmail-smtpd man page for more information.
Accepted messsages will log:
mailfrom_ user@domain _to_ localuser@localdomain (if there are multiples recipients only logs the first one...)
Rejected messages could log:
Bare LFs in SMTP, rejecting (451) envelope sender domain_ user@domain _doesn't exist rejecting (553) mfcheck - DNS temporary failure (451) badhelo_ helo spamhost _at 22.214.171.124, rejecting (553) envelope sender_ user@domain _in my badmailfrom list, rejecting (553) envelope rcptto_ user@domain _in my badmailto list, rejecting (553) envelope rcptto_ user@domain _isn't in my rcpthost, rejecting (553) too many hops, this message is looping (554) message size exceeds my databytes limit (552) qq error - 'qmail-queue error code...'
If the environment variable QSLOG is set to '1', the log format will change to be more likely qmail-scanner log format:
pid smtpd: the_above_log_messages
The QSLOG environment variable could also be set using the '-L' option in the tcpserver of ucspi.st-patch, see below for the link.
There is also an ucspi.st-patch, that could be found at: