Last updated 20120911
URL: http://toribio.apollinare.org/qmail/

README.qmail.st-patch

(c) 2003-2012 Salvatore Toribio for this combo-patch (toribio - pusc.it)

This cumulative patch for qmail comes with NO WARRANTY, you can redistribute and modify it freely, just put a link to this page.

Original qmail-1.03 from Daniel J. Bernstein could be download from: qmail-1.03.tar.gz.

I started working in this patch in July 2003 for my own use, I tried to apply some patches that I wanted to use as antispam tools and I found that some of them were no compatible so I added them manually, then I started to add some logs by my own and fix some cosmetic things like qmail-showctl, some man pages and the documentation's install. And added other patches.

At the end I have included all the patches already included in netqmail-1.05

TO APPLY THE PATCH

Download it (qmail.st-combo.15.patch) or:

wget http://cr.yp.to/software/qmail-1.03.tar.gz
wget http://toribio.apollinare.org/qmail/qmail.st-combo.15.patch

tar xzf qmail-1.03.tar.gz -C /var/tmp
cp qmail.st-combo.15.patch /var/tmp/

cd /var/tmp

patch -p0 < qmail.st-combo.15.patch

You will get this output:

patching file qmail-1.03/FILES
patching file qmail-1.03/Makefile
patching file qmail-1.03/README.isoc.patch
patching file qmail-1.03/README.qq-custom-error
patching file qmail-1.03/README.qregex
patching file qmail-1.03/README.st-patch
patching file qmail-1.03/TARGETS
patching file qmail-1.03/VERSION
patching file qmail-1.03/cdb_seek.c
patching file qmail-1.03/cdbmake_add.c
patching file qmail-1.03/dns.c
patching file qmail-1.03/error.3
patching file qmail-1.03/error.h
patching file qmail-1.03/hier.c
patching file qmail-1.03/install-big.c
patching file qmail-1.03/ipme.c
patching file qmail-1.03/qmail-control.9
patching file qmail-1.03/qmail-local.c
patching file qmail-1.03/qmail-pop3d.c
patching file qmail-1.03/qmail-popup.c
patching file qmail-1.03/qmail-remote.8
patching file qmail-1.03/qmail-remote.c
patching file qmail-1.03/qmail-showctl.c
patching file qmail-1.03/qmail-smtpd.8
patching file qmail-1.03/qmail-smtpd.c
patching file qmail-1.03/qmail.c
patching file qmail-1.03/qmail.h
patching file qmail-1.03/qregex.c
patching file qmail-1.03/qregex.h
patching file qmail-1.03/remoteinfo.c
patching file qmail-1.03/sendmail.c
patching file qmail-1.03/spawn.c
patching file qmail-1.03/timeoutconn.c

PATCHES INCLUDED

I have added the patches in this order:

qmailqueue-patch from Bruce Guenter
http://www.qmail.org/qmailqueue-patch

qmail-1.03-mfcheck.4.patch from Balazs Nagy
http://js.hu/package/qmail/qmail-1.03-mfcheck.4.patch
The conection is closed after the 553 code is sent.

Modified the qmail.c and qmail-smtpd.c to send the code
"553 We have reasons to believe this mail is spam (#5.7.1)"
when rejecting spam-mails with qmail-scanner st.

accept-5xx.patch from Adrian Ho
http://www.qmail.org/accept-5xx.patch

qregex.patch-20040601 (with some modifications)
http://www.arda.homeunix.net/store/qmail/
Badmailto blocks after the DATA command and close the conection.
Badmailfrom skips empty return-paths an qmail bounces (#@[]).

Added some logs to qmail-smtpd that help me to track some messages arriving to qmail-scanner without sender and recipients.

qmail-1.03.errno.patch and qmail-1.03.qmail_local.patch from Mate Wierdl (and Erik Sjoelund)
http://djbware.csi.hu/patches/

outgoingip.patch from Andy Repton and Sergio Gelato
http://www.qmail.org/outgoingip.patch

sendmail-flagf.patch from David Phillips
http://david.acz.org/software/sendmail-flagf.patch

qmail-0.0.0.0.patch from Scott Gifford
http://www.suspectclass.com/~sgifford/qmail/qmail-0.0.0.0.patch

qmail-isoc.patch from James Craig Burley
http://www.jcb-sc.com/qmail/patches/

qmail-queue-custom-error.patch from Flavio Curti
Allows qmail-queue to exit using custom error-messages, which can be displayed on SMTP connections.
See file README.qq-custom-error after patching for details.
https://no-way.org/qmail-error/

Oversize DNS packets patch from Christopher K. Davis
I found that qmail-send sometimes is not able to send messages to some servers due to the dns response
for that servers is bigger than 512 bytes, and then qmail-send exits with a temporary failure, but it is not really temporary...
http://www.ckdhr.com/ckd/qmail-103.patch

Lately (20120911) some broken dns drop the connection when they receive a T_ANY question,
that qmail uses to check for CNAME (and old feature that maybe nobody is using nowadays),
so, even with the patch for oversize DNS packets, it is not possible to send emails to some
domains, and in the qmail-send log you'll find CNAME lookup failed temporarily.
So I added a small patch that skips the error.
http://toribio.apollinare.org/qmail/qmail-st-cname.patch

NEW QMAIL CONTROL FILES

outgoingip     In a multihomed box, the ip qmail-send will use.

mfcheck        Set it to '1' to check if the domain in the envelope sender
               address exists. Set it to '0' or remove it to disable
               the check.
               It could also be enabled/disabled setting the enviroment
               variabile MFCHECK in the tcp.rules file.

badmailfrom
badmailto
badhelo        This three files contains regex that will be matched against
               envelope addresses and the helo to reject mails.
               They could be skipped for certains IPs setting the 'empty'
               enviroment variables BADMAILFROM, BADMAILTO and NOBADHELO in
               the tcp.rules file.
               See README.qregex or qmail-smtpd man page for more information.

LOG LINES ADDED TO qmail-smtpd

Accepted messsages will log:

mailfrom_ user@domain _to_ localuser@localdomain
(if there are multiples recipients only logs the first one...)

Rejected messages could log:

Bare LFs in SMTP, rejecting (451)
envelope sender domain_ user@domain _doesn't exist rejecting (553)
mfcheck - DNS temporary failure (451)
badhelo_ helo spamhost _at 1.1.1.1, rejecting (553)
envelope sender_ user@domain _in my badmailfrom list, rejecting (553)
envelope rcptto_ user@domain _in my badmailto list, rejecting (553)
envelope rcptto_ user@domain _isn't in my rcpthost, rejecting (553)
too many hops, this message is looping (554)
message size exceeds my databytes limit (552)
qq error - 'qmail-queue error code...'

ENVIRONMENT VARIABLE

If the environment variable QSLOG is set to '1', the log format will change to be more likely qmail-scanner log format:

pid smtpd: the_above_log_messages

The QSLOG environment variable could also be set using the '-L' option in the tcpserver of ucspi.st-patch, see below for the link.

There is also an ucspi.st-patch, that could be found at:
http://toribio.apollinare.org/qmail/


Home

Salvatore Toribio

20120911