IndiMail

IndiMail is a FS / OSS messaging platform built using following packages qmail, serialmail, qmailanalog, dotforward, fastforward, mess822, daemontools, ucspi-tcp, Courier IMAP, Bogofilter - A Bayesian Spam Filter, Fetchmail, other useful utilities (pack, unpack, altermime, ripmime, flash). IndiMail also provides Management of Virtual domains. Some components especially qmail have been heavily modified. IndiMail works on 32 / 64 bit Unix platforms.

IndiMail came with the first release on Aug 15, 2008 to symbolically mark freedom from proprietary software. Aug 15th marks India's Independence from British Rule. IndiMail is licensed under GPLv3.

Architecture

IndiMail provides qmail-remote (SMTP) / qmail-local (MDA), proxyimap (IMAP) & proxypop3 (POP3) which are user-location aware. This gives IndiMail the ability to extend a domain or distribute the users across multiple hosts using standard non-proprietary protocols and RFCs. The other use of user-location aware property is to have a single domain consisting of a heterogeneous email server environment (with some users on MS Exchange and some on Lotus Notes some on IndiMail). You can have multiple hosts hosting a domain placed geographically anywhere and tied up by IndiMail. This allows you to seamlessly migrate from a proprietary solution. The proxies for Internet Message Access Protoco / Post Office Protocol and a Simple Mail Transfer Protocol router allows one to put any proprietary email server behind IndiMail. This does not force a filesystem architecture like NFS to be used for provisioning large number of users (typically in an ISP/MSP environment). In the architecture below, you can keep on increasing the number of servers (incoming relay, outgoing relay or mailstores) to cater to large number of users.

IndiMail departs from qmail by having multiple queues (called a queue collection) instead of a single queue. The collection, with each queue having its own dedicated qmail-todo / qmail-send process, allows IndiMail to eliminate what is called as silly qmail syndrome. Hence IndiMail can achieve high concurrency and process a very high incoming rate of mails compared to a system running with a single queue. The system ids, configuration files used by IndiMail are all configurable through a set of environment variables (~200 variables). IndiMail uses envdir to use these environment variables for configuring the different services like Simple Mail Transfer Protocol, Internet Message Access Protocol, Post Office Protocol. The environment variables are also configurable using a system called envrules. This gives the ability of a single installation of IndiMail have a different behaviour for each queue, sender, recipient, source host, destination host. The queue mechanism is shown below

IndiMail can be installed either from the source, RPM/Debian binary packages or using yum/dnf/yast/apt repositories. The binary packages installs qmail daemontools, ucspi-tcp, serialmail, mess822, Fetchmail, Bogofilter, altermime, ripmime, mpack, nssd, libdkim, Courier IMAP/POP3 all in one package. IndiMail uses MySQL as the database for storing user information. The binary packages installs IndiMail using philosophy outlined in Life with qmail. IndiMail is listed as one of the MTAs providing DomainKeys Identified Mail.

Features

Speed

IndiMail uses a modified qmail as the MTA. qmail's modular, lightweight design and sensible queue management provides IndiMail the speed to make it one of the fastest available message transfer agent.
IndiMail provides ''qmail-multi'', a drop-in replacement to ''qmail-queue''. ''qmail-multi'' uses multiple queues with each queue running its own qmail-send process. This allows IndiMail to process mails faster than what can be provided by qmail.

Setup

  • automatic adaptation to your UNIX variant
  • Linux, SunOS, Solaris, and more
  • automatic per-host configuration - gnu autoconf
  • High degree of automation of configuration through ''svctool''
  • RPM/Debian packages for multiple Linux Distros. Binary packages follows Dave Sill's LWQ.

Security

  • clear separation between addresses, files, and programs
  • minimization of setuid code (qmail-queue, qhspi, qscanq, systpass)
  • minimization of root code (qmail-start, qmail-lspawn)
  • five-way trust partitioning---security in depth
  • optional logging of one-way hashes, entire contents, etc. (EXTRAQUEUE, mailarchive control file)
  • virus scanning through clamav/qscanq/avg
  • Inbuilt virus scanner
  • sender/recipient accesslist, hostaccess using ''tcprules''.

Message construction

  • RFC 822, RFC 1123
  • full support for address groups
  • automatic conversion of old-style address lists to RFC 822 format
  • sendmail hook for compatibility with current user agents
  • header line length limited only by memory
  • host masquerading (control/defaulthost)
  • user masquerading ($MAILUSER, $MAILHOST)
  • automatic Mail-Followup-To creation ($QMAILMFTFILE)
  • ability to add signature/content to messages using ''altermime''.
  • ARF Generator (Abuse Bounce Report Generator) for setting up Email Feedback Loop

SMTP service

  • RFC 2821, RFC 1123, RFC 1651, RFC 1652, RFC 1854, RFC 1870, RFC 1893
  • 8-bit clean
  • 931/1413/ident/TAP callback
  • relay control---stop unauthorized relaying by outsiders (control/rcpthosts)
  • no interference between relay control and aliases
  • automatic recognition of local IP addresses
  • per-buffer timeouts
  • hop counting
  • parallelism limit (tcpserver)
  • per host limit (tcpserver - MAXPERIP)
  • refusal of connections from known abusers(tcpserver, badmailfrom, badmailpatterns,
    badhelo, blackholedsender, blackholedpatterns, badhost, badip)
  • goodrcptto, goodrcptpatterns which override the above
  • blackholercpt, blackholercptpatterns for blackholing mails to specific senders.
  • Control files spamignore, blackholedsender, badmailfrom, relaymailfrom, badrcptto,
    chkrcptdomains, goodrcptto, blackholercpt, badip can be specified in plain text, cdb format or in MySQL tables.
  • relaying and message rewriting for authorized clients
  • authenticated SMTP PLAIN, LOGIN, CRAM-MD5, CRAM-SHA1, CRAM-RIPEMD, DIGEST-MD5 (HMAC (RFC 1321, RFC 2104, RFC 2554, RFC 2617))
  • STARTLS extension, TLS
  • Support for SMTPS
  • POP/IMAP before SMTP
  • ETRN (RFC 1985)
  • ODMR (RFC 2645)
  • RBL/ORBS support (rblsmtpd)
  • DNSBL (DNS Blacklist) Support
  • SURBL (SURBL Blacklist) support using surblfilter
  • SPAM Control (Reject/Tag/Accept) using Bayesian techniques
  • High Performance MS Virus Control via control file viruscheck and
    control file signatures
  • Content Filtering and blocking of prohibited attachments via control file bodycheck
  • Ability to reject/bounce mails for unknown/inactive users (CHECKRECIPIENT)
  • ability to have the RECIPIENT check for selective domains using control file chkrcptdomains
  • Antispoofing mode (turned on by environment variable ANTISPOOFING)
  • Masquerading ability.
  • Multiline greetings via control file smtpgreeting
  • Message Submission Agent – MSA (RFC 2476)
  • Domain IP address pair access control via control file hostaccess
  • Per User accesslist via control file accesslist
  • SPF – Sender Permitted From
  • SRS - Sender Rewriting Scheme
  • Bounce Address Tag Validation (BATV)
  • Per User control of environment variable by envrules(rules file set by environment variable FROMRULES)
  • Greylisting capability using qmail-greyd or greydaemon
  • SMTP Plugins - External plugins using shared objects in /var/indimail/plugins to enhance functionality of MAIL, RCPT & DATA session.
  • Notify recipients when message size exceeds databyte limits (by setting environment variable DATABYTES_NOTIFY)
  • Enforce STARTTLS before AUTH

Queue management

  • instant handling of messages added to queue
  • parallelism limit (control/concurrencyremote, control/concurrencylocal)
  • split queue directory---no slowdown when queue gets big
  • quadratic retry schedule---old messages tried less often
  • independent message retry schedules
  • automatic safe queueing---no loss of mail if system crashes
  • automatic per-recipient checkpointing
  • automatic queue cleanups (qmail-clean)
  • queue viewing (qmail-qread)
  • detailed delivery statistics (qmailanalog)
  • Configurable number of queues and time slicing algorithm for load balancing via qmail-multi. A queue in indimail is configurable by three environment variables QUEUE_BASE, QUEUE_COUNT, and QUEUE_START. A queue in IndiMail is a collection of queues. Each queue in the collection can have one or more SMTP listener but a single or no delivery (qmail-send) process. It is possible to have the entire queue collection without a delivery process (e.g. SMTP on port 366 – ODMR). The QUEUE_COUNT can be defined based on how powerful your host is (IO bandwidth, etc). NOTE: This configurable number of queues is possibe with a single installation and does not require you to install multiple instances of qmail.
  • Ability to hold local, remote or both deliveries (holdlocal, holdremote control file)
  • Qmail Queue Extra Header – Ability to pass extra headers to local and remote deliveries via qmail-queue (Environment variable QQEH).
  • External Virus scanning via QHPSI – Qmail High Performance Scanner Interface
  • Ability to extend QHPSI interface through plugins. The keyword plugin:shared_lib defined in the environment variable QHPSI denotes 'shared_lib' to be loaded.
  • Virus scanner qscanq. Ability to detect virus via a third party scanner defined by SCANCMD environment variable (clamscan, clamdscan, etc)
  • Blocking of prohibited filename extensions via qscanq program
  • Domainkeys (qmail-dk) RFC 4870
  • DomainKeys Identified Mail with ADSP/SSP (qmail-dkim) RFC 4871
  • Set all header values listed in envheader control file as environment variables.
  • Log all headers listed in control file logheaders to stderr.
  • Remove all headers listed in control file removeheaders from email.
  • Ability to do line processing instead of block processing.
  • qmail-nullqueue – blackhole the mail silently.
  • rule based mail archival using control file mailarchive (Sarbanes–Oxley_Act, Health_Insurance_Portability_and_Accountability_Act compliance)
  • Added additional recipients for a message using extraqueue or mailarchive control file.
  • X-Originating-IP header to record the original IP from which the mail originates

Bounces

  • QSBMF bounce messages---both machine-readable and human-readable
  • HCMSSC support---language-independent RFC 1893 error codes
  • double bounces sent to postmaster
  • Ability to discard double bounces
  • Ability to preserve MIME format when bouncing.
  • Control of bounce process via envrules (rules file controlled by environment variable BOUNCERULES or control files bounce.envrules)
  • limit size of bounce using control file bouncemaxbytes
  • Ability to process bounces using external bounce processor (environment variable BOUNCEPROCESSOR)

Routing by domain

  • any number of names for local host (control/locals)
  • any number of virtual domains (control/virtualdomains)
  • domain wildcards (control/virtualdomains)
  • configurable percent hack support (control/percenthack)
  • Clustered Domain. Same virtual domain can exist on multiple hosts, each having its own set of users. Provides Load Balancing and infinite scalability.

Remote SMTP delivery

  • RFC 2821, RFC 974, RFC 1123, RFC 1870
  • 8-bit clean
  • automatic downed host backoffs
  • Configurable tcp timeouts for downed host backoffs.
  • automatic switchover to next best MX
  • artificial routing---smarthost, localnet, mailertable (control/smtproutes)
  • Support for jumbo ISP (control/smtproutes.cdb)
  • per-buffer timeouts
  • passive SMTP queue---perfect for SLIP/PPP (serialmail)
  • AutoTURN support (serialmail)
  • Authenticated SMTP (userid/passwd in control/smtproutes) - PLAIN, LOGIN, CRAM-MD5, CRAM-SHA1, CRAM-RIPEMD, DIGEST-MD
  • STARTTLS, TLS
  • Static and Dynamic Routing. (SMTPROUTES environment variable)
  • User based routing instead of normal DNS/smtproutes.
  • Spam control (SPAMFILTER environment variable)
  • Environment variable control via envrules (rules file controlled by environment variable RCPTRULES)
  • QMAILREMOTE environment variable to run any executable/script instead of qmail-remote
  • QMTP support, artificial routing using (control/qmtproutes)
  • ONSUCCESS_REMOTE, ONFAILURE_REMOTE scripts run on successful or failed remote deliveries environment variables SMTPTEXT, SMTPCODE available for these scripts
  • Domain based delivery rate control
  • IP address binding on domain, sender address, recipient address and random selection from a pool of IP addresses
  • Return Receipt Responder - rrt
  • IPV6 support

Local delivery

  • user-controlled address hierarchy : fred controls fred-anything
  • mbox delivery
  • reliable NFS delivery (maildir)
  • user-controlled program delivery: procmail etc. (qmail-command)
  • optional new-mail notification (qbiff)
  • detailed Delivered-To Headers
  • optional NRUDT return receipts (qreceipt)
  • autoresponder RFC 3834 compliance (provide Auto-Submitted, In-Reply-To, References fields (RFC 3834))
  • conditional filtering (condredirect, bouncesaying, vfilter)
  • Environment variable control via envrules (rules file controlled by environment variable RCPTRULES)
  • Eliminate duplicate messages
  • QMAILLOCAL environment variable to run any executable/script instead of qmail-local
  • X-Forwarded-To, X-Forwarded-For headers
  • Message Disposition Notification (through qnotify)

Other

  • Unix Client Server Program Interface ucspi through programs ''tcpserver'' and ''tcpclient''
  • Change concurrency of ''tcpserver'' without restart.
  • IPv4 CIDR extension and support for compact IPv6 addresses and CIDR notation
  • TLS/SSL Support in ''tcpserver''
  • STARTTLS extension in IMAP, STLS extension in POP3
  • Ability to restrict connection per IP (MAXPERIP)
  • run shutdown script if present on svc -d
  • ability to log ''svscan'' output using ''multilog''
  • nssd daemon providing Name Service Switch which allows extending of the system passwd database to IndiMail's database.
  • pam-multi - Generic PAM module allows any external programs to authenticate against IndiMails database.
  • multiple checkpassword modules sys-checkpwd, ldap-checkpwd, pam-checkpwd, vchkpass, systpass
  • ''inlookup'' – High Performance User Lookup Daemon.
  • ''indisrvr'' – Indimail Administration Daemon.
  • ''spawn-filter'' - Ability to add disclaimer, run multiple filters before
    local/remote delivery.
  • Post Execution Handle - Allows functionality of indimail to be extended by writing simple scripts
  • Proxy for IMAP/POP3 Protocol
  • On the fly migration of users by defining MIGRATEUSER environment variable.
  • ready to use QMQP service
  • ability to distribute QMQP traffic across multiple servers
  • ''sslerator'' - TLS/SSL protocol wrapper for non-tls aware applications
  • ''svctool'' – Configuration tool for IndiMail.
  • ''iwebadmin'' - Web Frontend for IndiMail user administration.
  • mrtg graphs for detailed statistics
  • ability to specify commands in control files.
  • flash - ncurses customizable menu based Admin Tool
  • indium - Menu based administration tool written in tcl/tk
  • osh - Operator Shell (with configurable restricted command set) for Administrator

Support

There are four Mailing Lists for IndiMail
1. indimail-support - You can subscribe for Support at https://lists.sourceforge.net/lists/listinfo/indimail-support. You can email indimail-support@lists.sourceforge.net for posting messages to this list. Old discussions can be seen here.
2. indimail-devel - You can subscribe at https://lists.sourceforge.net/lists/listinfo/indimail-devel. You can email indimail-devel@lists.sourceforge.net for posting messages to this list. Old discussions can be seen here.
3. Archive at Google - http://groups.google.com/group/indimail. This group acts as a remote archive for both indimail-support and indimail-devel list at sourceforge. Any discussions posted here goes to indimail-support.
4. indimail-announce - This is only meant for announcement of New Releases or patches. You can subscribe at http://groups.google.com/group/indimail.

There is also a Project Tracker for IndiMail (Bugs, Feature Requests, Patches, Support Requests) at http://sourceforge.net/tracker/?group_id=230686

IndiMail has a blog at http://indimail.blogspot.in

Downloads


RPM / YUM repositories
Binary Install Instruction

See also