The official place to get qmail is through Dan Bernstein's web and FTP server at http://cr.yp.to. (The .to domain is actually the island nation of Tonga, but they'll sell a "vanity" address to anyone willing to pay, and Dan's professional interests center around cryptography.) An alternate address is http://pobox.com/~djb/qmail.html. Both URLs are currently redirected to Dan's FTP server, koobera.math.uic.edu, at the Math department of University of Illinois at Chicago. For the rest of this book, we'll nickname that site koobera. The actual name of the site is subject to change at any time, which is the whole point behind using cr.yp.to and pobox.com. If you use a web browser or a graphical FTP program to open an FTP connection to koobera, the list of files you receive may be scrambled. Dan uses an FTP server of his own creation, publicfile, which is good and bad. It's good because it's a typical Dan Bernstein program: small, secure, and fast. It's bad because most web browsers and visual FTP programs don't know how to parse the server's listing format. Visual FTP programs without special support for anonftpd's file format (EPLF, Easily Parsed Listing Format) cannot give you a listing of files. The standard command-line FTP that comes with BSD, Linux, and most versions of Unix has no such troubles, nor does the FTP distributed with versions of Windows, because neither attempts to parse the listing. The current version of squid, a popular proxy server, has support for EPLF, so if you're accessing the Net through a squid FTP proxy, you should have no troubles. Once you've made sure you can contact the FTP server, make a directory where you're going to download and build your software such as /var/src or /usr/local/src, and FTP a copy of qmail there. Use gunzip and tar or pax to unpack it into a subdirectory. 3.1.1 CopyrightDan Bernstein reserves most rights when he distributes qmail. Copyright law lets him prohibit anyone from making copies (except within fair use, which includes actually loading the software from disk into memory, memory into cache, cache into processor, and disk onto backup media and back again). Dan has given users several permissions, however. You can redistribute the source to any of qmail 1.00, 1.01, 1.02, and 1.03. This source must be unmodified, in the original .tar.gz format, and match a certain checksum provided by Dan. In addition to redistributing unmodified source, you can also redistribute certain derived works. An executable that is equivalent to that which a user would create through the documented install process is also redistributable. In practice, this means that you can download, compile, patch, install, and use qmail any way you want. The one thing you can't do is to distribute modified versions of qmail. That's why all of the user modifications are distributed as patches relative to the distributed 1.03, rather than as modified versions of qmail itself.[1]
3.1.2 Should I Upgrade?For better or worse, there's never been a good answer to that question. The best answer that I can offer is that in qmail 1.02 a user could crash the copy of qmail-smtpd she was running, by issuing a: rcpt to: <> However, this would only cause the user's copy to crash. Nobody else would be affected. A good answer might be "because there's a bug that prevents X from working." This has never happened. Another good answer might be "because there's a security hole that endangers the security of your machine." This has also never happened. The only way to answer your question is to examine the CHANGES file that comes with qmail. If you see a change there that affects you, then you should consider upgrading your version of qmail. Otherwise, the wise maxim "If it's not broken, don't fix it" applies. The most important reason to upgrade is that if you're running the same version as most other qmail users, it's easier to ask them specific questions, pass patches and configuration tricks around, and otherwise be part of the qmail community. For most people, this is the best reason to stay in sync with new versions. I assume that you're using Version 1.03, the most recent as of the time this book was published, or netqmail 1.05, which is 1.03 with some recommended patches. 3.1.3 Other Software You Should FetchAs long as you're accessing koobera, there's some other software you should fetch. I'm going to leave the version number out of the package name. Look for the current version when you're downloading. Unpack most of these packages the same way you do qmail, with gunzip and tar or pax, each into its own subdirectory of your download directory. Starting with Version 0.75 of daemontools and, presumably, new versions of other packages, Dan has invented a new installation setup described at the end of this chapter.
|