Grab the latest source from www.squirrelmail.org. Stuff the tar file in a directory and untar it:
tar -xvzf squirrelmail-1.4.10a.tar.gz
Run the config script to set SquirrelMail up with local options:
cd squirrelmail-1.4.10a
config/conf.pl
You might want to change the organization name, provider name and URL (under "Organiztion Preferences"), domain name (under "Server Settings"), and the data and attachment directories (under "General Options"). The data directory can be changed to a relative directory so that it is relative to wherever you install SquirrelMail (e.g. "data/"). The attachment directory should be changed to "/tmp/" or "/var/spool/squirrelmail/attach/".
If you are using one of the well-known IMAP servers (e.g. Dovecot), you should select the appropriate presets from the "Set pre-defined settings for specific IMAP servers" item and then select the IMAP server you'll be using (e.g. "Dovecot"). This can save you a world of hurt later on.
Note that you may have to actually edit config/config.php to set some of the values to what you really want. For example, later versions of conf.pl seem to want to put "config/" on the front of "data/", erroneously giving "config/data/" instead of what you specified. Also, in earlier versions of SquirrelMail, it used to be sufficient to change provider name to get your organization's name to show up on the login page but now it appears that you must change both organization name and provider name.
As super user, copy the untarred/set-up directory to the install directory. For example:
mkdir /usr/share/squirrelmail
cp -r * /usr/share/squirrelmail
Set the permissions on the data directory so that it is accessible by the Web servitron:
chgrp apache /usr/share/squirrelmail/data
chmod g+w /usr/share/squirrelmail/data
If need be (i.e. if you didn't choose "/tmp"), set the permissions on the attach directory so the Web servitron can add to it but not see it:
mkdir /var/spool/squirrelmail
mkdir /var/spool/squirrelmail/attach
chgrp apache /var/spool/squirrelmail/attach
chmod g=wx,o= /var/spool/squirrelmail/attach
Possibly, set up Apache to get to SquirrelMail from a special port.
/etc/httpd/conf/httpd.conf:
Add a special port for SquirrelMail to the Apache config file. This port will allow users to logon directly to SquirrelMail, through the port of by aiming DNS at the special port when the domain is resolved. For example:
webmail.mydom.com --> www.mydom.com:8580/
Here is a snipped from an Apache config file that defines the SquirrelMail port, etc.
##
## SquirrelMail Virtual Host Context
##
Listen 8580
<VirtualHost default:8580>
#
# Document root directory for SquirrelMail html.
#
DocumentRoot "/usr/share/squirrelmail"
<Directory "/usr/share/squirrelmail">
Options +Includes
</Directory>
#
# Directories defined in the main server that we don't want people to see
# under this port.
#
Alias /manual "/usr/share/squirrelmail/limbo"
Alias /doc "/usr/share/squirrelmail/limbo"
</VirtualHost>
To run SquirrelMail, you will need an IMAP server to allow it to read and manipulate the mailboxes. Many installations use the Cyrus IMAP Server for this job. On the later versions of Linux, it even comes pre-installed or can be automatically installed by the package manager, thereby obviating the need to install it by hand. We include notes on how to install Cyrus, just in case you haven't yet had your daily dose of goat fu*king today and you wish to get it now.
But, before you begin, bear in mind a couple of things. Cyrus is an-IMAP only solution. It has its own mail box structure and it cannot read the standard mbox format used on Linux. You will have to convince your MTA to send it email directly so that it can store the messages itself, in its mail box directories. Furthermore, once you go through all of the security bullshit necessary to get it working, you will have spent a couple of days dicking around. Installing and configuring Cyrus is no walk in the park (if you still want to give it a shot, see the Cyrus IMAP section below).
For this reason, many people use Dovecot or the UW-IMAP server. Dovecot is frequently mentioned as being easy to install. It too usually comes pre-installed or available through the package manager on modern Linuxi. Plus, it can read and index mbox-format mailboxes, apparently with great success. Any wonder it is a popular choice for newer systems?
The UW-IMAP server can be found pre-installed on older systems (such as RedHat 8), which are now becoming past history. It was a good product and we miss it. It is still available and can still be installed but most people, as we said, use Dovecot now (which would you rather have, working or a goat fu*k).
If your system's package manager doesn't allow you to install the package on the system, here are the steps to set up Dovecot from source (which can be downloaded from www.dovecot.org/download.html):
tar -xvzf dovecot-1.1.11.tar.gz
Follow the usual steps to build Dovecot:
cd dovecot-1.1.11
./configure --prefix=/usr --sysconfdir=
make
Install Dovecot on your system:
su
make install
If you'll be using sieve, get the plugin source from the Dovecot site and build it:
tar -xvzf dovecot-sieve-1.1.6.tar.gz
Follow the usual same series of steps to build the sieve:
cd dovecot-sieve-1.1.6
./configure --prefix=/usr --sysconfdir=
make
Then, install the sieve on your system:
su
make install
/etc/dovecot.conf, /etc/dovecot/dovecot.conf or /usr/local/etc/dovecot.conf:
If you used "--sysconfdir=", above, the configuration file for Dovecot is found in /etc/dovecot.conf. If you installed Dovecot with the system's package manager, the configuration file is probably /etc/dovecot/dovecot.conf. Otherwise, it is likely to be /usr/local/etc/dovecot.conf. You may need to begin by copying it from the example file, for instance /usr/local/etc/dovecot-example.conf. Edit the file to look something like this:
# Working directory.
base_dir = /var/run/dovecot/ # Restating the obvious
# For the promiscuous at heart, with no secure protocols.
protocols = imap pop3
disable_plaintext_auth = no
ssl_disable = yes
# Or, for the security-minded, with regular + secure protocols.
protocols = imap imaps pop3 pop3s
disable_plaintext_auth = yes
ssl_disable = no
# Logging where its supposed to be (don't forget logrotate).
log_path = /var/log/dovecot
# Login handling.
login_dir = /var/run/dovecot/login # More restating the obvious
login_chroot = yes
login_user = dovecot
# To use Mbox format, set the mail location as follows:
mail_location = mbox:~/mail:INBOX=/var/mail/%u
# If you're into debugging (who isn't):
mail_debug = yes
auth_debug = no # Unless you really need it
# Authorization methods.
auth default {
user = root # Required for PAM or shadow passwd
}
The defaults should work for the rest of the options.
/etc/rc.d/init.d/dovecot:
You will need a startup script to start Dovecot when your system boots up. Typically, the package manager will install one but, if it doesn't, here's an example of one you can add (cribbed from CentOS) as /etc/rc.d/init.d/dovecot:
#!/bin/bash
#
# /etc/rc.d/init.d/dovecot
#
# Starts the dovecot daemon
#
# chkconfig: - 65 35
# description: Dovecot Imap Server
# processname: dovecot
# Source function library.
. /etc/init.d/functions
test -x /usr/sbin/dovecot || exit 0
RETVAL=0
prog="Dovecot Imap"
start() {
echo -n $"Starting $prog: "
daemon /usr/sbin/dovecot
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dovecot
echo
}
stop() {
echo -n $"Stopping $prog: "
killproc /usr/sbin/dovecot
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/dovecot
echo
}
#
# See how we were called.
#
case "$1" in
start)
start
;;
stop)
stop
;;
reload|restart)
stop
start
RETVAL=$?
;;
condrestart)
if [ -f /var/lock/subsys/dovecot ]; then
stop
start
fi
;;
status)
status /usr/sbin/dovecot
RETVAL=$?
;;
*)
echo $"Usage: $0 {condrestart|start|stop|restart|reload|status}"
exit 1
esac
exit $RETVAL
You will need to add this script to the startup sequence, for example like this:
su
chkconfig --add dovecot
chkconfig dovecot on
Either start the service manually (from the Services panel or from the comand line) or reboot the machine to make sure that everything comes up OK at boot time.
To verify the configuration of a running dovecot server, try:
/usr/sbin/dovecot -n
You can check that Dovecot is doing IMAP and POP3 properly by telnetting to the respective service ports (in this case IMAP):
telnet localhost 143
Should produce output something like this (the commands "login", "select" and "logout", including the periods, were typed by the user):
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Dovecot ready.
. login joeuser SecretPass
. OK Logged in.
. select INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \)] ...
* 260 EXISTS
* 0 RECENT
* OK [UNSEEN 1] First unseen.
* OK [UIDVALIDITY 1234723003] UIDs valid
* OK [UIDNEXT 261] Predicted next UID
. OK [READ-WRITE] Select completed.
. logout
* BYE Logging out
. OK Logout completed.
To test POP3:
telnet localhost 110
The output Should look something like this (the commands "USER", "PASS", "STAT", and "QUIT" were typed by the user):
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
USER joeuser
+OK
PASS SecretPass
+OK Logged in.
STAT
+OK 260 10682624
QUIT
+OK Logging out.
/etc/logrotate.d/dovecot:
To prevent Dovecot's logfiles from filling up all of the available disk
space, you should add a config file to rotate them, to the logrotate config
directory /etc/logrotate.d:
/var/log/dovecot {
missingok
notifempty
}
Once you have everything up and running, if you want to test the SquirrelMail configuration, try this URL:
http://your-squirrelmail-host/src/configtest.php
If you are paranoid about entering passwords for a real account via a Web UI (as you should be), create a dummy account, that is used only for SquirrelMail, for all SquirrelMail users:
/usr/sbin/useradd -c "SquirrelMail Web mail account" -m -s /sbin/nologin
xymail
passwd xymail
Delete all "." files in the new home directory:
rm -f /home/xymail/.ba /home/xymail/.em /home/xymail/.gt*
Add a line in /etc/crontab to copy the user's regular email file to the SquirrelMail account:
/etc/crontab:
Schedule the copy to the user's SquirrelMail spool directory as needed:
# Mirror local mail accounts so that Webmail may securly access mail
# without revealing actual logon accounts.
10,40 * * * * root /bin/cp --reply=yes /var/spool/mail/xyuser \
/var/spool/mail/xymail >/dev/null 2>&1
Finally, if you have sent mail folders that were in use under another IMAP server (e.g. UW-IMAP), you can try copying them to the Dovecot directories. In general, you want to do something like this:
cp /home/joeuser/INBOX.Sent /home/joeuser/mail/Sent
When you try opening the sent folder with the Squirrel, it will windge about not being able to open it. Take a look in the Dovecot log, where you'll see something like:
dovecot: Feb 15 14:32:50 Error: IMAP(joeuser): UIDVALIDITY changed
(1234726067 -> 1141943958) in mbox file /home/joeuser/mail/Sent
Now, open up the "Sent" file with your trusty text editor. You'll see something like this:
From MAILER-DAEMON Wed Sep 17 02:00:25 2008
Date: 17 Sep 2008 02:00:25 -0400
From: Mail System Internal Data <MAILER-DAEMON@your-squirrelmail-host>
Subject: DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA
Message-ID: <1221631225@your-squirrelmail-host>
X-IMAP: 1141943958 0000000131
Status: RO
Change the "X-IMAP" line to match the first number in the error message, like this:
X-IMAP: 1234726067 0000000131
Save the file from the text editor and try opening the folder again, with the Squirrel. You should be in business.