This page is part of the EmailServer article.

SquirrelMail web interface

SquirrelMail is the webmail interface that comes preloaded with Fedora.
If it's not installed, just use yum install squirelmail to get it. You will also of course need Apache and make sure that your firewall has port 80 (http) and 443 (https) open.

Make sure Apache is running service httpd start. SquirrelMail is available out of the box from http://mail.example.com/webmail/.

By default, SquirrelMail is not accessible from https, and since our server will only be for mail, there is not need for appending the /mail at the end of the URL, so we need to fix those shortcomings.

First get the original SquirrelMail Apache config file out of the way:

# cd /etc/httpd/conf.d/
# mv squirrelmail.conf squirrelmail.OLD

Then edit the /etc/httpd/conf.d/ssl.conf and add the following between the existing <Virtualhost> tags, then append the URL rewrite rules:

<VirtualHost _default_:443>
  ...
  DocumentRoot "/usr/share/squirrelmail"
  ServerName mail.example.com
  <Directory /usr/share/squirrelmail>
    AllowOverride None
    Options ExecCGI
    Order allow,deny
    Allow from all
  </Directory>
  ...
</Virtualhost>

RewriteEngine   on
# Log the rewrites, just in case we need to debug (increase leve for verbosity)
RewriteLog      "/var/log/httpd/rewrite_log"
RewriteLogLevel 0

RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(mail\..*)$ [NC]
RewriteRule (^.*$)   https://%1 [L,R]

RewriteCond %{HTTP_HOST} ^webmail\.(.*)$ [NC]
RewriteRule (^.*$)   https://mail.%1 [L,R]

Now make sure that Apache will start at boot and start the service for now:

# chkconfig --levels 235 httpd on
# service httpd start

Using Sub-domains

As recommended earlier, use a DNS provider such as ZoneEdit to manage your domain and sub-domains.
I often use sub-domains to alias an existing sub-domain; for instance, our server is mail.example.com, but I also create a webmail.example.com so users wanting to access their webmail can intuitively do so.

You should be able to access your email from anywhere securely through http://mail.example.com/.
Requests to the web server wil be transformed as such :

  • http://mail.example.com
    -> https://mail.example.com
  • webmail.example.com (whether http or https)
    -> https://mail.example.com

Note: https connections require a digital certificate registered with a known authority. The certificate is only valid for one website and one IP address and you need to pay for it. If you don;t have a certificate, your users will receive a warning when trying to access the site. You will have to tell them not to worry about that if you don't want or can't have a certificate (if you're using dynamic IP for instance). The certificate is only necessary to confirms that the site using is really who it pretends to be, it doesn't affect the fact that communications are encrypted.

< ClamAV | EmailServer | Firewall >

Leave your comments below
Enter your comment (no links allowed): Author:

Design by N.Design Studio, adapted by solidGone.org (version 1.0.0)
Powered by pmwiki-2.2.0-beta65