Webmail security (Squirrelmail)

Similar Messages

• Verizon Webmail Security Warning Popup

  Just recenly when I signed out from the Verizon webmail page I recieved the following popup:
    After googling to find out some information about this annoying popup, I got some informaion about how to stop this popup, but I had to go to Internet Options and change a setting. The popup has stopped, but I'm wondering why it suddenly just started as I hadn't changed any setting until I got the popup and researched how to stop it. Out of curiosity has any one else received this popup? I got this popup a few times in the past but it was with other websites and only occurred a very few times. I know it is related to Internet Explorer 8 and also has happened with other IE versions.
   Holly                                            ​          

  I'm sure that is true but I was wondering why this just started happening as we have had the new sign in page for somet time and the Verizon webmail page has been used even longer. I think I will alert them by sending this information to Feedback. Also I will change my setting back to Prompt for safey  reasons and sign out from my email by just clicking on the X in the right hand corner as the mail times out anyway as the popup bugs me.
  Holly 

• Webmail Security on OS X Server 10.3.9

  Hi - I've setup webmail, and everything works as it should. I want to add a certificate so I can setup SSL. I'm using OS X Server version 10.3.9. Is is possible to create a self-signed certificate in this version or do I have to send a certificate request to a CA? I don't see the option to create a self-signed one in version 10.3.9....
  Thanks for your help,
  Jim
  G5 Mac OS X (10.3.9)

  Thanks, Niel, there is indeed helpful information on that page.
  I have another question, still relating to certificates - my mailserver name is mail.domain.com. In my conf.pl, I have the server name as just domain.com, and it works fine. In creating the certificate, for the Common Name, should it be mail.domain.com or just domain.com? (I'm new to setting this stuff up.)
  Thanks,
  Jim
  Mac OS X (10.3.8)

• How to use SquirrelMail and Require SSL for IMAP Service?

  Hello,
  Mac OS X Server v.10.4.9 – Open Directory Master
  Providing POP, IMAP, SMTP, web services including webmail via SquirrelMail.
  PHP v.4.4.4 Nov. 1, 2006
  OpenSSL v.0.9.7l Sept. 2006
  I need to require SSL for IMAP access, however, I also need to provide webmail access. SquirrelMail does support TSL it seems and that can be configured from /etc/squirrelmail/config/conf.pl and is discussed briefly here: http://www.squirrelmail.org/wiki/SquirrelMailIMAPS .
  When I turn on TSL on SquirrelMail and change the IMAP port number to 993 attempting to log into SquirrelMail provides the following error:
  Bad request: IMAP server does not appear to support the authentication method selected. Please contact your system administrator.
  According to the above noted page from the SquirrelMail site one needs PHP 4.3 and SSLv3 in order for TSL to work, one must also connect to the IMAP server over port 993. Requirements I appear to meet.
  So – how can one require the use of SSL for IMAP and still provide webmail access via SquirrelMail?
  I have reviewed these three threads:
  http://discussions.apple.com/thread.jspa?threadID=912841&tstart=75
  http://discussions.apple.com/thread.jspa?messageID=1457773&#1457773
  http://discussions.apple.com/thread.jspa?messageID=3921004&#3921004
  However they do not answer the fundamental question of how to use SquirrelMail with SSL required by IMAP. Essentially the conversation revolves around working around the SSL requirement or forgoing it.
  Thank you for any assistance.

  David,
  Yet from time to time these same users are in a
  circumstance where they need to use webmail, thus
  SquirrelMail needs to work. I am not trying to
  secure webmail by requiring SSL.
  I see, your problem. In this particular case there is a workaround.
  Use different ports for postfix and cyrus limited to localhost, thus catering only to SquirrelMail, thus not needing TLS.
  Roughly do this (this is just off the top of my head, may contain errors):
  For SMTP / Postfix:
  Edit /etc/postfix/master.cf
  and add:
  465 inet n - n - - smtpd
  -o smtpdrecipientrestrictions= permit_mynetworks,reject
  -o mynetworks=127.0.0.1/32
  -o smtpdenforcetls=no
  # This will create a port 465 (if you use this alreay pick another one. choose the number wisely, depending ony what is in use on your server)
  # This port is only accessible to IP number in "mynetworks"
  For IMAP / Cyrus
  Edit /etc/cyrus.conf and add (below imap):
  imaplocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imap" prefork=0
  Next duplicate /etc/imapd.conf and name it imapd-local.conf
  Edit /etc/imapd-local.conf
  Change
  tlsserveroptions: require
  to
  tlsserveroptions: use
  Next edit:
  /etc/services
  and create a port called "imaplocal"
  (you could probably recycle 585 wich is deprecated, check what is in the services file, make sure no duplicate port numbers).
  should look something like:
  imaplocal 585/udp
  imaplocal 585/tcp
  When done with all config files:
  Save & restart mail services
  Point SquirrelMail to the new ports wich should only be accessible to localhost (check with an external client if it holds
  Sorry for the "draft style" post, but I don't have much time.
  Just ask, if anything isn't clear.
  HTH,
  Alex

• Mailman vulnerabilty archives web accessible

  I recently failed a security audit on my 10.6 server. I use the standard setup for webmail and squirrelmail. Unfortunately, if someone types in my server address they can access all my mailing list archives. For example, http://192.168.1.1/pipermail/
  A unauthorized user has full access to all internal emails. This is a huge security issue and after reading various discussions about upgrading mailman/python/pipermail I don't see any easy fix.
  Has anyone else had this issue?
  If Apple has altered the basic Mailman config, is there an alternative that would work well?

  Alas, Mailman is gone. Here's one guide for installing it yourself:
  http://www.livetime.com/mountain-lion-mailman-mailing-list/

• Sent mail does not show up in Sent (airplane) mailbox

  My dad just got his first Mac. He depends on (massive amounts of) email for his work, and used Outlook on his old laptop. Switched to Mac and is using Mail.app now. All his old email is now imported (with O2M) and mostly looks fine.
  Except any email he sends is not being copied to the Sent (paper airplane) folder as expected even though the account preference "Store sent messages on the server" is checked.
  I must be missing something simple but can't find it and it's important that this is fixed.
  Thanks!

  Playing around in Mail.app I fixed it hopefully this topic will be useful for someone else in the future:
  I had a mailbox on my IMAP account called Sent. It showed up as a regular folder and was used by the webmail app (squirrelmail).
  I selected it, and in the Message menu selected Use this Mailbox for > Sent.
  The Sent folder I had became the new 'airplane' folder and it now shows up.

• Virtual mail domain and POP problem

  Hi all,
  I am currently on my 7th or 8th install of 10.5 server, so far without managing to make a working mailsetup with virtual domains and virtual users. That is, it works when my customers use an IMAP-client (or webmail via squirrelmail), but it doesn't work when using a POP-client. I have yet to discover the cause of my problems, as the server-logs show perfectly good logins – but unfortunately nothing gets downloaded to the client.
  I currently host 15 domains, which until my purchase of 10.5 server were hosted on a computer running 10.4 client-version with dovecot as mailserver, a custom DNS-setup and various custominstalled supporting apps. On the old client, everything was running smoothly (albeit slowly, due to the old hardware), but as I have stated, on my new server I can't get POP-access to work.
  When I do a fresh install of 10.5 server, I can log in to the accounts on the primary domain with either POP3 or IMAP, but as soon as I set up a virtual domain, POP-access to all accounts ceases to function.
  I suspect Cyrus configuration to be the main culprit, since everything else seems to work as expected, but having no previous experience with cyrus, I have yet to find a solution.
  If anyone has any pointers to a good source of cyrus-IMAP knowledge, I would be very grateful for any help.
  /Lars

  Hi Alex,
  This is really strange, and it's also really bugging me!
  I use OD. If I add several shortnames to a user, fqn and not-fqn, I can only log in with the first shortname and any of the fqn-names. However, only the login using the first shortname recieves any mail.
  I dont know if you have any explanation as to why my setup doesn't include a /etc/postfix/virtual file or a virtualaliasmaps statement in main.cf, which is the only difference in my system that I registered compared to your guide.
  This is some lines from mailaccess.log when logging in to an account using Outlook Express in XP (user info masked):
  Dec 7 22:50:05 server pop3[84858]: login: [192.168.2.3] comexampleuser plaintext User logged in
  Dec 7 22:51:15 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:51:25 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:51:35: --- last message repeated 3 times ---
  Dec 7 22:51:46 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:52:16: --- last message repeated 2 times ---
  Dec 7 22:52:44 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:56:01 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:57:04 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
  The log level is set to "Information", and as you can see all logins appear to be successful. However, only the first login using the comexampleuser login receives any mail (and I sent more mails inbetween to make sure something would register, of course).
  Here's the relevant part from mail.log:
  Dec 7 22:51:04 server postfix/smtpd[84875]: connect from unknown[192.168.2.3]
  Dec 7 22:51:04 server postfix/smtpd[84875]: 4A362F8F58: client=unknown[192.168.2.3], sasl_method=CRAM-MD5, [email protected]
  Dec 7 22:51:04 server postfix/cleanup[84880]: 4A362F8F58: message-id=<[email protected]>
  Dec 7 22:51:04 server postfix/qmgr[81164]: 4A362F8F58: from=<[email protected]>, size=602, nrcpt=1 (queue active)
  Dec 7 22:51:04 server postfix/smtpd[84884]: connect from localhost[127.0.0.1]
  Dec 7 22:51:04 server postfix/smtpd[84884]: B4844F8F67: client=localhost[127.0.0.1]
  Dec 7 22:51:04 server postfix/cleanup[84880]: B4844F8F67: message-id=<[email protected]>
  Dec 7 22:51:04 server postfix/smtpd[84884]: disconnect from localhost[127.0.0.1]
  Dec 7 22:51:04 server postfix/qmgr[81164]: B4844F8F67: from=<[email protected]>, size=1112, nrcpt=1 (queue active)
  Dec 7 22:51:04 server postfix/smtp[84882]: 4A362F8F58: to=<[email protected]>, orig_to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.47, delays=0.03/0.02/0.01/0.41, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as B4844F8F67)
  Dec 7 22:51:04 server postfix/qmgr[81164]: 4A362F8F58: removed
  Dec 7 22:51:04 server postfix/pipe[84886]: B4844F8F67: to=<[email protected]>, relay=cyrus, delay=0.14, delays=0.01/0.03/0/0.1, dsn=2.0.0, status=sent (delivered via cyrus service)
  Dec 7 22:51:04 server postfix/qmgr[81164]: B4844F8F67: removed
  Dec 7 22:52:04 server postfix/smtpd[84875]: disconnect from unknown[192.168.2.3]
  And here are the lines from system.log:
  Dec 7 22:50:05 server pop3[84858]: login: [192.168.2.3] comexampleuser plaintext User logged in
  Dec 7 22:51:15 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:51:25 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:51:35: --- last message repeated 3 times ---
  Dec 7 22:51:46 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:52:16: --- last message repeated 2 times ---
  Dec 7 22:52:44 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:53:14: --- last message repeated 2 times ---
  Dec 7 22:56:01 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
  Dec 7 22:57:04 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
  bash-3.2# cat /etc/imapd.conf
  admins: cyrusimap
  configdirectory: /var/imap
  partition-default: /var/spool/imap
  unixhierarchysep: yes
  altnamespace: yes
  servername: server.skovgaarddesign.dk
  sievedir: /usr/sieve
  sendmail: /usr/sbin/sendmail
  lmtpdowncasercpt: 1
  unixgroupenable: 0
  berkeleytxnsmax: 400
  berkeleylocksmax: 20000
  berkeley_cachesize: 8192
  berkeleymax_logregion: 2048
  berkeleymax_logfile: 10240
  berkeleymax_logbuffer: 2048
  tlskeyfile: /etc/certificates/Default.key
  quotawarn_frequencydays: 1
  tlscertfile: /etc/certificates/Default.crt
  enablequotawarnings: yes
  imapauth_crammd5: yes
  popauthapop: yes
  logrolling_daysenabled: 0
  logrollingdays: 1
  imapauthlogin: yes
  imapauthplain: yes
  imapauthgssapi: yes
  lmtpover_quota_permfailure: yes
  tlsserveroptions: use
  popauthgssapi: yes
  bash-3.2# cat /etc/cyrus.conf
  # standard standalone server implementation
  START {
  # do not delete this entry!
  recover cmd="ctl_cyrusdb -r"
  # this is only necessary if using idled for IMAP IDLE
  idled cmd="idled"
  # UNIX sockets start with a slash and are put into /var/imap/socket
  SERVICES {
  # add or remove based on preferences
  imap cmd="imapd" listen="imap" prefork=0
  imaps cmd="imapd -s" listen="imaps" prefork=0
  pop3 cmd="pop3d" listen="pop3" prefork=0
  pop3s cmd="pop3d -s" listen="pop3s" prefork=0
  sieve cmd="timsieved" listen="sieve" prefork=0
  # at least one LMTP is required for delivery
  # lmtp cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
  # this is only necessary if using notifications
  # notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
  EVENTS {
  # this is required
  checkpoint cmd="ctl_cyrusdb -c" period=30
  # this is only necessary if using duplicate delivery suppression
  delprune cmd="cyr_expire -E 3" at=0400
  # this is only necessary if caching TLS sessions
  tlsprune cmd="tls_prune" at=0400
  LIMITS {
  imaplimit value=0
  And here are the output of ps U _cyrus when logging in via POP (I have removed the IMAP-lines, as I doubt they are necessary, but feel free to correct me if I'm mistaken).
  bash-3.2# ps U _cyrus
  PID TT STAT TIME COMMAND
  19062 ?? Ss 1:08.79 /usr/bin/cyrus/bin/cyrus-quota -r
  81174 ?? Ss 0:01.32 master -l 256
  81177 ?? S 0:02.04 idled
  85071 ?? Ss 0:00.03 /sbin/launchd
  85073 ?? S 0:00.03 pop3d: [192.168.2.3] [email protected] user.firstname^lastname@exampl
  I hope some of the above will provide some clues.
  /Lars

• Security Update 2010-005 Squirrelmail 1.4.20 timezones.cfg

  Was an update to Squirrelmail 1.4.20 included in the Security Update 2010-005?
  Is is just me or is everyone missing /usr/share/squirrelmail/include/timezones.cfg after this update?
  This causes an error when trying to access the Options > Personal Information.

  I manually updated to 1.4.20
  So *Security Update 2010-005* didn't contain an update to SquirrelMail but managed to break my install of SquirrelMail 1.4.20?
  I always use a sym-link so that automatic updates don't break my manual updates. But there must have been a script in the Security Update that erased the timezones.cfg file. Even if there was a SquirrelMail update included, why would it erase the timezones.cfg file?

• Rebranding WebMail / SquirrelMail

  When I go to WebMail I get a web page that says 'Mac OS X Server WebMail Login'.
  Which files do I need to edit to change this and add some of my own header graphics to the whole experience?

  Thank you, thats a great help.
  I have been searching for info on how to set the default theme and read here: http://squirrelmail.org/docs/admin/admin-7.html#ss7.2
  but it does not tell you how to set a default theme, just how to make a basic one.
  Any ideas where to edit and set the default theme?
  Is it the default css file?

• Can you use HTML signature in webmail/SquirrelMail?

  I tried to paste my HTML signature from Apple Mail into my account settings while logged into my server's webmail/SquirrelMail and it looks like it got converted to plain text immediately.
  Is it possible for my webmail users to have HTML signatures?
  Thanks!

  Both... if I do a copy/paste of the rendered HTML from the Signature setting in Apple Mail to the Signature option in SquirrelMail, all I get is plain text in the SquirrelMail Signature option and in the composition window.
  If I copy the HTML source from TextWrangler into the Signature option in SquirrelMail, I see the HTML source both in the Signature option and in the composition window. (I sent a test email to myself and verified the recipient also sees HTML source, not rendered HTML.)
  I guess I'm still trying to figure out if HTML signatures are possible with SquirrelMail, I haven't been able to find a definitive answer in the docs or their mailing list. They seem to have an anti-HTML fascination when it comes to email, which I understood and even agreed to at one time, but it's 2009...

• Better webmail app that SquirrelMail?

  Hello --
  Do any of you (especially Bill) have a webmail app that you like? I have G5 running SquirrelMail (along with UW-IMAP & Postfix) and while I appreciate the simplicity and functionality, I sure would like something a little more Ajaxy. Hasn't anyone cloned gmail or yahoo mail or even .mac mail?
  Thanks for your advice!

  Yeah -- I like mail.app. But I'm looking for a web app for when I'm not using my own computer.
  And I agree SquirrelMail is slow (hence my request).
  You must have overthought the installation. It's pretty much just a matter of dumping the directory in your web docs directory and taking most of the defauults on the configuration script. Compared to the other things you've explained in this forum, it's as easy as putting on pants.

• Anyone using Secure SMTP in SquirrelMail ?

  Secure SMTP and Secure IMAP working fine with all Email clients. Secure IMAP works with SquirrelMail. But SMTP does not. I would like to know if anyone is using Secure SMTP in SquirrelMail. I get a message "Connection Refused" when I try to send an email from SquirrelMail. Appreciate any help.

  You didn't mention if you modified the SM config with your server settings?
  sudo /etc/squirrelmail/config/conf.pl
  Make sure you change the SMTP server from localhost to the proper common name for the server or ssl won't work.
  But......
  There's no reason to use SSL if SM and the SMTP server are on the same machine. No point in encrypting traffic which never hits the network.
  Jeff

• Cannot send via webmail (SquirrelMail)

  Hi,
  I am getting an error when any user tries to send an email via the web interface - SquirrelMail.
  Message not sent: Server replied: Syntax error in parameters or arguments 501 5.1.7 Bad sender address syntax
  The address I am sending to (and I have tried many of them) all work sending via the mail client. Any ideas?
  Nick

  Thank you Cliff - that was indeed the problem. I was testing he Webmail interface from the server - using any other machine on the LAN or Web did not create the error.
  Nick

• Security update kills Squirrelmail?

  Since installing the security update this AM I cannot read any mail in Squirrelmail on my server. I can log in, but read_body.php fails with a timeout. I suspect it is something in the mod_php module that is listed in the update.
  Anyone else having this problem?
  Mike

  Looks like the newest security update contains a change that might fix the problem.
  As a side note, I installed a dev version of 1.5 and the problem went away (previous to Security update 2006 002)(when it failed I was using version 1.45)
  Mike

• Webmail (SquirrelMail)

  I have my webmail setup. It works fine, but there is one strange thing I can't resolve. Sending mail to a persons email account shows [email protected] A reply to this address will come back of course. Does any body know how to solve it and get rid of the www after the @. I checked the /etc/squirrelmail/config.php and did some changes but without succes. There is a line named $domain getenv (NAME_SERVER) if I change the name server to the domain name "example" the outcome is the whole server name with example.com at the end. Any help would be appreciated

  http://discussions.apple.com/thread.jspa?messageID=1322533&#1322533