How to set up a qmail POP3 service

A qmail POP3 service handles incomming POP3 connections. It runs qmail-popup under tcpserver, uses a password checker such as checkpassword to do authentication, uses qmail-pop3d to handle POP3 transactions, and uses multilog to store log messages. Both tcpserver and multilog are supervised.

Preparation

Install daemontools 0.70 or above. The following instructions assume that your boot scripts are already running svscan in a /service directory.
Install ucspi-tcp 0.86 or above.
Install and configure qmail 1.03. Installing qmail means creating the /var/qmail directory tree. Configuring qmail means setting up some basic control files in /var/qmail/control, setting up some basic aliases in /var/qmail/alias, and setting up /var/qmail/rc. If you have followed the instructions in INSTALL from the beginning through step 8, you must have done all these things.
Make sure that you have switched to maildir format for mailboxes. The qmail-pop3d program supports maildir format only. If you want to stick to mbox format, this page is probably not for you. The following instructions assume that incoming messages are delivered to each user's $HOME/Maildir.
The following instructions assume that any process is currently not listening on the TCP port 110, the standard POP3 port. If some process is currently listening on the TCP port 110, you have to stop that process or have that process not listen on the port before going any further. Here is a (probably incomplete) check list:
- If you are running inetd and /etc/inetd.conf contains a line that starts with pop3, comment out that line and give inetd a HUP signal. Some systems use pop-3 instead of pop3 as the service name. If you are not sure, see what names are associated with 110/tcp in /etc/services.
- If you are running qmail-pop3d under tcpserver, give that tcpserver a TERM signal and comment out the tcpserver invocation in your system boot scripts.

Setting up the service

You will have to make three decisions:
- The password checker to use for the service, normally /bin/checkpassword from the checkpassword package. If this password checker is not installed, install it now.
- The qmail log account name, normally qmaill. Logging programs run under this account. If this account does not exist, create it now.
- The qmail POP3 service directory, normally /var/qmail/service/pop3d. This is where logs and a few configuration files are stored.

Create the service directory by running the qmail-pop3d-conf program:

          qmail-pop3d-conf /bin/checkpassword qmaill /var/qmail/service/pop3d

Change directory to the service directory:
```
          cd /var/qmail/service/pop3d
```
Add lines to tcp allowing connections from your POP3 clients. For example, if you want to allow connections from 1.2.3.4 and 1.2.3.5, add
```
          1.2.3.4:allow
          1.2.3.5:allow
```
to tcp. You can do this by running the add-client script:
```
          ./add-client 1.2.3.4 1.2.3.5
```
Compile tcp into a binary format for tcpserver:
```
          make
```
(You have to run make in the service directory whenever you update tcp.)
Tell svscan about the new service:
```
          ln -s /var/qmail/service/pop3d /service
```
svscan will start the service within five seconds.

Testing the service

Check the service status:

          svstat /service/pop3d /service/pop3d/log

The output should look something like:

          /service/pop3d: up (pid 6345) 6 seconds
          /service/pop3d/log: up (pid 6347) 6 seconds

Run svstat several times and make sure that the process IDs shown do not change.

Check the log messages:
```
          tail -f /service/pop3d/log/main/current | tai64nlocal
```
The directory /service/pop3d/log/main contains log files to which tcpserver (and possibly its children) stores the log messages. The output should look something like:
```
          tcpserver: status: 0/40
```
Use ps to browse the process tree. It should contain the following portion:
```
          svscan /service
            supervise pop3d
              /usr/local/bin/tcpserver -vDHR -l0 -xtcp.cdb -- 0 110 ...
            supervise log
              multilog t ./main
```
Two new supervise processes should have been added as svscan's children, one for tcpserver (running as root) and the other for multilog (running as qmaill). The process IDs of tcpserver and multilog should match with svstat's output. All these processes should be idle at this time.
Do a POP3 login from your authorized POP3 client host:

          % telnet 127.0.0.1 110
          Trying 127.0.0.1...
          Connected to localhost.
          Escape character is '^]'.
          +OK <pid.timestamp@your.server.host>
          user you
          +OK 
          pass abcd1234
          +OK 
          quit
          +OK 
          Connection closed by foreign host.
          %

(This example assumes that connections from 127.0.0.1 is allowed. Replace you and abcd1234 with your login name and password.)

The log messages show something like:

          tcpserver: status: 1/40
          tcpserver: pid 523 from 127.0.0.1
          tcpserver: ok 523 0:127.0.0.1:110 :127.0.0.1::1025
          tcpserver: end 523 status 256
          tcpserver: status: 0/40