home / articles / cgi

Building a High-Performance Email Host

Email has become a common form of communication in today's world. Setting up a Unix server to ensure timely and reliable mail delivery can take a lot of time. In the good old days, nearly every Unix machine used SENDMAIL as the Mail Transfer Agent (MTA). This program took care of receiving and sending mail to remote hosts using SMTP. However, SENDMAIL has always been very difficult to set up, and always had problems with security holes. Today, however, there are many other protocols in use, including POP3 and IMAP, which nearly every Windows or Mac user uses for email. SENDMAIL alone will not cut it in today's Internet.

As the Network Administrator at UL.net, I've decided to implement an email solution using modern, free software.

From the www.qmail.org homepage: "qmail is a secure, reliable, efficient, simple message transfer agent. It is meant as a replacement for the entire sendmail-binmail system on typical Internet-connected UNIX hosts."

I'm using it to send and receive mail via SMTP. This package provides the foundation upon which I am building reliable email. It also offers a POP3 daemon, so people could use Netscape Communicator, Qualcomm's Eudora or Microsoft's Outlook to send and receive email. However, I found that the Cyrus IMAP server provides more of the features that I need. Cyrus allows users to have a mailbox with a pre-defined quota. In addition to POP3, it also offers IMAP access, so people with cutting-edge email clients, like those mentioned above, can use the mail server to store and organize email. IMAP allows people to create folders on the server and more easily pick up their email from multiple locations (like at work and at home).

Setting up and configuring these packages takes a lot of time. For qmail, I'd suggest reading all of the documentation available at the web site and keep in mind what you want to do. One important feature of qmail is its support for virtual hosts. This way, one machine can receive email for many different domains. For example, qmail can correctly deliver foo@ul.net and foo@fx.org to the correct local mailboxes. A recent edition of Linux Journal (Issue 50) had an article on this. You can also read about this feature at the qmail web site. Qmail also offers a "drop box" for a domain. This is a special default mailbox which receives all email that isn't addressed to a user on the system. In other words, foobar@ul.net, feeble@ul.net, fefifofum@ul.net will all get delivered to a default email box that we can check and sort later.

I use Cyrus IMAP to actually manage each user's mailbox. This way I can easily control the amount of disk space they use. At UL.net, I need to offer mail boxes for people who don't have login accounts. This means that Cyrus can't use the standard /etc/passwd for authentication. Luckily, Cyrus can be configured to use a program called pwcheck for authentication. This program is included in the Cyrus distribution and can be configured to use an alternative authentication strategy. I simply created another passwd-type file and added all the "virtual email users" to it. This also provides a way for normal users on the system to use a different password for their POP3 and IMAP mailbox. As you may know, all passwords for POP3 are sent as plain text, which can be a potential security problem.

To have qmail deliver email into a user's CYRUS mailbox, just put the following line in each user's .qmail file:

  |/usr/cyrus/bin/deliver username

In the near future, I hope to add a CGI/web interface to this whole system. This way, UL.net be able to provide a user-friendly way to add and manage email accounts. When such software becomes available, you'll find a discussion of it here. If you have any questions, send email to me at the address below. Or, stop on by UL.net and take a look around.

Author: Doug Steinwand
Date: [06/23/98]

More articles about CGI
More articles by Doug Steinwand
Author Biography