Qmailadmin with Apache

Credits

Various bits of code, scripts, and procedures were put together with information from John Simpson's qmail.jms1.net website. It's an excellent resource on managing and setting up a Qmail server.

Configuring Qmailadmin to work with the Apache webserver

Apache 2.4 needed to be compiled with --enable-mpm=prefork --enable-cgi

Apache virtual host configuration
Edit /usr/local/apache2/conf/extra/httpd-vhosts.conf and add a virtualhost directive for Qmailadmin and webmail:

<VirtualHost *:80>
    ServerAdmin postmaster@example.com
    DocumentRoot /var/websites/mail/htdocs
    ServerName mail.example.com
  <Directory /var/websites/mail/htdocs>
    Options Indexes FollowSymLinks
    #Apache 2.2
    AllowOverride All
    Order allow,deny
    Allow from all
    #Apache 2.4
    Require all granted
  </Directory>

ScriptAlias /cgi-bin/ "/var/websites/mail/cgi-bin/ <Directory "/var/websites/mail/cgi-bin"> AllowOverride None Options FollowSymLinks #Apache 2.2 AllowOverride All Order allow,deny Allow from all #Apache 2.4 Require all granted </Directory> </VirtualHost>

Securing Qmailadmin
If you are going to have Qmailadmin accessible from the public internet, you should encrypt the connection as user IDs and passwords are used.

Assuming you've already created an SSL certificate according to the Apache SSL Instructions:

Because qmailadmin is a program within /var/websites/webmail/cgi-bin, we'll have to adjust the settings for that directory. Add a RewriteRule to force clients to connect to the qmailadmin interface through an SSL encrypted session. If you don't want your internal users to be encrypted, adjust the REMOTE_ADDR RewriteCond to reflect your internal network. If you want all IPs encrypted, remove that condition altogether. Note that the Options directive is changed from "None" to "FollowSymLinks". The example below will redirect requests from any addresses other than the 192.168.0/24 range to HTTPS on port 443.
Edit /usr/local/apache2/conf/extra/httpd-vhosts.conf and modify the Directory section for /var/websites/webmail/cgi-bin, adding the Rewrite rule and conditions:

<Directory "/var/websites/mail/cgi-bin">
  AllowOverride None
  Options FollowSymLinks
  Order allow,deny
  Allow from all
  RewriteEngine on
  RewriteCond %{REMOTE_ADDR} !^192\.168\.0\.[0-9]+$
  RewriteCond %{HTTPS} !=on
  RewriteRule ^.*qmailadmin https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</Directory>

Recent Updates

nginx

6 months 1 day ago

1.27.2 update
lighttpd

6 months 1 week ago

Drupal 10/11 config
Drupal 11

6 months 2 weeks ago
PHP

6 months 2 weeks ago

PHP 8.3.11 and AlmaLinux
Pound SSL Proxy

6 months 2 weeks ago

New version of Pound

Recent Links

SquidGuard

SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
NCurses Disk Usage

A disk usage analyzer with an ncurses interface, aimed to be run on a remote server where you don't have an entire gaphical setup, but have to do with a simple SSH connection. ncdu aims to be fast, simple and easy to use, and should be able to run in any minimal POSIX-like environment with ncurses installed.
WPKG

WPKG is an automated software deployment, upgrade and removal program for Windows.

It can be used to push/pull software packages, such as Service Packs, hotfixes, or program installations from a central server (for example, Samba or Active Directory) to a number of workstations.

It can run as a service to install software in the background (silent install), without user interaction.

It can install MSI, InstallShield, PackagefortheWeb, Inno Setup, Nullsoft, other software installers or .exe packages, .bat and .cmd scripts and similar: no more repackaging to perform software installation.

WPKG is open source software.
opsi

opsi (Open PC Server Integration) the Open Source client management system
Vagrant

Vagrant is a tool for building complete development environments. With an easy-to-use workflow and focus on automation, Vagrant lowers development environment setup time, increases development/production parity, and makes the "works on my machine" excuse a relic of the past.

Main menu

You are here

Qmailadmin with Apache

Credits

Recent Updates

Recent Links