qmail-verify - Address verification daemon
receives UDP packets containing local email addresses and
returns a single byte to indicate if the address is valid or invalid to the
sender of the UDP packet. qmail-smtpd
clients using the qmail-verify
service, although at present only
has had this functionality added. qmail-verify
based on Paul Jarc's realrcptto
patch for qmail
uses the files control/locals, control/virtualdomains,
the system password file entries (typically in
) as well as the existence or not of users' home
directories and .qmail[-xxx]
files to determine if a given address is
Where a qmail system uses .qmail-default
files on a per-domain basis in a
virtual domains setup, this is likely to result in all addresses being
considered 'valid'. This may not in fact be the case in certain situations,
such as with extensions/adaptations to qmail like vpopmail which use
files throughout (delivery in this case is subsequently
handled by a vpopmail component). In these cases a replacement for
will be required that can determine address validity.
Other customised qmail installations that use different methods to locate users'
mailboxes are likely to need alternatives to qmail-verify
or a modified
version of it for address verification.
should be invoked as user root
to have sufficient
privileges to determine the validity of a given address. In certain single-UID
virtual domains setups, it may be sufficient to run qmail-verify
By default, qmail-verify
listens on localhost (127.0.0.1) on port 11113.
This behaviour can be changed by setting the environment variable
to specify the IP address and/or port: Set this to the desired
IP address, optionally followed by a colon and port, thus for example
is implemented by taking the various pieces of qmail that
parse an address and combining them in the same executable,
Thus logic is taken from qmail-send, qmail-lspawn,
The incoming packet contains just the email address to be checked as a string.
The string is optionally terminated with a 0 byte.
The response packet contains a single byte to indicate whether the address is
valid. The lowest-order bit of this byte indicates the result: 0
for 'invalid'. Other bits of this response byte are set by
to give further debugging information; these other bits
should generally be disregarded.
Although not especially designed as a new protocol, extensions to
could require the query string to be 0 terminated to
separate it from other data to follow. Currently the response packet contains
the response byte and the 'Controlling user'; more information could
potentially be returned if required.
At startup qmail-verify
reads the following qmail control files:
control/envnoathost, control/locals, control/percenthack,
If changes are made to any of these files,
should be restarted for the changes to take effect in
If you are using different machines for qmail-verify
you should ensure that the machine providing the
service has a full set of control files as well as the
mailboxes; the machine running qmail-smtpd
to be setup.
logs each decision it makes to stderr: The address followed
by whether it's valid or not.
Andrew Richards, building on the work of Paul Jarc and Dan Bernstein, and with
plenty of help along the way from Russell Nelson, John Levine and Charles
Cazabon amongst others.