next_inactive up previous


Installation of the Freedom Mail Server

Zero Knowledge System Inc.

November 2000

Abstract:

This document describes the steps to install each mail servers from scratch. There are six different servers in the freedom mail network: IMEP, IMEPB, NMTA, NMTAB, POP and the RELAY. There is also a server, which doesn't have a mail server, but is an nfs server to store the mail. It has the very special name of STORE.


Contents

1. Installing Freedom Mail Servers from RPM Packages

The first thing to do before installing the servers is to make a list of all the freedom mail servers that will be on the network. This is important for the configuration section, as each server needs to know which server it can delegate its messages to.

1.1 Required Packages

To install the Freedom Mail server, you need some required rpm, which are:

To install these packages, as user root, type:

1.2 Freedom Mail Packages

After these packages are installed, any of the mail servers can be installed. The freedom qmail servers all require the freedom-qmail.i386.rpm package to be installed. Then a specific rpm can be installed for each server. They have the name of freedom-qmail-{}.i386.rpm. The {} is the name of the server to be installed.

So to install theses packages, download and issue to following command as user root:

The server is now installed, but not yet ready to work with the rest of the network because it doesn't know about it yet.

1.3 Store

The Store needs to nfs export one or multiple directories. The exported directory needs to be writable by the user alias.

The IMEPB, NMTAB and POP server need to mount this exported directory to the location given in the "/usr/freedom/qmail/control/mailroot". The two have to match. If there are multiple directories exported, the directories need to be mounted as 1,2,...,9,a,b,...,f.

This will enable the servers to deliver incoming messages and to also retrieve them when the nym connects to the POP server.

2. Configuration

The servers needs to be configured to be able to talk to each other and deliver the messages to the recipients of those messages. This section list each server, and each configuration file and what needs to be in these configuration files.2

2.1 Internet Mail Encryption Proxy (IMEP)

The IMEP is the server that receives SMTP messages from internet users. These messages are not encrypted and needs to be before being stored. So the IMEP forward the messages to the IMEPB. The configuration of the system is done by editing the files contained in the /usr/freedom/qmail/control directory. For the IMEP, these are the control files.

2.1.1 Configuration

databytes
The maximum size of a message coming through.
me
The name of the current server.
qmqpservers
The list of ip addresses of IMEPB servers.
rcpthosts
The name of the domains this server accept mail from. It's default is freedom.net. This should be change to have any domain the mail server should process.

2.2 Internet Mail Encryption Proxy Backend

The IMEPB encrypts the messages sent from an internet user to store on the nym's pop box. The configuration of the IMEPB is a little more complicated then the IMEP.

2.2.1 Configuration

concurrencylocal
The concurrencylocal tells qmail how many local messages are processed at the same time. The default is 120, which is the maximum limit.
concurrencyremote
The concurrencyremote tells qmail how many remote messages are processed at the same time. The default is 120, which is the maximum limit.
kqd.host
This is the name of the Key Query server. The default is kqd.freedom.net. This value can be an IP address or a DNS name. It should be a DNS name to allow multiple servers through dns round robin.
kqd.port
The kqd port is the port number on the kqd host where the key queries are done. The default is 51109.
kqd.retry
The number of time the key query will retry before stopping to query for a key. The default is 5.
kqd.timeout
The amount of time the key query will wait before stopping to query for a key. The default is 120.
locals
The locals file contains the domain names for which the imepb will encrypt and deliver mail for. It's default is "freedom.net".
mailmackey
This should contain the shared secret between the nym server and the mail system. This is used to sign the messages going through.
mailroot
This is where the root directory where the nym's account are for this server. The default is "/export/popmail".
me
The name of the current server.
qmqpclients
The list of IP for each IMEP server allowed to send messages to this server.
qmqpservers
The list of IP for each Relay server this server is allowed to send messages to.
quota
The amount of disk space each nym has. This is the system wide quota. Each nym may have a quota file in their respective directory.
In the /usr/freedom/qmail/delivery directory, two configuration files can be found:

imepb
This is the delivery rules that local messages will go through. This check for the mailbox existence and encrypts the message for the recipient and stores it in.
alias-list
This is a sendmail style list of alias that will be looked at for any domain this server accepts local messages for. This will produce the alias-list.cdb file when the compile-alias program is called on it. This is required by the fastfoward program that is within the imepb delivery rules file to handle internal addresses which don't need to be encrypted.

2.3 Nym Mail Transfer Agent

The NMTA looks a lot like the IMEP, except it authenticates the users before accepting any messages. It then forwards the messages to the NMTAB. 

2.3.1 Configuration

databytes
This controls how big a message a nym can send. It currently defaults to 5 Mb with conversion so that a message can be 3 Mb before encryption and conversions.
mailmackey
This should contain the shared secret between the nym server and the mail system. This is used to authenticate the nym.
me
This contains the name of this server.
qmqpservers
This contains the list of IP addresses of the NMTAB this server is allowed to send messages to.
relaymailfrom
This contains the domains of the nyms allowed to send mail through. The default is "@freedom.net". See how the badmailfrom control file works for more information.

2.4 Nym Mail Transfer Agent Backend

The NMTAB has a lot of the same configuration as the IMEPB, except it doesn't have to encrypt messages.

2.4.1 Configuration

concurrencylocal
The concurrencylocal tells qmail how many local messages are processed at the same time. The default is 120, which is the maximum limit.
concurrencyremote
The concurrencyremote tells qmail how many remote messages are processed at the same time. The default is 120, which is the maximum limit.
crosspost-limit
The number of newsgroups a nym can post with a single newsgroup message. Default 5.
locals
The locals file contains the domain names for which the imepb will encrypt and deliver mail for. It's default is "freedom.net"
mailroot
This is where the root directory where the nym's account are for this server. The default is "/export/popmail".
me
This contains the name of this server.
qmqpclients
This contains the list of IP addresses of the NMTA servers that are able to send messages to this server.
qmqpservers
This contains the list of IP addresses of the Relay servers that are willing to accept messages from this server.
quota
The amount of disk space each nym has. This is the system wide quota. Each nym may have a quota file in their respective directory.
sending-limit
This is the default limit for the number of messages a nym can send for a day. The default is 250.
tagline.html
This is the tagline that gets appended to internet recipient's messages when the message contains html content.
tagline.txt
This is the tagline that gets appended to internet recipient's messages when the message contains plain text.
In the /usr/freedom/qmail/delivery directory, the delivery rules for the local messages can be found:

config-blocklist
This delivery rule takes care of adding and removing email addresses from the nym's blocklist.
config-spam-control
This changes the value of the .spam-control file in the nym's directory to on or off.
config-tagline
This changes the value of the .tagline file in the nym's directory to on or off.
mail2news-nmtab
This forwards the newsposting from a nym to the relay, where it will be posted. It first check the number of newsgroup the post is sent to, to the crosspost-limit that is set in the control directory.
nmtab
This is the rules that are followed to deliver mail to a nym.

2.5 Pop

The pop server allows the nym to retrieve its messages. It first authenticated the nym using the mail certificate.

2.5.1 Configuration

mailmackey
The mailmackey shared secret used to authenticate the nym.
mailowner
The user which is the owner of the directories where the messages are stored. Currently set to alias.
mailroot:
This is where the root directory where the nym's account are for this server. The default is "/export/popmail".
me
This contains the name of this server.
qmqpservers
This contains the list of IP addresses of IMEPB servers. This is to send the welcome message when a new nym is created.
welcome-domain
This is the domain that the welcome message has in it.
welcome-message.txt
This is the body of the welcome message that is sent to newly created nyms.

2.6 Relay

The relay sends messages from the freedom mail network to the internet.

2.6.1 Configuration

The relay doesn't have many control files, most of them are for posting newspost, as this is the server that handles it. In the control directory, these files can be found:

locals
This file contains the domain of the freedom mail network with "news." prepended to it.
me
This is the name of this server.
nntp.host
This is the server that accepts newsgroup posts.
nntp.port
This is the port that accepts the nntp connection.
qmqpclients
This is the list of IP addresses of IMEB and NMTAB servers that are allowed to send message to this server.
In the /usr/freedom/qmail/delivery directory, the mail2news-relay delivery rule file is found. This is the rules to follow for the server to post a newsgroup post to the newsgroups.

3. Operation

The operation of the Mail Servers is quite straightforward. The servers are operated on using the startup scripts which have different argument. The command is qmail and its arguments are:

stop
stops mail service (connections refused, nothing goes out)
start
starts mail service (connection accepted, mail can go out)
pause
temporarily stops mail service (connections accepted, nothing leaves)
cont
continues paused mail service
stat
displays status of mail service
cdb
rebuild the tcpserver cdb files
restart
stops and restarts protocol daemons, sends qmail-send a TERM & restarts it
doqueue
sends qmail-send ALRM, scheduling queued messages for delivery
reload
sends qmail-send HUP, rereading locals and virtualdomains
queue
shows status of queue
alrm
same as doqueue
hup
same as reload.

About this document ...

Installation of the Freedom Mail Server

This document was generated using the LaTeX2HTML translator Version 99.2beta8 (1.43)

Copyright © 1993, 1994, 1995, 1996, Nikos Drakos, Computer Based Learning Unit, University of Leeds.
Copyright © 1997, 1998, 1999, Ross Moore, Mathematics Department, Macquarie University, Sydney.

The command line arguments were:
latex2html -no_subdir -split 0 -show_section_numbers Installation_of_the_mail_servers.tex

The translation was initiated by Serge Chevarie-Pelletier on 2000-12-15


next_inactive up previous
Serge Chevarie-Pelletier 2000-12-15