QNAP is a company that makes very nice NASes. Their particular niceness is that they have lots of so-called QPKG, or QNAP Packages, to add to their QTS (the name of QNAP NAS OS, something like QNAP Turbo System). Many of them are official – like Video Station (sort of your own YouTube), some of them are 3rd party – like XDove which I’m going to describe here. The main difference is level of support you get.
For some obscure reason all currently up-to-date QPKG that turn your NAS into a mail server are POP3-only. Basically, the only maintained package right now is XMail, which is great and all but doesn’t handle IMAP which is a big step in the 90s in my opinion.
To amend this we will be using XDove – an old package (last updated several years ago) but still working even on the latest QTS firmware version. You only need to apply some fixes. Internally XDove is a combination of XMail and Dovecot that connects to the former to serve IMAP from XMail’s folders.
This guide won’t attempt to fix RoundCube as the problem seems to be somewhat substantial. However, it explains how to fix Uebimiau.
Make sure to upgrade XMail after you’re done with XDove to fix certain critical bugs (including undelivered messages). The guide is here.
During my trial with XDove I came across numerious forum threads and side resources that might be of use to someone. Just in this case I am listing them here:
Forum threads of lesser interest:
Info on getting RoundCube to work can be found at:
First of all you need to download the .qpkg file appropriate for your type of QNAP NAS. I own TS-220 which comes from x19 series (but not TS-221), therefore I needed XDove_1.3_arm_x19.qpkg. You can find available builds here. If the link is down here are local mirrors just n case:
Now open your QNAP admin panel in the browser (your NAS IP address). Make sure you have Web Server enabled in the Control Panel. Then go to App Center and click on the button in the top-right that says Install Manually. If you have downloaded the ZIP archive make sure to extract it first. Select that .qpkg file (like XDove_1.3_arm_x19.qpkg) by using Browse… and click Install.
App Center will appear with a new box in My Apps saying XDove. For a few minutes it will be overlayed with black, saying it’s being installed. It should install fine (this is the easiest part) and when it did you will see a mostly white box with iOS-style switches 1/0 to turn the app on/off and a Launch button nearby to go to its control panel.
After installation XDove can be running (switch in position 1) or not (position 0). You can start it up if it’s not running, then press Launch – you should be presented with a Quick Start Assistant. This part is also straightforward even without any tips but if you need them check the PDF guide here (Chapter 4). You don’t need help setting up RoundCube or Uebimiau so once done with main configuration (the Assistant will tell you) just close the dialog and proceed to the next section.
If you are having troubles opening XDove launch page from App Center try changing the port number so your URL looks like this: https://NAS_IP:8081/xdove/
If Quick Start Assistant shows up a blank dialog try restarting XDove. If it doesn’t help try reinstalling it and if this also fails just go on without using the dialog.
Now comes the fun part. All wizards ran and done their job but most obviously this alone will not suffice and something will just not work. We will be amending this below.
First of all check if your PHP sessions’ directory is writable to all. The path should be /share/HDA_DATA/.php_session for JBOD (single-drive) setup and with MD0_DATA for RAID. This directory should have 0777 permissions.
Next, remember the location of XDove installation: /share/HDA_DATA/.qpkg/XDove. It also contains xmail and dovecot folders that we will need later. Also note that /share/HDA_DATA/.qpkg/XDove/xmail/var/MailRoot is the location where XMail and Dovecot store all mail data and also the location of most of XMail configuration files.
Open /share/HDA_DATA/.qpkg/XDove/xmail/var/MailRoot/ctrlaccounts.tab. If you have successfully completed Quick Stat Assistant before this file should contain just one line of form:
"admin" [TAB] "hash"
…where [TAB] stands for one tab symbol (no spaces around), admin – for control user name and hash is a string with hexadecimal symbols (0-9, a-f).
Sometimes this file can get all wrong. Run the following command:
sh/share/HDA_DATA/.qpkg/XDove/xmail/bin/XMCrypt your_password
Compare the output with the hash in ctrlaccounts.tab – they should match. Also check that the file has tab symbol and not just spaces and that it has the right control user name (usually just admin is best).
Now open /share/HDA_DATA/.qpkg/XDove/xmail/var/MailRoot/server.tab and compare it with mine (some directives need to be uncommented, some values changed):
conf# i-forge.net = your mail server domain name. "RootDomain" "i-forge.net" "SmtpServerDomain" "i-forge.net" "POP3Domain" "i-forge.net" #"TempErrorsAdmin" "send-failures@xmailserver.test" #"DefaultSMTPGateways" "192.168.1.2,192.168.1.15" "RemoveSpoolErrors" "0" #"NoSenderBounce" "1" #"DisableEmitAuthUser" "1" #"NotifyMsgLinesExtra" "8" #"NotifySendLogToSender" "0" #"NotifyTryPattern" "1" "MaxMTAOps" "16" "ReceivedHdrType" "0" "FetchHdrTags" "+X-Deliver-To,+Received,To,Cc" "SMTP-TLS" "1" "EnableCTRL-TLS" "1" "EnableSMTP-TLS" "1" "EnablePOP3-TLS" "1" #"SmtpMsgIPBanSpammers" "550 Denied due inclusion of your IP in our spam lists" #"SmtpMsgIPBanSpamAddress" "550 Denied due inclusion of your email address in our spam lists" #"SmtpMsgIPBanMaps" "550 Denied due inclusion of your IP in the following map" #"CustomSMTPMessage" "Please open http://www.xmailserver.test/smtp_errors.html to get more information about this error" # Kilobytes. 70 MiB here. "MaxMessageSize" "71680" "EnableAuthSMTP-POP3" "1" #"Pop3SyncErrorAccount" "psync-errors@xmailserver.test" #"AllowNullSender" "1" #"AllowSmtpVRFY" "1" #"AllowSmtpETRN" "1" #"SMTP-MaxErrors" "4" #"SmtpMinDiskSpace" "100000" #"SmtpMinVirtMemSpace" "64000" #"Pop3MinVirtMemSpace" "64000" #"CustMapsList" "list.dsbl.org.:1,blackholes.mail-abuse.org.:1,dialups.mail-abuse.org.:0" #"SMTP-RDNSCheck" "1" #"CheckMailerDomain" "1" #"SmartDNSHost" "dns.home.bogus.net:tcp,192.168.1.1:udp" #"SmtpConfig" "mail-auth" #"SmtpConfig-192_168_0_1" "mail-auth" "DefaultSmtpPerms" "MRVZ" # Do not specify this or most mail services like Gmail will fail to delivery # mail from other mailboxes to yours (on QNAP). #"SmtpConfig" "WantTLS"
The above enables SSL (but not enforces it) for POP3 and SMTP which is a must-have and omnipresent these days. Let’s generate the certificate now:
shcd /share/HDA_DATA/.qpkg/XDove/xmail/var/MailRoot openssl genrsa 2048 >server.key openssl req -new -x509 -key server.key -out server.cert
If you don’t have openssl install Optware IPKG from App Center and then run
shipkg install openssl in the terminal.
See if domains.tab contains the name of your domain (the same as RootDomain above):
"i-forge.net"
If you didn’t use Quick Start Assistant see if mailusers.tab contain something like this (also created with PhpXMail):
"i-forge.net" "postmaster" "hash" 1 "postmaster" "U" "i-forge.net" "proger" "hash" 2 "proger" "U"
Note that here, above and in all XMail config files spaces between values are actually tabs. hash stands for XMCrypt output.
You might want to edit user defauts which are applied when you create new mailboxes with PhpXMail – if so edit userdef.tab.
Now let’s correct the command line. XDove sets up non-standard ports for POP3, IMAP and SMTP and its install guide tells that you have to forward ports with your router but if you don’t have one or if it doesn’t support forwarding from external port to a different internal port (like mine – you can’t forward 25 → 50025 with TP-LINK) then you need to remove custom port bindings. You also need to remove disabling options for SSL SMTP and POP3 if you want them to run (which I suppose you want).
The command line is edited in /share/HDA_DATA/.qpkg/XDove/xmail/etc/xmail/cmdline. Mine looks like this:
-P- -B- -X- -Mr 24 -SX 2 -Qn 1 -Yt 1 -Yi 120 -Ln 1 -PX 1 -CX 2 -Ph -Ql -Sl -Pl -Yl -Fl -Cl -Ll -SI 0.0.0.0:25 -SI 0.0.0.0:125
It is easy to figure the necessary options given the excelent official documentation. The command line above disables POP3 and POP3S (I’m always using IMAP of Dovecot) and SMTPS (I am using STARTTLS for SMTP instead of dedicated SSL SMTP port (that is, SMTPS) – saves resources without an impact on security).
Two -SI XXX:XX options make XMail SMTP service to listen on two ports on all available IPs (because of 0.0.0.0). I assume that you don’t need this but in my case I couldn’t connect to port 25 on my server even if I could to any other port. This only happened from one specific place, other computers had no troubles delivering mail to port 25. Therefore I had to bind SMTP to two ports to let me send mails and let others deliver mails to me.
If you are using POP3 then consider adding -Pw 60 option that will prevent bruteforcing of account passwords by blocking out the client after each bad logon attempt (wrong username or password).
We now need to edit startup script of XMail or it will fail to run. Open /share/HDA_DATA/.qpkg/XDove/xmail.conf, find the line below and remove --chuid xmail from it:
conf"${QPKG_DIR}/bin-utils/start-stop-daemon" --start --chuid xmail --exec $XMAIL_DAEMON
I have no idea why this prevents XMail from running and since start-stop-daemon outputs absolutely nothing there’s probably no chance of figuring out what’s going on.
Also, check that MailRoot directory is owned by xmail (both user and group) and with at least 0755 permissions. This is usually the case.
Now you can restart XDove (
sh/etc/init.d/XDove restart) and see if XMail is running (do
shps axxs | grep XMail after a few seconds’ delay as XMail tends to quit before long on bad configuration). Go to PhpXMail from your XDove launch page (https://NAS_IP:8081/xdove/) and set up your mail users and maybe some other server options. This should be straightforward as soon as you are able to log into PhpXMail. If you can’t do that check ctrlaccounts.tab as described in the beginning and also try logging in on domain localhost. See also PhpXMail Configuration wiki page.
Make sure to upgrade XMail after you’re done with this guide to fix certain critical bugs (including undelivered messages). The guide is here.
First of all your should move (overwrite) /share/HDA_DATA/.qpkg/XDove/dovecot/etc/dovecot.conf to the actual configuration file in dovecot folder, that is, /share/HDA_DATA/.qpkg/XDove/dovecot/etc/dovecot/dovecot.conf. Installer is buggy creating the file one level above. If you don’t move that file at least delete it, open dovecot/dovecot.conf, change ssl_disable yes → ssl no and remove this line: login_greeting_capability = yes (these are depricated with the version of Dovecot XDove contains).
Now open the destination (new) file and add the following:
confssl_cert_file = /etc/dovecot/ssl-cert.pem ssl_key_file = /etc/dovecot/ssl-priv.pem auth_mechanisms = plain login cram-md5 ntlm gssapi
And also change the following values:
confssl = required disable_plaintext_auth = yes
None of these changes are needed if you don’t want to enable SSL. The above options prescribe Dovecot to reject plain text login attempts unless they are protected by SSL.
Let’s now generate certificate for Dovecot:
shcd /share/HDA_DATA/.qpkg/XDove/dovecot/etc/dovecot ./mkcert.sh
If everything went fine you should now have two new files in the same directory: ssl-cert.pem and ssl-priv.pem.
XDove comes with two e-mail clients in PHP: RoundCube (a great client, requires MySQL and won’t run on QTS without major hassle) and Uebimiau (nice, small client with very simple chat and file upload). To make the latter run you need to open /share/HDA_DATA/.qpkg/XDove/uebimiau/inc/lib.php and replace all ~E_NOTICE occurrences with ~E_NOTICE & ~E_DEPRECATED.
If you have changed XDove ports from 50xxx to standard (25, 143, etc.) then you should also edit them in one of inc/config files.
Then you should be able to login and use the client as usual.
If you are getting white pages consider increasing memory limit of PHP: open /etc/config/php.ini (or just /php.ini that is a symlink) and change
confmemory_limit = 8M to 12M, then do
shapachectl graceful. Alternatively, you can do this via QTS admin panel (Control Panel → Web Server → php.ini) which will save the config and restart the server for you.
Info on getting RoundCube to work can be found in this thread and here in German.
This was really simple. I used to use Cyrus-IMAP server with Postfix on my old FreeBSD box (described in this series of guides) and moving all messages (about 1 GiB) to Dovecot was a breeze. Official docs make it very clear.
First, add this to /share/HDA_DATA/.qpkg/XDove/dovecot/etc/dovecot/dovecot.conf:
confnamespace private { prefix = INBOX. separator = . inbox = yes type = private } pop3_uidl_format = %v.%u
Then run migration script on your Cyrus IMAP and spool folders – see this page. The script is buggy, at least for my QTS and/or Cyrus version, so you have to edit it:
If you need to read FreeBSD partitions on Windows (UFS file system) use ufs2tools – they let you see partitions layout with bsdlabel and save data from those to local disk with ufs2tool.
At this point everything should be ready. Restart XDove:
sh/etc/init.d/XDove restart
Wait for 5-10 seconds and do this:
shps axxs | grep XMail ps axxs | grep imap
Both commands should produce at least one line of output – if they did XMail (SMTP/POP3) and Dovecot (IMAP) are running. Now get telnet – on Windows 7 you have to install Telnet Client from Programs & Features, on Windows XP it’s built-in – and run:
shtelnet yourhost 25
You should see XMail greeting. Now do:
shtelnet yourhost 143
You should see Dovecot greeting. Note that if you’re using overriden (default to XDove) ports you have to use 50025 and 50143 correspondingly.
If both worked then get your favourite mail client like Thunderbird, set up an account as you would normally and try sending/receiving messages. It should work. I have also successfully tested this setup with Apple Mail (from iOS 7), both SSL and not.
Also, some people complain that XDove prevents hard drives from spinning down but I found that when I receive no mail and when I do no activity in my mailbox hard drives are disabled within the regular interval specified in QTS’ Control Panel.
If you are stuck at some point see what the logs say. They are located in:
If the problem is with XMail you can try stopping XDove and starting XMail on its own in debug mode with all the output:
sh/etc/init.d/XDove stop /share/HDA_DATA/.qpkg/XDove/xmail/bin/XMail --debug -Md
If you are getting segfaults with Dovecot it’s often because of invalid username (user instead of user@yourhost.com) – more info here.