UCSPI-TCP

ucspi-tcp is djb's implementation of UNIX Client-Server Program Interface using TCP.

ucspi-tcp is djb's implementation of UNIX Client-Server Program Interface using TCP. It's used on our server to manage what IPs are allowed to connect to the SMTP service(s) as well as passing any environment variables that those IPs might want to use.

Installation
Download the source tarball:

cd /package
wget https://www.fehcom.de/ipnet/ucspi-tcp6/ucspi-tcp6-1.06a.tgz
tar xzf ucspi-tcp6-1.06a.tgz
cd host/ucspi-tcp6-1.06

This version of ucspi-tcp6 included a greetdelay patch for rblsmtpd. Since that functionality is added to qmail-smtpd later (in John Simpson's Combined Patch), there's a potential doubling up of the greetdelay. (See http://notes.sagredo.eu/node/128). However, since John's smtp run script doesn't call rblsmtpd with the "-W" flag,
Install it:

package/install

Make the directory to hold the tcpserver access rules:

mkdir /etc/tcp

Configuration for SMTP server
Edit /etc/tcp/smtp and add some rules:

127.:allow,RELAYCLIENT=""
192.168.0.:allow,RELAYCLIENT=""

Make the cdb file from the text file:

tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp
chmod 644 /etc/tcp/smtp.cdb

Rather than having to remember how to do this every time, create /etc/tcp/Makefile with (NOTE: The spacing before the "tcprules" command should be a TAB!!!!):

smtp.cdb:smtp
      tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp

Then, to recreate compile the CDB file, you simply have to run:

make

ucspi-ssl
For Centos 7, used ucspi-ssl 0.99 from http://www.fehcom.de/ipnet/ucspi-ssl.html.

cd /package
wget http://www.fehcom.de/ipnet/ucspi-ssl/ucspi-ssl-0.99e.tgz
tar zxf ucspi-ssl-0.99e.tgz
cd host/superscript.com/net/ucspi-ssl-0.99e
package/install base

Troubleshooting
https://forums.gentoo.org/viewtopic.php?t=276084&highlight=tcpserver

Credits

Various bits of code, scripts, and procedures were put together with information from John Simpson's qmail.jms1.net website. It's an excellent resource on managing and setting up a Qmail server.

Recent Updates

  • 11 months 3 weeks ago
  • 11 months 3 weeks ago
    Removed original versions of ucspi-tcp and ucspi-ssl and replaced them with upgraded versions. The old ones were failing PCI compliance tests by Security Metrics. ucspi-ssl also had issues installing on CentOS 7 - new version installed without issues.
  • 11 months 3 weeks ago
    1.3.7 update
  • 11 months 3 weeks ago
  • 1 year 1 hour ago
    MariaDB