Content

• Install Squirrelmail
  • Creating an Apache Configuration
• Installing ISPConfig 3
• Closing thoughts
• Download virtual machine
• Navigation

Install Squirrelmail

First, install Squirrelmail below apt-get command:

apt-get -y install squirrelmail

Then configure:

squirrelmail-configure

This will bring up a text menu with several steps to choose from:

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1.  Organization Preferences
2.  Server Settings
3.  Folder Defaults
4.  General Options
5.  Themes
6.  Address Books
7.  Message of the Day (MOTD)
8.  Plugins
9.  Database
10. Languages

D.  Set pre-defined settings for specific IMAP servers

C   Turn color on
S   Save data
Q   Quit

Command >>

Select "D" then enter.

SquirrelMail Configuration : Read: config.php
---------------------------------------------------------
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don't work so
well with others.  If you select your IMAP server, this option will
set some pre-defined settings for that server.

Please note that you will still need to go through and make sure
everything is correct.  This does not change everything.  There are
only a few settings that this will change.

Please select your IMAP server:
    bincimap    = Binc IMAP server
    courier     = Courier IMAP server
    cyrus       = Cyrus IMAP server
    dovecot     = Dovecot Secure IMAP server
    exchange    = Microsoft Exchange IMAP server
    hmailserver = hMailServer
    macosx      = Mac OS X Mailserver
    mercury32   = Mercury/32
    uw          = University of Washington's IMAP server
    gmail       = IMAP access to Google mail (Gmail) accounts

    quit        = Do not change anything
Command >>

Here "dovecot" and then enter. This will list the current IMAP settings, press enter here to continue. Then we get back to the main menu:

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1.  Organization Preferences
2.  Server Settings
3.  Folder Defaults
4.  General Options
5.  Themes
6.  Address Books
7.  Message of the Day (MOTD)
8.  Plugins
9.  Database
10. Languages

D.  Set pre-defined settings for specific IMAP servers

C   Turn color on
S   Save data
Q   Quit

Command >>

Here Save "S" and then enter. It then prints that you have saved the data to a file named config.php, then enter.

Finally the main menu will come back, exit with "Q".

Creating an Apache Configuration

To make everything (ISPConfig created in the control panel) to access the webpage, we need to create one Apache config, where we configure aliases, among other things. For example, we will be able to access the server www.xyz.hu/webmail vagy www.xyz.hu/squirrelmail libraries.

Squirrelmail already has an Apache configuration file: /etc/squirrelmail/apache.confbut is not currently loaded by Apache because it is not yet in the right place (/ Etc / apache2 / conf-enabled /). So now we create one symbolic link in the destination location pointing to the physical configuration file:

cd /etc/apache2/conf-enabled/
ln -s /etc/squirrelmail/apache.conf squirrelmail.conf

Then restart Apache a Service command:

service apache2 reload

Open the config file:

nano /etc/apache2/conf-enabled/squirrelmail.conf

And let’s add the next few lines to provide SquirrelMail with mod_php and its proper settings, regardless of what PHP mode we set up for that particular website, from which we just access the webmail. So insert the following lines into the config file with " "immediately after the line:

    AddType application/x-httpd-php .php
    php_flag magic_quotes_gpc Off
    php_flag track_vars On
    php_admin_flag allow_url_fopen Off
    php_value include_path .
    php_admin_value upload_tmp_dir /var/lib/squirrelmail/tmp
    php_admin_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail:/var/lib/squirrelmail:/etc/hostname:/etc/mailname

Then your config file should look like this (without the commented sections at the end):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Alias /squirrelmail /usr/share/squirrelmail
 
<Directory /usr/share/squirrelmail>
  Options FollowSymLinks
  <IfModule mod_php5.c>
    AddType application/x-httpd-php .php
    php_flag magic_quotes_gpc Off
    php_flag track_vars On
    php_admin_flag allow_url_fopen Off
    php_value include_path .
    php_admin_value upload_tmp_dir /var/lib/squirrelmail/tmp
    php_admin_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail:/var/lib/squirrelmail:/etc/hostname:/etc/mailname
    php_flag register_globals off
  </IfModule>
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>
 
  # access to configtest is limited by default to prevent information leak
  <Files configtest.php>
    order deny,allow
    deny from all
    allow from 127.0.0.1
  </Files>
</Directory>

Then create a tmp directory for the mailer:

mkdir /var/lib/squirrelmail/tmp

Then move the owner to www data to:

chown www-data /var/lib/squirrelmail/tmp

Let's restart Apache:

service apache2 reload

We're done. So we created an alias (/ Squirrelmail) which is in the mail client installation directory (/ Usr / share / Squirrelmail) shows.

From here, you can access your browser at the following url: http://192.168.1.120/squirrelmail. Of course, if you have set a different IP address for the server, it will be available at that IP address. It can also be accessed from the same subdirectory under any website created on the server (www.xyz.hu/squirrelmail). The result is:

If you want a / webmail To make the mail available from subdirectories, reopen the configuration:

nano /etc/apache2/conf-enabled/squirrelmail.conf

And let's put a line at the beginning, like this:

Alias /squirrelmail /usr/share/squirrelmail
Alias /webmail /usr/share/squirrelmail
[...]

And let's restart Apache:

service apache2 reload

Installing ISPConfig 3

Then install it as follows:

cd /tmp
wget https://ispconfig.org/downloads/ISPConfig-3.1.11.tar.gz
tar -xvzf ISPConfig-3.1.11.tar.gz
cd ispconfig3_install/install/
php -q install.php

After running the installation file, the text logo and the first question appear:

--------------------------------------------------------------------------------
 _____ ___________   _____              __ _         ____
|_   _/  ___| ___ \ /  __ \            / _(_)       /__  \
  | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _    _/ /
  | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |  |_ |
 _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| | ___\ \
 \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, | \____/
                                              __/ |
                                             |___/
--------------------------------------------------------------------------------


>> Initial configuration

Operating System: Debian 8.0 (Jessie) or compatible

    Following will be a few questions for primary configuration so be careful.
    Default values are in [brackets] and can be accepted with <ENTER>.
    Tap in "quit" (without the quotes) to stop the installer.


Select language (en,de) [en]:

Here you can choose between English and German. I choose English so enter blank.

Then there are a few more questions:

• Installation mode (standard, expert) [standard]: Hairstyle background, enter.
• Full qualified hostname (FQDN) of the server, eg server1.domain.tld [server1.linuxportal.info]: Here too leave the offerings FQDN As.
• MySQL server hostname [localhost]: That's good too, enter
• MySQL server port [3306]: Enter
• MySQL root username [root]: Enter
• MySQL root password []: Enter the previously set here MySQL root password.
• MySQL database to create [dbispconfig]: That's good, Enter
• MySQL charset [utf8]: That's good too, Enter

Then configure the Postfix. He will create one for him SSL certificate, for which you need to answer some questions again:

[INFO] service Postgrey not detected
Configuring Postfix
Generating a 4096 bit RSA private key
........................................................................................++
..................................................................++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:

We can answer these questions properly, but we can press an enter on each one because it doesn't matter. All you need is SSL to generate for postfix.

Getting the email address here is the last question, and then you configure the services further:

[INFO] service Mailman not detected
Configuring Dovecot
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Jailkit
Configuring Pureftpd
Configuring BIND
[INFO] haveged not detected - DNSSEC can fail
Configuring Apache
Configuring vlogger
[INFO] service OpenVZ not detected
Configuring Bastille Firewall
[INFO] service Metronome XMPP Server not detected
Configuring Fail2ban
Configuring Apps vhost
Installing ISPConfig

You will then be asked which port you want to use ISPConfig with:

ISPConfig Port [8080]:

We can leave it that way. However, in a live server environment, you can instead enter a higher port number to make it harder for outsiders to find our ISPConfig panel.

Admin password [a534612c]:

Enter an admin password for ISPConfig here. If left blank, the self-generated password will be applied between the square brackets. You will then be prompted for the password again, for confirmation.

You will then be asked if you want to use the ISPConfig panel on your SSL connection:

Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:

SSL is strongly recommended here, so leave the default yes.

It then generates another SSL for ISPConfig:

Generating RSA private key, 4096 bit long modulus
.......................................................................................................................++
..........................................................................................................++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:

And here comes the questions for SSL generation again, press enter for each:

• Country Name (2 letter code) [AU]:
• State or Province Name (full name):
• Locality Name (eg, city) []:
• Organization Name (eg, company) [Internet Widgits Pty Ltd]:
• Organizational Unit Name (eg, section) []:
• Common Name (eg server FQDN or YOUR name) []:
• Email Address []:
• The challenge password []:
• An optional company name []:

Then you configure some things, restart the services, and the installation is complete:

writing RSA key


Configuring DBServer
Installing ISPConfig crontab
Installing ISPConfig crontab
no crontab for root
no crontab for getmail
Detect IP addresses
Restarting services ...
Installation completed.

If all goes well, then the next httpsYou can also access our ISPConfig panel at url and port 8080 (as requested):

https://192.168.1.120:8080/

Since we requested SSL to access ISPConfig during the installation, it also comes in with https, but be preceded by a security warning (which I wrote earlier about self-signed SSLs):

After you enable this and move on to the site, the login window will appear:

Let's enter it here admin user and the admin password you provided during installation. Then the ISPConfig home page will appear:

And the server status report:

It only writes a warning to the kernel version as it is newer than the one in Debian 8.10.

You can then start working on the server with ISPConfig.

Closing thoughts

Once you've gotten this far, you'll appreciate the work you've done so far, because ISPConfig knows a lot, so you don't have to be constantly bugging the config files if you're having trouble with the server. Of course, this does not mean that we can solve anything with the help of this panel, because there will be plenty of things that we have to do by hand. But if that weren’t the case, I wouldn’t even have to make any more descriptions. :)

I omitted two things from the original description: One is a suPHP, which they don't recommend installing as they are out of date, and PHP-FPM also offers a much better solution instead. The other is the Mailman install mailing list. I just didn't feel this was vital, so I skipped it. But if there is a need, I'll make a separate description for it.

I dare to recommend this server configuration to anyone because I have been using this "base" on this server for over a year now, of course I have done a lot over the months. It works flawlessly, there has been no downtime since the installation.

In my later descriptions, I will present, among other things, additional additions, modifications, and methods based on this installation, with which we can make this server environment even more secure and efficient.

I hope many people will find this guide useful, because I haven't found the equivalent in Hungarian yet.

Download virtual machine

Navigation