I tried to set up qmail with tls and smtp auth on freebsd. I have configured my server with SMTP-AUTH so that I can use it to relay messages for me and other authenticated users. I would like qmail to sign the messages that the authenticated users send through my server.
I compiled qmail-tls from ports, checked the smtp-auth and qmailqueue options, then I compiled qmail-dk and selected the SMTP-AUTH patch. I set up my private and public keys, I set up bin/qmail-dk for qmailqueue as described on this page : http://jeremy.kister.net/howto/dk.htm but still not results. It just does not want to add the DomainKeys signature but instead it tries to verify the messages.
After a few minutes of looking over the sources in qmail-dk.c and qmail-smtpd.c I realize that qmail-dk needs RELAYCLIENT set in order to sign the message. The smtp-auth patch for qmail (qmail-smtpd ) only sets the relayclient variable that is required to allow the relay. The qmail-smtpd server sends the message to qmail-queue ( qmail-dk ) but qmail-dk and qmail-smtpd are two different programs so you can't pass an internal variable (relayclient ) from qmail-smtpd to qmail-dk ( qmail queue ) unless you use an environmental variable.
So I just added:
span style="color: #ff0000;">"RELAYCLIENT",relayclient)) die_nomem();
after the authentication has succeeded ( at the same point where relayclient variable was set ) and my problem was fixed.
Here is a complete patch that can be applied after all other qmail-tls patches are applied:
--- qmail-smtpd.c.orig Mon Apr 2 21:13:47 2007 +++ qmail-smtpd.c Tue Apr 3 01:24:03 2007 @@ -970,6 +969,7 @@ remoteinfo = user.s; if (!env_unset("TCPREMOTEINFO")) die_read(); if (!env_put2("TCPREMOTEINFO",remoteinfo)) die_nomem(); + if (!env_put2("RELAYCLIENT",relayclient)) die_nomem(); out("235 ok, go ahead (#2.0.0)rn"); break; case 1:
then just recompile, make install and restart qmail.