CTS 2322 (Unix/Linux Administration II) Project #8
WebMail Service Setup

 

Due: by the start of class on the date shown on the syllabus

Description:

In this project you will configure a web mail MUA called Squirrelmail.  This will first require configuring Apache web server.

Background:

Apache Web Server

A web server accepts requests from clients (known as web browsers) for specific documents.  Usually these are text documents with HTML formatting, but may be any type of document.  In addition a web server can generate documents dynamically, as the result of running separate (external) programs or performing database lookups.

The requests include a URL which uniquely identifies a document on the internet.  A URL has several parts, including a protocol (such as http://, https://, ftp://, etc.), a web server (either an IP address or a DNS name, such as www.example.com, mail.example.com, etc.) and an optional port number (by default :80), a pathname, and optional other data.  A typical example might be http://wpollock.example.com/somedocument.html.

A URL can also point to a directory rather than a document.  In this case it is up to the web server to determine what document to return to the client.  Some possibilities include a (nicely formatted) directory listing, an error message, or some default document.  For Apache the default document is called index.html (or some variation such as index.htm or index.php).  A default web page for the top directory of the web server is called the server's home page.  This is the page you get with a URL similar to http://servername/.)  By default Apache ships with a default test homepage.  You will probably need to change that!

The requests and responses are sent via TCP using HTTP.  A request packet may include form data that the user entered on some web page that allows user input (a form), and includes a submit button.

In many cases the user needs both privacy (so no one can eavesdrop) and assurance that they are talking to your website and not some impostor.  Both of these goals are met if you use HTTPS connections.  (This will be done in a project for the Unix/Linux Security course.)

Squirrelmail

Squirrelmail is a collection of PHP generated HTML forms that can either directly access mailboxes (MBOX but not Maildir!), or more commonly use an MAA, typically IMAP.  Thus you will need to have your mail service (including IMAP) setup and working before you can setup Squirrelmail.

Although Squirrelmail can be configured to use IMAPS, the user enters usernames and passwords (and composed email) in HTML 4.0 forms.  The resulting HTTP packet is sent in plain text form to your MAA.  This is clearly a security problem!  In this assignment we will use the same server for webmail and the MAA, so no sensitive data is transmitted across a network.  In general you should only configure webmail from secure HTTPS connections.  (This will be done in a project for the Unix/Linux Security course.)

Background material, including resource links, lecture notes with step-by-step directions, and sample configuration files, can be found here.

Note!  Fedora may not have correct SELinux policy rules for Dovecot or other servers.  It is strongly suggested you make sure SELinux is run in permissive mode for this project.  One way to always boot up in permissive mode is to edit the file /etc/selinux/config and follow the comments to change the mode.

Requirements:

You may work individually or in pairs on this project.  Each student in a group must submit an identical copy of the assignment, which must include both student names.

Unlike some previous projects, the steps will not include specific commands to run.  At this point you are expected to be able to locate relevant commands and documentation using the skills you have learned.

Perform the following tasks and answer the following questions

Part I — Apache Web Server Setup

  1. Install the Apache package (httpd).
  2. Make a copy of any files you will change, for example httpd.conf as httpd.conf-original.  Make any changes needed to the Apache web server configuration.  While Apache will work out of the box, you may need to make some changes to turn on or off various features to suit your use as a webmail server.  For example there is no need to support fancy indexing, UserDirs, etc.  (In real life you would have a static IP address and DNS name, and you may want to support https://webmail.servername/.)  What changes did you make, and to which files?  (You can use diff to record the changes made.)
  3. You can test the Apache configuration with the command httpd -S.  If any errors are reported, go back and change the incorrect statements.  Repeat until no errors are detected.  (Be sure to re-run diff to accurately record the final set of changes made.)
  4. Make sure you have configured your firewall (and possibly TCP Wrappers) to allow access to your web server from localhost, port TCP/80 (and possibly TCP/443 for HTTPS).  What changed (if any) did you need to make, and to which file(s)?
  5. Check if Apache uses TCP Wrappers.  How do you do that?  If so, what changes will you make to allow access to your webmail from localhost?
  6. Start the web server.  Now examine the error log.  If any errors are reported you may need to change the configuration and then restart the server.
  7. Test the server by running any web browser with the URL http://your-server-name/.  For now your server-name is just localhost).  If you don't see the Apache test page examine the error and access logs to determine the problem(s).  Once working, make sure your web server will start automatically at boot time.  What changes did you make to have Apache start at boot time?
  8. Replace the default test homepage with an actual HTML page.  This page should contain a brief message about the acceptable use of this server (just for webmail), and a link to the correct URL to use to access Squirrelmail.  By default this is http://localhost/webmail/, which can be abbreviated as   <a href="/webmail/">webmail</a>.  Be sure the page is legal HTML (or XHTML).  You can save (with the correct name) and modify this Basic.htm web page to create a new default document for your website.  What is the pathname of the default web page?  What is the contents of your new homepage?
  9. Make sure your web servicer log files are properly rotated.  What log file(s) are used for your Apache setup?  What changes did you make to rotate them?

Part II — Squirrelmail Setup

  1. Make sure your MTA and MAA are working correctly.
  2. Install the squirrelmail package.  What other packages does this require?
  3. cd to the Squirrelmail directory (/usr/share/squirrelmail)  Here you will find the Squirrelmail configuration program, config/conf.pl.  Run this program (from the Squirrelmail directory) and record the choices you make.  (If you see a blank screen it is likely the text color is the same as the background color.  Use the command C (and hit enter) to turn off colors.)
  4. Start your configuration by choosing the Dovecot pre-configuration.  Then browse the other menus and make any additions or changes you wish.  What changes did you make?
  5. Once installed you should test Squirrelmail.  Using any web browser, view the URL of 
    http://server-name/webmail/src/configtest.php

    (Where you can use localhost for server-name.)  That will run some tests and at the bottom of the page report the results, hopefully that your configuration is working.  If not, re-run the configuration program and change the incorrect setting(s).  Repeat until this works.  Don't forget to record all configuration changes as you make them!

  6. Now use your Squirrelmail web MUA to read and send some email.  Verify the link you added to your homepage works properly.
  7. What log file(s) does Squirrelmail use (if any)?  What change(s) did you make to ensure Squirrelmail's log file(s) are rotated?

To be turned in:

A copy of your journal pages showing the changed made for this project, and the answers to the questions asked above.  You can send as email to (preferred).  If email is a problem for some reason, you may turn in a hard-copy.  In this case the pages should be readable, dated, and stapled together.  Your name should appear on the first page. 

Don't turn in your whole journal, you will need to add to it every day in class!  It is common in fact to keep the journal as a text file on the system (with a paper backup of course).

Please see your syllabus for more information about submitting projects.