** Reply to note from "CGI Guru" <[EMAIL PROTECTED]> Mon, 12 Nov 2001 14:20:08 -0600
> this would be a killer setup for a dedicated email server. Yes it should be! I played with it a little right after I installed vpopmail a few months ago, and it looked very promising. Then I got busy with having to relocate my servers. (I think a root canal is more fun!) > Just remember if you do this to compile apache with your vpopmail > directories under your httpd suexec directory tree or you won't be able to > execute any cgi scripts for it. If you are doing this with PHP as an apache module, suexec doesn't matter. PHP will run out of any directory under DocumentRoot, and if the server runs as User vpopmail Group vchkpw you can exec _any_ of the commands in ~vpopmail/bin including vadddomain and vdeldomain. Be careful! if you do something like: <VirtualHost mail.onedomain.com> ServerName mail.onedomain.com ServerAdmin [EMAIL PROTECTED] DocumenRoot /some/directory . . . </VirtualHost> <VirtualHost mail.anotherdomain.com> ServerName mail.anotherdomain.com ServerAdmin [EMAIL PROTECTED] DocumenRoot /some/directory . . . </VirtualHost> <VirtualHost admin.mydomain.com> ServerName admin.mydomain.com ServerAdmin me DocumentRoot /another/directory . . . </VirtualHost> One set of files in /some/directory can handle unlimited mail domains, and when the scripts are run you will find that $PHP_SELF is set to the current script that is running and $SERVER_NAME is set to the domain the user is working with. It is very handy because one set of code can handle many domains, and the user doesn't have to re-enter the domain name. (besides typing it into the URL.) Keep the scripts that allow you to add and delete domains and other system admin duties, in /another/directory so most people can't hit them. Be sure you have a good user authentication scheme. One possibility is to use the vpasswd file for the domain with Basic Authentication. That way only people with valid email addresses can access the pages. Something like adding the following inside each of the <VirtualHost blocks above. <Location /> AuthType Basic AuthName "Email Administration" AuthUserFile ~vpopmail/domains/somedomain.com/vpasswd Require valid-user </Location> If you do this, you can get the user name from $REMOTE_USER so they only have to type that in the authentication window one time when they hit the mail admin server. You might want to present a home page that lets them chose between email administration or sqwebmail, and only have the password on the directory that contains your admin pages. In some much older versions of apache it would choke if there was anything after the password in the AuthUserFile, but at least since 1.3.12 you are allowed to have as many fields in the file as you want as long as the first is username and the second is password. I wouldn't even mess with an unusual port, just use port 80 (or 443 if you can afford the certificates, or convince your users to use self signed ones. I plan on doing the latter.) Just make sure this is the only web application on the server. Rick Widmer Internet Marketing Specialists http://www.developersdesk.com
