Talks & Presentations
Curriculum Vitae
Open Source Projects
Favorite (IT-)Books
Legal Research Toolbox
Network Security Toolbox
Favorite Movie Quotes
New York, NY

a combined patch for ISP grade qmail installations

Current version:

This is a combined patch. It consists of the following patches:
- netqmail-1.05-tls-smtpauth-20070417.patch
- validrcptto.cdb patch
- big-concurrency.patch
- doublebounce-trim.patch
- big-ext-todo (EXTTODO patch & big-todo patch)
- outgoingips.patch
- dns patch to handle DNS responses larger than 512 bytes

Slight modifications were necessary to make all the patches go together.

Here is a short description of each patch:
- netqmail-1.05-tls-smtpauth (written by Bill Shupp)
  implements SMTP-Auth over TLS (remained unchanged)
- validrcptto.cdb patch (written by John Simpson)
  by verifying RCPT TOs at SMTP time you can dramatically reduce
  backscatter spam; see
- big-concurrency.patch (written by Johannes Erdfelt/SUSE)
  removes the 120 concurrency limit (setting it to 65536)
- doublebounce-trim.patch (written by Charles Cazabon)
  eliminates double bounces if /var/qmail/control/doublebounceto
  exists but contains a blank line
- big-ext-todo (EXTTODO patch & big-todo patch)
  This patch is a combination of two patches that address
  two different performance problems contained in qmail.
  * Andr Oppermann's EXTTODO patch fixes the "silly qmail syndrome"
    see and for some background information
  * the big-todo patch (written by Russell Nelson and updated by Dave Smith)
    modifies qmail-queue and qmail-send to support a hashed directory
    structure for the intd and todo subdirectories just like the
    mess/local/remote/info directories
- Alberto Brealey-Guzman's outgoingips patch allows one to define
  on a per virtual-domain basis the IP to be used by qmail-remote.
  Please see
- Christopher K. Davis' DNS patch handles a problem qmail has with DNS responses
  larger than the standard 512 bytes. Please see and
  for further information.

Changes since
- netqmail-1.05-tls-smtpauth.patch: using the new
  20070417 instead of 20060105 version
- outgoingips patch: was not included in prior releases
- Christopher K. Davis' DNS patch: was not included in prior releases

Apply the patch like this:

tar -xzf netqmail-1.05.tar.gz
cd netqmail-1.05
cd netqmail-1.05
patch < ../../
# set the concurrency limit as needed (1000 might be too high)
vi conf-spawn

make setup check
make cert
make tmprsadh