Webmail Horde / IMP with SSL
Overview
IMP / HORDE is a set of PHP scripts that implement an IMAP based Webmail System. Assuming you have an account on a server that supports IMAP, you can use an installation of IMP / HORDE to check your mail from anywhere that you have web access. An SSL web server is highly recommended, so passwords and your E-Mails are not transferred in plain text.
We use Apache as an SSL Proxy in our DMZ (Demilitarized Zone) to access our IMP / HORDE Webmail System in the HSZ (High Security Zone).
Apache, IMP / HORDE Short Installation Notes
Most of the needed RPM's can be found in the Redhat Linux 7.0 distribution or can be downloaded from:
ftp://ftp.horde.org/pub/RPMS/i386/rh7/old/ (14.02.2002).
apache-1.3.14-3.i386.rpm (newer Version works as well)
freetype-1.3.1-7.i386.rpm
horde-1.2.4-1rh7.noarch.rpm
horde-shm-1.2.4-1rh7.noarch.rpm
imp-2.2.4-1rh7.noarch.rpm
mod_php-4.0.3pl1-1.i386.rpm
php-4.0.3pl1-1.i386.rpm
php-imap-4.0.3pl1-1.i386.rpmInstall this RPMs on RedHat 7.2 with:
rpm -Uvh --force --nodeps freetype-1.3.1-7.i386.rpm
rpm -Uvh --force --nodeps php-4.0.3pl1-1.i386.rpm
rpm -Uvh --force --nodeps mod_php-4.0.3pl1-1.i386.rpm
rpm -Uvh --force --nodeps php-imap-4.0.3pl1-1.i386.rpm
rpm -Uvh --force --nodeps php-imap-4.0.3pl1-1.i386.rpm
rpm -Uvh --force --nodeps horde-1.2.4-1rh7.noarch.rpm
rpm -Uvh --force --nodeps horde-shm-1.2.4-1rh7.noarch.rpm
rpm -Uvh --force --nodeps imp-2.2.4-1rh7.noarch.rpm
Create the Configuration Files
Change the directory to /var/www/html/horde and run install.sh
cd /var/www/html/horde
sh install.shYour blank configuration files have been created, enter the configuration utitlity at:
http://<webmail-host>/horde/setup.php3
This opens 11 screens, at the end it creates the configuration file:
/var/www/html/horde/imp/config/defaults.php3
Run the Security Script
/var/www/html/horde/secure.sh
Apache SSL Proxy for IMP / HORDE
First of all you need a SSL certificate, e.g. from http://www.thwate.com. After this, you can create an SSL enabled virtual host as a proxy in your Apache configuration file which usually can be found /etc/httpd/conf/httpf.conf.
#
# VirtualHost for xyz.domain.com (XYZ Webmail)
#
<IfDefine HAVE_SSL>
<VirtualHost 194.210.122.193:443>
ServerAdmin martin.zahn@domain.com
DocumentRoot "/home/zahn"
ServerName xyz.domain.com
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/webmail.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webmail.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<IfModule mod_proxy.c>
ProxyPass / http://192.168.134.22/
ProxyPassReverse / http://192.168.134.22/
</IfModule>
</VirtualHost>
</IfDefine>
Configuration File defaults.php3
<?php /* file: defaults.php3 */ /* For debugging purposes */ $default->error_level = 15; /* The longest that things like file uploads and slow functions */ /* should be allowed to run. 0 means run until termination */ /* (forever if infinite loop). */ /* NOTE: you can't set this to 0 if safe_mode is on. */ $default->max_execution_time = 0; /* Server Specific Configuration */ $default->localhost = '<webmail-host>.<domain>'; /* Web Server Configuration */ $default->root_url = ''; $default->include_dir = './templates'; $default->graphics_url = $default->root_url . '/graphics'; /* Default IMAP Server Configuration */ $default->server = '<mailhost>.<domain>'; $default->from_server = 'akadia.com'; $default->port = '143'; /* Default IMAP Folder Configuration */ $default->folders = 'Mail/'; $default->use_imap_subscribe = true; $default->show_dotfiles = false; $default->save_sent_mail = true; $default->sent_mail = 'sent-mail'; $default->postponed = 'drafts'; /* Ldap searching */ $default->use_ldap_search = true; /* Server list : user is presented with a list */ /* of available imap servers */ $default->use_server_list = false; /* User changeable items */ $default->user_change_server = false; $default->user_change_folder = false; $default->user_change_from = true; $default->user_change_fullname = true; $default->user_use_addressbook = true; /* Check For New Mail Configuration */ $default->newmail_popup = true; $default->refresh_delay = '300'; /* External Binaries Configuration */ $default->path_to_sendmail = '/usr/sbin/sendmail'; /* Sendmail */ $default->path_to_ispell = '/usr/bin/ispell'; /* ISpell */ $default->path_to_mswordview = '/usr/bin/wvHtml'; /* M$WordView */ $default->path_to_tar = '/bin/tar'; /* Tar */ /* Cyrus Configuration */ $default->personal_folders = ''; /* i.e. INBOX. */ /* Default Language Configuration */ $default->language = 'en'; /* Message Configuration */ $default->append_header = false; $default->append_trailer = false; /* Text Viewing */ $default->text_parts_inline = true; /* Database Configuration */ $default->use_db = false; $default->database_driver = 'dummy'; $default->db_user_name = 'hordemgr'; $default->db_password = 'hordemgr'; $default->db_security_nag = true; $default->db_name = 'horde'; $default->db_server_name = 'localhost'; $default->db_pref_table = 'imp_pref'; $default->db_address_table = 'imp_addr'; $default->db_connect_string = ''; $default->db_server_port = ''; $default->db_server_options = ''; $default->db_server_tty = ''; ?>