FreeBSD Step by Step 4.10

ee /root/.bashrc
PS1=”[u@h:w]# “
ee /home/scs/.bashrc
PS1=”[u@h:w]# “
cd /usr/ports/net/cvsup-without-gui
make && make install
cp /usr/share/examples/cvsup/standard-supfile /etc/standard-supfile
cp /usr/share/examples/cvsup/ports-supfile /etc/ports-supfile
cd /etc/
cvsup -g -L 2 standard-supfile -h
cvsup -g -L 2 ports-supfile -h
cd /usr/ports/lang/perl5.8
make && make install
cd /usr/src
make buildworld

# cd /usr/src/sys/i386/conf
# mkdir /root/kernels
# cp GENERIC /root/kernels/MYKERNEL  
# ln -s /root/kernels/MYKERNEL

# /usr/sbin/config MYKERNEL
Change into the build directory. config(8) will print the name of this directory after being run as above.

# cd ../compile/MYKERNEL
For FreeBSD versions prior to 5.0, use the following form instead:

# cd ../../compile/MYKERNEL
Compile the kernel.

# make depend
# make
Install the new kernel.

# make install
cd /usr/src
make installworld
cd /usr/ports/ftp/proftpd
make && make install

or use the FTP in inetd…works well too

ee /etc/inetd.conf

ftp     stream  tcp     nowait  root    /usr/libexec/ftpd       ftpd -l
#ftp    stream  tcp6    nowait  root    /usr/libexec/ftpd       ftpd -l
save changes

ps -ax | grep inetd
kill inetd process and restart it.

cd /usr/ports/www/apache13-modssl
make && make install

Unpack the ucspi-tcp package:

     gunzip ucspi-tcp-0.88.tar
tar -xf ucspi-tcp-0.88.tar
cd ucspi-tcp-0.88

Compile the ucspi-tcp programs:


As root, install the ucspi-tcp programs under /usr/local:

     make setup check

Installation daemontools
Create a /package directory: 
     mkdir -p /package
chmod 1755 /package
cd /package
Download daemontools-0.76.tar.gz into /package. Unpack the daemontools package:
     gunzip daemontools-0.76.tar
tar -xpf daemontools-0.76.tar
rm daemontools-0.76.tar
cd admin/daemontools-0.76
Compile and set up the daemontools programs:

Install Qmail

Now you can unpack the packages.

    cd /usr/local/src
    gunzip netqmail-1.05.tar.gz
    tar xpf netqmail-1.05.tar
    cd netqmail-1.05
    ./  # watch for errors here

    cd ..






There should now be directories called /usr/local/src/netqmail-1.05


Create users and groups
The easiest way to create the necessary users and groups is to create a little script file to do it for you. In the source directory you’ll find a file called INSTALL.ids. It contains the command lines for many platforms, so copying the file to another name and editing that is quick and easy.

    cd /usr/local/src/netqmail-1.05/netqmail-1.05
    ee IDS, paste the following lines below

    pw groupadd nofiles
    pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent
    pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent
    pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent
    pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent
    pw groupadd qmail
    pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent
    pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent
    pw useradd qmails -g qmail -d /var/qmail -s /nonexistent

Then to run it, either use chmod to make it executable or run it with sh:
First method:

    chmod 700 IDS

When the script finishes, all of your users and groups will be created and you can go on to the next section. But what do you do if your system isn’t listed in INSTALL.ids? You’ll have to create them manually. Start by using your favorite editor and editing /etc/group. You need to add the following two lines to the end of the file:


Next, using vipw (most systems have it, if not you’ll need to use your editor again but this time on /etc/passwd) add these lines to the end of the file:


Do the build
Now you can start building qmail. Change to the /usr/local/src/netqmail-1.05/netqmail-1.05 directory and let’s get started:

    cd /usr/local/src/netqmail-1.05/netqmail-1.05

In the Verify Build Environment section, you located your C compiler. If it’s not called cc or the directory it resides in isn’t in your PATH environment variable, you’ll need to edit conf-cc and conf-ld. Say your compiler is gcc, and it’s in your PATH. Simply edit conf-cc and conf-ld and replace “cc” with “gcc”.

Now type the following:

    make setup check

After the build is complete, you’ll need to do your post installation configuration. A couple of scripts are provided to make this job a lot easier. For example, if your domain is and the hostname of your computer is dolphin, your config-fast line would look like this:



Install Qmail


Supervise scripts creation


ee /var/qmail/rc


# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by default

exec env – PATH=”/var/qmail/bin:$PATH”
qmail-start “`cat /var/qmail/control/defaultdelivery`”


ee /var/qmail/bin/qmailctl

Copy from

Create Supervise Script Directories

mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log

Qmail-smtpd Run

ee /var/qmail/supervise/qmail-smtpd/run


QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`

if [ -z “$QMAILDUID” -o -z “$NOFILESGID” -o -z “$MAXSMTPD” -o -z “$LOCAL” ]; then
    echo /var/qmail/supervise/qmail-smtpd/run
    exit 1

if [ ! -f /var/qmail/control/rcpthosts ]; then
    echo “No /var/qmail/control/rcpthosts!”
    echo “Refusing to start SMTP listener because it’ll create an open relay”
    exit 1

exec /usr/local/bin/softlimit -m 2000000
    /usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD”
        -u “$QMAILDUID” -g “$NOFILESGID” 0 smtp /var/qmail/bin/qmail-smtpd 2>&1

Qmail-smtpd run file

ee /var/qmail/supervise/qmail-smtpd/log/run

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd


Qmail-send run file

ee /var/qmail/supervise/qmail-send/run

exec /var/qmail/rc

Qmail-send log run file

ee /var/qmail/supervise/qmail-send/log/run

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail

chmod 755 /var/qmail/rc
chmod 755 /var/qmail/bin/qmailctl
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run

echo ./Maildir/ >/var/qmail/control/defaultdelivery
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
ln -s /var/qmail/bin/qmailctl /usr/bin

mkdir -p /var/log/qmail/smtpd
chown qmaill /var/log/qmail /var/log/qmail/smtpd

echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming

mv /usr/lib/sendmail /usr/lib/sendmail.old
mv /usr/sbin/sendmail /usr/sbin/sendmail.old

chmod 0 /usr/lib/sendmail.old /usr/sbin/sendmail.old

ln -s /var/qmail/bin/sendmail /usr/lib
ln -s /var/qmail/bin/sendmail /usr/sbin

ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon

echo ‘127.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
echo ‘192.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
qmailctl cdb

ee /home/scs/downloads/

Verify your local qmail alias files



This is what my /var/qmail/alias looks like before installing Mailman
lrwxr-xr-x  1 root  qmail  17 May  2 18:55 .qmail-mailer-daemon -> .qmail-postmaster
-rw-r–r–  1 root  qmail   3 May  5 01:21 .qmail-postmaster
-rw-r–r–  1 root  qmail   3 May  5 01:20 .qmail-root

here is what my control files look like in Qmail
[root@lists:/var/qmail/control]# ls -l

-rw-r–r– 1 root qmail 3 May 15 08:42 concurrencyincoming
-rw-r–r– 1 root qmail 11 May 15 08:42 defaultdelivery
-rw-r–r– 1 root qmail 10 May 15 08:25 defaultdomain
-rw-r–r– 1 root qmail 26 May 15 10:17 locals
-rw-r–r– 1 root qmail 16 May 15 08:25 me
-rw-r–r– 1 root qmail 10 May 15 08:25 plusdomain
-rw-r–r– 1 root qmail 26 May 15 10:17 rcpthosts

ee /var/qmail/control/locals

ee /var/qmail/control/me

ee /var/qmail/control/rcpthosts


put the in /usr/local/etc/rc.d/


echo -n “qmail-smtpd, “
QMAILQUEUE=”/var/qmail/bin/” export QMAILQUEUE

chmod 755


reboot server

ee /etc/rc.conf

add this stuff to the rc.conf



ipfilter_program=”/sbin/ipf -Fa -f”
ipmon_flags=”-Dn /var/log/firewall_logs”


install spamassassin from ports

if you get an error about not right version of perl type
use.perl port

cd /usr/ports/mail/p5-Mail-SpamAssassin


install clamav .80

gunzip clamav.80.tar.gz

tar xpf clamav.80.tar

cd clamav.0.80

add group and user clamav //might have to use /stand/sysinstall
groupadd clamav
useradd -g clamav -s /bin/false -c “Clam AntiVirus” clamav



make install


Getting ready for Qmail-Scanner

Install db3 from ports collection
cd /usr/ports/databases/db3
make && make install

Install tnef-1.1 from the ports collection.
cd /usr/ports/converters/tnef
make && make install 

Install unzip from the ports collection.
cd /usr/ports/archivers/unzip
make && make install

Install maildrop from ports
cd /usr/ports/mail/maildrop
make && make install


Download Perl module Time::HiRes from
tar xzvf Time-HiRes-01.20.tar.gz
cd Time-HiRes-01.20
perl Makefile.PL
make test
su –
cd /Time-HiRes-01.20
make install 

Download Perl module DB_File from
tar xzvf DB_File-1.801.tar.gz
cd DB_File-1.801
perl Makefile.PL
*use.perl system*
make test
cd /DB_File-1.801
make install 


use.perl port

reboot server

add user and group qscand using /stand/sysinstall (ok whatever i don’t remember the command line, when you only build two servers a user the gui is nice!)

Download qmail-scanner-1.20

put in /home/scs/downloads/qmail-scanner

gunzip – qmail-scanner.1.22.tgz
tar xvf qmail-scanner.1.22.tar
chown root /usr/bin/suidperl
chmod 4711 /usr/bin/suidperl
./configure –admin scs –domain –notify admin –local-domains –log-details yes,syslog –add-dscr-hdrs yes –scanners auto –debug no –unzip yes –install

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s