SquirrelMail Installation for Debian 7
From Andreida
SquirrelMail
WebMail behind Apache2 authentication depending on logins
- install it
apt-get install squirrelmail squirrelmail-secure-login squirrelmail-compatibility squirrelmail-decode wngerman wamerican-large php-gettext php-xml-parser aspell spellutils emacsen-common php5-mhash aspell-doc ispell php5-common libapache2-mod-authnz-external
- check /usr/share/squirrelmail/plugins/secure_login/functions.php ca. line 391, look for code like
if ( $serverPort == $targetHttpsPort && $secure_logoff_count == 0)
below that look for
$location = 'http:// ....
If you find it, replace it with https. (It seems to be fixed in certain versions)
$location = 'https:// ....
- call /etc/squirrelmail/conf.pl
Options you will definitely need to check are: (use ports 25 and 143)
(Options are listed by main menu, then sub menu number. So "1 1" refers to option 1, sub option 1. And so on.)
- 1 1 - Set your own organisation name.
- 2 3 - SMTP
- 2 A 4 - localhost
- 2 A 5 - 143
- 2 A 6 - login
- 2 A 7 - false (we are local, if not, use true)
- 2 A 8 - dovecot
Apache
link to /var/www
cd /var/www ln -s /usr/share/squirrelmail
in /etc/apache2/ports.conf
- disable all ports but 431 which depends on a module
- activate the module
cd /etc/apache2/mods-enabled/ ln -s ../mods-available/ssl.load ln -s ../mods-available/ssl.conf
- enable authnz_external the easy way (both ways have the same result: a link)
a2enmod authnz_external
in /etc/apache2/sites-available/110-squirrel-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName mail.yourdomain.de
Alias /var/www/squirrelmail /usr/share/squirrelmail
DocumentRoot /usr/share/squirrelmail/
<Directory /usr/share/squirrelmail>
Options Indexes FollowSymLinks
<IfModule mod_php4.c>
php_flag register_globals off
</IfModule>
<IfModule mod_php5.c>
php_flag register_globals off
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
</Directory>
SSLEngine on
SSLCertificateFile /etc/exim4/exim.crt
SSLCertificateKeyFile /etc/exim4/exim.key
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
<Location />
AuthBasicProvider external
AuthExternal pwauth
AuthName your-domain
AuthType basic
Require valid-user
</Location>
</VirtualHost>
</IfModule>
- enable it
cd cd /etc/apache2/sites-enabled/ ln -s ../sites-available/110-squirrel-ssl.conf
- remove the default
rm 000-default
- restart apache
/etc/init.d/apache2 restart
- allow https in your firewall
for example firehol:
server https accept
Plugins
- get new plugins from [1] and unzip them to /usr/share/squirrelmail/plugins/
and activate them with
/etc/squirrelmail/conf.pl
Check in /etc/php5/apache2/php.ini:
- post_max_size
- upload_max_filesize
