3,250
edits
Changes
From SME Server
Jump to navigationJump to searchCreated page with "=qpsmtpd= qpsmtpd has been a core component of SME Server since SME 7, providing advanced spam fighting capabilities. SME Server 9.2 introduced qpsmtpd..."
=qpsmtpd=
[[Wikipedia:Qpsmtpd|qpsmtpd]] has been a core component of SME Server since SME 7, providing advanced spam fighting capabilities.
SME Server 9.2 introduced qpsmtpd 0.96 with several new capabilities. At the same time, smeserver-qpsmtpd has been updated to provide additional SME Server configuration options.
SME Server 11 will upgrade to qpsmtpd 1.0. At the same time, smeserver-qpsmtpd has been updated providing separate configuration for each running deamons and introducing a third running deamon now covering all usual SMTP ports 25 (qpsmtpd), 587 (new uqpsmtpd) and 465 (sqpsmtpd).
==Upgrade Considerations==
===A-Record DNSBL Services===
: Some DNSBL services - notably b.barracudacentral.org - provide their results using a DNS "A" record instead of a DNS TXT record. The dnsbl plugin requires these services to include a colon (":") in dnsbl_zones - however, SME used to use a colon the server separator in the configuration database. In order to support these A-Record DNSBL services, the separator for RBLList, SBLList, and the new UBLList is now a comma.
: You can now configure b.barracudacentral.org using (note the single quotes):
: <code><nowiki>config setprop qpsmtpd RBLList server1,server2,'b.barracudacentral.org:Blocked - see <http://bbl.barracudacentral.com/q.cgi?ip=%IP%>'</nowiki></code>
===DKIM & DMARC===
: DKIM & DMARC are now supported natively by SME Server. To enable these you will need to configure appropriate DNS records in your public DNS server.
: There are forum reports of problems for users who had DKIM enabled using the DKIM contrib.
===URIBL===
: qpsmtpd now supports URIBL - the ability to block emails that contain known malicious URLs within the body of the email. This service is disabled by default.
: Enable URIBL with the default services using:
<nowiki>config setprop qpsmtpd URIBL enabled
signal-event email-update</nowiki>
: '''Note:''' If your SME server is using high traffic external DNS forwarders like [https://developers.google.com/speed/public-dns/ google] (8.8.8.8 / 8.8.4.4), [https://www.opendns.com/setupguide/ opendns] (208.67.222.222 / 208.67.220.220), or any large ISP's (Cox, Comcast, Verizon), enabling URIBL may block all incoming email. This will only affect you if you have configured a DNS forwarder in server-manager -- a default SME server installation does its own direct DNS lookups and would not be affected unless you receive over 250,000 emails per day.
: Read more at http://uribl.com/refused.shtml
==="Naughty" plugin===
: SME Server is now using the 'naughty' plugin which allows early plugins like dnsbl, earlytalker, etc to indicate that the email should be rejected at a later point in the interaction. This allows the server to log extra information for denied emails. Specifically, emails denied by dnsbl will now show the sender and recipient email addresses in the qpsmtpd log
==Plugins==
Below is a list of all the plugins from /usr/share/qpsmtpd/plugins on a freshly updated SME 9.2 server.
<div style="column-count:2;-moz-column-count:2;-webkit-column-count:2; border:1px solid grey;">
<tt><nowiki>+ New in SME 9.2</nowiki><br>
<nowiki>* Improved or changed in SME 9.2</nowiki><br>
<nowiki>U Unused (by default) in SME Server</nowiki><br>
<nowiki>E Extra / External Configuration Required</nowiki><br>
<nowiki>CW Contrib or Wiki page exists that uses this plugin</nowiki><br>
<nowiki>SM Can be configured using server-manager</nowiki><br>
<nowiki>DB Can be configured using db variables</nowiki><br>
<nowiki>AC Auto-configured by SME Server</nowiki></tt>
</div><br>
<div style="column-count:4;-moz-column-count:4;-webkit-column-count:4">
* [[Qpsmtpd:auth/auth_checkpassword|auth/auth_checkpassword]] (U)
* [[Qpsmtpd:auth/auth_cvm_unix_local|auth/auth_cvm_unix_local]] (AC)
* [[Qpsmtpd:auth/authdeny|auth/authdeny]] (U)
* [[Qpsmtpd:auth/auth_flat_file|auth/auth_flat_file]] (U)
* [[Qpsmtpd:auth/auth_imap|auth/auth_imap]] (U)
* [[Qpsmtpd:auth/auth_ldap_bind|auth/auth_ldap_bind]] (U)
* [[Qpsmtpd:auth/auth_vpopmail|auth/auth_vpopmail]] (U)
* [[Qpsmtpd:auth/auth_vpopmaild|auth/auth_vpopmaild]] (U)
* [[Qpsmtpd:auth/auth_vpopmail_sql|auth/auth_vpopmail_sql]] (U)
* [[Qpsmtpd:autowhitelist_relayrcpt|autowhitelist_relayrcpt]] (U)
* [[Qpsmtpd:badmailfrom|badmailfrom]]
* [[Qpsmtpd:badmailfromto|badmailfromto]] (U)
* [[Qpsmtpd:badrcptto|badrcptto]] (AC)
* [[Qpsmtpd:bcc|bcc]] (U DB)
* [[Qpsmtpd:bogus_bounce|bogus_bounce]] (+ DB)
* [[Qpsmtpd:check_goodrcptto|check_goodrcptto]] (AC)
* [[Qpsmtpd:check_smtp_forward|check_smtp_forward]] (AC)
* [[Qpsmtpd_connection_time|connection_time]] (U CW)
* [[Qpsmtpd:content_log|content_log]] (U)
* [[Qpsmtpd:count_unrecognized_commands|count_unrecognized_commands]] (DB)
* [[Qpsmtpd:denysoft_multi_rcpt|denysoft_multi_rcpt]] (U)
* [[Email#How_do_I_enable_and_configure_a_disclaimer_in_email_messages|disclaimer]] (U DB CW)
* [[Qpsmtpd:dkim|dkim]] (+ DB E)
* [[Qpsmtpd:dkim_sign|dkim_sign]] (+ DB E)
* [[Qpsmtpd:dmarc|dmarc]] (+ DB E)
* [[Email#Real-time_Blackhole_List_.28RBL.29|dnsbl]] (* DB CW)
* [[Qpsmtpd:dns_whitelist_soft|dns_whitelist_soft]] (U)
* [[Qpsmtpd:domainkeys|domainkeys]]
* [[Qpsmtpd:dont_require_anglebrackets|dont_require_anglebrackets]] (U)
* [[Qpsmtpd:dspam|dspam]] (U)
* [[Qpsmtpd_check_earlytalker|earlytalker]] (AC CW)
* [[Qpsmtpd:exe_filter|exe_filter]] (U AC)
* [[Qpsmtpd:fcrdns|fcrdns]] (U)
* [[Qpsmtpd:fix_headers_case|fix_headers_case]] (U CW)
* [[Greylisting|greylisting]] (U CW)
* [[Qpsmtpd:handler|handler]] (U)
* [[Qpsmtpd:headers|headers]] (*)
* [[Qpsmtpd:helo|helo]] (AC)
* [[Qpsmtpd:help|help]] (U)
* [[Qpsmtpd:hosts_allow|hosts_allow]] (AC)
* [[Qpsmtpd:http_config|http_config]] (U)
* [[Qpsmtpd:ident/geoip|ident/geoip]] (U)
* [[Qpsmtpd:ident/p0f|ident/p0f]] (U)
* [[Qpsmtpd:karma|karma]] (+ U DB)
* [[Qpsmtpd:karma_tool|karma_tool]]
* [[Qpsmtpd:loadcheck|loadcheck]] (+)
* [[Qpsmtpd:logging|logging]] (AC)
* [[Qpsmtpd:loop|loop]] (U)
* [[Qpsmtpd:milter|milter]] (U)
* [[Qpsmtpd:naughty|naughty]] (+)
* [[Qpsmtpd:noop_counter|noop_counter]] (U)
* [[Qpsmtpd:parse_addr_withhelo|parse_addr_withhelo]] (U)
* [[Qpsmtpd:peers|peers]] (AC)
* [[Qpsmtpd:per_user_config|per_user_config]] (U CW)
* [[Qpsmtpd:qmail_deliverable|qmail_deliverable]] (U)
* [[Qpsmtpd:queue|queue]] (AC)
* [[Qpsmtpd:quit_fortune|quit_fortune]] (U)
* [[Qpsmtpd:random_error|random_error]] (U)
* [[Qpsmtpd:rcpt_map|rcpt_map]] (U)
* [[Qpsmtpd:rcpt_ok|rcpt_ok]] (AC)
* [[Qpsmtpd:rcpt_regexp|rcpt_regexp]] (U)
* [[Qpsmtpd:registry.txt|registry.txt]] (U)
* [[Qpsmtpd:relay|relay]] (AC)
* [[Qpsmtpd:resolvable_fromhost|resolvable_fromhost]] (AC)
* [[Email#Real-time_Blackhole_List_.28RBL.29|rhsbl]] (* DB CW)
* [[Qpsmtpd:sender_permitted_from|sender_permitted_from]] (+?)
* [[Email#Spamassassin|spamassassin]] (DB SM AC CW)
* [[Qpsmtpd:stunnel|stunnel]] (U)
* [[Qpsmtpd:tls|tls]] (AC)
* [[Qpsmtpd:tls_cert|tls_cert]]
* [[Qpsmtpd:tnef2mime|tnef2mime]] (AC)
* [[Qpsmtpd:uribl|uribl]] (+ DB)
* [[Qpsmtpd:user_config|user_config]] (U)
* [[Virus:Email_Attachment_Blocking|virus]] (DB SM CW)
* [[Qpsmtpd:whitelist|whitelist]] (U?)
</div>
----
[[Category:Mail]][[Category:Qpsmtpd]]
[[Wikipedia:Qpsmtpd|qpsmtpd]] has been a core component of SME Server since SME 7, providing advanced spam fighting capabilities.
SME Server 9.2 introduced qpsmtpd 0.96 with several new capabilities. At the same time, smeserver-qpsmtpd has been updated to provide additional SME Server configuration options.
SME Server 11 will upgrade to qpsmtpd 1.0. At the same time, smeserver-qpsmtpd has been updated providing separate configuration for each running deamons and introducing a third running deamon now covering all usual SMTP ports 25 (qpsmtpd), 587 (new uqpsmtpd) and 465 (sqpsmtpd).
==Upgrade Considerations==
===A-Record DNSBL Services===
: Some DNSBL services - notably b.barracudacentral.org - provide their results using a DNS "A" record instead of a DNS TXT record. The dnsbl plugin requires these services to include a colon (":") in dnsbl_zones - however, SME used to use a colon the server separator in the configuration database. In order to support these A-Record DNSBL services, the separator for RBLList, SBLList, and the new UBLList is now a comma.
: You can now configure b.barracudacentral.org using (note the single quotes):
: <code><nowiki>config setprop qpsmtpd RBLList server1,server2,'b.barracudacentral.org:Blocked - see <http://bbl.barracudacentral.com/q.cgi?ip=%IP%>'</nowiki></code>
===DKIM & DMARC===
: DKIM & DMARC are now supported natively by SME Server. To enable these you will need to configure appropriate DNS records in your public DNS server.
: There are forum reports of problems for users who had DKIM enabled using the DKIM contrib.
===URIBL===
: qpsmtpd now supports URIBL - the ability to block emails that contain known malicious URLs within the body of the email. This service is disabled by default.
: Enable URIBL with the default services using:
<nowiki>config setprop qpsmtpd URIBL enabled
signal-event email-update</nowiki>
: '''Note:''' If your SME server is using high traffic external DNS forwarders like [https://developers.google.com/speed/public-dns/ google] (8.8.8.8 / 8.8.4.4), [https://www.opendns.com/setupguide/ opendns] (208.67.222.222 / 208.67.220.220), or any large ISP's (Cox, Comcast, Verizon), enabling URIBL may block all incoming email. This will only affect you if you have configured a DNS forwarder in server-manager -- a default SME server installation does its own direct DNS lookups and would not be affected unless you receive over 250,000 emails per day.
: Read more at http://uribl.com/refused.shtml
==="Naughty" plugin===
: SME Server is now using the 'naughty' plugin which allows early plugins like dnsbl, earlytalker, etc to indicate that the email should be rejected at a later point in the interaction. This allows the server to log extra information for denied emails. Specifically, emails denied by dnsbl will now show the sender and recipient email addresses in the qpsmtpd log
==Plugins==
Below is a list of all the plugins from /usr/share/qpsmtpd/plugins on a freshly updated SME 9.2 server.
<div style="column-count:2;-moz-column-count:2;-webkit-column-count:2; border:1px solid grey;">
<tt><nowiki>+ New in SME 9.2</nowiki><br>
<nowiki>* Improved or changed in SME 9.2</nowiki><br>
<nowiki>U Unused (by default) in SME Server</nowiki><br>
<nowiki>E Extra / External Configuration Required</nowiki><br>
<nowiki>CW Contrib or Wiki page exists that uses this plugin</nowiki><br>
<nowiki>SM Can be configured using server-manager</nowiki><br>
<nowiki>DB Can be configured using db variables</nowiki><br>
<nowiki>AC Auto-configured by SME Server</nowiki></tt>
</div><br>
<div style="column-count:4;-moz-column-count:4;-webkit-column-count:4">
* [[Qpsmtpd:auth/auth_checkpassword|auth/auth_checkpassword]] (U)
* [[Qpsmtpd:auth/auth_cvm_unix_local|auth/auth_cvm_unix_local]] (AC)
* [[Qpsmtpd:auth/authdeny|auth/authdeny]] (U)
* [[Qpsmtpd:auth/auth_flat_file|auth/auth_flat_file]] (U)
* [[Qpsmtpd:auth/auth_imap|auth/auth_imap]] (U)
* [[Qpsmtpd:auth/auth_ldap_bind|auth/auth_ldap_bind]] (U)
* [[Qpsmtpd:auth/auth_vpopmail|auth/auth_vpopmail]] (U)
* [[Qpsmtpd:auth/auth_vpopmaild|auth/auth_vpopmaild]] (U)
* [[Qpsmtpd:auth/auth_vpopmail_sql|auth/auth_vpopmail_sql]] (U)
* [[Qpsmtpd:autowhitelist_relayrcpt|autowhitelist_relayrcpt]] (U)
* [[Qpsmtpd:badmailfrom|badmailfrom]]
* [[Qpsmtpd:badmailfromto|badmailfromto]] (U)
* [[Qpsmtpd:badrcptto|badrcptto]] (AC)
* [[Qpsmtpd:bcc|bcc]] (U DB)
* [[Qpsmtpd:bogus_bounce|bogus_bounce]] (+ DB)
* [[Qpsmtpd:check_goodrcptto|check_goodrcptto]] (AC)
* [[Qpsmtpd:check_smtp_forward|check_smtp_forward]] (AC)
* [[Qpsmtpd_connection_time|connection_time]] (U CW)
* [[Qpsmtpd:content_log|content_log]] (U)
* [[Qpsmtpd:count_unrecognized_commands|count_unrecognized_commands]] (DB)
* [[Qpsmtpd:denysoft_multi_rcpt|denysoft_multi_rcpt]] (U)
* [[Email#How_do_I_enable_and_configure_a_disclaimer_in_email_messages|disclaimer]] (U DB CW)
* [[Qpsmtpd:dkim|dkim]] (+ DB E)
* [[Qpsmtpd:dkim_sign|dkim_sign]] (+ DB E)
* [[Qpsmtpd:dmarc|dmarc]] (+ DB E)
* [[Email#Real-time_Blackhole_List_.28RBL.29|dnsbl]] (* DB CW)
* [[Qpsmtpd:dns_whitelist_soft|dns_whitelist_soft]] (U)
* [[Qpsmtpd:domainkeys|domainkeys]]
* [[Qpsmtpd:dont_require_anglebrackets|dont_require_anglebrackets]] (U)
* [[Qpsmtpd:dspam|dspam]] (U)
* [[Qpsmtpd_check_earlytalker|earlytalker]] (AC CW)
* [[Qpsmtpd:exe_filter|exe_filter]] (U AC)
* [[Qpsmtpd:fcrdns|fcrdns]] (U)
* [[Qpsmtpd:fix_headers_case|fix_headers_case]] (U CW)
* [[Greylisting|greylisting]] (U CW)
* [[Qpsmtpd:handler|handler]] (U)
* [[Qpsmtpd:headers|headers]] (*)
* [[Qpsmtpd:helo|helo]] (AC)
* [[Qpsmtpd:help|help]] (U)
* [[Qpsmtpd:hosts_allow|hosts_allow]] (AC)
* [[Qpsmtpd:http_config|http_config]] (U)
* [[Qpsmtpd:ident/geoip|ident/geoip]] (U)
* [[Qpsmtpd:ident/p0f|ident/p0f]] (U)
* [[Qpsmtpd:karma|karma]] (+ U DB)
* [[Qpsmtpd:karma_tool|karma_tool]]
* [[Qpsmtpd:loadcheck|loadcheck]] (+)
* [[Qpsmtpd:logging|logging]] (AC)
* [[Qpsmtpd:loop|loop]] (U)
* [[Qpsmtpd:milter|milter]] (U)
* [[Qpsmtpd:naughty|naughty]] (+)
* [[Qpsmtpd:noop_counter|noop_counter]] (U)
* [[Qpsmtpd:parse_addr_withhelo|parse_addr_withhelo]] (U)
* [[Qpsmtpd:peers|peers]] (AC)
* [[Qpsmtpd:per_user_config|per_user_config]] (U CW)
* [[Qpsmtpd:qmail_deliverable|qmail_deliverable]] (U)
* [[Qpsmtpd:queue|queue]] (AC)
* [[Qpsmtpd:quit_fortune|quit_fortune]] (U)
* [[Qpsmtpd:random_error|random_error]] (U)
* [[Qpsmtpd:rcpt_map|rcpt_map]] (U)
* [[Qpsmtpd:rcpt_ok|rcpt_ok]] (AC)
* [[Qpsmtpd:rcpt_regexp|rcpt_regexp]] (U)
* [[Qpsmtpd:registry.txt|registry.txt]] (U)
* [[Qpsmtpd:relay|relay]] (AC)
* [[Qpsmtpd:resolvable_fromhost|resolvable_fromhost]] (AC)
* [[Email#Real-time_Blackhole_List_.28RBL.29|rhsbl]] (* DB CW)
* [[Qpsmtpd:sender_permitted_from|sender_permitted_from]] (+?)
* [[Email#Spamassassin|spamassassin]] (DB SM AC CW)
* [[Qpsmtpd:stunnel|stunnel]] (U)
* [[Qpsmtpd:tls|tls]] (AC)
* [[Qpsmtpd:tls_cert|tls_cert]]
* [[Qpsmtpd:tnef2mime|tnef2mime]] (AC)
* [[Qpsmtpd:uribl|uribl]] (+ DB)
* [[Qpsmtpd:user_config|user_config]] (U)
* [[Virus:Email_Attachment_Blocking|virus]] (DB SM CW)
* [[Qpsmtpd:whitelist|whitelist]] (U?)
</div>
----
[[Category:Mail]][[Category:Qpsmtpd]]
