CJ, All clients are redirected to their own domain's webmail. This way a client doesn't have to remember a domain which they have no 'relation' to.
Like so: example.com/webmail redirects to https://www.example.com/webmail/ example1.com/webmail redirects to https://www.example1.com/webmail/ example2.com/webmail redirects to https://www.example2.com/webmail/ And so on... Eric -----Original Message----- From: Maxwell Smart [mailto:c...@yother.com] Sent: Saturday, June 05, 2010 9:35 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: Webmail SSL OK, when I meant TLD I meant example.com .org etc. /webmail being a sub-domain. Are your clients all being redirected to the main domain that handles the mail? For instance is example.com/webmail redirected to https://www.whitehorsetc.com as well as myserver.com/webmail or are those being redirected https://example.com and https://myserver.com respectively. Does that make sense? Quoting Eric Broch <ebr...@whitehorsetc.com>: > CJ, > > I'm not sure how you're defining the difference between a TLD and a > sub-domain(?). > > As I understand it, a top-level-domain (TLD) would be com, org, us, de, and > etc..., so, my domain 'whitehorestc.com' would be a 1st level sub-domain of > the 'com' domain and 'www.whitehorsetc.com' would be a second level > sub-domain of the 'com' domain. All my 1st level sub-domains (I have 5) are > members of the 'com' domain and are redirected to 2nd level domain of > 'www.anydomain.com' and if the '/webmail' or '/webmail/' path is part of the > path typed into the address bar of the browser apache redirects to https > (secure web). > > Initially I was unable to discover a process by which I could use > certificates for each of my 1st level sub-domains, so, up until now my > clients were simply adding an exception when going into webmail for a > particular sub-domain. > > Eric B. > > -----Original Message----- > From: Maxwell Smart [mailto:c...@yother.com] > Sent: Friday, June 04, 2010 4:43 PM > To: qmailtoaster-list@qmailtoaster.com > Subject: Re: [qmailtoaster] Re: Webmail SSL > > @Eric Broch > > So are all of your current secure sites subdomains? ie > https://www.example.com/example or TLD https://www.example.com? > > If they are all TLD's how are you traversing the fact that the > certificates aren't specific to those domains? > > @ Eric Shubes > > We're going to get this figured out! > > > > On 06/04/2010 08:38 AM, Eric Broch wrote: >> CJ, >> >> I don't use multiple certificates, but I did, in times past, try to find a >> way to implement it and was glad to see the tutorial posted here for it. >> >> Eric >> >> -----Original Message----- >> From: Maxwell Smart [mailto:c...@yother.com] >> Sent: Friday, June 04, 2010 9:12 AM >> To: qmailtoaster-list@qmailtoaster.com >> Subject: RE: [qmailtoaster] Re: Webmail SSL >> >> Eric, >> >> Sounds like the exact same configuration as mine. >> >> SNI is Server Name Includes and it allows multiple secure connections >> with a single IP. I am having trouble getting mine to work. >> >> Do you use multiple certificates? One for each top level domain? >> >> CJ >> >> Quoting Eric Broch <ebr...@whitehorsetc.com>: >> >> >>> CJ, >>> >>> Virtual hosts (yes, 5 domains on 1 server), >>> SNI (I don't think so, I'm not really sure what it is???), >>> openssl-0.9.8e-12.el5_4.6 (yes) (i386 and x86_64), >>> gnutls-1.4.1-3.el5_4.8 (yes) (i386 and x86_64). >>> >>> Eric >>> >>> -----Original Message----- >>> From: Maxwell Smart [mailto:c...@yother.com] >>> Sent: Thursday, June 03, 2010 10:10 PM >>> To: qmailtoaster-list@qmailtoaster.com >>> Subject: RE: [qmailtoaster] Re: Webmail SSL's >>> >>> Eric, >>> >>> Virtual Hosts? Are you using SNI? GnuTLS or SSL? What version OpenSSL? >>> >>> Sorry for so many questions, but a few of us on this list are trying >>> to sort this. >>> >>> CJ >>> >>> Quoting Eric Broch <ebr...@whitehorsetc.com>: >>> >>> >>>> CJ, >>>> >>>> I secure three sites (domains) on the same server. None of my other >>>> >>> clients >>> >>>> use webmail >>>> >>>> Eric B. >>>> >>>> -----Original Message----- >>>> From: Maxwell Smart [mailto:c...@yother.com] >>>> Sent: Thursday, June 03, 2010 6:05 PM >>>> To: qmailtoaster-list@qmailtoaster.com >>>> Subject: Re: [qmailtoaster] Re: Webmail SSL >>>> >>>> Eric, >>>> >>>> Have you been successful in securing more than one site? >>>> >>>> CJ >>>> >>>> Quoting Eric Broch <ebr...@whitehorsetc.com>: >>>> >>>> >>>>> Maxwell Smart wrote: >>>>> >>>>>> I realize that it's a bit of a hack and I don't like it, but I >>>>>> cannot get it to work correctly otherwise. I just tried your >>>>>> config and it didn't work either. >>>>>> >>>>>> You are using the webmail suffix where I am not. I am trying to >>>>>> get mail.myserver.com to work using SNI. I should be able to have >>>>>> multiple virtual servers using https and I cannot get it to work. >>>>>> I think part of the problem is openssl 0.9.8e SNI requires f and >>>>>> newer. I upgraded on my test server, but I'm still having problems >>>>>> getting it to work correctly. >>>>>> >>>>>> I'll figure it out, it's just frustrating when you read the >>>>>> documentation and it doesn't quite work that way. Then where do >>>>>> you start to troubleshoot. >>>>>> >>>>>> Quoting Eric Shubert <e...@shubes.net>: >>>>>> >>>>>> >>>>>>> I'm not saying that ErrorDocument won't work, just that it's a bit >>>>>>> of a hack. >>>>>>> >>>>>>> The conventional way (and 'better' for a number of reasons) is to >>>>>>> use the RewriteEngine. I seem to recall that there's a way to turn >>>>>>> on logging for the rewrite engine if you're having a problem with >>>>>>> it. >>>>>>> >>>>>>> Here's the RewriteRule I'm presently using: >>>>>>> RewriteRule ^/(webmail.*)$ https://%{SERVER_NAME}/$1 [R=301,L] >>>>>>> >>>>>>> Upon closer examination, I see that >>>>>>> RewriteRule ^(.*/webmail*)$ https://%{SERVER_NAME}$1 [L,R] >>>>>>> appears to be missing a period after webmail. I believe that it > should >>>>>>> >>>> be: >>>> >>>>>>> RewriteRule ^(.*/webmail.*)$ https://%{SERVER_NAME}$1 [L,R] >>>>>>> Subtle, but big difference. I believe this would work, the same as >>>>>>> the one I'm using above. >>>>>>> -- >>>>>>> -Eric 'shubes' >>>>>>> >>>>>>> Maxwell Smart wrote: >>>>>>> >>>>>>>> That's exactly where I am having problems and that's the only way >>>>>>>> I can get it to work. If I have the welcome.conf enabled it goes >>>>>>>> to the apache welcome page instead of redirecting and the log >>>>>>>> file says failed, reason: SSL connection required. If I disable >>>>>>>> the welcome.conf and include the Error 403 line it works. I was >>>>>>>> just testing it with the variable when I received this e >>>>>>>> mail.Quoting Eric Shubert <e...@shubes.net>: >>>>>>>> >>>>>>>> >>>>>>>>> Maxwell Smart wrote: >>>>>>>>> >>>>>>>>>> It appears as though you have a default configuration. Replace >>>>>>>>>> this in your squirrelmail.conf file. >>>>>>>>>> >>>>>>>>>> <Directory /usr/share/squirrelmail> >>>>>>>>>> Options None >>>>>>>>>> Order allow,deny >>>>>>>>>> allow from all >>>>>>>>>> </Directory> >>>>>>>>>> >>>>>>>>>> with this >>>>>>>>>> >>>>>>>>>> <Directory "/usr/share/squirrelmail"> >>>>>>>>>> RewriteEngine on >>>>>>>>>> RewriteCond %{SERVER_PORT} !^443$ >>>>>>>>>> RewriteRule ^(.*/webmail*)$ https://%{SERVER_NAME}$1 [L,R] >>>>>>>>>> allow from all >>>>>>>>>> Options >>>>>>>>>> SSLRequireSSL >>>>>>>>>> ErrorDocument 403 "https://your.server.com/webmail/" >>>>>>>>>> </Directory> >>>>>>>>>> >>>>>>>>>> You will need to change the your.server.com to your server name. >>>>>>>>>> >>>>>>>>>> CJ >>>>>>>>>> >>>>>>>>>> >>>>>>>>> You shouldn't need the ErrorDocument line. >>>>>>>>> >>>>>>>>> In addision, if you were to use that hack, it'd be better to use >>>>>>>>> the %{SERVER_NAME} variable instead of hard coding your domain >>>>>>>>> name. >>>>>>>>> >>>>>>>>> -- >>>>>>>>> -Eric 'shubes' >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- Qmailtoaster is sponsored by Vickers Consulting Group >>>> >>>>>>>>> (www.vickersconsulting.com) >>>>>>>>> Vickers Consulting Group offers Qmailtoaster support and >>>>>>>>> >>>> installations. >>>> >>>>>>>>> If you need professional help with your setup, contact them >>>>>>>>> >> today! >> >>>>>>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- Please visit qmailtoaster.com for the latest news, updates, > and >>>> >>>>>>>>> packages. >>>>>>>>> To unsubscribe, e-mail: >>>>>>>>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>>>>>>>> For additional commands, e-mail: >>>>>>>>> qmailtoaster-list-h...@qmailtoaster.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Cecil Yother, Jr. "cj" >>>>>>>> cj's >>>>>>>> 2318 Clement Ave >>>>>>>> Alameda, CA 94501 >>>>>>>> >>>>>>>> tel 510.865.2787 >>>>>>>> http://yother.com >>>>>>>> >>>>>>>> ---------------------------------------------------------------- >>>>>>>> This message was sent using IMP, the Internet Messaging Program. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- Qmailtoaster is sponsored by Vickers Consulting Group >>>> >>>>>>>> (www.vickersconsulting.com) >>>>>>>> Vickers Consulting Group offers Qmailtoaster support and >>>>>>>> >>>> installations. >>>> >>>>>>>> If you need professional help with your setup, contact them > today! >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- Qmailtoaster is sponsored by Vickers Consulting Group >>>> >>>>>>> (www.vickersconsulting.com) >>>>>>> Vickers Consulting Group offers Qmailtoaster support and >>>>>>> >>>> installations. >>>> >>>>>>> If you need professional help with your setup, contact them > today! >>>>>>> >>>>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- Please visit qmailtoaster.com for the latest news, updates, > and >>>> >>>>>>> packages. >>>>>>> To unsubscribe, e-mail: >>>>>>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>>>>>> For additional commands, e-mail: >>>>>>> >>>> qmailtoaster-list-h...@qmailtoaster.com >>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> Cecil Yother, Jr. "cj" >>>>>> cj's >>>>>> 2318 Clement Ave >>>>>> Alameda, CA 94501 >>>>>> >>>>>> tel 510.865.2787 >>>>>> http://yother.com >>>>>> >>>>>> ---------------------------------------------------------------- >>>>>> This message was sent using IMP, the Internet Messaging Program. >>>>>> >>>>>> >>>>>> >>>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- Qmailtoaster is sponsored by Vickers Consulting Group >>>> >>>>>> (www.vickersconsulting.com) >>>>>> Vickers Consulting Group offers Qmailtoaster support and >>>>>> >>> installations. >>> >>>>>> If you need professional help with your setup, contact them today! >>>>>> >>>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- Please visit qmailtoaster.com for the latest news, updates, > and >>>> >>>>>> packages. >>>>>> To unsubscribe, e-mail: >>>>>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>>>>> For additional commands, e-mail: >>>>>> >>>> qmailtoaster-list-h...@qmailtoaster.com >>>> >>>>>> >>>>>> >>>>> I don't use the redirect in the squirrelmail config file but in the >>>>> apache config file using virtual hosting. You might give this a try >>>>> >>>>> <VirtualHost *:80> >>>>> ServerName www.whitehorsetc.com >>>>> ServerAlias whitehorsetc.com >>>>> ServerAdmin postmas...@whitehorsetc.com >>>>> DocumentRoot /var/www/html >>>>> # >>>>> RewriteEngine On >>>>> # >>>>> RewriteLog "/var/log/httpd/whitehorsetc.com-rewrite_log" >>>>> RewriteLogLevel 9 >>>>> # >>>>> RewriteCond %{REQUEST_URI} =/webmail/ [OR] >>>>> RewriteCond %{REQUEST_URI} =/webmail [OR] >>>>> RewriteCond %{REQUEST_URI} =/webmail/src/right_main.php >>>>> RewriteRule ^(.*)$ https://www.whitehorsetc.com$1 [R=301,L] >>>>> # >>>>> RewriteCond %{HTTP_HOST} !^www\.whitehorsetc\.com [NC] >>>>> RewriteRule ^(.*)$ http://www.whitehorsetc.com$1 [R=301,L] >>>>> # >>>>> ErrorLog logs/whitehorsetc.com-error_log >>>>> CustomLog logs/whitehorsetc.com-access_log common >>>>> </VirtualHost> >>>>> >>>>> Eric >>>>> >>>>> >>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- >>>> >>>>> Qmailtoaster is sponsored by Vickers Consulting Group >>>>> (www.vickersconsulting.com) >>>>> Vickers Consulting Group offers Qmailtoaster support and >>>>> >>> installations. >>> >>>>> If you need professional help with your setup, contact them today! >>>>> >>>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- >>>> >>>>> Please visit qmailtoaster.com for the latest news, updates, and >>>>> >>>> packages. >>>> >>>>> To unsubscribe, e-mail: >>>>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>>>> For additional commands, e-mail: >>>>> >>>> qmailtoaster-list-h...@qmailtoaster.com >>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> Cecil Yother, Jr. "cj" >>>> cj's >>>> 2318 Clement Ave >>>> Alameda, CA 94501 >>>> >>>> tel 510.865.2787 >>>> http://yother.com >>>> >>>> ---------------------------------------------------------------- >>>> This message was sent using IMP, the Internet Messaging Program. >>>> >>>> >>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- >>>> Qmailtoaster is sponsored by Vickers Consulting Group >>>> (www.vickersconsulting.com) >>>> Vickers Consulting Group offers Qmailtoaster support and >>>> >>> installations. >>> >>>> If you need professional help with your setup, contact them today! >>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>>> ----- >>>> Please visit qmailtoaster.com for the latest news, updates, and >>>> packages. >>>> >>>> To unsubscribe, e-mail: >>>> >>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>> >>>> For additional commands, e-mail: >>>> qmailtoaster-list-h...@qmailtoaster.com >>>> >>>> >>>> >>>> >>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>> ----- >>> >>>> Qmailtoaster is sponsored by Vickers Consulting Group >>>> (www.vickersconsulting.com) >>>> Vickers Consulting Group offers Qmailtoaster support and >>>> >>> installations. >>> >>>> If you need professional help with your setup, contact them today! >>>> >>>> >>> >> > ---------------------------------------------------------------------------- >> >>> ----- >>> >>>> Please visit qmailtoaster.com for the latest news, updates, and >>>> packages. >>>> >>>> To unsubscribe, e-mail: >>>> >>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>> >>>> For additional commands, e-mail: >>>> >>> qmailtoaster-list-h...@qmailtoaster.com >>> >>>> >>>> >>>> >>> >>> >>> Cecil Yother, Jr. "cj" >>> cj's >>> 2318 Clement Ave >>> Alameda, CA 94501 >>> >>> tel 510.865.2787 >>> http://yother.com >>> >>> ---------------------------------------------------------------- >>> This message was sent using IMP, the Internet Messaging Program. >>> >>> >>> >>> >> > ---------------------------------------------------------------------------- >> >>> ----- >>> Qmailtoaster is sponsored by Vickers Consulting Group >>> (www.vickersconsulting.com) >>> Vickers Consulting Group offers Qmailtoaster support and >>> >> installations. >> >>> If you need professional help with your setup, contact them today! >>> >>> >> > ---------------------------------------------------------------------------- >> >>> ----- >>> Please visit qmailtoaster.com for the latest news, updates, and >>> packages. >>> >>> To unsubscribe, e-mail: >>> >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> >>> For additional commands, e-mail: >>> qmailtoaster-list-h...@qmailtoaster.com >>> >>> >>> >>> >>> >>> >> > ---------------------------------------------------------------------------- >> ----- >> >>> Qmailtoaster is sponsored by Vickers Consulting Group >>> (www.vickersconsulting.com) >>> Vickers Consulting Group offers Qmailtoaster support and >>> >> installations. >> >>> If you need professional help with your setup, contact them today! >>> >>> >> > ---------------------------------------------------------------------------- >> ----- >> >>> Please visit qmailtoaster.com for the latest news, updates, and >>> packages. >>> >>> To unsubscribe, e-mail: >>> >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> >>> For additional commands, e-mail: >>> >> qmailtoaster-list-h...@qmailtoaster.com >> >>> >>> >>> >> >> >> Cecil Yother, Jr. "cj" >> cj's >> 2318 Clement Ave >> Alameda, CA 94501 >> >> tel 510.865.2787 >> http://yother.com >> >> ---------------------------------------------------------------- >> This message was sent using IMP, the Internet Messaging Program. >> >> >> > ---------------------------------------------------------------------------- >> ----- >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com) >> Vickers Consulting Group offers Qmailtoaster support and > installations. >> If you need professional help with your setup, contact them today! >> > ---------------------------------------------------------------------------- >> ----- >> Please visit qmailtoaster.com for the latest news, updates, and >> packages. >> >> To unsubscribe, e-mail: > qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> >> >> >> >> > ---------------------------------------------------------------------------- > ----- >> Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) >> Vickers Consulting Group offers Qmailtoaster support and > installations. >> If you need professional help with your setup, contact them today! >> > ---------------------------------------------------------------------------- > ----- >> Please visit qmailtoaster.com for the latest news, updates, and > packages. >> >> To unsubscribe, e-mail: > qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com >> >> >> > > -- > Cecil Yother, Jr. "cj" > cj's > 2318 Clement Ave > Alameda, CA 94501 > > tel 510.865.2787 | fax 510.864.7300 > http://yother.com > > > ---------------------------------------------------------------------------- > ----- > Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) > Vickers Consulting Group offers Qmailtoaster support and installations. > If you need professional help with your setup, contact them today! > ---------------------------------------------------------------------------- > ----- > Please visit qmailtoaster.com for the latest news, updates, and > packages. > > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com > > > > > ---------------------------------------------------------------------------- ----- > Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) > Vickers Consulting Group offers Qmailtoaster support and installations. > If you need professional help with your setup, contact them today! > ---------------------------------------------------------------------------- ----- > Please visit qmailtoaster.com for the latest news, updates, and > packages. > > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > > > Cecil Yother, Jr. "cj" cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 http://yother.com ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ---------------------------------------------------------------------------- ----- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! ---------------------------------------------------------------------------- ----- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com --------------------------------------------------------------------------------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --------------------------------------------------------------------------------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com