Search Site:

About

Linux

Printers?

Programming

Windows?

Download

Skins

Edit - To Do - AllRecentChanges

EmailServer /
SquirrelMail
 Recent Changes Printable View Page History Edit Page

This page is part of the EmailServer article.

SquirrelMail web interface

SquirrelMail is the webmail interface that comes preloaded with Fedora.
If it's not installed, just use yum install squirelmail to get it. You will also of course need Apache and make sure that your firewall has port 80 (http) and 443 (https) open.

Make sure Apache is running service httpd start. SquirrelMail is available out of the box from http://mail.example.com/webmail/.

By default, SquirrelMail is not accessible from https, and since our server will only be for mail, there is not need for appending the /mail at the end of the URL, so we need to fix those shortcomings.

First get the original SquirrelMail Apache config file out of the way:

# cd /etc/httpd/conf.d/

Then edit the /etc/httpd/conf.d/ssl.conf and add the following between the existing <Virtualhost> tags, then append the URL rewrite rules:

<VirtualHost _default_:443>
...
DocumentRoot "/usr/share/squirrelmail"
ServerName mail.example.com
<Directory /usr/share/squirrelmail>
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
...
</Virtualhost>

RewriteEngine on
# Log the rewrites, just in case we need to debug (increase leve for verbosity)
RewriteLog "/var/log/httpd/rewrite_log"
RewriteLogLevel 0

RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(mail\..*)$ [NC]
RewriteRule (^.*$) https://%1 [L,R]

RewriteCond %{HTTP_HOST} ^webmail\.(.*)$ [NC]

Now make sure that Apache will start at boot and start the service for now:

# chkconfig --levels 235 httpd on

Using Sub-domains

As recommended earlier, use a DNS provider such as ZoneEdit to manage your domain and sub-domains.
I often use sub-domains to alias an existing sub-domain; for instance, our server is mail.example.com, but I also create a webmail.example.com so users wanting to access their webmail can intuitively do so.

You should be able to access your email from anywhere securely through http://mail.example.com/.
Requests to the web server wil be transformed as such :

  • http://mail.example.com
    -> https://mail.example.com
  • webmail.example.com (whether http or https)
    -> https://mail.example.com

Note: https connections require a digital certificate registered with a known authority. The certificate is only valid for one website and one IP address and you need to pay for it. If you don;t have a certificate, your users will receive a warning when trying to access the site. You will have to tell them not to worry about that if you don't want or can't have a certificate (if you're using dynamic IP for instance). The certificate is only necessary to confirms that the site using is really who it pretends to be, it doesn't affect the fact that communications are encrypted.

< ClamAV | EmailServer | Firewall >

Leave your comments below
Enter your comment (no links allowed): Author:

Edit Page - Page History - Printable View - Recent Changes - WikiHelp - Search - RSS -
Page last modified on Wednesday 21 December 2005, at 21:00 GMT+8 - Viewed 925 times