Vista elenco

Ricevuto — 21 Maggio 2026

Installazione di Dovecot e sieve su qmail + vpopmail

✇notes.sagredo.eu
6 Giugno 2026 ore 13:31

Changelog

  • May 14, 2026
    - dovecot 2.4.3 released. Changed dovecot_config_version and dovecot_storage_version in dovecot.conf
    - the new version has lua as a dependency. Added --without-lua at configure command
  • Feb 25, 2026
    - Added Server Name Indication (SNI) settings in sni.conf.template, imported from local.conf commit
    - userdb iterate query nor orders by domain and username commit
    - 15-mailboxes.conf: fts_autoindex = no added to Trash and Junk folders commit
    - 10-auth.conf: + character added to auth_username_chars commit
  • Nov 24, 2025
    - dropped 'enforce = no' from 90-quota.conf to enforce quota limits (commit)
  • Nov 22, 2025
    - quota driver switched to 'count' (commit). 'count' is the recommended way of calculating quota on recent Dovecot installations.
  • Oct 30, 2025
    - dovecot ugraded to v. 2.4.2
  • Mar 29, 2025
    - dovecot updated to v. 2.4.1-4
  • Mar 15, 2025 (config version 2.4.0.1 diff
    - Added quota warnings feature. Improved quota configuration in 90-quota.conf (more info here)
    - Configured auth-master.conf.ext and auth-deny.conf.ext. To be included from local.conf
  • Mar 9, 2025
    - fixed quota calculation in sql queries (tx Hakan Cakiroglu)
  • Feb 22, 2025
    - Bug fix in 90-sieve.conf: global script to move spam into Junk now working
    - Bug fix in move-spam.sieve: erroneously matches "YES" if "BAYES" is in the header
  • Feb 15, 2025
    - added support for vpopmail configured with --disable-many-domains
    - 90-sieve.conf: global script move-spam.sieve called correctly
  • Feb 8, 2025
    - dovecot_postlogin.sh: query changed in order to add new records as well (tx Bai Borko)
    - bug fix: pop3 service was executing imap instead of pop3 (tx Gabriel Torres)
  • Jan 29, 2025
    - dovecot upgraded to v 2.4.0. Old configuration files are not valid anymore and you have to install dovecot from scratch.
  • Nov 15, 2024
    - added a postlogin script to update the vpopmail.lastauth SQL table on login (see 10-master.conf, thanks kengheng)
  • Dec 29, 2023
    default_pass_scheme = SHA512-CRYPT (was MD5-CRYPT) in dovecot-sql.conf.ext, as vpopmail-5.6.x has now SHA512-CRYPT password by default
  • Feb 10, 2023
    - added a patch to restore the old vpopmail-auth driver (tx Ali Erturk TURKER)

Configurazione di DKIM per qmail

✇notes.sagredo.eu
21 Maggio 2026 ore 04:31

Questa pagina riguarda la patch DKIM inclusa nella mia patch combinata (maggiori informazioni qui). Questo argomento è avanzato ed è consigliabile tornare qui alla fine del tutto.

DKIM fornisce un metodo per validare l'identità di un nome a dominio associato a un messaggio con una autenticazione crittografata. La tecnica di validazione è basata sulla crittografia di una chiave pubblica: Il server che invia l'email aggiunge il nome a dominio al messaggio e vi affigge una firma digitale. Questa chiave è posta nell'intestazione DKIM-Signature: del messaggio. Colui che riceve il messaggio può controllare la validità della chiave pubblica leggendo un record TXT del DNS del dominio associato al messaggio.

Sei invitato a dare un'occhiata alle pagine man a partire da qmail-dkim(8) e spawn-filter(8).

Changelog

  • Jan 29, 2026
    - Bug fix for verifying multiple DKIM signatures (second one always failed due to a DNS lookup bug). tx Andreas Gerstlauer
  • Jul 10, 2025
    added ERROR_FD=2 in control/filterargs to send error output of qmail-dkim in stderr when acting as a qmail-remote filter (Andreas Gerstlauer)
  • Feb 12, 2024
    - v. 1.48: fixed minor bug using filterargs for local deliveries (commit)
  • Feb 6, 2024
    -DKIM patch upgraded to v. 1.47
    * fixed a bug which was preventing filterargs' wildcards to work properly on sender domain
  • Jan 11, 2024
    - version 1.46
    * dk-filter.sh has been dropped. If signing at qmail-remote level, before upgrading, you have to review the configuration as explained below.
    * The variables USE_FROM, USE_SENDER and DKIMDOMAIN have been dropped
    * when signing at qmail-remote level qmail-dkim now has to be called directly by spawn-filter in the rc file. man spawn-filter for more info
    * In case of bounces the signature will be automatically based on the from: field. This will solve issues of DMARC reject by google in case of sieve/vacation bounces.
    * In case of ordinary bounces (mailbox not found, for instance) the bounce domain will be taken from control/bouncehost and, if doesn't exist, from control/me
  • Jan 4, 2024
    - patch upgraded to v. 1.44
    * fixed an issue with filterargs where spawn-filter is trying to execute remote:env xxxxx.... dk-filter. This issue happens when FILTERARGS environment variable is not defined in the qmail-send rc script.
    * dkim.c fix: https://notes.sagredo.eu/en/qmail-notes-185/configuring-dkim-for-qmail-92.html#comment3668 
    * adjustments fo dk-filter and dknewkey man pages
  • Nov 20, 2023
    * The patch now by default excludes X-Arc-Authentication-Results
    * dkim can additionally use the environment variable EXCLUDE_DKIMSIGN to include colon separated list of headers to be excluded from signing (just like qmail-dkim). If -X option is used with dk-filter, it overrides the value of EXCLUDE_DKIMSIGN.
  • Feb 19, 2023 (v. 1.37 upgrade)
    - ed25519 support​ (RFC 8463)
    - multiple signatures/selectors via the enhanced control/dkimkeys or DKIMSIGNDKIMSIGNEXTRADKIMSIGNOPTIONS  DKIMSIGNOPTIONSEXTRA variables
    - domainkey script replaced by dknewkey in order to create ed25519 keys and rsa keys with 1024/2048/4096 bit
    - dropped yahoo's domainkeys support (no longer need the libdomainkeys.a library)
    - man pages revised and enhanced
    - domainkeys directory moved to /var/qmail/control/domainkeys
    - the documentation in this page has been revised. You can find how to sign with the rsa key together with the ed25519 key below.

❌