SSL Installation on Qmail
Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts. As of October 2001, qmail is the second most common SMTP server on the Internet and has by far the fastest growth of any SMTP server.
Secure: Security isn’t just a goal but an absolute requirement. Mail delivery is critical for users; it cannot be turned off, so it must be completely secure.
Reliable: qmail’s straight-paper-path philosophy guarantees that a message will never be lost once accepted into the system. Qmail also optionally supports maildir, a new, super-reliable user mailbox format.
Efficient: On a Pentium under BSD/OS, qmail can easily sustain 200000 local messages per day—that’s separate messages injected and delivered to mailboxes in a real test! Although the slowness of DNS and SMTP inherently limits remote deliveries, qmail overlaps 20 simultaneous deliveries by default, so it zooms quickly through mailing lists.
Simple: qmail is vastly smaller than any other Internet MTA.
Replacement for Sendmail: qmail supports host and user masquerading, full host hiding, virtual domains, null clients, list-owner rewriting, relay control, double-bounce recording, arbitrary RFC 822 address lists, cross-host mailing list loop detection, per-recipient checkpointing, downed host backoffs, independent message retry schedules, etc. qmail also includes a drop-in “sendmail” wrapper so that it will be used transparently by your current UAs.
SSL installation:
- Download your certificate files from your DigiCert Customer Account.
- Create a combined .pem certificate file.
Once you have downloaded your certificate files from your DigiCert Web-PKI Customer Account, gather your new certificate files and the private key you generated when you created your CSR. Open a text editor and paste the contents of each key/certificate one after another in the following order:
- The Private Key (your_domain_name.key)
- The Primary Certificate (your_domain_name.crt)
- The Intermediate Certificate (DigiCertCA.crt)
- The Root Certificate (TrustedRoot.crt)
- Make sure that you include the beginning and end tags on each SSL Certificate. The result should look like this:—–BEGIN RSA PRIVATE KEY—–
(Your Private Key: your_domain_name.key)
—–END RSA PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate: your_domain_name.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate: DigiCertCA.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Root certificate: TrustedRoot.crt)
—–END CERTIFICATE—–Save the combined file as digicertpack.pem - Make a backup copy of the existing default Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts..
- Move this file to your /var/qmail/control/ directory.
- Enable the ssl certificate for use with qmail either by renaming the file to that of the certificate that is already in use on that server or modifying the server configuration file to point to the newly created certificate.
- To finish the installation process, restart the qmail server.
We hope this article helped you with this easy process. If you cannot use these instructions, we recommend you contact either the vendor of your software or the hosting organization that supports it.