Qmailadmin with Apache

Configuring Qmailadmin to work with the Apache webserver

Apache 2.4 needed to be compiled with --enable-mpm=prefork --enable-cgi

Apache virtual host configuration
Edit /usr/local/apache2/conf/extra/httpd-vhosts.conf and add a virtualhost directive for Qmailadmin and webmail:

<VirtualHost *:80>
    ServerAdmin postmaster@example.com
    DocumentRoot /var/websites/mail/htdocs
    ServerName mail.example.com

  <Directory /var/websites/mail/htdocs>
    Options Indexes FollowSymLinks
    #Apache 2.2
    AllowOverride All
    Order allow,deny
    Allow from all
    #Apache 2.4
    Require all granted
  </Directory>

  ScriptAlias /cgi-bin/ "/var/websites/mail/cgi-bin/
  <Directory "/var/websites/mail/cgi-bin">
    AllowOverride None
    Options FollowSymLinks
    #Apache 2.2
    AllowOverride All
    Order allow,deny
    Allow from all
    #Apache 2.4
    Require all granted
  </Directory>
</VirtualHost>

Securing Qmailadmin
If you are going to have Qmailadmin accessible from the public internet, you should encrypt the connection as user IDs and passwords are used.

Assuming you've already created an SSL certificate according to the Apache SSL Instructions:

Because qmailadmin is a program within /var/websites/webmail/cgi-bin, we'll have to adjust the settings for that directory. Add a RewriteRule to force clients to connect to the qmailadmin interface through an SSL encrypted session. If you don't want your internal users to be encrypted, adjust the REMOTE_ADDR RewriteCond to reflect your internal network. If you want all IPs encrypted, remove that condition altogether. Note that the Options directive is changed from "None" to "FollowSymLinks". The example below will redirect requests from any addresses other than the 192.168.0/24 range to HTTPS on port 443.
Edit /usr/local/apache2/conf/extra/httpd-vhosts.conf and modify the Directory section for /var/websites/webmail/cgi-bin, adding the Rewrite rule and conditions:

<Directory "/var/websites/mail/cgi-bin">
  AllowOverride None
  Options FollowSymLinks
  Order allow,deny
  Allow from all
  RewriteEngine on
  RewriteCond %{REMOTE_ADDR} !^192\.168\.0\.[0-9]+$
  RewriteCond %{HTTPS} !=on
  RewriteRule ^.*qmailadmin https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</Directory>

Credits

Various bits of code, scripts, and procedures were put together with information from John Simpson's qmail.jms1.net website. It's an excellent resource on managing and setting up a Qmail server.

Recent Updates

  • 11 months 1 week ago
  • 11 months 1 week ago
  • 11 months 1 week ago
    php 8.x
  • 11 months 1 week ago
    10.6.7
  • 11 months 2 weeks ago
    Drop Centos 5/6 stuff