(c) 2003-2012 Salvatore Toribio for this combo-patch (toribio - pusc.it)
This cumulative patch for qmail comes with NO WARRANTY, you can redistribute and modify it freely, just put a link to this page.
Original qmail-1.03 from Daniel J. Bernstein could be download from: qmail-1.03.tar.gz.
I started working in this patch in July 2003 for my own use, I tried to apply some patches that I wanted to use as antispam tools and I found that some of them were no compatible so I added them manually, then I started to add some logs by my own and fix some cosmetic things like qmail-showctl, some man pages and the documentation's install. And added other patches.
At the end I have included all the patches already included in netqmail-1.05
Download it (qmail.st-combo.15.patch) or:
wget http://cr.yp.to/software/qmail-1.03.tar.gz wget http://toribio.apollinare.org/qmail/qmail.st-combo.15.patch tar xzf qmail-1.03.tar.gz -C /var/tmp cp qmail.st-combo.15.patch /var/tmp/ cd /var/tmp patch -p0 < qmail.st-combo.15.patch |
You will get this output:
patching file qmail-1.03/FILES patching file qmail-1.03/Makefile patching file qmail-1.03/README.isoc.patch patching file qmail-1.03/README.qq-custom-error patching file qmail-1.03/README.qregex patching file qmail-1.03/README.st-patch patching file qmail-1.03/TARGETS patching file qmail-1.03/VERSION patching file qmail-1.03/cdb_seek.c patching file qmail-1.03/cdbmake_add.c patching file qmail-1.03/dns.c patching file qmail-1.03/error.3 patching file qmail-1.03/error.h patching file qmail-1.03/hier.c patching file qmail-1.03/install-big.c patching file qmail-1.03/ipme.c patching file qmail-1.03/qmail-control.9 patching file qmail-1.03/qmail-local.c patching file qmail-1.03/qmail-pop3d.c patching file qmail-1.03/qmail-popup.c patching file qmail-1.03/qmail-remote.8 patching file qmail-1.03/qmail-remote.c patching file qmail-1.03/qmail-showctl.c patching file qmail-1.03/qmail-smtpd.8 patching file qmail-1.03/qmail-smtpd.c patching file qmail-1.03/qmail.c patching file qmail-1.03/qmail.h patching file qmail-1.03/qregex.c patching file qmail-1.03/qregex.h patching file qmail-1.03/remoteinfo.c patching file qmail-1.03/sendmail.c patching file qmail-1.03/spawn.c patching file qmail-1.03/timeoutconn.c |
I have added the patches in this order:
qmailqueue-patch from Bruce Guenter
http://www.qmail.org/qmailqueue-patch
qmail-1.03-mfcheck.4.patch from Balazs Nagy
http://js.hu/package/qmail/qmail-1.03-mfcheck.4.patch
The conection is closed after the 553 code is sent.
Modified the qmail.c and qmail-smtpd.c to send the code
"553 We have reasons to believe this mail is spam (#5.7.1)"
when rejecting spam-mails with qmail-scanner st.
accept-5xx.patch from Adrian Ho
http://www.qmail.org/accept-5xx.patch
qregex.patch-20040601 (with some modifications)
http://www.arda.homeunix.net/store/qmail/
Badmailto blocks after the DATA command and close the conection.
Badmailfrom skips empty return-paths an qmail bounces (#@[]).
Added some logs to qmail-smtpd that help me to track some messages arriving to qmail-scanner without sender and recipients.
qmail-1.03.errno.patch and qmail-1.03.qmail_local.patch from Mate Wierdl
(and Erik Sjoelund)
http://djbware.csi.hu/patches/
outgoingip.patch from Andy Repton and Sergio Gelato
http://www.qmail.org/outgoingip.patch
sendmail-flagf.patch from David Phillips
http://david.acz.org/software/sendmail-flagf.patch
qmail-0.0.0.0.patch from Scott Gifford
http://www.suspectclass.com/~sgifford/qmail/qmail-0.0.0.0.patch
qmail-isoc.patch from James Craig Burley
http://www.jcb-sc.com/qmail/patches/
qmail-queue-custom-error.patch from Flavio Curti
Allows qmail-queue to exit using custom error-messages, which can be displayed on SMTP connections.
See file README.qq-custom-error after patching for details.
https://no-way.org/qmail-error/
Oversize DNS packets patch from Christopher K. Davis
I found that qmail-send sometimes is not able to send messages to some servers due to the dns response
for that servers is bigger than 512 bytes, and then qmail-send exits with a temporary failure, but it is not really temporary...
http://www.ckdhr.com/ckd/qmail-103.patch
Lately (20120911) some broken dns drop the connection when they receive a T_ANY question,
that qmail uses to check for CNAME (and old feature that maybe nobody is using nowadays),
so, even with the patch for oversize DNS packets, it is not possible to send emails to some
domains, and in the qmail-send log you'll find CNAME lookup failed temporarily.
So I added a small patch that skips the error.
http://toribio.apollinare.org/qmail/qmail-st-cname.patch
outgoingip In a multihomed box, the ip qmail-send will use.
mfcheck Set it to '1' to check if the domain in the envelope sender
address exists. Set it to '0' or remove it to disable
the check.
It could also be enabled/disabled setting the enviroment
variabile MFCHECK in the tcp.rules file.
badmailfrom
badmailto
badhelo This three files contains regex that will be matched against
envelope addresses and the helo to reject mails.
They could be skipped for certains IPs setting the 'empty'
enviroment variables BADMAILFROM, BADMAILTO and NOBADHELO in
the tcp.rules file.
See README.qregex or qmail-smtpd man page for more information.
|
Accepted messsages will log:
mailfrom_ user@domain _to_ localuser@localdomain (if there are multiples recipients only logs the first one...) |
Rejected messages could log:
Bare LFs in SMTP, rejecting (451) envelope sender domain_ user@domain _doesn't exist rejecting (553) mfcheck - DNS temporary failure (451) badhelo_ helo spamhost _at 1.1.1.1, rejecting (553) envelope sender_ user@domain _in my badmailfrom list, rejecting (553) envelope rcptto_ user@domain _in my badmailto list, rejecting (553) envelope rcptto_ user@domain _isn't in my rcpthost, rejecting (553) too many hops, this message is looping (554) message size exceeds my databytes limit (552) qq error - 'qmail-queue error code...' |
If the environment variable QSLOG is set to '1', the log format will change to be more likely qmail-scanner log format:
pid smtpd: the_above_log_messages |
The QSLOG environment variable could also be set using the '-L' option in the tcpserver of ucspi.st-patch, see below for the link.
There is also an ucspi.st-patch, that could be found at:
http://toribio.apollinare.org/qmail/
Salvatore Toribio
20120911