I succesfully installed qmail server with all goodies following the qmailrocks instructions on ArchLinux system. I have followed instructions based on Slackware because this two systems are very similar with only minor changes. I host about 7 virtual domains and more or less 700 users. The system is working fine except one problem. And I'm 100% sure that this is not a problem of installation on other Linux system than mentioned on the site but rather configuration problem.

I'm going to explain everything by example.
Let's assume for a while that I'm the owner of two mail domains:
- google.com
- linux.org

The google.com domain is my primary domain used for installation and linux.org is virtual one. So I generated the server certificate for google.com and it is located in /var/qmail/control/servercert.pem with a symlink /var/qmail/control/clientcert.pem.

And when I send mail using for example admin@google.com account everything is working fine and I do authorize properly and I can relay mail everywhere. I use TLS of course.
But when I use the account located in virtual domain (ie. admin@linux.org) I got the following erroor "Domain name mismatch". Of course it mismatch because the certificate was generated for google.com not for linux.org.

And here is my question - is there any way to include more than one server certificate for proper authorization of virtual domains users?

I also tried to generate a certificate with a "*" wildcard as the server hostname but this was wrong because the mail client couldn't read the certificate at all.
I also found out that it is not possible to include more than one server certificate in a single pem file.

Any ideas? I think that TLS is really good solution but maybe you have any other ideas or solutions for encrypt login/password data??

Cheers and sorry for my English :wink:

Can you tell me what the minor changes were for your archlinux system as i am going to install qmail on my arch system

justin AT smithies.me.uk

ok i'll resurrect this one a bit, as i'm sure there are people who should be having a bash with arch. it's quite lovely.

i haven't finished it yet but feel free to use my notes. so up to the bit where you put clam on for archlinux 0.7 (and it seems to run oh so quickly)-

follow slackware instructions, but bear these in mind:

BEFORE YOU START

*install with apache & php4 (the user is nobody for apache and the folders are /home/httpd/cgi-bin and /home/httpd/html)

*pacman upgrade

*install 'expect' and 'nettools-telnet' with pacman

*i'd advise installing perl from source as it made a bit of a mess for me when i tried the pacman version

*install latest courier-authlib from source before attempting courier-imap

follow all steps until you get to 12, then read this bit

PART 12 OF THE GUIDE

the bit from the guide telnetting to local port 106, you'll need to edit a line in /usr/local/etc/authlib/authdaemonrc to authmodulelist="authvchkpw"

copy the authdaemond file from /usr/local/libexec/courier-authlib/ to /usr/local/libexec/authlib/

start the daemon manually with /usr/local/libexec/authlib/authdaemond &

obviously you'll need to add the daemons to your /etc/rc.conf


that's about all i had to do. good luck!

john