Here are examples httpd.conf settings for running SquirrelMail under Apache:\n
Alias /mail/ /var/squirrelmail/bin/
<Directory /var/squirrelmail/bin/>
Options MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
This assumes you have unpackaged SquirrelMail into /var/squirrelmail/bin. In this configuration I have /var/squirrelmail/tmp set as the attachments tmp dir and /var/squirrelmail/data as the preferences directory.
Also, if your server emits the source instead of the actual pages it's likely that the PHP modules haven't been loaded. I noticed in my http*.conf files define checks for HAVE_PHP4 and removed these and restarted the webserver and everything worked perfectly. There is probably a better solution to define HAVE_PHP4 so you don't have to modify config files.
Ryan Snodgrass, 2002-03-18
You may also want to ensure that any connection to the SquirrelMail pages makes use of a secure (SSL) connection. One way is to redirect any connection to your mail directory with the following Apache configuration commands:\n
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/mail.*
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://example.com/$1
Kelly Black, 2003-09-07
I had to use :\n
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/mail.*
RewriteCond %{SERVER_PORT} !^443$
RewriteRule . https://example.com%{REQUEST_URI}
Otherwise, it wouldn't work on my Apache setup
David, 2004-05-12
Apache can be configured in a couple different ways to make sure that people don't request files out of the data directory if you are forced to keep it in a web server readable area (see DataAndAttachmentsDirectories).
You can add [<Location>] tags in the Apache config.\n
<Location /status>
SetHandler server-status
Order Deny,Allow
Deny from all
</Location>
You can add [<Files> ] tags in the Apache config or to a .htaccess file.\n
<Files "*">
deny from all
</Files>
Please read the following links for more options: