29th November, 2005
This article was first published on :www.linux.com
A mail server is an essential part of any organization’s IT infrastructure. Email is one of the most important forms of communication in our connected world, and having a robust mail server is essential. Unfortunately, installing and maintaining a mail server is not the easiest thing in the world. It can be a complex, thankless task, and generally requires a degree of expertise to handle it successfully.
It’s often difficult for small organizations or educational institutions to meet the expense of hiring an expert to set up a mail server. I was recently tasked with with upgrading an aging mail server last month at my university. While I do have some experience with network administration under Linux, and am comfortable with it, I always find it difficult to set up a mail server properly. Mail Transfer Agents (MTAs) are complex to set up on their own, and add to that the difficulty of adding features like spam filtering and anti-virus protection, and it can be really tough.
The old server I was to replace had about 500 accounts on it. Each one of the accounts was an actual user account, with shell access. My mission was as follows:
- Install Qmail.
- Setup a Web-based management interface.
- Setup virtual users/domains.
- Enable effective spam filtering and anti-virus software.
- Migrate all users from the old server to the new server, keeping their passwords and email intact.
The mission itself was not very difficult. The problem was that I had only one weekend to complete the job. My previous attempt at setting up a mail server for a similar load took me four days, and required a week of tweaking after the server came online. This time around, I needed some help.
This is where Qmail Toaster came in. Qmail Toaster is a full-blown mail server distribution for use with most RPM-based Linux distributions. Qmail Toaster is distributed as source RPM’s which require compiling on the host system before installation. This is done to meet licensing requirements set forth by the original creator of qmail, D.J. Bernstein. Unfortunately, only RPM based distros are supported, so if you want to run a Debian-based distro, Qmail Toaster is of no use to you. All the popular RPM based distros are supported though, from Red Hat Enterprise, through Centos, Fedora and Mandriva. The 64-bit versions of Fedora, RHEL and Centos are supported as well.
The last official release of qmail was in 1998, but it continues to be a popular MTA. Due to the age of the Qmail code, the Qmail Toaster project has included many patches to update functionality. In addition it has been integrated with a few other niceties not found with Qmail, such as Web based e-mail and Web based administration. The Qmail Toaster site provides a bundle of ready to use scripts that automate the installation process for Qmail.
Qmail Toaster has many interesting features. Besides the vanilla POP3,SMTP and IMAP access, it supports the higher security POP3-SSL and IMAP-SSL. SMTP roaming is possible through SMTP-AUTH, POP3-AUTH and IMAP-AUTH, so remote access is easy. Qmail Toaster has support for the Sender Policy Framework built in. This provides some protection against phishing and spoof emails. Spam filtering is handled by SpamAssasin and SimScan and viruses and worms are taken care of by a combination of ClamAV and Warlock.
All the users and emails are stored in a MySQL database. This means that a single Qmail Toaster server can handle multiple domains, and there is no security risk associated with shell accounts. A mailing list management program, autoresponder, and web-based email and administration round off the feature list of Qmail Toaster.
So how does the site work? Unlike a standard tutorial site, where you have to painstakingly follow instructions, the Qmail Toaster installation is largely automated. I chose to use CentOS 4.2 for my mailserver, and all that I had to do was install a basic version on the server, and then run the scripts. You can set it up on any other RPM-based distro as well. I chose CentOS becase the Qmail Toaster website provides detailed instructions that make installing it a piece of cake. After the basic OS is installed, and the server is able to access the Internet, the scripts do all the work.
It sounds unbelievable, but it really works. The only user input that is required during installation is setting the MySQL database password, the IP address of the server, and the distribution name. The scripts fetch the necessary source RPM’s from the Qmail Toaster site, build them with the proper system variables, and install them. The speed of the process is of course dependent on the speed of your internet connection and the server itself. On my 3 GHz Pentium 4 machine, with 1 gigabyte of DDR2 RAM, connected to the Internet over a T-1 line, the process took about 25 minutes.
After all the packages were installed, I had to set up a SSL certificate. This is only necessary if you want to use services over SSL, and requires you to type in various commands. The installation guide lists these commands in detail, so you don’t really need to know what you are doing, but just follow it. After this, I had to add the email domain. The entire process, from installing the OS to a fully functional mail server took about 90 minutes.
Once the mail server was ready, the next step was migrating the users from the old mail server. A quick bit of Googling and I found exactly what I was looking for. Detailed instructions on migrating from a Sendmail-based system to qmail. This took another fifteen minutes. And that was it!
Now let me put this all in perspective. The entire installation and migration procedure took only two hours. At the end of this time, I had a modern, fully functional mail server, with a very nice Web-based administration system, spam and virus filtering, and support for virtual users (rather than requiring users to have actual system accounts) and virtual domains. All the user accounts were moved successfully, without the loss of any email or requiring users to change their passwords. The Web-based system even generates graphs of important parameters, such as the number of messages delivered, the amount of spam and viruses filtered, the size of the mail queue, and quite a few more, so you can easily keep track of what’s happening.
My mail server has been running for a month, with only one reboot due to a unrelated update. The virus scanner updates itself, spam filtering is working smoothly, and all the users are extremely pleased with the new system. Administering the system is very easy, and there is extensive online documentation to tackle any problems. This means that after installation, you can hand over administration to someone with no Linux experience, and he’ll be able to handle it.
If you run into problems during the installation or afterwards, you can turn to the Qmail Toastermailing list. The creators of the site respond quickly and politely, and often provide customized scripts for specific cases. The tone of the mailing list is also quite different from the standard RTFM responses. I posted a few queries, and got answers that solved my problems within three hours.
While Qmail Toaster may not be suitable for all environments, it succeeds at what it sets out to do. The installation requires little experience, and the instructions are clear, concise, and easy for even the proverbial first-time user to understand. Yes, experienced server administrators could probably install a better system in half the time, but if you don’t have one of them around, Qmail Toaster is that rare product that just works. No hitches, no glitches, no struggling to understand obscure errors. If you are administering a small business, educational institution, non-governmental organization, or any place where Linux expertise is not available, and funds are limited, Qmail Toaster is for you.