Raspberry Pi Email Server Part 3: Squirrelmail

Squirrelmail Logo

This is the third part of a five part tutorial that will show you how to install a full featured email server on your Raspberry Pi. This tutorial covers how to set up Webmail with Squirrelmail.

The parts are:
The Introduction & Contents Page (read first)
Raspberry Pi Email Server Part 1: Postfix
Raspberry Pi Email Server Part 2: Dovecot
Raspberry Pi Email Server Part 3: Squirrelmail
Raspberry Pi Email Server Part 4: Spam Detection with Spamassassin
Raspberry Pi Email Server Part 5: Spam Sorting with LMTP & Sieve

Installing Apache

If you don't already have apache installed (you might if you've followed my wordpress tutorial), then install it now.

sudo apt-get update
sudo apt-get install apache2

Enable the SSL apache module so that you can use HTTPS:

sudo a2enmod ssl

There are some "pre-made" virtualhost configurations that come with apache. This command will enable the "default-ssl" virtualhost, by creating a symbolic link from /etc/apache2/sites-available/default-ssl to /etc/apache2/sites-enabled/default-ssl:

sudo a2ensite default-ssl

Now reload apache to make the changes take effect:

sudo service apache2 reload

If you type the IP address or hostname of the pi into a web browser now, you should see the default Apache test page:


If you try the https version, you'll get a certificate error because you are using a self-signed SSL certificate. If you like, you can follow my CAcert tutorial to get a free SSL certificate for your domain, or you can just store an exception for the certificate and generate a proper one later.


That's it for Apache. If you want to know more about setting up Apache for multiple websites, subdomains, and SSL configurations, I suggest you read my tutorial explaining Apache's VirtualHost files.

Installing Squirrelmail

Now we need to install squirrelmail:

sudo apt-get update
sudo apt-get install squirrelmail

The basic configuration for squirrelmail is really easy, and can be done with the setup script. To run the script, use this command:

sudo squirrelmail-configure

Squirrelmail configuration menu

Choose “D” for pre-defined settings

Choose pre-defined server configuration

Now type “dovecot” and hit enter

Accept pre-defined configuration for use with Dovecot

Press enter to continue, then save and quit (press Q and save when prompted, or press S then Q).

The configuration script creates a configuration file for apache in /etc/squirrelmail/apache.conf. You need to create a symbolic link so that Apache2 will load your Squirrelmail apache configuration file when it starts up.

On Raspbian Wheezy, the command is:

sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf

On Raspbian Jessie, the apache configuration directory structure is more like ubuntu, with separate folders for configuration files that are available and files that are enabled. This command will create a symlink from the directory where enabled configuration is stored, to squirrelmail's apache configuration file:

sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf-enabled/squirrelmail.conf

On a related note, there's a convenience command a2enconf that works similarly to a2ensite: it creates a symlink from the conf-available directory to the conf-enabled directory. You should use this in situations where config already exists in conf-available, e.g. sudo a2enconf squirrelmail would create a symlink for a file called squirrelmail.conf.

Now reload Apache one more time so that it reads the config file we just symlinked:

sudo service apache2 reload

Now visit the IP address or hostname of your Pi again, but add /squirrelmail to the path, e.g., you should see the login page:


The squirrelmail configuration file just adds an alias that should affect every virtualhost, so if you install a wordpress site or something like that on your pi, you will be able to get to the squirrelmail login page by visiting yourdomain.com/squirrelmail.

Redirect http to https for secure login

Since you don't want to send your login details and confidential information over the internet without SSL, it's best to redirect all http URLs to https.

The default squirrelmail apache configuration file at /etc/squirrelmail/apache.conf contains some rewrite rules we can use, we just need to uncomment them. Open the file and uncomment the lines by removing the # at the start of each so that it looks like this:

<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
    <Location /squirrelmail>
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC]
      RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]

This configuration makes sure that the rewrite and ssl modules are enabled, and does nothing if they aren't. We already enabled the ssl module earlier, so all we need to do now is enable the rewrite module:

sudo a2enmod rewrite

And reload Apache:

sudo service apache2 reload

Now if you visit the HTTP page, you should be redirected to HTTPS.

Optional: Configuring Apache to serve Squirrelmail on a subdomain

If you would like to move the login page to the root of your domain (i.e. so that yourdomain.com would serve the login page for squirrelmail), or if you would like to serve it on a subdomain like mail.yourdomain.com, you can edit the configuration file. If not, you can skip this section.

By default, this line in /etc/squirrelmail/apache.conf means that http://www.yourdomain.com/squirrelmail will load squirrelmail:

Alias /squirrelmail /usr/share/squirrelmail

If you would rather have webmail on a subdomain like mail.yourdomain.com then you could edit the /etc/squirrelmail/apache.conf file to look like this (comment out the rest):

<VirtualHost *:80>
  DocumentRoot /usr/share/squirrelmail
  ServerName mail.yourdomain.com

<Directory /usr/share/squirrelmail>
  Options FollowSymLinks
  <IfModule mod_php5.c>
    php_flag register_globals off
  <IfModule mod_dir.c>
    DirectoryIndex index.php

  # access to configtest is limited by default to prevent information leak
  <Files configtest.php>
    order deny,allow
    deny from all
    allow from

Note that if you want to serve mail on a subdomain, then that subdomain needs a DNS record, so edit your records with your DNS provider accordingly.

However, the virtualhost code above only does HTTP. You also want an HTTPS virtualhost for the subdomain on port 443:

<IfModule mod_ssl.c>
<VirtualHost *:443>
  DocumentRoot /usr/share/squirrelmail
  ServerName mail.yourdomain.com

<Directory /usr/share/squirrelmail>
  Options FollowSymLinks
  <IfModule mod_php5.c>
    php_flag register_globals off
  <IfModule mod_dir.c>
    DirectoryIndex index.php

  # access to configtest is limited by default to prevent information leak
  <Files configtest.php>
    order deny,allow
    deny from all
    allow from

ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

SSLEngine on
SSLCertificateFile    /etc/ssl/certs/your-ssl-certificate.crt
SSLCertificateKeyFile /etc/ssl/private/your-ssl-certificate-keyfile.key


If you use this configuration, the rewrite rules from the "rewrite to HTTPS" section (the ones from the default config file) won't work. If you want an HTTPS-only solution, you can replace the virtualhost for port 80 with this:

<VirtualHost *:80>
ServerName mail.yourdomain.com
<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
    <Location />
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC]
      RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]

As before, make sure you have the rewrite module enabled:

sudo a2enmod rewrite

Now reload apache:

sudo service apache2 restart

If you get an error like this:

[....] Restarting web server: apache2[Fri Dec 06 15:54:04 2013] [warn] _default_ VirtualHost overlap on port 443, the first has precedence

Then add NameVirtualHost *:443 to the start of the SSL VirtualHost block, i.e.:

NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>
  DocumentRoot /usr/share/squirrelmail
  ServerName mail.yourdomain.com

For more info on HTTP and HTTPS VirtualHost configuration on Apache2, see this tutorial of mine.

If all went to plan then you can navigate to mail.yourdomain.com and you should see the squirrelmail login page (you might need to forward some ports on your router if you haven't already - see the next section):

Squirrelmail login page

Port Forwarding

Squirrelmail will log in to your IMAP server on port 143 to display your emails. It doesn’t need to authenticate because it’s in your network (remember the permit_mynetworks parameter from the previous tutorials?). You don’t need to worry about it being an unencrypted connection, because the data isn't actually travelling over any insecure networks (the connection is internal). Similarly, you don’t need to open port 143 (“plain” imap without SSL/TLS) on your router because the connection happens within the Pi, and the content is actually served to you, the user, on port 443 (https).

So you do need to open ports 80 and 443 for http and https like below:

Port forwarding rules


Before you start testing your webmail, make sure that the permit_mynetworks parameters are uncommented in your postfix confuguration file /etc/postfix/main.cf (in both your smtpd_recipient_restrictions and smtpd_helo_restrictions).

Now reload your postfix configuration:

sudo service postfix reload

Try sending and receiving emails from within Squirrelmail. You should have no problems, but if you do please post a comment and I’ll try to help you out.

Customising the Squirrelmail Login

To customise the login page, run the configuration wizard:

sudo squirrelmail-configure
  1. Select “1″ (organisation preferences)
  2. Select “7″ and change to your domain (e.g. http://www.samhobbs.co.uk)
  3. Select “8″ and change to you/your organisation’s name

Squirrelmail Plugins

There are loads of plugins available for Squirrelmail, for all kinds of things. On most systems, these plugins are installed by downloading a .zip file to your server, unzipping the plugin to the right location and then tinkering with the settings manually.

Thankfully, some of the most commonly used plugins are available from the Raspbian repositories, so installation is much simpler. Here is a list of the plugins in the repo:

  1. squirrelmail-compatibility
  2. squirrelmail-decode
  3. squirrelmail-locales
  4. squirrelmail-lockout
  5. squirrelmail-logger
  6. squirrelmail-quicksave
  7. squirrelmail-secure-login
  8. squirrelmail-sent-confirmation
  9. squirrelmail-spam-buttons
  10. squirrelmail-viewashtml

The one I think is most useful and the one I’m going to use as an example is lockout.

To use the lockout package, we need to install the compatibility package, which basically makes sure that plugins built for different versions of squirrelmail can still work with the version you are running.

sudo apt-get update
sudo apt-get install squirrelmail-compatibility

Now we need to enable the plugin:

sudo squirrelmail-configure
  1. select “8″
  2. select “compatibility”
  3. select “S” (to save)
  4. select “Q” (to quit)

That’s all you need to do for the compatibility plugin. Now we can install the lockout plugin:

sudo apt-get install squirrelmail-lockout

Now for the configuration:

sudo squirrelmail-configure

Make sure that lockout is enabled

Now we can manually edit some settings. Before starting, I like to back up the default config files for reference:

cd /etc/squirrelmail
sudo cp lockout-table.php lockout-table.php.BAK
sudo cp lockout-config.php lockout-config.php.BAK

Now edit the lockout-table.php file. Read the comments in the file for an explanation of how the table works. I wanted to disable logins for the user “admin”, so I commented out the examples at the end of the file and replaced them with this:

user:		admin		locked_out.php

Now edit lockout-config.php and set $use_lockout_rules = 1; to turn on lockouts.

Now try and log in as the user you locked out, and you should get this message: “Access Denied / Please contact your system administrator”.

We can also lock out IP addresses of users who enter incorrect username/password combinations repeatedly. To do this, open lockout-config.php and set $max_login_attempts_per_IP = '3:5:0'.

The first number in this parameter is the number of incorrect attempts that are allowed before a ban. The second number is the time frame for these incorrect attempts, and the last number is the amount of time the ban lasts for when activated (0 is forever).

So, the setting I gave you above means that anyone who makes 3 incorrect attempts to authenticate in 5 minutes is permanently banned.

When a successful login is made, the count is reset to 0.

Data on current bad login attempts and bans is stored here: /var/lib/squirrelmail/data/lockout_plugin_login_failure_information

The plugin will add entries like this to keep track of bad logins:


…where 999.999.99.99 is the offending IP address

If you accidentally ban yourself, you’ll have to log in via SSH and edit this file to remove those lines.

That’s it, you’re done! Have fun exploring the other plugins!

The next two tutorials, Part 4 and Part 5 deal with spam detection and filtering.




So after a good search I found out that the AUTH PLAIN is generated by the system and not for me but it doesn't appear to me! Shoud it appear?

I tried the rest of the process and it went great.

What can I do now?


Thanks, for informative tutorial and an excellent explanation but I have a problem, I can send emails to myself within the pi but whenever i want to send it to/from external email eg yahoo, icloud, or hotmail it failed so as vice versa.
I had included my mail.log for checking it out

root@muyaad:~# tail /var/log/mail.log
Oct 12 03:17:35 muyaad postfix/smtp[3078]: connect to mx2.mail.icloud.com[]:25: Connection timed out
Oct 12 03:18:05 muyaad postfix/smtp[3078]: connect to mx6.mail.icloud.com[]:25: Connection timed out
Oct 12 03:18:35 muyaad postfix/smtp[3078]: connect to mx1.mail.icloud.com[]:25: Connection timed out
Oct 12 03:18:36 muyaad postfix/smtp[3078]: 8BE6C40618: to=, relay=none, delay=151, delays=1/0.01/150/0, dsn=4.4.1, status=deferred (connect to mx1.mail.icloud.com[]:25: Connection timed out)
Oct 12 03:19:25 muyaad postfix/anvil[3086]: statistics: max connection rate 1/60s for (smtps: at Oct 12 03:16:03
Oct 12 03:19:25 muyaad postfix/anvil[3086]: statistics: max connection count 1 for (smtps: at Oct 12 03:16:03
Oct 12 03:19:25 muyaad postfix/anvil[3086]: statistics: max cache size 1 at Oct 12 03:16:03
Oct 12 03:22:22 muyaad dovecot: imap-login: Login: user=, method=PLAIN, rip=, lip=, mpid=3128, secured, session=
Oct 12 03:22:22 muyaad dovecot: imap(muyaad): Disconnected: Logged out in=79 out=712
Oct 12 03:22:30 muyaad postfix/qmgr[2827]: CA47240D2C: from=, size=788, nrcpt=1 (queue active)

If you use telnet to connect to that icloud address on port 25, does it connect? Can you connect to my server on port 25? If not your ISP may be doing some kind of outbound port blocking.


Hi Sam,

I tried to create the symbolic link, but no success because I don't seem to have the conf.d directory in the apache2 directory:

pi@raspberrypi ~ $ sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf
ln: failed to create symbolic link ‘/etc/apache2/conf.d/squirrelmail.conf’: No such file or directory
pi@raspberrypi ~ $ cd /etc/apache2/
pi@raspberrypi /etc/apache2 $ ls
apache2.conf conf-enabled magic mods-enabled sites-available
conf-available envvars mods-available ports.conf sites-enabled
pi@raspberrypi /etc/apache2 $

Any ideas?



Hi Jo,

Try this instead:

sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf-enabled/squirrelmail.conf


The syslink for apache needs an update with the chance to Jessie. /etc/apache2/conf.d/squirrelmail.conf no longer exists.
sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf-enabled/squirrelmail.conf seems to work.
The set-up is all working :-) up to creating the webmail subdomain, still working on that.
Thanks again.

Hi Jo,

in /etc/postfix/main.cf, change message_size_limit to whatever you like. The number is the number of bytes...

# increase max message size to 100MB. Default = 10240000 = 10.24MB
message_size_limit = 102400000


Hi Sam,
Glad to say that thanks to you I am up and running my own Pi email server. I have now moved onto SquirrelMail, but am having issues with creating the symbolic links. After copying and pasting your command: sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf
I get this error:
ln: failed to create symbolic link ‘/etc/apache2/conf.d/squirrelmail.conf’: No such file or directory
I have looked into the /etc/apache2 directory and there is no conf.d subdirectory. Is it hidden or have i missed something? I have enabled all the modules discussed above.
I think I might have had this issue in step 1 or 2, but it does;t seem to have stopped me....
Great tutorial.

The directory structure is different on Raspbian Jessie (the tutorial was originally written for Wheezy).

I've updated the tutorial :)


When I try to send email from Squirrel I get this error:
Message not sent. Server replied:
Transaction failed
554 5.7.1 : Relay access denied

Did you forget to uncomment permit_mynetworks in the restriction lists?


Hi Sam I hit issue with this section, I can not send any email using Squirrelmail. So far all was working, but not this part3

Jan 7 10:20:51 crystalnet postfix/qmgr[32266]: 0CD3720A03: from=, size=1036, nrcpt=1 (queue active)
Jan 7 10:20:52 crystalnet postfix/smtp[32492]: 0CD3720A03: to=, relay=mx4.hotmail.com[]:25, delay=1.2, delays=0.46/0.03/0.51/0.16, dsn=5.0.0, status=bounced (host mx4.hotmail.com[] said: 550 DY-001 (COL004-MC5F35) Unfortunately, messages from weren't sent. Please contact your Internet service provider. You can tell them that Hotmail does not relay dynamically-assigned IP ranges. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. (in reply to MAIL FROM command))
Jan 7 10:20:52 crystalnet postfix/smtp[32492]: 0CD3720A03: lost connection with mx4.hotmail.com[] while sending RCPT TO
Jan 7 10:20:52 crystalnet postfix/cleanup[32471]: 32662209D8: message-id=<20160107102052.32662209D8@crystalnet.site>
Jan 7 10:20:52 crystalnet postfix/bounce[32493]: 0CD3720A03: sender non-delivery notification: 32662209D8
Jan 7 10:20:52 crystalnet postfix/qmgr[32266]: 32662209D8: from=<>, size=3531, nrcpt=1 (queue active)
Jan 7 10:20:52 crystalnet postfix/qmgr[32266]: 0CD3720A03: removed
Jan 7 10:20:52 crystalnet postfix/local[32494]: 32662209D8: to=, relay=local, delay=0.06, delays=0.02/0.03/0/0.02, dsn=2.0.0, status=sent (delivered to maildir)
Jan 7 10:20:52 crystalnet postfix/qmgr[32266]: 32662209D8: removed

am I missing something?

Hi, this part...

Hotmail does not relay dynamically-assigned IP ranges

...makes it quite clear that the problem is due to your dynamic IP address. Get a static IP address if you can, or you may have to set up outgoing mail to relay through your ISP's mail server (which will have a static IP). The steps required to do that will depend on your ISP, so unfortunately I can't really help you there.


Hi Sam, thank you for that, I can send mails now, but not to every. Usually I'm blocked using zen.spamhaus.org. How did you manage this problem. Did you hit this problem?
Looks like my ip (dynamic) is listed in the PBL,
I have found one hint on https://www.spamhaus.org/faq/section/Spamhaus%20PBL#253
Make sure you are connecting to your mail server's 'authenticated mail' port 587 and not the ordinary 'unauthenticated' port 25. (ask your ISP to check for you)

I think in your tutorial we r using 465 should I change this port to 587 ?

How can I have 'SMTP Authentication' switched on
Looks like if we want use something independent we hit so many issue :(

I got a static IP address, and set a PTR record with my ISP (see this tutorial for more info).

If you get assigned a static IP address that is in a blocklist, ask your ISP to change it for a different one. Once you have one that is "yours", look after your server and you shouldn't ever get yourself onto a blocklist!

The message is for people who are trying to connect to their ISP's mail server on port 25 using a mail client, so it's not relevant to you (nobody really does this any more, clients nowadays always send email to the server of their mail provider using port 465 or 587, and then servers with proper DNS records talk to each other on port 25). The message is not aimed at people who are actually trying to run a mail server on port 25.

You do have SMTP authentication switched on (that's what SASL is), but again that message is talking about connecting to an external mail server (e.g. your ISP's server) and using it as a relay - if this is what you were trying to do you would have to provide a login and password for your ISP account so that the ISP's mail server knows you're not a spammer. Again, you can ignore this message because it isn't relevant to you.

Your best bet is to get a static IP address from your ISP.

Good luck!


Hi Sam

Thank you very much for explanation. I was talking to my provider and I can not get static IP for free:(
I can have static IP if I switch from normal user to business user. I need to pay more for this service (lot more) so this is not good solution for me to have "cheaper and more private" email service. Anyway all from your tutorial works fine.
Thank you very much for this tutorial,

PS, I have dynamic IP maybe one day it will change to not blocked IP :/
Who knows :)

Hi Sam,

You make awesome tutorials!

But my internet service provider blocks outgoing mail which don't go through the server they provide, which is not really a problem if I configure my own mail in an email client. I just add their outgoing mail server. But squirrelmail will automaticly send mail through my outgoing mail server, which will get blocked. Is there any way to configure squirrelmail to send outgoing mail though an other server?

Best regard,


I'm not sure to be honest, I haven't used squirrelmail in a while.


Hello Sam,
first of all thank for the amazing guides. They're very clear and easy to follow! Will surely recommend them further!

I've had a few problems along the way which I managed to fix myself. First of my ISP blocked port 25, so I set 587 inet n - - - - smtpd
in /etc/postfix/master.cf . Then while testing squirrelmail and trying to send a test e-mail to my hotmail account, it first gave me a STARTTLS error. This I fixed by changing -o smtpd_tls_security_level=encrypt to -o smtpd_tls_security_level=may (I hope this won't give any security issues?).

Finally, the error I get from squirrelmail on sending a test e-mail to my hotmail is 501 5.1.7 Bad sender address syntax. I can't find how to solve this, could you kindly help me?
Much appreciated.


Changing encrypt to may just means clients have a choice of upgrading to TLS with STARTTLS instead of it being mandatory on port 25. You probably got the error because of your certificate, are you using the snakeoil cert, or one signed by cacert, or a commercial certificate?

Bad sender address syntax error is probably because you're connecting to hotmail on a port designed for email submission by clients with foo@hotmail.com addresses, and trying to send mail from your domain. You can only do server to server communication on port 25... what you probably want to do is go back to port 25 for smtpd, and specify your ISP's mail server as a relayhost (with username and password if necessary).

You'll have to look up how to do this elsewhere because I've never had to do it, and every ISP is different (sorry!).


Hi, Sam, thanks for your webpage, I'm learning so much.

I hve DietPi on my RPI 1 and I've followed all the steps and I cannot go into Squirrelmail. I've tried with user "root" and with user "root@xxxx.ddns.net" (being xxxx my domain) with password (in plain text) and it says "ERROR. Unknown user or password incorrect." After a few atempts I get "ERROR: Connection dropped by IMAP server." Trying to go into login with a user that doesn't exist says "ERROR. Unknown user or password incorrect." but IMAP server seems to drop root user.
So, how can I have to go into Squirrelmail?
Note: I'm trying to go into Squirrelmail with "root" user because this is the default user on DietPi and there's not "pi" user.

Thank you very much,

Hi Oscar,

A lot of software prevents root login for security reasons (you're generally encouraged to log in as an unprivileged user and use sudo when you need root).

Are you actually going to use the root email address lots? I would create another user and log in with that for mail etc. You can send mail addressed to root to another user using aliases if you want.

You might find this tutorial useful for adding users and modifying groups.


Thank you very, very, much,

It's done, new user created, I can go into Squirrelmail. Now, I'll have to fight with MX records of No-IP, because I have a xxx.ddns.net domain, and my ISP gives me a dynamic IP. I say this because I can send e-mails from Squirrel, but they don't reach my gmail account I'm writing to, and I can send emails from my gmail account, and I don't get any error message, but they don't reach Squirrel.
It's strange because I can send e-mails from telnet doing SSH to my RPI. I'll research on this issue.
Thanks again!

Solved automatically, after going into SM several times.
But in the left side I have:
Last Refresh:
Fri, 11:48 am
(Check mail)


So, I don't know how to get to the "Inbox" unless I use the "Back button" of Firefox. And there's nothing under Maildir/Sent...
I'm going from one mistery to another one!

I wonder if I could use Roundcube better than Squirrelmail... the reality if you compare SM to Roundcube, roundcube is much more user-friendly, much more like Thunderbird (that is giving me some troubles under my Mac OS X), and SM has a very outdated look.

I have done again your tutorial, 3 first parts, now Thunderbird (TB) finally works. It sents e-mails, that are received by Gmail, but TB gets like hung in that part when it says something like "saving the e-mail to Sent folder". It can receive e-mails, too, from TB. It's saying the SSL certificate is not trusted, because I'm using a seof-signed one (now I'll try to improve this).

When using Squirrelmail (SM), I always get the message:
ERROR: Could not complete request.
Query: CREATE "Maildir/Sent"
Reason Given: [ALREADYEXISTS] Mailbox already exists" on the left of the webpage.
I suppose I've been something wrong, but don't know what or where, because I've repeated some parts of your tutorial, created a new user...
Just for information, I'm using Jessie on a RPI 1 B (512 MB RAM).
Thank you very much for this great tutorial!!

Hi Sam,

I think I followed the tutorial closelu, but when I go for it tries to 'force' https, but crosses the https out and gives the following message:

Your connection is not private

Attackers might be trying to steal your information from (for example, passwords, messages or credit cards). NET::ERR_CERT_AUTHORITY_INVALID

I can click the 'unsafe' option and go to squirrelmail...

I have the CAcert in place and I think it is in all the right places.

Any ideas?



You need to install the CAcert root certificate on the client, and make sure that the common name on the cert matches the hostname you are using.



Add new comment