When qmail-smtpd is enhanced with the chkuser patch (which is almost mandatory these days), as well as possibly in some other cases, it sends its logging messages to stderr. This assumes a typical setup with tcpserver (another tool by DJB, the author of qmail) and splogger (a part of qmail), such as:
/opt/ucspi-tcp/current/bin/tcpserver -v -H \ -c 500 \ -x /opt/vpopmail/config/relay/rules.cdb \ -u $QMAILD_UID -g $NOFILES_GID \ -D \ 127.0.0.1 smtp \ /opt/netqmail/current/bin/qmail-smtpd \ /opt/vpopmail/current/bin/vchkpw /bin/true 2>&1 | \ /opt/netqmail/current/bin/splogger smtpd 2 &
With such a setup, stderr is redirected to splogger in order to capture logging messages from tcpserver - but this also happens to capture logging messages from the (patched) qmail-smtpd.
In the case of xinetd, both stdout and stderr of a service are sent to the socket, and if we configure qmail-smtpd as an xinetd service in the obvious way, qmail-smtpd log messages and SMTP messages will create a mess-up. The solution is to redirect stderr to splogger leaving stdout unaffected. Such behavior can be implemented by the following wrapper script:
$ cat /opt/netqmail/current/bin/qmail-smtpd-inetd #!/bin/sh dir=`dirname "$0"` exec 3>&1 $dir/qmail-smtpd 2>&1 1>&3 3>&-| $dir/splogger smtpd 2 3>&- exec 3>&-
One of “our” shell tricks is used by this script.
A drawback of this approach is that one instance of splogger is started for every SMTP connection, as opposed to one instance per listening SMTP port with the tcpserver setup.
Then the portion of xinetd config might look as follows:
service smtp { id = smtp-remote socket_type = stream protocol = tcp user = qmaild wait = no server = /opt/netqmail/current/bin/tcp-env server_args = -R /opt/netqmail/current/bin/qmail-smtpd-inetd interface = your.public.IP.address nice = 10 instances = 310 per_source = 50 cps = 1000 1 log_type = SYSLOG mail } service smtp { id = smtp-local socket_type = stream protocol = tcp user = qmaild wait = no server = /opt/netqmail/current/bin/tcp-env server_args = -R /opt/netqmail/current/bin/qmail-smtpd-inetd env = RELAYCLIENT= interface = 127.0.0.1 nice = 10 instances = 250 cps = 1000 1 log_type = SYSLOG mail }
Please note that this example is not exactly equivalent to the one with tcpserver above - they implement different setups as it relates to SMTP relaying policy. This xinetd example unconditionally denies relaying on the public IP address, but permits it from localhost. If the latter is not needed, then only one xinetd configuration file section should be used (not two) and the ”id = …
” line may be omitted.