This page is part of the EmailServer article.
SquirrelMail web interface
SquirrelMail is the webmail interface that comes preloaded with Fedora.
If it's not installed, just use yum install squirelmail to get it. You will also of course need Apache and make sure that your firewall has port 80 (http) and 443 (https) open.
Make sure Apache is running service httpd start. SquirrelMail is available out of the box from http://mail.example.com/webmail/.
By default, SquirrelMail is not accessible from https, and since our server will only be for mail, there is not need for appending the /mail at the end of the URL, so we need to fix those shortcomings.
First get the original SquirrelMail Apache config file out of the way:
# mv squirrelmail.conf squirrelmail.OLD
Then edit the /etc/httpd/conf.d/ssl.conf and add the following between the existing <Virtualhost> tags, then append the URL rewrite rules:
...
DocumentRoot "/usr/share/squirrelmail"
ServerName mail.example.com
<Directory /usr/share/squirrelmail>
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
...
</Virtualhost>
RewriteEngine on
# Log the rewrites, just in case we need to debug (increase leve for verbosity)
RewriteLog "/var/log/httpd/rewrite_log"
RewriteLogLevel 0
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(mail\..*)$ [NC]
RewriteRule (^.*$) https://%1 [L,R]
RewriteCond %{HTTP_HOST} ^webmail\.(.*)$ [NC]
RewriteRule (^.*$) https://mail.%1 [L,R]
Now make sure that Apache will start at boot and start the service for now:
# service httpd start
|
Using Sub-domains |
|
As recommended earlier, use a DNS provider such as ZoneEdit to manage your domain and sub-domains. |
You should be able to access your email from anywhere securely through http://mail.example.com/.
Requests to the web server wil be transformed as such :
- http://mail.example.com
-> https://mail.example.com - webmail.example.com (whether http or https)
-> https://mail.example.com
Note: https connections require a digital certificate registered with a known authority. The certificate is only valid for one website and one IP address and you need to pay for it. If you don;t have a certificate, your users will receive a warning when trying to access the site. You will have to tell them not to worry about that if you don't want or can't have a certificate (if you're using dynamic IP for instance). The certificate is only necessary to confirms that the site using is really who it pretends to be, it doesn't affect the fact that communications are encrypted.
< ClamAV | EmailServer | Firewall >