FreeBSD How-To: Postfix + SMTP TLS Auth + Dovecot IMAPs, POP3s + Squirrelmail-ssl + ClamAV + Anti Spam with bogofilter and procmail

7. Install webmail (squirrelmail)

cd /usr/ports/www/apache13-modssl
make install clean
add apache_enable="YES" to /etc/rc.conf

cd /usr/ports/mail/squirrelmail
make install clean

(it should compile mod_php4.. if it doesnt, compile it from ports)

cd /usr/local/www/squirrelmail
./configure

Change your organization preferences, logo etc.. in server settings, localhost, IMAP and sendmail can be setup.

8. Configure secure webmail

cd /usr/local/etc/apache
nano httpd.conf

In the end you will find this example for SSL config

<IfDefine SSL>

<VirtualHost _default_:443>

DocumentRoot "/usr/local/www/data"
ServerName new.host.name
ServerAdmin you@your.address
ErrorLog /var/log/httpd-error.log
TransferLog /var/log/httpd-access.log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/etc/apache/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/server.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog /var/log/ssl_request_log \
"%t %h %SSL_PROTOCOLx %SSL_CIPHERx \"%r\" %b"

</VirtualHost>
</IfDefine>

Change it to read as

<IfDefine SSL>

<VirtualHost _default_:443>

DocumentRoot "/usr/local/www/squirrelmail"
ServerName mail.example.com
ServerAdmin admin@example.com
ErrorLog /var/log/httpd-error.log
TransferLog /var/log/httpd-access.log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/dovecot.pem
SSLCertificateKeyFile /etc/ssl/private/dovecot.pem

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog /var/log/ssl_request_log \
"%t %h %SSL_PROTOCOLx %SSL_CIPHERx \"%r\" %b"

</VirtualHost>
</IfDefine>

Again make sure you have the right path and name for the cert and key files

Prev SB04 Next SB06

BSD Inn - SB05