AlphaMail Is Scalable and Accessible Web Mail
# telnet imap.example.com 143 # for no SSL
These commands connect you to the IMAP server and allow you to enter protocol commands. Type the following (the numbers are part of the commands):
1 login username password 2 list "" "%" 3 logout
The username and password, of course, should be real user credentials for a typical IMAP account. The responses to the second command should look like this:
* LIST (\HasNoChildren) "." "INBOX.Spam" * LIST (\HasNoChildren) "." "INBOX.Trash"
which indicates that . is the separator and makes it pretty obvious that INBOX is a common prefix (in this case all entries start with INBOX.).
The prefix parameter is primarily an interface optimization: the interface removes the prefix when displaying most folder names in order to make things more compact. You can hand-edit any of the parameters in the resulting alphamail_config file, which is a commented text file. The entry for defining a pair of typical IMAP servers that serve two mail exchanges looks like this:
imap_servers: example.com=imap.example.com:993[INBOX.], ↪example.net=imap.example.net:143[/]
The above setting indicates that users should be able to select their mail domain on login (example.com or example.net), and associates these with a corresponding IMAP server, port, prefix and IMAP path separator.
The separator in the brackets is always required, but the prefix is not. The notation [/] means no prefix, with slash as the separator. The IMAP connections will be insecure if you use anything but the SSL alternate port 993.
Attachment viewers and other external programs run in a sandbox that uses a chroot jail, user ID protections and other filesystem restrictions to ensure that a bug in a viewer cannot compromise anything more than the file the user is trying to view, which by definition would be the file containing the exploit. This is where you will use the extra user you created earlier.
The sandbox utility is installed in /usr/local/libexec/sandbox, by default, and is a setuid program. It is important that the permissions of this executable allow execution by the Web server, but it is a security hazard to allow any other user access to the utility. I recommend that AlphaMail be run on a standalone system that serves only Web mail and nothing else, with no shell access for users.
The configuration also asks you to configure the large file-sharing system. This option allows users to upload files to the AlphaMail system, so that others can download them later. Large file sharing is useful when someone needs to send a file that is larger than is allowed or recommended as part of an e-mail message. File sharing has several safeguards to prevent abuse, including terms-of-use agreements, size limits, password protection, encryption, download limits and time-based expirations. Choosing a zero size for the size limit in file sharing disables the feature.
The final step is to edit the Apache configuration. Make sure that mod_perl2 and libapreq2 are loaded with directives, such as:
LoadModule apreq_module modules/mod_apreq2.so LoadModule perl_module modules/mod_perl.so
And, include the generated alphamail.conf Apache configuration file. For example:
Apache and imap_webcache must be running for AlphaMail to work. Startup order does not matter. A sample Red Hat init script for the Web cache is included and will be installed in /usr/local/share/alphamail/util/init.d.
A garbage collection script must be run periodically from cron. AlphaMail writes numerous files as the mail system operates, most of which are decoded MIME messages and attachments. These files cannot be cleaned reliably by the Web software, as there are no guarantees about user behavior. The script is called garbage_sweeper and is well documented in the Administration Guide.
AlphaMail is in production use at the University of Oregon. The performance and usability results have been very encouraging, and the former are available at the AlphaMail home page.
However, the system is still new, and there are some latent bugs that have yet to be solved. The imap_webcache itself is a rather complicated piece of software that may have occasional problems. As a result, I recommend running an included utility called the hang_detector (in /usr/local/share/alphamail/util by default). You must edit this script before using it, and it requires a valid IMAP user in order to work.
It runs a full query against the Web cache every 15 seconds and is capable of restarting the imap_webcache (via the included init script). It is also capable of sending mail to administrators if desired.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
|CentOS 6.8 Released||May 27, 2016|
|Secure Desktops with Qubes: Introduction||May 27, 2016|
|Chris Birchall's Re-Engineering Legacy Software (Manning Publications)||May 26, 2016|
|ServersCheck's Thermal Imaging Camera Sensor||May 25, 2016|
|Petros Koutoupis' RapidDisk||May 24, 2016|
|The Italian Army Switches to LibreOffice||May 23, 2016|
- Secure Desktops with Qubes: Introduction
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- CentOS 6.8 Released
- The Italian Army Switches to LibreOffice
- Linux Mint 18
- Chris Birchall's Re-Engineering Legacy Software (Manning Publications)
- ServersCheck's Thermal Imaging Camera Sensor
- Oracle vs. Google: Round 2
- Petros Koutoupis' RapidDisk
- The FBI and the Mozilla Foundation Lock Horns over Known Security Hole
Until recently, IBM’s Power Platform was looked upon as being the system that hosted IBM’s flavor of UNIX and proprietary operating system called IBM i. These servers often are found in medium-size businesses running ERP, CRM and financials for on-premise customers. By enabling the Power platform to run the Linux OS, IBM now has positioned Power to be the platform of choice for those already running Linux that are facing scalability issues, especially customers looking at analytics, big data or cloud computing.
￼Running Linux on IBM’s Power hardware offers some obvious benefits, including improved processing speed and memory bandwidth, inherent security, and simpler deployment and management. But if you look beyond the impressive architecture, you’ll also find an open ecosystem that has given rise to a strong, innovative community, as well as an inventory of system and network management applications that really help leverage the benefits offered by running Linux on Power.Get the Guide