Installing SquirrelMail

SquirrelMail may be installed either though a package or directly from source. While no source code compilation takes place in either method, upgrades are made easier using the packages.

Many of the various Linux and Unix distributions include the SquirrelMail package. Install the appropriate package from your distribution to use the binary method. On many Linux distributions, this may be an RPM file that begins with squirrelmail….

However, an updated version of SquirrelMail may not be included or available for your specific distribution.

The following are the advantages of using the version of SquirrelMail provided with a Linux distribution:

• It will be very simple to install SquirrelMail.
• It will require much less configuration as it will be configured to use the standard locations chosen by your Linux distributer.
• Updates will be very easy to apply, and migration issues may be dealt with by the package management system.

The following are the disadvantages of using the version of SquirrelMail provided with a Linux distribution:

• It may not be the latest version. For example, a more recent version that may fix a security vulnerability may have been released, but Linux distributors may not have created a new package yet.
• Sometimes Linux distributions alter packages by applying patches. These patches may affect the operation of the package, and may make getting support or help more difficult.

Source installation

If you do not install SquirrelMail through your distribution, you will need to obtain the appropriate tarball. To do so, visit the SquirrelMail website at http://www.squirrelmail.org , and click download it here. At the time of writing, this link is http://www.squirrelmail.org/download.php

There are two versions available for download, a stable version and a development version. Unless you have specific reasons for choosing otherwise, it is generally best to choose the stable version. Download and save this file to an intermediate location.

$ cd /tmp
$ wget http://squirrelmail.org/countdl.php?fileurl=http://prdownloa
ds.sourceforge.net/squirrelmail/squirrelmail-1.4.19.tar.gz

Next, unpack the tarball (.tar.gz) file. You may use the following command:

$ tar xfz squirrelmail-1.4.19.tar.gz

Move the folder just created to your web root folder. This is the directory from which Apache serves pages. In this case, we will assume that /var/www/html is your web root. We will also rename the clumsy squirrelmail-1.4.3a folder to a more simple mail folder. You will need to have superuser root privileges in order to do this on most systems.

# mv squirrelmail-1.4.19 /var/www/html/mail
# cd /var/www/html/mail

Here we have used the name mail, so the URL that users will use will be http://www.sitename.com/mail. You can choose another name, such as webmail,and use that directory name instead of mail in the commands that you enter.

It is also useful and secure to create a data directory for SquirrelMail that is outside the main web root, so that this folder will be inaccessible from the Web.

# mv /var/www/html/mail/data /var/www/sqmdata

It is important to make this newly created folder writable by the web server. To be able to do this, you must know the user and group that your web server runs under. This may be nobody and nobody, apache and apache, or something else. You will want to verify this; it will be listed in your httpd.conf file as the User and Group entries.

# chown -R nobody:nobody /var/www/sqmdata

Finally, we will create a directory to store attachments. This directory is special in that, although the web server should have write access to write the attachments, it should not have read access. We create this directory and assign the correct permissions with the following commands:

# mkdir /var/www/sqmdata/attachments
# chgrp -R nobody /var/www/sqmdata/attachments
# chmod 730 /var/www/sqmdata/attachments

SquirrelMail has now been properly installed. All of the folders have been set up with correct permissions that will secure intermediate files from prying eyes.

If a user aborts a message that contains an uploaded attachment,the attachment file on the web server will not be removed. It is a goodpractice to create a cron job on the server that erases excess files fromthe attachment directory. For example, create a file called remove_orphaned_attachments and place it in the /etc/cron.dailydirectory. Edit the file to have these lines:#!/bin/sh#!/bin/shrm `find /var/www/sqmdata/attachments -atime +2 | grep -v"."| grep -v _`This will run daily and search the SquirrelMail attachments directory forfiles which are orphaned, and delete them.

Configuring SquirrelMail

SquirrelMail is configured through the config.php file. To aid the configuration, a conf.pl Perl script has also been provided. These files are located within the config/ directory in the base installation directory.

# cd /var/www/html/mail/config
# ./conf.pl

Once you have run this command, you should see the following menu:

To select an item from the menu, enter the appropriate letter or number, followed by the Enter key. As SquirrelMail has been developed, it has been noticed that IMAPservers don't always behave in the same way. To get the most out of your setup, you should tell SquirrelMail which IMAP server you are using. To load a default configuration for your IMAP server, enter the D option and type the name of the IMAP server that you have installed. This article covers the Courier IMAP server, so you should choose that. Press Enter again, and you will return to the main menu.

We will be moving through the various subsections of the menu and configuring the appropriate options.

Type 1 and then press Enter to select the Organization Preferences. You will get a list of items you can change. You may wish to edit the Organization Name, Organization Logo, and Organization Title fields. Once you have modifi ed these to your satisfaction, enter R to return to the main menu.

After this, type 2 to visit the Server Settings. This allows you to set the IMAP server settings. It is important that you update the Domain field to the proper value.

In our case, the Update IMAP Settings and Update SMTP Settings values should be correct. If you would like to use an IMAP or SMTP server that is located on a different machine, you may wish to update these values.

Press R followed by the Enter key to return to the main menu.

Next, type 4 to visit the General Options. You will need to modify two options in this section.

• Data Directory to be /var/www/sqmdata.
• Attachment Directory to be /var/www/sqmdata/attachments.
• Type in R followed by the Enter key to return to the main menu. Enter S followed by the Enter key twice to save the settings to the configuration file. Finally, enter Q followed by the Enter key to exit the configuration application.

We have finished configuring the SquirrelMail settings needed for basic operation. You may return to this script at any time to update any settings you have set. There are many other options to set, including those regarding themes and plugins.

SquirrelMail plugins

Plugins are pieces of software that extend or add functionality to a software package. SquirrelMail was designed from the ground up to be very extensible, and includes a powerful plugin system. Currently, there are over 200 different plugins available on the SquirrelMail website. They may be obtained at http://www.squirrelmail.org/ plugins.php.

The functionality they provide includes administration tools, visual additions, user interface tweaks, security enhancements, and even weather forecasts. In the following section, we will first go over how to install and configure a plugin. After that, we'll go over some useful plugins, what they do, how to install them, and more.

Installing plugins

These SquirrelMail additions were designed to be simple to set up and configure. In fact, the majority of them follow exactly the same installation procedure. However, a few require custom setup instructions. For all plugins, the installation process is as follows:

1. Download and unpack the plugin.
2. Perform custom installation if needed.
3. Enable the plugin in conf.pl.

Example plugin installation

In this section, we will go over the installation of the Compatibility plugin. This plugin is required in order to install plugins created for older versions of SquirrelMail. No matter how bare-bones your installation, the Compatibility plugin will most likely be part of your setup.

Downloading and unpacking the plugin

All available plugins for SquirrelMail are listed on the SquirrelMail website at http://www.squirrelmail.org/ plugins.php.

Download tarball to your SquirrelMail plugin directory.

# cd /var/www/mail/plugins
# wget http://squirrelmail.org/countdl.php?fileurl=http://www.
squirrelmail.org/plugins/compatibility-2.0.14-1.0.tar.gz

Once you have downloaded the plugin to the plugins directory, unpack it using the following command:

# tar zxvf compatibility-2.0.14-1.0.tar.gz

If a plugin of the same name has already been installed, its  files may be overwritten. Verify that you either do not have a plugin of the same name, or save the files before you unpack the tarball.

Set up, maintain, and secure a small office email server Covers all the information you need to easily set up your own Linux email server Learn how to provide web access to email, virus and spam protection, and more Thoroughly covers open source tools like PostFix, Courier, SpamAssassin, and ProcMail A step-by-step approach where the reader is taken through examples with ample screenshots and clear explanations to facilitate learning http://www.packtpub.com/linux-email-2nd-edition/book

Performing custom installation

The current version of the Compatibility plugin does not require any additional configuration. However, you should always check the documentation for a plugin, as certain other plugins may require custom installation. Once you have unpacked the plugin package, the installation instructions will be listed in the INSTALL file within the newly created plugin directory. It is advisable to check the installation instructions before enabling the plugin in the configuration manager, as some plugins may require custom configuration.

Enabling the plugin in conf.pl

Within the main menu of the configuration editor, option number 8 is used to configure and enable plugins. Start conf.pl and select option 8.

# cd /var/www/mail/plugins
# cd ../config
# ./conf.pl
SquirrelMail Configuration : Read: config_default.php (1.4.0)
---------------------------------------------------------
Main Menu --
[...]
7. Message of the Day (MOTD)
8. Plugins
9. Database
[...]
Command >>

You should get the following display when you select this option for the first time:

All the plugins that have been installed and enabled are listed under the Installed Plugins list. All the plugins that have been installed but not enabled are listed under the Available Plugins list.

Once you have unpacked a plugin within the plugins/ directory, it will show up under Available Plugins. As you can see in the previous figure, there are a number of installed plugins, but none of them are enabled. As a malfunctioning or wrongly configured plugin can cause SquirrelMail to stop functioning properly, it is advisableto enable plugins one by one, and verify that SquirrelMail works after each one. To enable the Compatibility plugin, locate it in the list Available Plugins (in this case, number 4) and press the Enter key. The Compatibility plugin is now installed. Plugins can be disabled by locating them in the Installed Plugins list and entering their number and pressing Enter.

Useful plugins

We'll now see some useful SquirrelMail plugins that you may consider installing.

The information has been compiled to provide a helpful reference while deciding whether to install a plugin. Each plugin contains four specific categories:

• C ategory: The category in which the plugin is listed on the SquirrelMail site
• Authors: Authors who wrote the plugin, in chronological order
• Description: A short description of the plugin's functionality
• Requirement: A list of prerequisites for the plugin's successful installation

Many other plugins exist that handle vacation messages, calendars, shared calendars, notes, to-do lists, exchange server integration, bookmarks, weather information, and much more. Check the Plugins section in the SquirrelMail website for all of the available plugins.

Securing SquirrelMail

The SquirrelMail package, in and of itself, is fairly secure. It is well written and does not require JavaScript to function. However, there are a few precautions that may be taken to allow SquirrelMail to run as a secured mail handling solution.

• Have an SSL connection: By using an SSL connection, you may be certain that all communications will be encrypted, and so usernames, passwords, and confidential data cannot be intercepted during transmission. This may be accomplished through the installation of the Secure Login plugin. Obviously a web server configured for secure SSL access will also be required; certificates will most likely need to be generated or acquired.
• Time out inactive users: Users may leave themselves logged in and neglect to log out once they are finished. To fight this, inactive users should be logged out after a certain amount of time. The Timeout User plug-in accomplishes this .
• Fight "Remembered Passwords": Many modern-day browsers offer to remember a user's password. Although a convenience, this may be a large security vulnerability, especially if the user is located at a public terminal. To fight this, install the Password Forget plugin. This plugin will change the names in the username and password input fields, to make it more difficult for a browser to suggest them to future users.
• Do not install security-compromising plugins: Plugins such as Quick Save, HTML Mail, and View As HTML may compromise security.

Summary

Now that you've finished this article, you should have a working SquirrelMail installation as well as a greater understanding of the benefits and disadvantages of a webmail solution. You should be familiar with the benefits and drawbacks of a webmail solution. The benefits include remote access, a single central point to be maintained, and simpler testing; while disadvantages include potential performance problems and the security risk of allowing remote access from potentially compromised computers.

You are now aware of the main features of SquirrelMail, including its flexibility and the availability of plugins, along with what the prerequisites for installing SquirrelMail are, and how to identify if they are already installed.

You also have learned how to configure SquirrelMail, including locating, installing, and configuring plugins. You have been walked through the installation of a key plugin; the Compatibility plugin. Several other useful plugins have also been introduced. Finally, you have learned about some ways to improve the security of SquirrelMail, including web server confi guration and some appropriate plugins.

If you have read this article you may be interested to view :

• Linux E-mail: Busting Spam with SpamAssassin
• Linux E-mail: Customizing SpamAssassin

Set up, maintain, and secure a small office email server Covers all the information you need to easily set up your own Linux email server Learn how to provide web access to email, virus and spam protection, and more Thoroughly covers open source tools like PostFix, Courier, SpamAssassin, and ProcMail A step-by-step approach where the reader is taken through examples with ample screenshots and clear explanations to facilitate learning http://www.packtpub.com/linux-email-2nd-edition/book

About the Author

Alistair McDonald is a software developer and IT consultant. He has worked as a freelancer in the UK for 15 years, developing cross-platform software systems in C, C++, Perl, Java, and SQL. He has been using open source software for over 20 years and implementing systems using it for the past 10 years.

Last year, he gave up his freelance career and joined JDA Software, working in a technical role in their Service Industries division.

Alistair is also the author of the book SpamAssassin: A practical guide to integration and configuration, published by Packt .