# Email solution - solved, thanks

## bLanark

I have searched the forums and the web, but can't find the information I need. Please help me here!

I need a mail solution, taking email from my ISP's pop3 box, storing it locally on IMAP so that I can access it via an IMAP client locally, a secure IMAP client remotely, and ideally via the web (https) too. This post here on this thread https://forums.gentoo.org/viewtopic.php?t=4398&highlight=imap+fetchmail descibes more or less what I want: *Quote:*   

> I have postfix, IMAP SSL, fetchmail, procmail, squirrel mail over SSL apache and spamassassin setup. With this configuration I can use any IMAP enabled email client at school, at work, and, of course, at home to get all my email... Setup fetchmail as a cron, and you never have to check your email again; everything is downloaded automatically when the cron is executed. When I don't have a mail client handy, I can just browse to my box over SSL and use squirrel mail to access my account. All this functionality for *free*.... simply amazing.

 

I *think* that I know all the apps I need, but I am having trouble glueing them together. I'm not certain what they all do and interact.

Please confirm or refute what I know and fill in the blanks

Fetchmail: can be configured to get mail from pop3 mailboxes. Hands to local mail agent.

procmail: local mail agent. Forwards mail wherever??

Courier IMAP: IMAP server. 

postfix: Don't know, but people use it.

squirrelmail: accesses local IMAP server and gives web front end. 

Apache/SSL: Secure (https) web access. 

I'd like to add spam filtering. I must pull mail for different users too. So I gets mail from ISP 1 and 2, another user gets mail from ISP 3. This mail will be seperate on my box. 

Sorry, the topic has been gone over before, but I cannot get my head around it at all. 

Help gratefully received.

----------

## alec

My solution isn't incredibly professional, but it works and it seems to be what you want, minus procmail.  I run fetchmail -> postfix -> Courier-SSL or Squirrelmail.

You do want fetchmail.  Put tcltk in your USE to get fetchmailconf, a nice graphical configurator that takes all questions out of making a .fetchmailrc.  Very handy.  You can put it all in one file (make sure you tell it what the user name is locally!) or give each user a .fetchmailrc

The one time I screwed around with procmail I screwed up, so I haven't tried that again.  It should work.

Postfix is easy and fun to configure.  Well, easy, at any rate.  As a bonus, if you have an ISP mail account, you can set it to route your mail through there, insuring you won't be rejected.

Courier IMAP works nice.  And there's SSL support - again, put it in your USE variable and start it up - it's not the same /etc/init.d/ file.

Squirrelmail is emergable.  You'll need apache + php + ssl first.  Not too hard to configure.

That's all you need - works like a charm.

----------

## kashani

 *bLanark wrote:*   

> 
> 
> I'd like to add spam filtering. I must pull mail for different users too. So I gets mail from ISP 1 and 2, another user gets mail from ISP 3. This mail will be seperate on my box. 
> 
> Help gratefully received.

 

I'd recommend Spam Assassin for your spam problems. It's in portage and the website is www.spamassassin.org. It'll probably br easiest to call using procmail for your proposed setup.

kashani

----------

## bLanark

Thanks for the help! 

My progess:  I can send out mail via my ISP, using postfix.  I have installed squirrelmail (haven't finished the config yet, I guess I don't need to until I get mail into the IMAP boxes) I have installed courier, I'm not certain that I have the config 100% correct, but it is happy to run. I have fetchmail running (just for one user for now, and not scheduled to start as a cron job yet either - hey, I don't even run cron yet!  :Smile:  ) 

What I don't understand is how I can tell fetchmail (or is it postfix) to send mail to courier instead of a mailbox? Or is mail always stored in /var/spool/mail/<username>? 

Another (minor) question: Do I need to run the courier-pop3 daemon? I intend to just use Imap access, or via the web via squirrelmail.

----------

## psp

I may be incorrect here, but I think that fetchmail honours your .forward file. You can then execute maildrop (part of the courier-imap suite, but must emerge'd separately) from the .forward file to deliver to a local imap mailbox.

See whether this is possible. I've never tried this, but it seems correct. As to whether you need the POP3 daemon, my feeling is no (cyrus-imap does not require it), but again I could be wrong - it has happened.

Hope this helps,

----------

## bLanark

Well, I got it all fixed in the end. My mistake, not reading the manual enough.   :Embarassed: 

I changed to using a .maildir in the user's indox, (modified the postfix configuration and restarted).

After much fooling around with authentication modules with courier, I got that working too. So now I can access new mail using an IMAP client (I used kmail as it was on the desktop). 

I've also got apache/mod_ssl running, and squirrelmail on top of that too, so I have the complete solution.

Just got to start cron, add a few cron scripts, and it'll all be set up automatically. 

Thanks to everyone for their help.    :Very Happy:   :Very Happy: 

----------

## cedric

Hi,

Now that you have everything working fine, you could write a little guide describing how you did it. This would help me a lot, and other people too I suppose.

----------

## zypher

Definitely.

I have a running webserver and courier/squirrelmail too.

What I need is help on configuring my webserver to run squirrelmail on ssl while the rest is still normal http.

I think, you can configure the server to do this, but I have not figured it out yet.

Could someone post a config here? the <Directory>-section or vhost.conf should be enogh I think.

----------

## zypher

Never mind, figured it out myself.

Just used a vhost.conf

----------

## hoppy

 *zypher wrote:*   

> Definitely.
> 
> I have a running webserver and courier/squirrelmail too.
> 
> What I need is help on configuring my webserver to run squirrelmail on ssl while the rest is still normal http.
> ...

 

I did this using these directives in the apache.conf:

```

<directory /home/httpd/htdocs/squirrelmail>

SSLRequireSSL

SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128

</directory>

RewriteEngine on

RewriteRule   ^/(.*):SSL$   https://%{SERVER_NAME}/$1 [R,L]

RewriteRule   ^/(.*):NOSSL$ http://%{SERVER_NAME}/$1  [R,L]

```

what this does is sets the dir structure to require SSL. 

the rewrite rule means that you can force a specific url to HTTPS or HTTP.

now, if you try to go to /squirrelmail with http, you get a permission denied error.

Eg:

```

<a href="/squirrelmail/:SSL"><img src="/sm_logo.png" align="right" border="0"></a>

```

Im in the process of writing a document for the setup of all this from a vanilla Gentoo 1.2 install.

Rob.

----------

## javock

Hello,

 *hoppy wrote:*   

> 
> 
> I did this using these directives in the apache.conf:
> 
> ```
> ...

 

And if I want to redirect (not using html, but apache) this non-SSL connection to the _default_:443 host so users don't have to remember to type https and they still get security?

What I am trying to say is : is there an apache way to force a http connection become a https connection?

Thanks

----------

