A site for solving at least some of your technical problems...
Squirrel Mail: a web based tool
Submitted by Alexis Wilke on Sat, 07/09/2011 - 19:36
Ubuntu Installation
In the last few days, I've been testing SquirrelMail. It's neat. Really ugly, but neat as it is very small and still quite functional.
To install on Ubuntu, just use apt-get install as in:
apt-get install squirrelmail
The available plugins as of Ubuntu 10.04:
squirrelmail-compatibility - SquirrelMail plugin: Let other plugins work with older/newer SM versions squirrelmail-decode - SquirrelMail support for decoding exotic character sets squirrelmail-locales - Translations for the SquirrelMail Webmail package squirrelmail-lockout - SquirrelMail plugin: Disallow access to users/domains squirrelmail-logger - SquirrelMail plugin: Add logging functionality to your webmail interface squirrelmail-quicksave - SquirrelMail plugin: Auto-save messages while composing squirrelmail-secure-login - SquirrelMail plugin: Force users to use SSL encrypted connections squirrelmail-sent-confirmation - SquirrelMail plugin: display a confimation message after sending mails squirrelmail-spam-buttons - SquirrelMail plugin: Place "Spam" buttons on the mailbox message list page squirrelmail-viewashtml - SquirrelMail plugin: View mails as HTML squirrelmail - Webmail for nuts
I strongly suggest the secure log in if you have a valid SSL certificate and the logger if you have many users.
Personally I use the lockout as talked about below.
Once installed, use the squirrelmail-configure script to change the default settings. Especially, your mail server settings may be different than the defaults (i.e. not be localhost port 25.)
WebServer
The following is a setup example. The <Directory> directive is not required if index.php is one of the default indexes Apache searches for. The 443 port means use SSL. To avoid SSL, use port 80. If you want to allow both, not a problem and with the secure-login a user that typed HTTP in will be redirected to your HTTPS instead.
<VirtualHost *:443>
DocumentRoot /usr/share/squirrelmail/
ServerName squirrel.m2osw.com
<Directory "/usr/share/squirrelmail/">
DirectoryIndex index.php
</Directory>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/m2osw.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/m2osw-com.key
SSLCertificateChainFile /etc/apache2/ssl/bundle.crt
</VirtualHost>
The SSL instructions will change depending on your SSL certificate provider and some other parameters (i.e. you may need to have an IP address and port instead of "*:443".)
IMPORTANT SECURITY NOTE
If you do not change the server parameters, your local mail server will be accessible with your Unix log in name and password. This may be a security issue if you used a weak password.
Plugins
Once installed, a plugin first needs to be authorized (enabled.) This can be done with the default configuration tool:
squirrelmail-configure
Enter the Plugins area, then search for one you want to install and select it (i.e. enter its number) and hit enter.
Now the plugin is selected and thus usable.
IMPORTANT SECURITY NOTE
The plugin is immediately available. Keep that in mind if you want to change some of its configuration and that is required for security purposes...
SquirrelMail Lockout Plugin
I wanted to install the Lockout plugin to be able to enter just and only a very few users for that system.
It was advertised as such on the SquirrelMail website!
Looking at the settings, it looked pretty straight forward, except for the lockout_table.php... That one describes the settings so you can create a negative table (i.e. block a certain number of individuals) but not the opposite (a positive table letting specific people use the system,) which I use:
$reverseLockout = '##BAD_LOGIN_PAGE##';
In that case, the lockout table entries are the same, except that the redirect information, although still required, is ignored.
So for instance, to accept user John you could write something like this:
user: john ignore.com
Note that the domain name after 'john' is required if your mail server requires it. All mail servers do not work that way though. The pattern appearing as the name is an exact match to the name you use to log in.
I also suggest that you remove the PHP comment from that file.