Qmail with smtp-auth and DomainKeys on FreeBSD

I tried to set up qmail with tls and smtp auth on freebsd. I have configured my server with SMTP-AUTH so that I can use it to relay messages for me and other authenticated users. I would like qmail to sign the messages that the authenticated users send through my server.

I compiled qmail-tls from ports, checked the smtp-auth and qmailqueue options, then I compiled qmail-dk and selected the SMTP-AUTH patch. I set up my private and public keys, I set up bin/qmail-dk for qmailqueue as described on this page : http://jeremy.kister.net/howto/dk.htm but still not results. It just does not want to add the DomainKeys signature but instead it tries to verify the messages.

After a few minutes of looking over the sources in qmail-dk.c and qmail-smtpd.c I realize that qmail-dk needs RELAYCLIENT set in order to sign the message. The smtp-auth patch for qmail (qmail-smtpd ) only sets the relayclient variable that is required to allow the relay. The qmail-smtpd server sends the message to qmail-queue ( qmail-dk ) but qmail-dk and qmail-smtpd are two different programs so you can't pass an internal variable (relayclient ) from qmail-smtpd to qmail-dk ( qmail queue ) unless you use an environmental variable.

So I just added:

  2. if (!env_put2("RELAYCLIENT",relayclient)) die_nomem();

after the authentication has succeeded ( at the same point where relayclient variable was set ) and my problem was fixed.

Here is a complete patch that can be applied after all other qmail-tls patches are applied:

--- qmail-smtpd.c.orig  Mon Apr  2 21:13:47 2007
+++ qmail-smtpd.c       Tue Apr  3 01:24:03 2007
@@ -970,6 +969,7 @@
       remoteinfo = user.s;
       if (!env_unset("TCPREMOTEINFO")) die_read();
       if (!env_put2("TCPREMOTEINFO",remoteinfo)) die_nomem();
+      if (!env_put2("RELAYCLIENT",relayclient)) die_nomem();
       out("235 ok, go ahead (#2.0.0)rn");
     case 1:

then just recompile, make install and restart qmail.

Leave a Reply