From 2ba22903f8b3219d9e0bd0abdf2e42db9a1ef834 Mon Sep 17 00:00:00 2001
From: Gianni Ceccarelli <dakkar@thenautilus.net>
Date: Sun, 10 May 2009 12:04:57 +0000
Subject: netqmail with outgoingip patch

---
 mail-mta/netqmail/files/1.06-exit.patch           |  18 ++
 mail-mta/netqmail/files/99qmail                   |   4 +
 mail-mta/netqmail/files/conf-common               |  67 ++++++++
 mail-mta/netqmail/files/conf-pop3d                |  29 ++++
 mail-mta/netqmail/files/conf-qmqpd                |  15 ++
 mail-mta/netqmail/files/conf-qmtpd                |  18 ++
 mail-mta/netqmail/files/conf-send                 |   6 +
 mail-mta/netqmail/files/conf-smtpd                |  51 ++++++
 mail-mta/netqmail/files/dot-qmail                 |   3 +
 mail-mta/netqmail/files/mailer.conf               |   6 +
 mail-mta/netqmail/files/mkservercert              |  55 +++++++
 mail-mta/netqmail/files/outgoingip.patch          | 192 ++++++++++++++++++++++
 mail-mta/netqmail/files/qmail-config-system       |  72 ++++++++
 mail-mta/netqmail/files/qmail-genrsacert.sh       |  44 +++++
 mail-mta/netqmail/files/run-qmail-pop3d           |  19 +++
 mail-mta/netqmail/files/run-qmail-pop3d-log       |   7 +
 mail-mta/netqmail/files/run-qmail-qmqpd           |  18 ++
 mail-mta/netqmail/files/run-qmail-qmqpd-log       |   7 +
 mail-mta/netqmail/files/run-qmail-qmtpd           |  18 ++
 mail-mta/netqmail/files/run-qmail-qmtpd-log       |   7 +
 mail-mta/netqmail/files/run-qmail-send            |   6 +
 mail-mta/netqmail/files/run-qmail-send-log        |   7 +
 mail-mta/netqmail/files/run-qmail-smtpd           |  18 ++
 mail-mta/netqmail/files/run-qmail-smtpd-log       |   7 +
 mail-mta/netqmail/files/servercert.cnf            |  35 ++++
 mail-mta/netqmail/files/tcp.pop3.sample           |  12 ++
 mail-mta/netqmail/files/tcp.qmqp.sample           |  14 ++
 mail-mta/netqmail/files/tcp.qmtp.sample           |  23 +++
 mail-mta/netqmail/files/tcp.smtp.sample           |  79 +++++++++
 mail-mta/netqmail/files/tcprules.d-Makefile.qmail |   3 +
 30 files changed, 860 insertions(+)
 create mode 100644 mail-mta/netqmail/files/1.06-exit.patch
 create mode 100644 mail-mta/netqmail/files/99qmail
 create mode 100644 mail-mta/netqmail/files/conf-common
 create mode 100644 mail-mta/netqmail/files/conf-pop3d
 create mode 100644 mail-mta/netqmail/files/conf-qmqpd
 create mode 100644 mail-mta/netqmail/files/conf-qmtpd
 create mode 100644 mail-mta/netqmail/files/conf-send
 create mode 100644 mail-mta/netqmail/files/conf-smtpd
 create mode 100644 mail-mta/netqmail/files/dot-qmail
 create mode 100644 mail-mta/netqmail/files/mailer.conf
 create mode 100644 mail-mta/netqmail/files/mkservercert
 create mode 100644 mail-mta/netqmail/files/outgoingip.patch
 create mode 100644 mail-mta/netqmail/files/qmail-config-system
 create mode 100644 mail-mta/netqmail/files/qmail-genrsacert.sh
 create mode 100644 mail-mta/netqmail/files/run-qmail-pop3d
 create mode 100644 mail-mta/netqmail/files/run-qmail-pop3d-log
 create mode 100644 mail-mta/netqmail/files/run-qmail-qmqpd
 create mode 100644 mail-mta/netqmail/files/run-qmail-qmqpd-log
 create mode 100644 mail-mta/netqmail/files/run-qmail-qmtpd
 create mode 100644 mail-mta/netqmail/files/run-qmail-qmtpd-log
 create mode 100644 mail-mta/netqmail/files/run-qmail-send
 create mode 100644 mail-mta/netqmail/files/run-qmail-send-log
 create mode 100644 mail-mta/netqmail/files/run-qmail-smtpd
 create mode 100644 mail-mta/netqmail/files/run-qmail-smtpd-log
 create mode 100644 mail-mta/netqmail/files/servercert.cnf
 create mode 100644 mail-mta/netqmail/files/tcp.pop3.sample
 create mode 100644 mail-mta/netqmail/files/tcp.qmqp.sample
 create mode 100644 mail-mta/netqmail/files/tcp.qmtp.sample
 create mode 100644 mail-mta/netqmail/files/tcp.smtp.sample
 create mode 100644 mail-mta/netqmail/files/tcprules.d-Makefile.qmail

(limited to 'mail-mta/netqmail/files')

diff --git a/mail-mta/netqmail/files/1.06-exit.patch b/mail-mta/netqmail/files/1.06-exit.patch
new file mode 100644
index 0000000..e0e7dea
--- /dev/null
+++ b/mail-mta/netqmail/files/1.06-exit.patch
@@ -0,0 +1,18 @@
+Index: netqmail-1.06/qmail-pw2u.c
+===================================================================
+--- netqmail-1.06.orig/qmail-pw2u.c
++++ netqmail-1.06/qmail-pw2u.c
+@@ -1,3 +1,4 @@
++#include <unistd.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include "substdio.h"
+Index: netqmail-1.06/qmail-qmtpd.c
+===================================================================
+--- netqmail-1.06.orig/qmail-qmtpd.c
++++ netqmail-1.06/qmail-qmtpd.c
+@@ -1,3 +1,4 @@
++#include <unistd.h>
+ #include "stralloc.h"
+ #include "substdio.h"
+ #include "qmail.h"
diff --git a/mail-mta/netqmail/files/99qmail b/mail-mta/netqmail/files/99qmail
new file mode 100644
index 0000000..d9d929e
--- /dev/null
+++ b/mail-mta/netqmail/files/99qmail
@@ -0,0 +1,4 @@
+PATH="/var/qmail/bin"
+ROOTPATH="/var/qmail/bin"
+CONFIG_PROTECT="/var/qmail/control /var/qmail/alias"
+QMAIL_CONTROLDIR=/var/qmail/control
diff --git a/mail-mta/netqmail/files/conf-common b/mail-mta/netqmail/files/conf-common
new file mode 100644
index 0000000..613193c
--- /dev/null
+++ b/mail-mta/netqmail/files/conf-common
@@ -0,0 +1,67 @@
+#!/bin/bash
+# Common Configuration file for all qmail daemons
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-common,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# Qmail User IDS to run daemons as
+QMAILDUID=$(id -u qmaild)
+NOFILESGID=$(id -g qmaild)
+QMAILLUID=$(id -u qmaill)
+
+# Qmail Control Dir (this is actually set in /etc/env.d/99qmail)
+#QMAIL_CONTROLDIR=/var/qmail/control
+
+# Host and port to listen on
+# We listen on the IPv4 local ip by default
+TCPSERVER_HOST=0.0.0.0
+TCPSERVER_PORT=${SERVICE}
+
+# you do not need to specify -x, -c, -u or -g in this variable as those are
+# added later
+TCPSERVER_OPTS="-p -v"
+
+#  This tells tcpserver where to file the rules cdb file
+[[ -d /etc/tcprules.d/ ]] && \
+	TCPSERVER_RULESCDB=/etc/tcprules.d/tcp.qmail-${SERVICE}.cdb
+[[ ! -f "${TCPSERVER_RULESCDB}" ]] && \
+	TCPSERVER_RULESCDB=/etc/tcp.${SERVICE}.cdb
+
+# we limit data and stack segments to 8mbytes, you may need to raise this if
+# you are using a filter in QMAILQUEUE
+SOFTLIMIT_OPTS="-m 16000000"
+
+# We don't have anything to set QMAILQUEUE to at the moment, so we leave it
+# alone. Generally it is best to add this in your appropriate (usually SMTP)
+# cdb files at /etc/tcprules.d/tcp.qmail-*.cdb instead of on a global basis, as
+# otherwise outgoing mail will be checked (because qmail-queue is used for most
+# parts of qmail). You can also enable this per-server by just placing it into
+# the other configuration files by placing the line there instead. Please note
+# that the export part is important.
+#export QMAILQUEUE=""
+
+# tcpserver maximum concurrency, defaults to 40 in tcpserver
+# this controls the maximum number of incoming connections that it will accept
+if [[ -e ${QMAIL_CONTROLDIR}/concurrencyincoming ]]
+then
+	MAXCONN=$(head -n 1 ${QMAIL_CONTROLDIR}/concurrencyincoming)
+else
+	MAXCONN=40
+fi
+
+# logging directives
+LOG_OPTS="t" # 't' is for timestamp
+LOG_MAXSIZE=2500000 # defalts to '99999' if empty
+LOG_MAXCOUNT=10 # defaults to '10' if empty
+
+# build LOG_OPTS from this
+[[ -n "${LOG_MAXSIZE}" ]] && \
+	LOG_OPTS="${LOG_OPTS} s${LOG_MAXSIZE}"
+[[ -n "${LOG_MAXCOUNT}" ]] && \
+	LOG_OPTS="${LOG_OPTS} n${LOG_MAXCOUNT}"
+
+# directory to log to
+LOG_DEST=/var/log/qmail/qmail-${SERVICE}d
+
+# BIG FAT WARNING:
+# If you disable this by uncommenting it you will turn _off_ the configuration
+# sanity check do so at your own risk!
+#QMAIL_DISABLE_SANITY_CHECK=1
diff --git a/mail-mta/netqmail/files/conf-pop3d b/mail-mta/netqmail/files/conf-pop3d
new file mode 100644
index 0000000..4d9cfdd
--- /dev/null
+++ b/mail-mta/netqmail/files/conf-pop3d
@@ -0,0 +1,29 @@
+# Configuration file for qmail-pop3d
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-pop3d,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# Stuff to run before tcpserver
+#QMAIL_TCPSERVER_PRE=""
+# Stuff to run before the authenticator
+#QMAIL_POP3_PREAUTH=""
+# Stuff to run after the user has authenticated successfully
+#QMAIL_POP3_POSTAUTH=""
+
+# this should contain the FQDN of your server
+# by default it pulls the value from qmail
+# which should be correct
+QMAIL_POP3_POP3HOST="$(<${QMAIL_CONTROLDIR}/me)"
+
+# If you want POP3 before SMTP, and you are using this POP3 daemon
+# uncomment the next two lines
+#QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"
+#QMAIL_POP3_POSTAUTH="${QMAIL_POP3_POSTAUTH} /usr/bin/relay-ctrl-allow"
+
+# This controls what password authentication tool POP3 uses
+# It must support DJB's checkpassword interface (http://cr.yp.to/checkpwd.html)
+QMAIL_POP3_CHECKPASSWORD="/bin/checkpassword"
+# cmd5checkpw only validates passwords from /etc/poppasswd
+#QMAIL_POP3_CHECKPASSWORD="/bin/cmd5checkpw"
+
+# The name of the maildir in each user's directory.
+# This should be the same thing that defaultdelivery points to
+QMAIL_MAILDIR=".maildir"
diff --git a/mail-mta/netqmail/files/conf-qmqpd b/mail-mta/netqmail/files/conf-qmqpd
new file mode 100644
index 0000000..b362241
--- /dev/null
+++ b/mail-mta/netqmail/files/conf-qmqpd
@@ -0,0 +1,15 @@
+# Configuration file for qmail-qmqpd
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmqpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# Stuff to run before tcpserver
+#QMAIL_TCPSERVER_PRE=""
+# Stuff to run qmail-qmqpd
+#QMAIL_QMQP_PRE=""
+# Stuff to after qmail-qmqpd
+#QMAIL_QMQP_POST=""
+
+# this turns off the IDENT grab attempt on connecting
+TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"
+
+# I don't trust /etc/services to have obscure ports
+TCPSERVER_PORT=628
diff --git a/mail-mta/netqmail/files/conf-qmtpd b/mail-mta/netqmail/files/conf-qmtpd
new file mode 100644
index 0000000..7116efc
--- /dev/null
+++ b/mail-mta/netqmail/files/conf-qmtpd
@@ -0,0 +1,18 @@
+# Configuration file for qmail-qmtpd
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmtpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# For more information on making your servers talk QMTP
+# see http://cr.yp.to/im/mxps.html
+
+# Stuff to run before tcpserver
+#QMAIL_TCPSERVER_PRE=""
+# Stuff to run qmail-qmtpd
+#QMAIL_QMTP_PRE=""
+# Stuff to after qmail-qmtpd
+#QMAIL_QMTP_POST=""
+
+# this turns off the IDENT grab attempt on connecting
+TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"
+
+# I don't trust /etc/services to have obscure ports
+TCPSERVER_PORT=209
diff --git a/mail-mta/netqmail/files/conf-send b/mail-mta/netqmail/files/conf-send
new file mode 100644
index 0000000..74b2e8c
--- /dev/null
+++ b/mail-mta/netqmail/files/conf-send
@@ -0,0 +1,6 @@
+# Configuration file for qmail-send
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-send,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# directory to log to
+# override conf-common on this
+LOG_DEST=/var/log/qmail/qmail-send
diff --git a/mail-mta/netqmail/files/conf-smtpd b/mail-mta/netqmail/files/conf-smtpd
new file mode 100644
index 0000000..cfbdad4
--- /dev/null
+++ b/mail-mta/netqmail/files/conf-smtpd
@@ -0,0 +1,51 @@
+# Configuration file for qmail-smtpd
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-smtpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# Stuff to run before tcpserver
+#QMAIL_TCPSERVER_PRE=""
+# Stuff to run qmail-smtpd
+#QMAIL_SMTP_PRE=""
+# Stuff to after qmail-smtpd
+#QMAIL_SMTP_POST=""
+
+# this turns off the IDENT grab attempt on connecting
+TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"
+
+# fixcrio inserts missing CRs at the ends of lines. See:
+# http://cr.yp.to/ucspi-tcp/fixcrio.html
+# http://cr.yp.to/docs/smtplf.html
+# DO NOT enable this when you are using SSL/TLS (USE=ssl)!
+#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} fixcrio"
+
+# You might want to use rblsmtpd with this, but you need to fill in a RBL
+# server here first, see http://cr.yp.to/ucspi-tcp/rblsmtpd.html for more
+# details
+#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r RBL-SERVER"
+
+# If you are interested in providing POP or IMAP before SMTP type relaying,
+# emerge relay-ctrl, then uncomment the next 2 lines
+#QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"
+#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"
+# In /etc/courier-imap/authdaemonrc add the next line to the end:
+#authmodulelist="${authmodulelist} relay-ctrl-allow"
+# Then in /etc/courier-imap/{imapd,imapd-ssl,pop3d,pop3d-ssl}
+# Add this at the end
+#PRERUN="${PRERUN} envdir /etc/relay-ctrl relay-ctrl-chdir"
+
+# This next block is for SMTP-AUTH 
+
+# WARNING: If you've installed qmail with USE=noauthcram, and you want to use
+# the following programs, you proably need to install them.
+
+# Example using cmd5checkpw
+# See the manpage for cmd5checkpw for details on the passwords
+#QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"
+
+# Example for checkpassword-pam (emerge checkpassword-pam)
+# Don't forget to make /usr/bin/checkpassword-pam sticky (see README.auth)
+#QMAIL_SMTP_CHECKPASSWORD="/usr/bin/checkpassword-pam -s system-auth"
+
+[[ -n "${QMAIL_SMTP_CHECKPASSWORD}" ]] && {
+	[[ -z "${QMAIL_SMTP_POST}" ]] && QMAIL_SMTP_POST=/bin/true
+	QMAIL_SMTP_POST="${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"
+}
diff --git a/mail-mta/netqmail/files/dot-qmail b/mail-mta/netqmail/files/dot-qmail
new file mode 100644
index 0000000..81a15fc
--- /dev/null
+++ b/mail-mta/netqmail/files/dot-qmail
@@ -0,0 +1,3 @@
+# Uncomment the next line for .forward support
+#|dot-forward .forward
+./.maildir/
diff --git a/mail-mta/netqmail/files/mailer.conf b/mail-mta/netqmail/files/mailer.conf
new file mode 100644
index 0000000..cd4f4cd
--- /dev/null
+++ b/mail-mta/netqmail/files/mailer.conf
@@ -0,0 +1,6 @@
+# Execute the real programs from qmail
+#
+sendmail	/var/qmail/bin/sendmail
+send-mail	/var/qmail/bin/sendmail
+mailq		/var/qmail/bin/qmail-qread
+newaliases	/var/qmail/bin/newaliases
diff --git a/mail-mta/netqmail/files/mkservercert b/mail-mta/netqmail/files/mkservercert
new file mode 100644
index 0000000..4d74791
--- /dev/null
+++ b/mail-mta/netqmail/files/mkservercert
@@ -0,0 +1,55 @@
+#!/bin/bash
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/mkservercert,v 1.2 2007/05/05 05:16:58 vapier Exp $
+# Self-signed certificate generator for Qmail under Gentoo
+# Robin H. Johnson <robbat2@gentoo.org> - October 17, 2003
+# Based on mkimapdcert from courier-imap.
+
+test -x /usr/bin/openssl || exit 0
+source /etc/init.d/functions.sh || exit 1
+
+filedir="/var/qmail/control"
+pemfile="${filedir}/servercert.pem"
+randfile="${filedir}/servercert.rand"
+conffile="${filedir}/servercert.cnf"
+
+# file details for pemfile
+mode="0640"
+uid="qmaild"
+gid="qmail"
+
+# expire on certifcate
+days="365"
+
+if test -f $pemfile
+then
+	eerror "$pemfile already exists."
+	exit 1
+fi
+
+ewarn "Please customize ${conffile} before continuing!"
+einfo "Press ENTER to continue, or CTRL-C to stop now."
+read
+
+# setup the temp file
+cp /dev/null $pemfile
+chmod 600 $pemfile
+chown root $pemfile
+
+cleanup() {
+	rm -f $pemfile
+	rm -f $randfile
+	exit 1
+}
+
+dd if=/dev/urandom of=${randfile} bs=64 count=1 2>/dev/null
+chmod 600 ${randfile}
+einfo "Creating self-signed certificate"
+/usr/bin/openssl req -new -x509 -days ${days} -nodes \
+	-config ${conffile} -out $pemfile -keyout $pemfile -rand ${randfile} || cleanup
+einfo "Certificate details"
+/usr/bin/openssl x509 -subject -dates -fingerprint -noout -in $pemfile || cleanup
+chown ${uid}:${gid} ${pemfile}
+chmod ${mode} ${pemfile}
+#qmail needs an extra item
+ln -s ${pemfile} ${filedir}/clientcert.pem
+rm -f $randfile
diff --git a/mail-mta/netqmail/files/outgoingip.patch b/mail-mta/netqmail/files/outgoingip.patch
new file mode 100644
index 0000000..af5c082
--- /dev/null
+++ b/mail-mta/netqmail/files/outgoingip.patch
@@ -0,0 +1,192 @@
+From: Sergio Gelato <Sergio.Gelato@astro.su.se>
+To: Andy Repton <pm-outgoingip@boomerangdomains.com>,
+	Russell Nelson <nelson@crynwr.com>
+Subject: Bug in Andy Repton's outgoingip patch for qmail
+Date: Fri, 4 Jul 2003 14:20:43 +0200
+
+I have found a bug in Andy Repton's outgoingip patch for qmail 1.03
+(http://www.qmail.org/outgoingip.patch).
+
+The problem is the call to stralloc_copy(&outgoingip, "0.0.0.0");
+the correct function to use is stralloc_copys().
+
+An updated version of the patch follows. Besides fixing this bug,
+I also added some documentation to the man pages and to qmail-showctl.c.
+
+Best wishes,
+Sergio Gelato
+
+Index: qmail-control.9
+===================================================================
+RCS file: /home/software/CVSREPOS/qmail/qmail-control.9,v
+retrieving revision 1.2
+retrieving revision 1.3
+diff -u -u -r1.2 -r1.3
+--- qmail-control.9	2001/08/14 17:35:30	1.2
++++ qmail-control.9	2003/07/04 09:02:58	1.3
+@@ -57,6 +57,7 @@
+ .I locals	\fIme	\fRqmail-send
+ .I mfcheck	\fR0	\fRqmail-smtpd
+ .I morercpthosts	\fR(none)	\fRqmail-smtpd
++.I outgoingip	\fR0.0.0.0	\fRqmail-remote
+ .I percenthack	\fR(none)	\fRqmail-send
+ .I plusdomain	\fIme	\fRqmail-inject
+ .I qmqpservers	\fR(none)	\fRqmail-qmqpc
+Index: qmail-remote.8
+===================================================================
+RCS file: /home/software/CVSREPOS/qmail/qmail-remote.8,v
+retrieving revision 1.1.1.1
+retrieving revision 1.2
+diff -u -u -r1.1.1.1 -r1.2
+--- qmail-remote.8	2001/05/30 16:55:45	1.1.1.1
++++ qmail-remote.8	2003/07/04 09:02:58	1.2
+@@ -124,6 +124,13 @@
+ .B qmail-remote
+ refuses to run.
+ .TP 5
++.I outgoingip
++IP address to be used on outgoing connections.
++Default: system-defined.
++The value 
++.IR 0.0.0.0 
++is equivalent to the system default.
++.TP 5
+ .I smtproutes
+ Artificial SMTP routes.
+ Each route has the form
+Index: qmail-remote.c
+===================================================================
+RCS file: /home/software/CVSREPOS/qmail/qmail-remote.c,v
+retrieving revision 1.1.1.1
+retrieving revision 1.3
+diff -u -u -r1.1.1.1 -r1.3
+--- qmail-remote.c	2001/05/30 16:55:46	1.1.1.1
++++ qmail-remote.c	2003/07/04 11:38:57	1.3
+@@ -39,6 +39,7 @@
+ static stralloc sauninit = {0};
+ 
+ stralloc helohost = {0};
++stralloc outgoingip = {0};
+ stralloc routes = {0};
+ struct constmap maproutes;
+ stralloc host = {0};
+@@ -47,6 +48,7 @@
+ saa reciplist = {0};
+ 
+ struct ip_address partner;
++struct ip_address outip;
+ 
+ void out(s) char *s; { if (substdio_puts(subfdoutsmall,s) == -1) _exit(0); }
+ void zero() { if (substdio_put(subfdoutsmall,"\0",1) == -1) _exit(0); }
+@@ -56,6 +58,7 @@
+ ch = sa->s[i]; if (ch < 33) ch = '?'; if (ch > 126) ch = '?';
+ if (substdio_put(subfdoutsmall,&ch,1) == -1) _exit(0); } }
+ 
++void temp_noip() { out("Zinvalid ipaddr in control/outgoingip (#4.3.0)\n"); zerodie(); }
+ void temp_nomem() { out("ZOut of memory. (#4.3.0)\n"); zerodie(); }
+ void temp_oserr() { out("Z\
+ System resources temporarily unavailable. (#4.3.0)\n"); zerodie(); }
+@@ -310,6 +313,7 @@
+ 
+ void getcontrols()
+ {
++  int r;
+   if (control_init() == -1) temp_control();
+   if (control_readint(&timeout,"control/timeoutremote") == -1) temp_control();
+   if (control_readint(&timeoutconnect,"control/timeoutconnect") == -1)
+@@ -324,6 +328,12 @@
+     case 1:
+       if (!constmap_init(&maproutes,routes.s,routes.len,1)) temp_nomem(); break;
+   }
++ r = control_readline(&outgoingip,"control/outgoingip");
++ if (-1 == r) { if (errno == error_nomem) temp_nomem(); temp_control(); }
++ if (0 == r && !stralloc_copys(&outgoingip, "0.0.0.0")) temp_nomem();
++ if (str_equal(outgoingip.s, "0.0.0.0"))
++   { outip.d[0]=outip.d[1]=outip.d[2]=outip.d[3]=(unsigned long) 0; }
++ else if (!ip_scan(outgoingip.s, &outip)) temp_noip();
+ }
+ 
+ void main(argc,argv)
+@@ -414,7 +424,7 @@
+     smtpfd = socket(AF_INET,SOCK_STREAM,0);
+     if (smtpfd == -1) temp_oserr();
+  
+-    if (timeoutconn(smtpfd,&ip.ix[i].ip,(unsigned int) port,timeoutconnect) == 0) {
++    if (timeoutconn(smtpfd,&ip.ix[i].ip,&outip,(unsigned int) port,timeoutconnect) == 0) {
+       tcpto_err(&ip.ix[i].ip,0);
+       partner = ip.ix[i].ip;
+       smtp(); /* does not return */
+Index: qmail-showctl.c
+===================================================================
+RCS file: /home/software/CVSREPOS/qmail/qmail-showctl.c,v
+retrieving revision 1.1.1.1
+retrieving revision 1.2
+diff -u -u -r1.1.1.1 -r1.2
+--- qmail-showctl.c	2001/05/30 16:55:46	1.1.1.1
++++ qmail-showctl.c	2003/07/04 11:45:48	1.2
+@@ -230,6 +230,7 @@
+   do_str("localiphost",1,"localiphost","Local IP address becomes ");
+   do_lst("locals","Messages for me are delivered locally.","Messages for "," are delivered locally.");
+   do_str("me",0,"undefined! Uh-oh","My name is ");
++  do_str("outgoingip",0,"0.0.0.0","Outgoing IP address is ");
+   do_lst("percenthack","The percent hack is not allowed.","The percent hack is allowed for user%host@",".");
+   do_str("plusdomain",1,"plusdomain","Plus domain name is ");
+   do_lst("qmqpservers","No QMQP servers.","QMQP server: ",".");
+Index: remoteinfo.c
+===================================================================
+RCS file: /home/software/CVSREPOS/qmail/remoteinfo.c,v
+retrieving revision 1.1.1.1
+retrieving revision 1.2
+diff -u -u -r1.1.1.1 -r1.2
+--- remoteinfo.c	2001/05/30 16:55:47	1.1.1.1
++++ remoteinfo.c	2003/07/03 22:28:50	1.2
+@@ -44,12 +44,12 @@
+   s = socket(AF_INET,SOCK_STREAM,0);
+   if (s == -1) return 0;
+  
+-  byte_zero(&sin,sizeof(sin));
++/*  byte_zero(&sin,sizeof(sin));
+   sin.sin_family = AF_INET;
+   byte_copy(&sin.sin_addr,4,ipl);
+   sin.sin_port = 0;
+-  if (bind(s,(struct sockaddr *) &sin,sizeof(sin)) == -1) { close(s); return 0; }
+-  if (timeoutconn(s,ipr,113,timeout) == -1) { close(s); return 0; }
++  if (bind(s,(struct sockaddr *) &sin,sizeof(sin)) == -1) { close(s); return 0; } */
++  if (timeoutconn(s,ipr,ipl,113,timeout) == -1) { close(s); return 0; }
+   fcntl(s,F_SETFL,fcntl(s,F_GETFL,0) & ~O_NDELAY);
+  
+   len = 0;
+Index: timeoutconn.c
+===================================================================
+RCS file: /home/software/CVSREPOS/qmail/timeoutconn.c,v
+retrieving revision 1.1.1.1
+retrieving revision 1.2
+diff -u -u -r1.1.1.1 -r1.2
+--- timeoutconn.c	2001/05/30 16:55:47	1.1.1.1
++++ timeoutconn.c	2003/07/03 22:28:50	1.2
+@@ -10,9 +10,10 @@
+ #include "byte.h"
+ #include "timeoutconn.h"
+ 
+-int timeoutconn(s,ip,port,timeout)
++int timeoutconn(s,ip,outip,port,timeout)
+ int s;
+ struct ip_address *ip;
++struct ip_address *outip;
+ unsigned int port;
+ int timeout;
+ {
+@@ -22,6 +23,13 @@
+   fd_set wfds;
+   struct timeval tv;
+  
++  /* bind() an outgoing ipaddr */
++  byte_zero(&sin,sizeof(sin));
++  byte_copy(&sin.sin_addr.s_addr,4,outip);
++  sin.sin_family = AF_INET;
++
++  if (-1 == bind(s,(struct sockaddr *) &sin,sizeof(sin))) return -1;
++
+   byte_zero(&sin,sizeof(sin));
+   byte_copy(&sin.sin_addr,4,ip);
+   x = (char *) &sin.sin_port;
diff --git a/mail-mta/netqmail/files/qmail-config-system b/mail-mta/netqmail/files/qmail-config-system
new file mode 100644
index 0000000..345e1d0
--- /dev/null
+++ b/mail-mta/netqmail/files/qmail-config-system
@@ -0,0 +1,72 @@
+#!/bin/bash
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/qmail-config-system,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# This is a configuration system to make using and controlling the interesting
+# parts of the qmail behavior simple. The only variable that needs to be set
+# before running this is $SERVICE.
+
+# this is to inherit QMAIL_CONTROLDIR
+. /etc/profile
+
+# now run
+# grab the common configuration
+[[ -s ${QMAIL_CONTROLDIR}/conf-common ]] && \
+	. ${QMAIL_CONTROLDIR}/conf-common
+
+# grab the per-service configuration
+[[ -s ${QMAIL_CONTROLDIR}/conf-${SERVICE}d ]] && \
+	. ${QMAIL_CONTROLDIR}/conf-${SERVICE}d
+
+# special case for qmail-send
+[[ "${SERVICE}" = send && -s ${QMAIL_CONTROLDIR}/conf-send ]] && \
+	. ${QMAIL_CONTROLDIR}/conf-send
+
+# you may want to disable this at some point, so I give you the choice here
+if [[ -z "${QMAIL_DISABLE_SANITY_CHECK}" ]]
+then
+	# This is intended solely to stop qmail eating up all your hard disk space with logs
+
+	CONFIG_SANITY_GOOD=
+
+	# check simple stuff first
+	if [[ -z "${QMAILDUID}" || -z "${NOFILESGID}" || -z "${SERVICE}" || -z "${QMAILLUID}" ]]
+	then
+		echo "SERVICE(${SERVICE}), QMAILDUID(${QMAILDUID}), NOFILESGID(${NOFILESGID}) or "\
+			"QMAILLUID(${QMAILLUID}) is unset in $0"
+		CONFIG_SANITY_GOOD=0
+	fi
+
+	if [[ -z "${LOG_OPTS}" || -z "${LOG_DEST}" ]]
+	then
+		echo "LOG_OPTS: ${LOG_OPTS}"
+		echo "LOG_DEST: ${LOG_DEST}"
+		echo "Error in logging setup!"
+		CONFIG_SANITY_GOOD=0
+	fi
+
+	if [[ "${SERVICE}" = smtp &&
+		! -f ${QMAIL_CONTROLDIR}/rcpthosts &&
+		-z "${QMAIL_DISABLE_SANITY_CHECK}" ]]
+	then
+		echo "No /var/qmail/control/rcpthosts!"
+		echo "Refusing to start SMTP listener because it'll create an open relay"
+		CONFIG_SANITY_GOOD=0
+	fi
+
+	if [[ "${SERVICE}" != send && ! -f "${TCPSERVER_RULESCDB}" ]]
+	then
+		echo "No CDB file found (${TCPSERVER_RULESCDB})"
+		CONFIG_SANITY_GOOD=0
+	fi
+
+	if [[ -n "${CONFIG_SANITY_GOOD}" ]]
+	then
+		echo "Some error detected in ${SERVICE}, sleeping for 90 seconds for safety"
+		sleep 90s
+		exit 1
+	fi
+else
+    echo "Failed to find sanity checker!"
+    sleep 30s
+    exit 1
+fi
diff --git a/mail-mta/netqmail/files/qmail-genrsacert.sh b/mail-mta/netqmail/files/qmail-genrsacert.sh
new file mode 100644
index 0000000..ec75dcb
--- /dev/null
+++ b/mail-mta/netqmail/files/qmail-genrsacert.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/qmail-genrsacert.sh,v 1.2 2006/05/06 20:15:11 hansmi Exp $
+# Robin H. Johnson <robbat2@gentoo.org> - October 17, 2003
+#
+# This file generates the static temporary RSA keys needed for qmail to encrypt
+# messages. It should be run from a crontab, once a day is ok on low load
+# machines, but if you do lots of mail, once per hour is more reasonable if you
+# do NOT create the rsa512.pem, qmail will generate it on the fly for each
+# connection, which can be VERY slow.
+
+confdir=${ROOT}/var/qmail/control
+
+# the key should be 0600
+# which is readable by qmaild only!
+umaskvalue="0077"
+uid="qmaild"
+gid="qmail"
+
+umask ${umaskvalue}
+
+# If you want to renice this process, uncomment the following line:
+# renice +15 "$$" >/dev/null
+
+# This is a list with bits of the generated keys. They should
+# be a power of 2 ideally and must be more than 64.
+keys="512 1024"
+
+for bits in ${keys}
+do
+	pemfile="${confdir}/rsa${bits}.pem"
+	tmpfile="${confdir}/rsa${bits}.pem.tmp"
+
+	# we need to make sure that all of the operations succeed
+	/usr/bin/openssl genrsa -out ${tmpfile} ${bits} 2>/dev/null && \
+	/bin/chown ${uid}:${gid} ${tmpfile} && \
+	/bin/mv -f ${tmpfile} ${pemfile} || exit 1
+
+	dhfile="${confdir}/dh${bits}.pem"
+	dtmpfile="${confdir}/dh${bits}.pem.tmp"
+
+	/usr/bin/openssl dhparam -2 -out ${dtmpfile} ${bits} 2>/dev/null && \
+	/bin/chown ${uid}:${gid} ${dtmpfile} && \
+	/bin/mv -f ${dtmpfile} ${dhfile} || exit 1
+done
diff --git a/mail-mta/netqmail/files/run-qmail-pop3d b/mail-mta/netqmail/files/run-qmail-pop3d
new file mode 100644
index 0000000..d166e6f
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-pop3d
@@ -0,0 +1,19 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's POP3 daemon
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-pop3d,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# If you need to edit this file, please look at editing conf-smtpd and
+# conf-common first. If you still need to change this file, you should probably
+# file a bug on the bugzilla saying what you wanted to change so that
+# modifications can be made possible via the configuration files.
+
+SERVICE=pop3
+. /var/qmail/bin/qmail-config-system && \
+exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
+    ${QMAIL_TCPSERVER_PRE} \
+    /usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \
+    -c ${MAXCONN} \
+    ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
+    ${QMAIL_POP3_PREAUTH} /var/qmail/bin/qmail-popup ${QMAIL_POP3_POP3HOST} \
+    ${QMAIL_POP3_CHECKPASSWORD} ${QMAIL_POP3_POSTAUTH} \
+    /var/qmail/bin/qmail-pop3d ${QMAIL_MAILDIR} 2>&1
diff --git a/mail-mta/netqmail/files/run-qmail-pop3d-log b/mail-mta/netqmail/files/run-qmail-pop3d-log
new file mode 100644
index 0000000..3befb5b
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-pop3d-log
@@ -0,0 +1,7 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's POP3 daemon (logging)
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-pop3d-log,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+SERVICE=pop3
+. /var/qmail/bin/qmail-config-system && \
+eval exec /usr/bin/setuidgid qmaill /usr/bin/multilog ${LOG_OPTS} ${LOG_DEST}
diff --git a/mail-mta/netqmail/files/run-qmail-qmqpd b/mail-mta/netqmail/files/run-qmail-qmqpd
new file mode 100644
index 0000000..19ff028
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-qmqpd
@@ -0,0 +1,18 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's QMQP daemon
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-qmqpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# If you need to edit this file, please look at editing conf-smtpd and
+# conf-common first. If you still need to change this file, you should probably
+# file a bug on the bugzilla saying what you wanted to change so that
+# modifications can be made possible via the configuration files.
+
+SERVICE=qmqp
+. /var/qmail/bin/qmail-config-system && \
+exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
+    ${QMAIL_TCPSERVER_PRE} \
+    /usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \
+    -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
+    ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
+    ${QMAIL_QMQP_PRE} /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_QMQP_POST} \
+    2>&1
diff --git a/mail-mta/netqmail/files/run-qmail-qmqpd-log b/mail-mta/netqmail/files/run-qmail-qmqpd-log
new file mode 100644
index 0000000..6167d92
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-qmqpd-log
@@ -0,0 +1,7 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's QMQP daemon (logging)
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-qmqpd-log,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+SERVICE=qmqp
+. /var/qmail/bin/qmail-config-system && \
+eval exec /usr/bin/setuidgid qmaill /usr/bin/multilog ${LOG_OPTS} ${LOG_DEST}
diff --git a/mail-mta/netqmail/files/run-qmail-qmtpd b/mail-mta/netqmail/files/run-qmail-qmtpd
new file mode 100644
index 0000000..71c5207
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-qmtpd
@@ -0,0 +1,18 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's QMTP daemon
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-qmtpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# If you need to edit this file, please look at editing conf-smtpd and
+# conf-common first. If you still need to change this file, you should probably
+# file a bug on the bugzilla saying what you wanted to change so that
+# modifications can be made possible via the configuration files.
+
+SERVICE=qmtp
+. /var/qmail/bin/qmail-config-system && \
+exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
+    ${QMAIL_TCPSERVER_PRE} \
+    /usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \
+    -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
+    ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
+    ${QMAIL_QMTP_PRE} /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_QMTP_POST} \
+    2>&1
diff --git a/mail-mta/netqmail/files/run-qmail-qmtpd-log b/mail-mta/netqmail/files/run-qmail-qmtpd-log
new file mode 100644
index 0000000..a8871c2
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-qmtpd-log
@@ -0,0 +1,7 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's QMTP daemon (logging)
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-qmtpd-log,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+SERVICE=qmtp
+. /var/qmail/bin/qmail-config-system && \
+eval exec /usr/bin/setuidgid qmaill /usr/bin/multilog ${LOG_OPTS} ${LOG_DEST}
diff --git a/mail-mta/netqmail/files/run-qmail-send b/mail-mta/netqmail/files/run-qmail-send
new file mode 100644
index 0000000..ccf5797
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-send
@@ -0,0 +1,6 @@
+#!/bin/sh
+# Init script for qmail-send
+# Copied from LWQ
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-send,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+exec env - PATH="/var/qmail/bin:$PATH" \
+	qmail-start "`cat /var/qmail/control/defaultdelivery`"
diff --git a/mail-mta/netqmail/files/run-qmail-send-log b/mail-mta/netqmail/files/run-qmail-send-log
new file mode 100644
index 0000000..d1fa08a
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-send-log
@@ -0,0 +1,7 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's send daemon (logging)
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-send-log,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+SERVICE=send
+. /var/qmail/bin/qmail-config-system && \
+eval exec /usr/bin/setuidgid qmaill /usr/bin/multilog ${LOG_OPTS} ${LOG_DEST}
diff --git a/mail-mta/netqmail/files/run-qmail-smtpd b/mail-mta/netqmail/files/run-qmail-smtpd
new file mode 100644
index 0000000..2be9c8c
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-smtpd
@@ -0,0 +1,18 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's SMTP daemon
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-smtpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+# If you need to edit this file, please look at editing conf-smtpd and
+# conf-common first. If you still need to change this file, you should probably
+# file a bug on the bugzilla saying what you wanted to change so that
+# modifications can be made possible via the configuration files.
+
+SERVICE=smtp
+. /var/qmail/bin/qmail-config-system && \
+exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
+    ${QMAIL_TCPSERVER_PRE} \
+    /usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \
+    -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
+    ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
+    ${QMAIL_SMTP_PRE} /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
+    2>&1
diff --git a/mail-mta/netqmail/files/run-qmail-smtpd-log b/mail-mta/netqmail/files/run-qmail-smtpd-log
new file mode 100644
index 0000000..f45f714
--- /dev/null
+++ b/mail-mta/netqmail/files/run-qmail-smtpd-log
@@ -0,0 +1,7 @@
+#!/bin/bash
+# Gentoo Startup script for qmail's SMTP daemon (logging)
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/run-qmail-smtpd-log,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+
+SERVICE=smtp
+. /var/qmail/bin/qmail-config-system && \
+eval exec /usr/bin/setuidgid qmaill /usr/bin/multilog ${LOG_OPTS} ${LOG_DEST}
diff --git a/mail-mta/netqmail/files/servercert.cnf b/mail-mta/netqmail/files/servercert.cnf
new file mode 100644
index 0000000..735445e
--- /dev/null
+++ b/mail-mta/netqmail/files/servercert.cnf
@@ -0,0 +1,35 @@
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/servercert.cnf,v 1.1 2006/02/12 18:42:33 hansmi Exp $
+# This is the openssl config file to generate keys for qmail
+
+[ req ]
+# you can increase this value, but be aware that it will make things much slower
+# this should be a power of 2!
+default_bits = 1024
+# leave the rest of these alone!
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+# 2-Letter ISO country code
+C=US
+# FULL name of state/province/district
+# NO abbreviations!
+ST=Alabama
+# FULL name of city
+# NO abbreviations!
+L=Mobile
+# Full Name of your organization
+# NO abbreviations!
+O=Foobar Systems
+# Leave this alone unless specifically need to change it!
+OU=Automatically-generated Qmail SMTP SSL key
+# This should be a FQDN that resolves to the IP of your server
+CN=localhost
+# This should be the email address for the administrator of the server
+emailAddress=postmaster@localhost
+
+# Leave this alone!
+[ cert_type ]
+nsCertType = server
diff --git a/mail-mta/netqmail/files/tcp.pop3.sample b/mail-mta/netqmail/files/tcp.pop3.sample
new file mode 100644
index 0000000..d6a0f69
--- /dev/null
+++ b/mail-mta/netqmail/files/tcp.pop3.sample
@@ -0,0 +1,12 @@
+# to update the database after changing this file, run:
+# tcprules /etc/tcprules.d/tcp.qmail-pop3.cdb /etc/tcprules.d/.tcp.qmail-pop3.tmp < /etc/tcprules.d/tcp.qmail-pop3
+
+# For the full documentation on the format of this file,
+# see http://cr.yp.to/ucspi-tcp/tcprules.html
+
+#----------------------------------------------------------------
+
+# Allow any client to connect to us via POP3. If people are abusing POP3 such
+# as denial-of-service on POP3, you can add their IP addresses here to block
+# them out.
+:allow
diff --git a/mail-mta/netqmail/files/tcp.qmqp.sample b/mail-mta/netqmail/files/tcp.qmqp.sample
new file mode 100644
index 0000000..83d715d
--- /dev/null
+++ b/mail-mta/netqmail/files/tcp.qmqp.sample
@@ -0,0 +1,14 @@
+# to update the database after changing this file, run:
+# tcprules /etc/tcprules.d/tcp.qmail-qmqp.cdb /etc/tcprules.d/.tcp.qmail-qmqp.tmp < /etc/tcprules.d/tcp.qmail-qmqp
+
+# For the full documentation on the format of this file,
+# see http://cr.yp.to/ucspi-tcp/tcprules.html
+
+#----------------------------------------------------------------
+
+# QMQP is a bulk protocol and we don't want spam to ever come by it and it is
+# intended to go between a few servers only so we don't trust any default
+# people with it.
+# see /etc/tcprules.d/tcp.qmail-smtp for more info
+
+:deny
diff --git a/mail-mta/netqmail/files/tcp.qmtp.sample b/mail-mta/netqmail/files/tcp.qmtp.sample
new file mode 100644
index 0000000..e8fa4de
--- /dev/null
+++ b/mail-mta/netqmail/files/tcp.qmtp.sample
@@ -0,0 +1,23 @@
+# to update the database after changing this file, run:
+# tcprules /etc/tcprules.d/tcp.qmail-qmtp.cdb /etc/tcprules.d/.tcp.qmail-qmtp.tmp < /etc/tcprules.d/tcp.qmail-qmtp
+
+# For the full documentation on the format of this file,
+# see http://cr.yp.to/ucspi-tcp/tcprules.html
+
+#----------------------------------------------------------------
+
+# We trust QMTP connections just as SMTP by default. See
+# /etc/tcprules.d/tcp.qmail-smtp for more info.
+
+# allow relaying from localhost
+127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""
+
+# everybody else is not allowed to relay, and is subject to RBLSMTPD checks
+:allow
+
+# If you are using qmail-scanner, this line here is the correct one to use
+# instead (comment out the above ':allow' line FIRST) and applies that script
+# to any mail coming in that is not from a host allowed to relay. You can
+# change the value of the variable to any other value you desire to use custom
+# scripts for example.
+#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"
diff --git a/mail-mta/netqmail/files/tcp.smtp.sample b/mail-mta/netqmail/files/tcp.smtp.sample
new file mode 100644
index 0000000..f6d0b16
--- /dev/null
+++ b/mail-mta/netqmail/files/tcp.smtp.sample
@@ -0,0 +1,79 @@
+# to update the database after changing this file, run:
+# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp
+
+# For the full documentation on the format of this file,
+# see http://cr.yp.to/ucspi-tcp/tcprules.html
+
+#-----------------------------------------------------------------
+# Short description of the rules
+
+# If you set 'allow', this means that our mail server will allow the specified
+# IP address range to make a TCP connection to our server.
+
+# If you set 'deny', this means that our mail server will not allow the
+# specified IP address range to make a TCP connection to our server.
+
+# If you set RELAYCLIENT="", this means that the listed IP address range is
+# allowed to relay mail through our server.
+
+# If you don't set RELAYCLIENT="", this means that the listed IP address range
+# will not be able to relay mail through our server.
+
+# If you set RBLSMTPD="", this means that the listed IP address ranges will not
+# be checked against any of the RBL databases.
+
+# If you set RBLSMTPD="some text here", this means that an RBL lookup won't be
+# performed, but the mail will be rejected with the specified text as a 4xx
+# temp error message.
+
+# If you set RBLSMTPD="-some text here", this means that an RBL lookup won't be
+# performed, but the mail will be rejected with the specified text as a 5xx
+# permanent error message.
+
+# If you do not set RBLSMTPD="" or ="some text", then an RBL lookup will be
+# performed. If the lookup is successful, then RBLSMTPD will return your custom
+# error message (as specified in the -r parameter in smtpd supervise script).
+
+#-----------------------------------------------------------------
+# Bypass open relay checking for these IP addresses:
+
+# These IP addresses are ones that we have setup so that they aren't RBL
+# checked. We have done this because these particular servers are RBL listed,
+# and for whatever reason they can't/won't fix their open relay problem, and we
+# still want to be able to receive mail from them.
+
+# reminder text goes here for this entry so we know the story...
+#111.111.111.111:allow,RBLSMTPD=""
+
+#-----------------------------------------------------------------
+# Do not allow these IP addresses to send e-mails to us:
+
+#1.2.3.:allow,RBLSMTPD="-Connections refused due to spam from domain.tld"
+#4.5.6.7:allow,RBLSMTPD="-Connections refused due to spam from domain2.tld"
+#8.9.10.11-100:allow,RBLSMTPD="-Connections from this IP have been banned"
+
+#-----------------------------------------------------------------
+# Allow these IP addresses to relay mail trough our server
+
+# IP addresses from our LAN are allowed to relay, and we won't bother doing any
+# RBL checking.
+#192.168.1.:allow,RELAYCLIENT="",RBLSMTPD=""
+
+# Connections from localhost are allowed to relay (because the Webmail server
+# runs on localhost), and obviously there is no point trying to perform an RBL
+# check.
+127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""
+
+#-----------------------------------------------------------------
+# Allow everyone else to send us e-mails:
+
+# Everyone else can make connections to our server, but not allowed to relay.
+# RBL lookups are performed.
+:allow
+
+# If you are using qmail-scanner, this line here is the correct one to use
+# instead (comment out the above ':allow' line FIRST) and applies that script
+# to any mail coming in that is not from a host allowed to relay. You can
+# change the value of the variable to any other value you desire to use custom
+# scripts for example.
+#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"
diff --git a/mail-mta/netqmail/files/tcprules.d-Makefile.qmail b/mail-mta/netqmail/files/tcprules.d-Makefile.qmail
new file mode 100644
index 0000000..d10be0f
--- /dev/null
+++ b/mail-mta/netqmail/files/tcprules.d-Makefile.qmail
@@ -0,0 +1,3 @@
+QMAIL_CDBS = tcp.qmail-pop3.cdb tcp.qmail-qmqp.cdb tcp.qmail-qmtp.cdb tcp.qmail-smtp.cdb
+CDBS += $(QMAIL_CDBS)
+qmail: $(QMAIL_CDBS)
-- 
cgit v1.2.3