qmail mit TLS 1.3

Leave a reply

qmail variants

s/qmail
qmail-ldap, by André Oppermann (LinkedIn, Xing)
Life With qmail-ldap

freshports.org

qmail
qmail-tls: Secure, reliable, and fast MTA for UNIX systems with TLS support

Repository

https://cgit.freebsd.org/ports/tree/mail/qmail?h=release/12.2.0

FreeBSD 10.2

ZHAW -> tE-Clan Server ==> works
tE-Clan Server -> ZHAW ==> DOESN’T work!! 
$ pkg info netqmail-tls
netqmail-tls-1.06.20110119_1
Name           : netqmail-tls
Version        : 1.06.20110119_1
Installed on   : Fri Dec 11 10:59:23 2015 CET
Origin         : mail/qmail-tls
Architecture   : freebsd:10:x86:64
Prefix         : /var/qmail
Categories     : mail
Licenses       :
Maintainer     : erdgeist@erdgeist.org
WWW            : http://inoa.net/qmail-tls/
Comment        : Secure, reliable, and fast MTA for UNIX systems with TLS support
Options        :
        BIG_CONCURRENCY_PATCH: off
        BIG_TODO_PATCH : on
        BLOCKEXEC_PATCH: on
        DISCBOUNCES_PATCH: off
        DNS_CNAME      : on
        DOCS           : on
        EXTTODO_PATCH  : off
        LOCALTIME_PATCH: off
        MAILDIRQUOTA_PATCH: off
        OUTGOINGIP_PATCH: on
        QEXTRA         : off
        QMTPC_PATCH    : off
        RCDLINK        : off
        SMTP_AUTH_PATCH: off
        SPF_PATCH      : off
        TLS_DEBUG      : off
Annotations    :
Flat size      : 1.06MiB
Description    :
What is is: [excerpt taken from tls patch]

Frederik Vermeulen <qmail-tls at inoa.net> 20021228
http://inoa.net/qmail/qmail-1.03-tls.patch

This patch implements RFC2487 in qmail. This means you can
get SSL or TLS encrypted and authenticated SMTP between
the MTAs and between MTA and an MUA like Netscape4.5 TM.
The code is considered experimental.

WWW: http://inoa.net/qmail-tls/


# tail /var/log/qmail/current | tai64nlocal
2021-07-09 16:13:31.006863500 status: local 1/10 remote 0/20
2021-07-09 16:13:31.020170500 delivery 47043: success: did_0+0+1/
2021-07-09 16:13:31.020288500 status: local 0/10 remote 0/20
2021-07-09 16:13:31.020361500 end msg 963489

2021-07-09 16:37:34.013898500 new msg 963470
2021-07-09 16:37:34.013922500 info msg 963470: bytes 2686 from <XXX> qp 17787 uid 89
2021-07-09 16:37:34.398681500 starting delivery 47044: msg 963470 to remote XXX@hotmail.com
2021-07-09 16:37:34.398686500 status: local 0/10 remote 1/20
2021-07-09 16:37:35.411841500 delivery 47044: deferral: TLS_connect_failed;_connected_to_104.47.73.161./
2021-07-09 16:37:35.411846500 status: local 0/10 remote 0/20

2021-07-09 16:44:15.431323500 starting delivery 47045: msg 963470 to remote XXX@hotmail.com
2021-07-09 16:44:15.431328500 status: local 0/10 remote 1/20
2021-07-09 16:44:15.841424500 delivery 47045: deferral: TLS_connect_failed;_connected_to_104.47.17.161./
2021-07-09 16:44:15.841460500 status: local 0/10 remote 0/20

2021-07-09 17:04:15.098384500 starting delivery 47047: msg 963470 to remote XXX@hotmail.com
2021-07-09 17:04:15.098390500 status: local 0/10 remote 1/20
2021-07-09 17:04:15.289859500 delivery 47047: deferral: TLS_connect_failed;_connected_to_104.47.10.33./
2021-07-09 17:04:15.289889500 status: local 0/10 remote 0/20

[root@ns2 /usr/ports/mail/qmail-tls]# make install

You may use the following build options:

WITH_BIG_CONCURRENCY_PATCH_CONCURRENCY_LIMIT=NUMBER
                                (default NUMBER=)
                                set this to a value reasonable for
                                your system if you use the patch

===>  netqmail-tls-1.06.20110119_1 has known vulnerabilities:
netqmail-tls-1.06.20110119_1 is vulnerable:
qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests
CVE: CVE-2005-1515
CVE: CVE-2005-1514
CVE: CVE-2005-1513
WWW: https://vuxml.FreeBSD.org/freebsd/b495af21-9e10-11ea-9e83-0cc47ac16c9d.html

1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update available.
=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/mail/qmail-tls
*** Error code 1

Stop.
make: stopped in /usr/ports/mail/qmail-tls

.if defined(SLAVE_LDAP)
PATCH_SITES+=   http://www.nrg4u.com/qmail/:ldap
PATCHFILES+=    qmail-ldap-1.03-${LDAP_PATCH_DATE}.patch.gz:ldap
.elif defined(SLAVE_MYSQL)
PATCH_SITES+=   http://iain.cx/unix/qmail/download/:mysql
PATCHFILES+=    netqmail-mysql-${MYSQL_PATCH_VERSION}.patch:mysql
.elif defined(SLAVE_TLS)
PATCH_SITES+=   http://inoa.net/qmail-tls/:tls
TLS_PATCH_NAME= ${QMAIL_PORTNAME}-${QMAIL_VERSION}-tls-${TLS_PATCH_DATE}.patch
PATCHFILES+=    ${TLS_PATCH_NAME}:tls
.endif

PORTNAME=       qmail
PORTVERSION=    ${QMAIL_VERSION}.${TLS_PATCH_DATE}

PKGNAMESUFFIX=  -tls

SLAVE_TLS=      yes
TLS_PATCH_DATE= 20110119

# where pkg_add records its dirty deeds.
PKG_DBDIR?=		/var/db/pkg

AUDITFILE?=		${PKG_DBDIR}/vuln.xml

check-vulnerable:
.if !defined(DISABLE_VULNERABILITIES) && !defined(PACKAGE_BUILDING)
	[...]
			${ECHO_MSG} "===>  ${PKGNAME} has known vulnerabilities:"; \
			${ECHO_MSG} "$$vlist"; \
			${ECHO_MSG} "=> Please update your ports tree and try again."; \
			${ECHO_MSG} "=> Note: Vulnerable ports are marked as such even if there is no update available."; \
			${ECHO_MSG} "=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'"; \

    <topic>qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests</topic>
        <name>netqmail</name>
        <name>netqmail-tls</name>
        <name>netqmail-mysql</name>

Chapter 4. Slow Porting: 4.4. Patching

  1. […]
  2. […]
  3. The patch target is run. First, any patches defined in PATCHFILES are applied. Second, if any patch files named patch-* are found in PATCHDIR (defaults to the files subdirectory), they are applied at this time in alphabetical order.
  4. […]
===>   netqmail-tls-1.06.20200107_4 depends on file: /usr/local/sbin/pkg - found
=> qmail-smtpd-auth-0.31.tar.gz doesn't seem to exist in /usr/ports/distfiles/qmail.
=> Attempting to fetch http://tomclegg.net/qmail/qmail-smtpd-auth-0.31.tar.gz
qmail-smtpd-auth-0.31.tar.gz                  100% of 8798  B   27 MBps 00m00s
=> qmail-smtpd-auth-close3.patch doesn't seem to exist in /usr/ports/distfiles/qmail.
=> Attempting to fetch http://tomclegg.net/qmail/qmail-smtpd-auth-close3.patch
qmail-smtpd-auth-close3.patch                 100% of  520  B 2791 kBps 00m00s
=> auth.patch.diff-tls-20110119 doesn't seem to exist in /usr/ports/distfiles/qmail.
=> Attempting to fetch http://tomclegg.net/qmail/auth.patch.diff-tls-20110119
fetch: http://tomclegg.net/qmail/auth.patch.diff-tls-20110119: Not Found
=> Attempting to fetch http://distcache.FreeBSD.org/local-distfiles/bdrewery/qmail/auth.patch.diff-tls-20110119
auth.patch.diff-tls-20110119                  100% of 3170  B   18 MBps 00m00s
=> netqmail-1.06-tls-20200107.patch doesn't seem to exist in /usr/ports/distfiles/qmail.
=> Attempting to fetch http://inoa.net/qmail-tls/netqmail-1.06-tls-20200107.patch
netqmail-1.06-tls-20200107.patch              100% of   50 kB 3567 kBps 00m00s
===> Fetching all distfiles required by netqmail-tls-1.06.20200107_4 for building
===>  Extracting for netqmail-tls-1.06.20200107_4
=> SHA256 Checksum OK for qmail/netqmail-1.06.tar.gz.
=> SHA256 Checksum OK for qmail/qmail-smtpd-auth-0.31.tar.gz.
=> SHA256 Checksum OK for qmail/qmail-smtpd-auth-close3.patch.
=> SHA256 Checksum OK for qmail/auth.patch.diff-tls-20110119.
=> SHA256 Checksum OK for qmail/qmail-103.patch.
=> No SHA256 checksum recorded for qmail/netqmail-1.06-tls-20200107.patch.
=> No suitable checksum found for qmail/netqmail-1.06-tls-20200107.patch.
=> SHA256 Checksum OK for qmail/qmail-block-executables.patch.
=> SHA256 Checksum OK for qmail/big-todo.103.patch.
=> SHA256 Checksum OK for qmail/outgoingip.patch.
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/mail/qmail-tls
*** Error code 1

Stop.
make: stopped in /usr/ports/mail/qmail-tls

# cd /usr/ports/mail/qmail-tls

# make makesum
===>  Found saved configuration for netqmail-tls-1.06.20200107_4
===>   netqmail-tls-1.06.20200107_4 depends on file: /usr/local/sbin/pkg - found
===> Fetching all distfiles required by netqmail-tls-1.06.20200107_4 for building

# make
===>  Found saved configuration for netqmail-tls-1.06.20200107_4
===>   netqmail-tls-1.06.20200107_4 depends on file: /usr/local/sbin/pkg - found
===> Fetching all distfiles required by netqmail-tls-1.06.20200107_4 for building
===>  Extracting for netqmail-tls-1.06.20200107_4
=> SHA256 Checksum OK for qmail/netqmail-1.06.tar.gz.
=> SHA256 Checksum OK for qmail/qmail-smtpd-auth-0.31.tar.gz.
=> SHA256 Checksum OK for qmail/qmail-smtpd-auth-close3.patch.
=> SHA256 Checksum OK for qmail/auth.patch.diff-tls-20110119.
=> SHA256 Checksum OK for qmail/qmail-103.patch.
=> SHA256 Checksum OK for qmail/netqmail-1.06-tls-20200107.patch.
=> SHA256 Checksum OK for qmail/qmail-block-executables.patch.
=> SHA256 Checksum OK for qmail/big-todo.103.patch.
=> SHA256 Checksum OK for qmail/outgoingip.patch.
===>  Patching for netqmail-tls-1.06.20200107_4
===>  Applying distribution patches for netqmail-tls-1.06.20200107_4
===>  Applying extra patch /usr/ports/mail/qmail-tls/../qmail/files/extra-patch-amd64
===>  Applying extra patch /usr/ports/mail/qmail-tls/../qmail/files/extra-patch-utmpx
===>  Applying extra patch /usr/ports/mail/qmail-tls/../qmail/files/extra-patch-dns-cname
===>  Applying FreeBSD patches for netqmail-tls-1.06.20200107_4
[...]


# ps auxd
- /usr/local/bin/svscan /var/service
|-- supervise pop3d
| `-- /usr/local/bin/tcpserver -vDHR -l0 -c200 -xtcp.cdb -- 0 110 /var/qmail/bin/qmail-popup ns2.te-clan.ch /usr/local/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir
|-- supervise log
| `-- multilog t ./main
|-- supervise smtpd
| `-- /usr/local/bin/tcpserver -vDUHR -lns2.te-clan.ch -c200 -xtcp.cdb -- 0 25 /usr/local/bin/greylite /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   |-- /usr/local/bin/greylite /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   | `-- /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   |-- /usr/local/bin/greylite /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   | `-- /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   |-- /usr/local/bin/greylite /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   | `-- /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   |-- /usr/local/bin/greylite /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   | `-- /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|   `-- /usr/local/bin/greylite /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|     `-- /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /bin/true
|-- supervise log
| `-- multilog t ./main
|-- supervise qmail
| `-- qmail-send
|   |-- /usr/local/bin/multilog t /var/log/qmail qmaill
|   |-- qmail-lspawn ./Maildir/
|   |-- qmail-rspawn
|   `-- qmail-clean
`-- supervise log
  `-- multilog t ./main


# find work -name qmail-remote
work/netqmail-1.06/qmail-remote
work/stage/var/qmail/bin/qmail-remote

# /usr/local/etc/rc.d/svscan stop
Stopping svscan.
Waiting for PIDS: 731.

# cp /usr/ports/mail/qmail-tls/work/stage/var/qmail/bin/qmail-remote /var/qmail/bin/qmail-remote

# /usr/local/etc/rc.d/svscan start

qmail mit TLS

smtp-auth + qmail-tls + forcetls patch for qmail, May 8, 2020
Patching qmail, June 19, 2021
Installing and configuring vpopmail, April 18, 2021
Installing Dovecot and sieve on a vpopmail + qmail server, June 20, 2021

Was ist TLS

SMTP and Transport Layer Security (TLS) [Tutorial]

Microsoft unterstützt TLS 1.0 nicht mehr!

TLS connect failed
SSL/TLS connection issue troubleshooting test tools
Can’t establish a TLS connection to a remote mail server in Exchange Online or Exchange Server
TLS negotiating failed
Office 365 to enforce TLS 1.2 per October 15, 2020
Checking security protocols and ciphers on your Exchange servers
Rehash: How to Fix the SSL/TLS Handshake Failed Error

SSL/TLS connection issue troubleshooting guide
SSL/TLS connection issue troubleshooting test tools

SMTP MTA STS

SMTP MTA STS (Strict Transport Security)
MTA-STS gestaltet Mail-Versand und -Empfang sicherer
STARTTLS: MTA-STS

OpenSSL

E-Mail-Verschlüsselung austesten
When was TLS 1.2 support added to OpenSSL?

# openssl version
OpenSSL 1.0.1p-freebsd 9 Jul 2015

SSL/TLS Client

From ns3.te-clan.ch
$ openssl s_client -host mail.te-clan.ch -port 25 -starttls smtp
CONNECTED(00000003)
ehlo test
depth=0 C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
verify error:num=18:self signed certificate
verify return:1
depth=0 C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
verify return:1
---
Certificate chain
 0 s:C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
   i:C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
issuer=C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 1600 bytes and written 542 bytes
Verification error: self signed certificate
---
New, TLSv1.2, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES256-GCM-SHA384
    Session-ID: [...]
    Session-ID-ctx:
    Master-Key: [...]
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 0b f4 09 ef 02 07 df bc-b9 fa bd d0 f6 21 af 69   .............!.i
    0010 - [...]
    00a0 - ff 5d 6f 73 8d 1b 75 59-bf dd 9b a6 d8 b2 01 71   .]os..uY.......q
    Start Time: 1625840075
    Timeout   : 7200 (sec)
    Verify return code: 18 (self signed certificate)
    Extended master secret: no
---
250 8BITMIME
250-ns2.te-clan.ch250-AUTH LOGIN PLAIN CRAM-MD5
250-PIPELINING
250 8BITMIME
read:errno=0

From ns3.te-clan.ch
$ openssl s_client -host 104.47.74.33 -port 25 -starttls smtp
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
verify return:1
depth=0 C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com
verify return:1
---
Certificate chain
 0 s:C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com
   i:C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
 1 s:C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com

issuer=C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1

---
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Shared Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-384, 384 bits
---
SSL handshake has read 3852 bytes and written 519 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: [...]
    Session-ID-ctx:
    Master-Key: [...]
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1625840474
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
250 SMTPUTF8

From ns2.te-clan.ch
$ openssl s_client -host 104.47.74.33 -port 25 -starttls smtp
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
verify return:1
depth=0 C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=mail.protection.outlook.com
   i:/C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
 1 s:/C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=mail.protection.outlook.com
issuer=/C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
---
No client certificate CA names sent
---
SSL handshake has read 3847 bytes and written 502 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: [...]
    Session-ID-ctx:
    Master-Key: [...]
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1625840680
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
250 SMTPUTF8

OpenSSL Cookbook

Testing Protocols that Upgrade to TLS

When used with HTTP, TLS wraps the entire plain-text communication channel to form HTTPS. Some other protocols start off as plaintext, but then they upgrade to encryption. If you want to test such a protocol, you’ll have to tell OpenSSL which protocol it is so that it can upgrade on your behalf. Provide the protocol information using the -starttls switch. For example:

$ openssl s_client -connect gmail-smtp-in.l.google.com:25 -starttls smtp
At the time of writing, the supported protocols in recent OpenSSL releases are smtp, pop3, imap, ftp, xmpp, xmpp-server, irc, postgres, mysql, lmtp, nntp, sieve, and ldap. There is less choice with OpenSSL 1.0.2g: smtp, pop3, imap, ftp, and xmpp.

Some protocols require the client to provide their names. For example, for SMTP, OpenSSL will use mail.example.com by default, but you can specify the correct value with the -name switch. If you’re testing XMPP, you may need to specify the correct server name; you can do this with the -xmpphost switch.

s/qmail

Linked: Erwin Hoffmann
github.com/wavemechanics/sqmail-port
Installing s/qmail
FreeBSD Port: qmail-spamcontrol-1.03.2731_2

IndiMail

IndiMail is a Secure, Reliable, Efficient Messaging Platform which provides you everything needed in a modern messaging server – ESMTP, IMAP, POP3, QMTP, QMQP and many other features. IndiMail gives you speeds that are faster than most MTAs. The flexibility provided by IndiMail’s authentication methods allow any IMAP/POP3 server to be used with IndiMail. IndiMail is built for speed and flexibility. You can download the source or use the binary RPM generated by openSUSE Build Service.
IndiMail
IndiMail
github.com/mbhangui/indimail-mta

sslscan

github.com/rbsec/sslscan
sslscan Fast SSL port scanner

C:\Users\andreas\Downloads\sslscan-win-2.0.10>sslscan.exe --starttls-smtp mail.xyz.abc:25
Version: 2.0.10 Windows 64-bit (Mingw)
OpenSSL 1.1.1e-dev  xx XXX xxxx

Connected to x.x.x.x

Testing SSL server mail.xyz.abc on port 25 using SNI name mail.xyz.abc

  SSL/TLS Protocols:
SSLv2     enabled
SSLv3     disabled
TLSv1.0   enabled
TLSv1.1   enabled
TLSv1.2   enabled
TLSv1.3   disabled

  TLS Fallback SCSV:
Connection failed - unable to determine TLS Fallback SCSV support

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLSv1.2 not vulnerable to heartbleed
TLSv1.1 not vulnerable to heartbleed
TLSv1.0 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.2  56 bits   TLS_RSA_WITH_DES_CBC_SHA
Preferred TLSv1.1  56 bits   TLS_RSA_WITH_DES_CBC_SHA
Preferred TLSv1.1  56 bits   TLS_DHE_RSA_WITH_DES_CBC_SHA
Preferred TLSv1.0  256 bits  DHE-RSA-AES256-SHA            DHE 1024 bits
Accepted  TLSv1.0  56 bits   TLS_RSA_WITH_DES_CBC_SHA

  SSL Certificate:
Signature Algorithm: sha1WithRSAEncryption
RSA Key Strength:    1024

Subject:  Andreas Bachmann
Issuer:   Andreas Bachmann

Not valid before: Apr 22 11:27:56 2019 GMT
Not valid after:  Apr 20 11:27:56 2024 GMT

FreeBSD Ports: qmail-tls

# make clean
# make rmconfig
# make patch
[...]
===>  Patching for netqmail-tls-1.06.20200107_4
===>  Applying distribution patches for netqmail-tls-1.06.20200107_4
===>  Applying extra patch /usr/ports/mail/qmail-tls/../qmail/files/extra-patch-amd64
===>  Applying extra patch /usr/ports/mail/qmail-tls/../qmail/files/extra-patch-utmpx
===>  Applying extra patch /usr/ports/mail/qmail-tls/../qmail/files/extra-patch-dns-cname
===>  Applying FreeBSD patches for netqmail-tls-1.06.20200107_4 from /usr/ports/mail/qmail-tls/../qmail/files
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- auth.patch.orig    2002-05-10 00:41:20.000000000 -0500
|+++ auth.patch 2014-06-24 14:30:00.122166435 -0500
--------------------------
Patching file auth.patch using Plan A...
Hunk #1 succeeded at 14.
Hunk #2 succeeded at 176.
done
Hmm...  Looks like a new-style context diff to me...
The text leading up to this was:
--------------------------
|*** Makefile.orig      Mon Jun 15 05:53:16 1998
|--- Makefile   Fri May 10 00:31:38 2002
--------------------------
Patching file Makefile using Plan A...
Hunk #1 succeeded at 125 (offset -11 lines).
Hunk #2 succeeded at 1545 (offset 4 lines).
Hunk #3 succeeded at 1548 (offset -9 lines).
Hmm...  The next patch looks like a new-style context diff to me...
The text leading up to this was:
--------------------------
|
|
|*** TARGETS.orig       Mon Jun 15 05:53:16 1998
|--- TARGETS    Fri May 10 00:31:38 2002
--------------------------
Patching file TARGETS using Plan A...
Hunk #1 succeeded at 252 (offset 2 lines).
Hmm...  The next patch looks like a new-style context diff to me...
The text leading up to this was:
--------------------------
|
|
|*** qmail-smtpd.8.orig Mon Jun 15 05:53:16 1998
|--- qmail-smtpd.8      Fri May 10 00:31:38 2002
--------------------------
Patching file qmail-smtpd.8 using Plan A...
Hunk #1 succeeded at 3.
Hunk #2 succeeded at 37 (offset 9 lines).
Hunk #3 succeeded at 256 (offset 52 lines).
Hmm...  The next patch looks like a new-style context diff to me...
The text leading up to this was:
--------------------------
|
|
|*** qmail-smtpd.c.orig Mon Jun 15 05:53:16 1998
|--- qmail-smtpd.c      Fri May 10 00:33:35 2002
--------------------------
Patching file qmail-smtpd.c using Plan A...
Hunk #1 succeeded at 23.
Hunk #2 succeeded at 89 with fuzz 1 (offset 27 lines).
Hunk #3 succeeded at 254 with fuzz 2 (offset -23 lines).
Hunk #4 succeeded at 852 with fuzz 2 (offset 438 lines).
No such line 845 in input file, ignoring
Hunk #5 succeeded at 624 (offset -20 lines).
done
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- qmail-smtpd.c.orig Sat Jan 18 09:13:50 2003
|+++ qmail-smtpd.c      Sat Jan 18 19:51:09 2003
--------------------------
Patching file qmail-smtpd.c using Plan A...
Hunk #1 succeeded at 883 (offset 424 lines).
done

# make
[...]
===>  Staging for netqmail-tls-1.06.20200107_4
===>   Generating temporary packing list
===> Creating groups.
===> Creating users
install  -s -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/dnsfq /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure
install  -s -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/hostname /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure
install  -s -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/dnsip /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure
install  -s -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/ipmeprint /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure
install  -s -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/dnsptr /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure
install  -s -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/install.nostage /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure/install
install  -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/config /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure
install  -m 555 /usr/ports/mail/qmail-tls/work/netqmail-1.06/config-fast /usr/ports/mail/qmail-tls/work/stage/var/qmail/configure
install  -m 555 /usr/ports/mail/qmail-tls/work/home /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/home+df /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/proc /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/proc+df /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/binm1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/binm1+df /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/binm2 /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/binm2+df /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/binm3 /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/binm3+df /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/maildir /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/qmailsmtpd /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 555 /usr/ports/mail/qmail-tls/work/qmailsend /usr/ports/mail/qmail-tls/work/stage/var/qmail/boot
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/forward.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/condredirect.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/bouncesaying.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/except.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/maildirmake.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/maildir2mbox.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/maildirwatch.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/mailsubj.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qreceipt.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qbiff.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/preline.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/tcp-env.1 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man1
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/addresses.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/envelopes.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/maildir.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/mbox.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/dot-qmail.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-control.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-header.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-log.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-users.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/tcp-environ.5 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man5
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/forgeries.7 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man7
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-limits.7 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man7
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail.7 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man7
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-local.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-lspawn.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-getpw.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-remote.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-rspawn.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-clean.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-send.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-start.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/splogger.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-queue.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-inject.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-showctl.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-newmrh.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-newu.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-pw2u.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-qread.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-qstat.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-tcpok.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-tcpto.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-pop3d.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-popup.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-qmqpc.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-qmqpd.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-qmtpd.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-smtpd.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 444 /usr/ports/mail/qmail-tls/work/netqmail-1.06/qmail-command.8 /usr/ports/mail/qmail-tls/work/stage/var/qmail/man/man8
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/BLURB /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/BLURB2 /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/BLURB3 /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/BLURB4 /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INTERNALS /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/SECURITY /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/THOUGHTS /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/FAQ /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/UPGRADE /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/SENDMAIL /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INSTALL /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INSTALL.alias /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INSTALL.ctl /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INSTALL.ids /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INSTALL.maildir /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INSTALL.mbox /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/INSTALL.vsm /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/TEST.deliver /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/TEST.receive /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/REMOVE.sendmail /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/REMOVE.binmail /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.local2alias /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.local2ext /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.local2local /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.local2rem /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.local2virt /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.nullclient /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.relaybad /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.relaygood /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/netqmail-1.06/PIC.rem2local /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/mailer.conf.sample /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 0644 /usr/ports/mail/qmail-tls/work/TLS.readme /usr/ports/mail/qmail-tls/work/stage/var/qmail/doc
install  -m 555 /usr/ports/mail/qmail-tls/../qmail/files/mkaliasdir /usr/ports/mail/qmail-tls/work/stage/var/qmail/scripts
install  -m 555 /usr/ports/mail/qmail-tls/work/enable-qmail /usr/ports/mail/qmail-tls/work/stage/var/qmail/scripts
=============================================

ATTENTION

Add the following line to your /etc/make.conf
QMAIL_SLAVEPORT=tls

=============================================

install  -m 0644 /usr/ports/mail/qmail-tls/work/qmail.conf /usr/ports/mail/qmail-tls/work/stage/usr/local/etc/man.d/qmail.conf
===> Fixing plist for /var/qmail ownership
/bin/rm -f -r /usr/ports/mail/qmail-tls/work/stage/var/qmail/queue/
====> Compressing man pages (compress-man)

# make install
===>  Installing for netqmail-tls-1.06.20200107_4
===>  Checking if netqmail-tls is already installed
===>   Registering installation for netqmail-tls-1.06.20200107_4
pkg-static: Warning: @unexec is deprecated, please use @[pre|post]unexec
pkg-static: Warning: @exec is deprecated, please use @[pre|post][un]exec
Installing netqmail-tls-1.06.20200107_4...
===> Creating groups.
Using existing group 'qmail'.
Using existing group 'qnofiles'.
===> Creating users
Using existing user 'alias'.
===> Creating homedir(s)
Using existing user 'qmaild'.
===> Creating homedir(s)
Using existing user 'qmaill'.
===> Creating homedir(s)
Using existing user 'qmailp'.
===> Creating homedir(s)
Using existing user 'qmailq'.
===> Creating homedir(s)
Using existing user 'qmailr'.
===> Creating homedir(s)
Using existing user 'qmails'.
===> Creating homedir(s)
Your hostname is ns3.te-clan.ch.
hard error
Sorry, I couldn't find your host's canonical name in DNS.
You will have to set up control/me yourself.
        ATTENTION:

Do not forget to read /var/qmail/doc/TLS.readme. After all,
this is NOT our old stock qmail.

You can enable qmail as your default mailer executing:
> /var/qmail/scripts/enable-qmail

==> As you need to provide a working certificate in /var/qmail/control/cert.pem :

# makes a self-signed certificate
3) do "make certificate"

# makes a certificate request
4) do "make certificate-req"

===> SECURITY REPORT:
      This port has installed the following binaries which execute with
      increased privileges.
/var/qmail/bin/qmail-queue

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://inoa.net/qmail-tls/

Leave a Reply

Your email address will not be published. Required fields are marked *