Table of Contents:
Described in more detail on http://www.horde.org IMP is an IMAP client (reads and delivers mail) that functions using a Web Browser as the client, while operations are performed on the Web Server.
OpenLDAP
ispell (interactive spelling checker)
GD (binary package available. graphics library for TTF support in PHP3 through
FreeType)
FreeType (binary package available, TTF rendering library required for MSWord
attachments)
Zlib (required for MSWordView)
MSWordView
Source File: imp-2.2.0-pre13.tar.gz (available from http://www.horde.org)
The 1st thing to do is untar the imp distribution files and move it under the horde directory.
# cd /usr/src
# tar -zxf /[path-to-file]/imp-2.2.0-pre13.tar.gz
# mv imp-2.2.0-pre13 /var/www/horde/imp
The install script that comes with horde needs to be executed. The install script should copy the distribution configuration files within the config directory into release forms (eg. horde.php3.dist ==> horde.php3; defaults.php3.dist ==> defaults.php3; mime.php3.dist ==> mime.php3; ldap.php3.dist ==> ldap.php3; servers.php3.dist ==> servers.php3 ) After the files have been copied the script will also chmod the files to what they should be for use by horde.
# cd /var/www/horde
horde # sh install.sh
Your blank configuration files have been created, please
go to
the configuration utitlity at :
your install path url/setup.php3
Now you can configure the IMP setup using the setup.php3 file by using your browser and pointing to the server:
# lynx http://localhost/horde/setup.php3
The above will take you through a graphical (web-interface) configuration of the IMP setup. Following the web-interface the areas of interest should include:-
Page 3 of 11:
Root Base Url: /horde/imp
Graphics Base Url: /horde/imp/graphics
Page 4 of 11:
Default IMAP Server: localhost
Default from address append: mydomain.com
Mail Folder Root: .mail
Page 9 of 11
Use Database: True
Database Type: MySQL
User Name: hordemgr
Password: hordemgr
Database Name: horde
Server Name: localhost
Preference Table: <do not change>
Address Table: <do not change>
The configuration changes will be written to the file: imp/config/defaults.php3. You can manually make the changes by opening the file and making changes such as listed below:
$default->root_url = '/horde/imp/';
$default->graphics_url = $default->root_url . 'graphics';
$default->from_server = 'mydomain.com';
Final cleanup. The final activity to do is secure the configuration files and turn off the ability to configure the system through the web interface. The horde/secure.sh script will perform these tasks for us, so we can execute that script and our system is ready for live action.
# cd /var/www/horde
# sh ./secure.sh
I have made your configuration files, and libraries
mode 0444
which is read for everyone.
And setup.php3 and test.php3 are mode 0000 which is no access period.
Now we're ready to test IMP by starting horde with http://localhost/horde/ Opening this website will show the available horde modules (at this point we only have IMP.) Selecting IMP should let you login to your e-mail account.
From ../horde/imp/docs/SECURITY
Default database password is a security hole
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Horde and IMP documentation and sample database creation scripts
create a user "hordemgr" with password "hordemgr" for accessing the
horde database. Using this password in a production environment is
a security hole, since an attacker will easily guess it.
It is very important that you change the password of
the "hordemgr"
user to something secure. The horde/scripts/database/dbpasswd.sh
script can be used to make this change, or alter the instructions in
horde/docs/DATABASE to set a different password.
IMP will display an error on the login page if the default
database
password is in use. If you insist on using the default password (NOT
RECOMMENDED), the error can be turned off in imp/config/defaults.php3
by setting "$default->db_security_nag = false".
An example of using the dbpasswd.sh script is show below where you will be asked by the script for the directory where IMP's configuration reside. If you have followed the installation procedure shown above then you can use /var/www/horde/imp/config.
# cd /var/www/horde/scripts/database
# sh dbpasswd.sh
This script changes the password for the Horde database user. It
makes the change to the database itself, and to the configuration
files used by Horde/IMP to access it. You will need your database
administrator password, and permission to change your Horde/IMP
configuration files.
What is your IMP configuration directory? /var/www/horde/imp/config
Your PHPLIB configuration file is: ../../phplib/local.inc
It says the database user name is: hordemgr
Your IMP configuration file is: /var/www/horde/imp/config/defaults.php3
It says the database driver is: mysql
It says the database user name is: hordemgr
It says the old password is: hordemgr
Enter the new 'hordemgr' database password: ******
Enter the password again to confirm: ******
Change the 'hordemgr' database password now? yes
Changing the database password...
The password change has been made.
There are further security issues noted in the ../horde/imp/docs/SECURITY which I suggest you browse. A simple security precaution is to deny access to the configuration files (which detail password and database information) by implementing the below apache configurations.
<Directory "/var/www/horde/config">
order deny,allow
deny from all
</Directory>
<Directory "/var/www/horde/imp/config">
order deny,allow
deny from all
</Directory>
The following security settings are recommended from the SECURITY file and I have made modifications to the specified routines to fit the user/directory layouts used in this document.
Preventing local users from reading configuration files
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Horde and IMP configuration files contain sensitive data (such
as database passwords) that should not be read by local system users.
If your IMP server allows untrusted users to log in, one way to make the
configuration directories accessible only to the web server is as follows:
# chgrp -R www /var/www/horde/config
# chgrp -R www /var/www/horde/imp/config
# chmod -R o-rwx /var/www/horde/config
# chmod -R o-rwx /var/www/horde/imp/config
For completely fascist permissions, you can make the entire Horde/IMP
tree inaccessible except by the web server:
# chgrp -R www /var/www/horde
# chmod -R o-rwx /var/www/horde
This assumes that the web server runs as group "www" (typical for
OpenBSD 2.7 Apache(?)); if not, you'll want to change the above commands accordingly.
Security Note: The above discussion has not gone into securing clear-text transfers of e-mail and passwords between the web-browser client and your server. I've haven't figured that part out so if you have it working, please feel free to tell me (IMP FAQ seems clear enough, I just haven't done it yet.)
If I've given you the correct instructions you should now have a useable Web Hosted e-mail service available for your users at http://your-site/horde/
Happy Mailing
Copyright (c) 2000/1/2 Samiuela LV Taufa. All Rights Reserved.
I reserve the right to be totally incorrect even at the best advice of betters. In other words, I'm probably wrong in enough places for you to call me an idiot, but don't 'cause you'll hurt my sensibilities, just tell me where I went wrong and I'll try again.
You are permitted and encouraged to use this guide for fun or for profit as you see fit. If you republish this work in what-ever form, it would be nice (though not enforceable) to be credited.
|
IMP Imap webMail Program - serving up mail on the Web |
Copyright © 2000/1/2 NoMoa Publishers All rights reserved. Caveat Emptor