relay-ctrl
SMTP Relaying Control for qmail & tcpserver
Bruce Guenter <bruce@untroubled.org>
Version 3.2
2015-05-12

This set of programs controls access to relaying for users that
authenticate using either POP3 using the qmail-popup/qmail-pop3d
or pop3front servers, or IMAP using Courier IMAP.

A mailing list has been set up to discuss this and other packages.
To subscribe, send an email to:
	bgware-subscribe@lists.untroubled.org
A mailing list archive is available at:
	http://lists.untroubled.org/?list=bgware

Development versions of relay-ctrl are available at:
	https://github.com/bruceg/relay-ctrl

Requirements:

- This package depends on bglibs version 2.0 or later.
- You must be using either qmail-popup/qmail-pop3d or pop3front
  with either tcpserver or tcp-env to serve POP3 OR
- You must be using Courier IMAP to serve IMAP.
- You must be using tcpserver with qmail-smtpd or smtpfront to serve
  SMTP.

How to install:

- Check the definitions in the conf-* files.
- Run "make"
- As root, run "make install"

How to configure it for use:

- Make sure the configuration defaults are appropriate for your system.
  See the man pages.

- Create the /var/spool/relay-ctrl/allow directory (or wherever you want
  the files to go).  Set the permissions on /var/spool/relay-ctrl to
  mode 700 (writeable only to root), and /var/spool/relay-ctrl/allow to
  mode 777 (world writeable)

- Create the /etc/relay-ctrl directory (or wherever you want the
  configuration to go)

- Put "/var/spool/relay-ctrl/allow" into the first line of
  "RELAY_CTRL_DIR" in the above configuration directory.

- If you want to have a fixup address (see the qmail FAQ) inserted into
  the RELAYCLIENT setting, put it into the first line of
  "RELAY_CTRL_RELAYCLIENT" in the configuration directory:
  :allow,RELAYCLIENT='@fixup'

- Add the following line to a file in /etc/cron.d.  This assumes a
  recent version of vixie cron.  Other versions of cron may use
  different syntax, and you may need to edit root's crontab.
* * * * * root envdir /etc/relay-ctrl /usr/sbin/relay-ctrl-age
  This step is optional, as relay-ctrl-check will delete and ignore old
  IP files.

- Modify your qmail-smtpd run file from:
	tcpserver ... qmail-smtpd
  to:
  	envdir /etc/relay-ctrl \
	relay-ctrl-chdir \
	tcpserver ... relay-ctrl-check qmail-smtpd

How to use with qmail-pop3d:

- Change your run file from:
  	tcpserver ... qmail-popup hostname checkpassword \
	qmail-pop3d
  to:
  	envdir /etc/relay-ctrl \
	relay-ctrl-chdir \
	tcpserver ... qmail-popup hostname checkpassword \
	relay-ctrl-allow \
	qmail-pop3d

How to use with pop3front

- Change your run file from:
  	tcpserver ... pop3front-auth cvm pop3front-maildir
  to:
  	envdir /etc/relay-ctrl \
	relay-ctrl-chdir \
	tcpserver ... pop3front-auth cvm \
	relay-ctrl-allow \
	pop3front-maildir

How to use with Courier IMAP:

- Make a symlink in /usr/lib/courier-imap/libexec/authlib to
  /usr/sbin/relay-ctrl-allow.

- Insert the command relay-ctrl-allow at the end of the list of
  authentication modules (AUTHMODULES) in
  /usr/lib/courier-imap/etc/imapd.

- You also need to modify the run file to execute
  "envdir /etc/relay-ctrl relay-ctrl-chdir" before starting imaplogin,
  and I'm unsure where this needs to go.  It may also work to put the
  above command string before couriertcpd instead of before imaplogin,
  which is slightly more efficient.

This program is Copyright(C) 1999-2015 Bruce Guenter, and may be copied
according to the GNU GENERAL PUBLIC LICENSE (GPL) Version 2 or a later
version.  A copy of this license is included with this package.  This
package comes with no warranty of any kind.

Index of relay-ctrl