Raspberry Pi Email Server Part 3: Squirrelmail

Powered by Drupal
Submitted by Sam Hobbs on

Squirrelmail Logo This is the third part of a five part tutorial that will show you how to install a full featured email server on your Raspberry Pi. This tutorial covers how to set up Webmail with Squirrelmail.

The parts are:

The Introduction & Contents Page (read first)

Raspberry Pi Email Server Part 1: Postfix

Raspberry Pi Email Server Part 2: Dovecot

Raspberry Pi Email Server Part 3: Squirrelmail

Raspberry Pi Email Server Part 4: Spam Detection with Spamassassin

Raspberry Pi Email Server Part 5: Spam Sorting with LMTP & Sieve

Installing Apache

If you don't already have apache installed (you might if you've followed my wordpress tutorial), then install it now.

sudo apt-get update
sudo apt-get install apache2

Enable the SSL apache module so that you can use HTTPS:

sudo a2enmod ssl

There are some "pre-made" virtualhost configurations that come with apache. This command will enable the "default-ssl" virtualhost, by creating a symbolic link from /etc/apache2/sites-available/default-ssl to /etc/apache2/sites-enabled/default-ssl:

sudo a2ensite default-ssl

Now reload apache to make the changes take effect:

sudo service apache2 reload

If you type the IP address or hostname of the pi into a web browser now, you should see the default Apache test page: apache2-test-page.png If you try the https version, you'll get a certificate error because you are using a self-signed SSL certificate. If you like, you can follow my CAcert tutorial to get a free SSL certificate for your domain, or you can just store an exception for the certificate and generate a proper one later. apache2-test-page-https.png That's it for Apache. If you want to know more about setting up Apache for multiple websites, subdomains, and SSL configurations, I suggest you read my tutorial explaining Apache's VirtualHost files.

Installing Squirrelmail

Now we need to install squirrelmail:

sudo apt-get update
sudo apt-get install squirrelmail

The basic configuration for squirrelmail is really easy, and can be done with the setup script. To run the script, use this command:

sudo squirrelmail-configure

Squirrelmail configuration menu Choose “D” for pre-defined settings Choose pre-defined server configuration Now type “dovecot” and hit enter Accept pre-defined configuration for use with Dovecot Press enter to continue, then save and quit (press Q and save when prompted, or press S then Q). The configuration script creates a configuration file for apache in /etc/squirrelmail/apache.conf. You need to create a symbolic link so that Apache2 will load your Squirrelmail apache configuration file when it starts up. On Raspbian Wheezy, the command is:

sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf

On Raspbian Jessie, the apache configuration directory structure is more like ubuntu, with separate folders for configuration files that are available and files that are enabled. This command will create a symlink from the directory where enabled configuration is stored, to squirrelmail's apache configuration file:

sudo ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf-enabled/squirrelmail.conf

On a related note, there's a convenience command a2enconf that works similarly to a2ensite: it creates a symlink from the conf-available directory to the conf-enabled directory. You should use this in situations where config already exists in conf-available, e.g. sudo a2enconf squirrelmail would create a symlink for a file called squirrelmail.conf. Now reload Apache one more time so that it reads the config file we just symlinked:

sudo service apache2 reload

Now visit the IP address or hostname of your Pi again, but add /squirrelmail to the path, e.g. 192.168.1.174/squirrelmail, you should see the login page: squirrelmail-login_0.png The squirrelmail configuration file just adds an alias that should affect every virtualhost, so if you install a wordpress site or something like that on your pi, you will be able to get to the squirrelmail login page by visiting yourdomain.com/squirrelmail.

Redirect http to https for secure login

Since you don't want to send your login details and confidential information over the internet without SSL, it's best to redirect all http URLs to https. The default squirrelmail apache configuration file at /etc/squirrelmail/apache.conf contains some rewrite rules we can use, we just need to uncomment them. Open the file and uncomment the lines by removing the # at the start of each so that it looks like this:

<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
    <Location /squirrelmail>
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC]
      RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]
    </Location>
  </IfModule>
</IfModule>

This configuration makes sure that the rewrite and ssl modules are enabled, and does nothing if they aren't. We already enabled the ssl module earlier, so all we need to do now is enable the rewrite module:

sudo a2enmod rewrite

And reload Apache:

sudo service apache2 reload

Now if you visit the HTTP page, you should be redirected to HTTPS.

Optional: Configuring Apache to serve Squirrelmail on a subdomain

If you would like to move the login page to the root of your domain (i.e. so that yourdomain.com would serve the login page for squirrelmail), or if you would like to serve it on a subdomain like mail.yourdomain.com, you can edit the configuration file. If not, you can skip this section. By default, this line in /etc/squirrelmail/apache.conf means that http://www.yourdomain.com/squirrelmail will load squirrelmail:

Alias /squirrelmail /usr/share/squirrelmail

If you would rather have webmail on a subdomain like mail.yourdomain.com then you could edit the /etc/squirrelmail/apache.conf file to look like this (comment out the rest):

<VirtualHost *:80>
  DocumentRoot /usr/share/squirrelmail
  ServerName mail.yourdomain.com


<Directory /usr/share/squirrelmail>
  Options FollowSymLinks
  <IfModule mod_php5.c>
    php_flag register_globals off
  </IfModule>
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>

  # access to configtest is limited by default to prevent information leak
  <Files configtest.php>
    order deny,allow
    deny from all
    allow from 127.0.0.1
  </Files>
</Directory>
</VirtualHost>

Note that if you want to serve mail on a subdomain, then that subdomain needs a DNS record, so edit your records with your DNS provider accordingly. However, the virtualhost code above only does HTTP. You also want an HTTPS virtualhost for the subdomain on port 443:

<IfModule mod_ssl.c>
<VirtualHost *:443>
  DocumentRoot /usr/share/squirrelmail
  ServerName mail.yourdomain.com

<Directory /usr/share/squirrelmail>
  Options FollowSymLinks
  <IfModule mod_php5.c>
    php_flag register_globals off
  </IfModule>
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>

  # access to configtest is limited by default to prevent information leak
  <Files configtest.php>
    order deny,allow
    deny from all
    allow from 127.0.0.1
  </Files>
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

SSLEngine on
SSLCertificateFile    /etc/ssl/certs/your-ssl-certificate.crt
SSLCertificateKeyFile /etc/ssl/private/your-ssl-certificate-keyfile.key


</VirtualHost>
</IfModule>

If you use this configuration, the rewrite rules from the "rewrite to HTTPS" section (the ones from the default config file) won't work. If you want an HTTPS-only solution, you can replace the virtualhost for port 80 with this:

<VirtualHost *:80>
ServerName mail.yourdomain.com
<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
    <Location />
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC]
      RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]
    </Location>
  </IfModule>
</IfModule>
</VirtualHost>

As before, make sure you have the rewrite module enabled:

sudo a2enmod rewrite

Now reload apache:

sudo service apache2 restart

If you get an error like this:

[....] Restarting web server: apache2[Fri Dec 06 15:54:04 2013] [warn] _default_ VirtualHost overlap on port 443, the first has precedence

Then add NameVirtualHost *:443 to the start of the SSL VirtualHost block, i.e.:

NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>
  DocumentRoot /usr/share/squirrelmail
  ServerName mail.yourdomain.com
...

For more info on HTTP and HTTPS VirtualHost configuration on Apache2, see this tutorial of mine. If all went to plan then you can navigate to mail.yourdomain.com and you should see the squirrelmail login page (you might need to forward some ports on your router if you haven't already - see the next section): Squirrelmail login page

Port Forwarding

Squirrelmail will log in to your IMAP server on port 143 to display your emails. It doesn’t need to authenticate because it’s in your network (remember the permit_mynetworks parameter from the previous tutorials?). You don’t need to worry about it being an unencrypted connection, because the data isn't actually travelling over any insecure networks (the connection is internal). Similarly, you don’t need to open port 143 (“plain” imap without SSL/TLS) on your router because the connection happens within the Pi, and the content is actually served to you, the user, on port 443 (https). So you do need to open ports 80 and 443 for http and https like below: Port forwarding rules

Testing

Before you start testing your webmail, make sure that the permit_mynetworks parameters are uncommented in your postfix confuguration file /etc/postfix/main.cf (in both your smtpd_recipient_restrictions and smtpd_helo_restrictions). Now reload your postfix configuration:

sudo service postfix reload

Try sending and receiving emails from within Squirrelmail. You should have no problems, but if you do please post a comment and I’ll try to help you out.

Customising the Squirrelmail Login

To customise the login page, run the configuration wizard:

sudo squirrelmail-configure
  1. Select “1″ (organisation preferences)
  2. Select “7″ and change to your domain (e.g. http://www.samhobbs.co.uk)
  3. Select “8″ and change to you/your organisation’s name

Squirrelmail Plugins

There are loads of plugins available for Squirrelmail, for all kinds of things. On most systems, these plugins are installed by downloading a .zip file to your server, unzipping the plugin to the right location and then tinkering with the settings manually. Thankfully, some of the most commonly used plugins are available from the Raspbian repositories, so installation is much simpler. Here is a list of the plugins in the repo:

  1. squirrelmail-compatibility
  2. squirrelmail-decode
  3. squirrelmail-locales
  4. squirrelmail-lockout
  5. squirrelmail-logger
  6. squirrelmail-quicksave
  7. squirrelmail-secure-login
  8. squirrelmail-sent-confirmation
  9. squirrelmail-spam-buttons
  10. squirrelmail-viewashtml

The one I think is most useful and the one I’m going to use as an example is lockout. To use the lockout package, we need to install the compatibility package, which basically makes sure that plugins built for different versions of squirrelmail can still work with the version you are running.

sudo apt-get update
sudo apt-get install squirrelmail-compatibility

Now we need to enable the plugin:

sudo squirrelmail-configure
  1. select “8″
  2. select “compatibility”
  3. select “S” (to save)
  4. select “Q” (to quit)

That’s all you need to do for the compatibility plugin. Now we can install the lockout plugin:

sudo apt-get install squirrelmail-lockout

Now for the configuration:

sudo squirrelmail-configure

Make sure that lockout is enabled Now we can manually edit some settings. Before starting, I like to back up the default config files for reference:

cd /etc/squirrelmail
sudo cp lockout-table.php lockout-table.php.BAK
sudo cp lockout-config.php lockout-config.php.BAK

Now edit the lockout-table.php file. Read the comments in the file for an explanation of how the table works. I wanted to disable logins for the user “admin”, so I commented out the examples at the end of the file and replaced them with this:

user:		admin		locked_out.php

Now edit lockout-config.php and set $use_lockout_rules = 1; to turn on lockouts. Now try and log in as the user you locked out, and you should get this message: “Access Denied / Please contact your system administrator”. We can also lock out IP addresses of users who enter incorrect username/password combinations repeatedly. To do this, open lockout-config.php and set $max_login_attempts_per_IP = '3:5:0'. The first number in this parameter is the number of incorrect attempts that are allowed before a ban. The second number is the time frame for these incorrect attempts, and the last number is the amount of time the ban lasts for when activated (0 is forever). So, the setting I gave you above means that anyone who makes 3 incorrect attempts to authenticate in 5 minutes is permanently banned. When a successful login is made, the count is reset to 0. Data on current bad login attempts and bans is stored here: /var/lib/squirrelmail/data/lockout_plugin_login_failure_information The plugin will add entries like this to keep track of bad logins:

999.999.99.99_login_failure_times=1386774015:1386774034:1386774053
999.999.99.99_TOO_MANY_FAILED_LOGIN_ATTEMPTS=PERMANENT

…where 999.999.99.99 is the offending IP address If you accidentally ban yourself, you’ll have to log in via SSH and edit this file to remove those lines. That’s it, you’re done! Have fun exploring the other plugins! The next two tutorials, Part 4 and Part 5 deal with spam detection and filtering.

Comments

Hi Sam,

Now I am getting something different. I must have broken something. This is my sq.../apache.conf Is this correct? At the moment I get a 404 error: The requested URL /squirrelmain was not found on this server after: www.mydomain/squirrelmain

Nothing in error.log. It seems to be looking only in /var/www/html where squirrelmain does not exist.

Alias /squirrelmail /usr/share/squirrelmail

<Directory /usr/share/squirrelmail>
Options FollowSymLinks
<IfModule mod_php5.c>
php_flag register_globals off
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>

# access to configtest is limited by default to prevent information leak
<Files configtest.php>
order deny,allow
deny from all
allow from 127.0.0.1
</Files>
</Directory>

Hi Sam, thanks for these tutorials, I've almost got everything working!
I've got two issues, however:

1. I can send and receive mail, but the likes of hotmail and gmail throw it back without delivering. I noticed you recommended to someone else to use their ISP's SMTP instead - how do you go about setting that up?

2. I can't get SquirrelMail to work on https, it gives me the error "Secure Connection Failed: ssl_error_rx_record_too_long". How do I fix it? (Webmin etc is working fine on https)

Thanks!

Alexandros

Sun, 07/03/2016 - 20:23

Hello Sam,
You have done a great job with this guide. Boy, that's a lot of work you've put there. Well done!
I have set up everything running smoothly so and I am very satisfied with my system overall. Those Pis can do so many things.
Anyway, I want to share my concerns about adding local users so they can mail as user@domain.com. I mean, any user you add, can just SSH to my pi, right? And even though they don't have sudo rights, they can still read everything in server. I thought maybe try to put them in groups and play with privileges but that will be so redundant for like 10 users. And virtual users doesn't seem like a solution for home users :p

Good questions :) Users can only read files they have read permissions for, so if there's something in your home directory you don't want them to read, just remove the read permissions for other users/groups like:
chmod 700 ~
Alternatively, you can prevent people from logging on with SSH by using publickey authentication and disabling password authentication in SSHD (instructions in my raspberry pi server preparation tutorial). Sam

Hello Sam,
I got another question that may help others too.
I set up everything according to your guide. Only thing I skipped was the PTR record since I don't have a static IP.
I sent an email to a friend and asked him to check it out. Unsurprisingly it was in spam folder. But when he clicked on that spam flag to check why it was flagged as spam, Gmail reported that "encryption: otenet.gr (my provider) did not encrypt this message". Does that mean that the message is not actually encrypted? Or just that my provider was not the one that encrypted the message, but someone else?

Hi Alex, The message was probably concerning a lack of TLS in the client connection from your server to the google server (transport encryption, not gpg encryption). This is something I forgot to put in the guide because I was still tinkering with them when I wrote it, try these settings in /etc/postfix/main.cf:
# configure postfix to use TLS for outgoing email when it can
smtp_tls_security_level = may
smtp_tls_verify_cert_match = hostname, nexthop, dot-nexthop

# logging of encryption usage
# log summary message on TLS handshake completion for client and daemon
smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1
# request the Postfix SMTP server to produce Received: messages including info about encryption protocol/cipher used
smtpd_tls_received_header = yes
Watch the logs and see what happens when you send a test email (tail -f /var/log/mail.log). Sam

I can confirm that above steps did work for me.
Not gmail says "encryption: Standard (TLS)"

Hello Sam,
First of all, amazing job on the tutorial. Props ! :D
I got it to work just fine, I was able to send and receive from an external email but after the first session of send/receive I could only send mail. Couldn't see the received emails anymore.
I checked the status of postfix and dovecot and the first thing that seemed wrong to me was the status of dovecot. He keeps logging and disconnecting the user for the mail. I couldn't find the cause for not receiving the mails anymore. Would it be possible to take a look into the matter ? :D
Below I posted a few lines from the mail log. (replaced the user with xxxx)
Please let me know if other records are needed.
Thanks a lot !

Mail.log :
Jul 15 11:07:51 pitesting101 dovecot: imap-login: Login: user=, method=PLAIN, rip=::1, lip=::1, mpid=7873, secured, session=
Jul 15 11:07:51 pitesting101 dovecot: imap(xxxx): Disconnected: Logged out in=292 out=1889
Jul 15 11:07:53 pitesting101 dovecot: imap-login: Login: user=, method=PLAIN, rip=::1, lip=::1, mpid=7878, secured, session=
Jul 15 11:07:53 pitesting101 dovecot: imap(xxxx): Disconnected: Logged out in=292 out=1889
Jul 15 11:07:54 pitesting101 dovecot: imap-login: Login: user=, method=PLAIN, rip=::1, lip=::1, mpid=7883, secured, session=
Jul 15 11:07:54 pitesting101 dovecot: imap(xxxx): Disconnected: Logged out in=79 out=728

Hi John, Sorry for the late reply, I was on holiday! Glad you found it useful. Those lines from Dovecot are actually normal, so it must be something else... have you discovered anything else since you wrote your comment? Sam

Hi Sam

1st: Some People here said if I can't send an E-Mail because of Blocking Reasons, I can use the SMTP-Server from my ISP. How can I do that, that also Squirrelmail uses there Server and not only Outlook or K9 Application?

2nd: I installed the Lockout Plugin and made the Settings in the Config-Files. But if I want to Log In with admin there comes this Error: The requested URL /plugins/lockout/locket_out.php was not found on this Server.

Is there something I missed?

Thanks
Luca

Hi again

The 2nd Problem was a mistake. I accidently typed "locket" instead of "locked". So you can Forget the 2nd.

Hope to hear soon from you.

Here I am again - Mail is working fine, but I'm having trouble now with what I thought was the easy part - Squirrelmail. I've run it before, and I even had it running recently the first time through your great tutorial. However, I borked things and with the re-do, I have the mail server and spamassassin working fine, but I can't get squirrelmail going! The problem has been well-googled, but I didn't find definitive answers. If it's been covered in these comments, just let me know - I haven't read every single page of comments yet. Instead of the login page, I get:
ERROR: Config file ' . '"config/config.php" not found. You need to ' . 'configure SquirrelMail before you can use it.
'; exit; } // If we are, go ahead to the login page. header('Location: src/login.php'); ?>

This is AFTER running the squirrelmail-configure and choosing dovecot as instructed.

Do you know the fix? THANKS! - John

If you're seeing the source code for the php page instead of a properly rendered webpage then you probably need to enable the php module:
sudo a2enmod php7.0
Might not be php 7.0 if you're running a different php version - check /etc/apache2/mods-enabled/ to see which one you have (squirrelmail probably installed one as a dependency). Sam

It's something like that. I have php5 installed. I enabled that with a2enmod, but that broke apache2 - now it won't restart. What I also don't understand is that I had squirrelmail working a couple of days ago, and since then I have not knowingly done anything with php5. Should I try reinstalling php5? I have remove --purge apache2 several times, but not anything with php5. Any further suggestions appreciated!

MY first time through the tutorial, when I got to squirrelmail, it went smoothly and as expected. Then I installed spamassassin, and that is fine. However, I then messed something up trying to get Sieve going and messed up Dovecot and had to start the whole process over. Doing that I did several "removes" of everything - squirrelmail, apache2, dovecot, and postfix. Maybe somewhere in there I lost something with php. I tried install php5, and it said I have the latest version. When I install squirrelmail, there are a couple of SUGGESTED php packages, but googling those didn't sound like they were critical - and squirrelmail would've installed them if they were.

(The really good news is that I do have an image of my working server on another SD card, so I can play with one instance all I want without risking having to start from the beginning with the whole server.)

I got it! It wasn't that php wasn't enabled in apache2, it was that my php wasn't working at all. I had removed and reinstalled php5 several times to no avail, but it turned out I needed to install libapache2-mod-php5. I don't know how I lost that long the way somehow, but installing it solved my problems!

Now I'm finally ready to work on getting Sieve going. The last time I had a server like this going, I used procmail with postfix, so I have no experience with Sieve, but it seems to be the choice of the day for sorting mail.

Thanks again! - John

I love your tutorials, very clear, straight forward and understandable for idiots like me, keep them coming! Thanks

Hi, first of all thank you for this amazing tutorial. I am in testing phase, and I am able to send out emails, but I couldn't receive any. Here is the error message google sent back to me: "Google tried to deliver your message, but it was rejected by the server for the recipient domain xxx.com by smtp.secureserver.net. [72.167.238.29].

The error that the other server returned was:
550 5.1.1 Recipient not found. "

Could you help me out?

Thanks,
Junxian

Have you configured your DNS record (i.e. is the server google talking to yours, and not an auto-forwarding service run by your DNS provider)? Try sending an email again, but this time run tail -f /var/log/mail.log and see if there are any hints in the log. Sam

Hi Sam,

Thanks for the fast reply!
I think the problem is I am using Amazon EC2 to host my website, and DNS is NOT configured correctly.
Could you walk me through how to do this?

Best,
Junxian Zhang

The dns basics tutorial was linked from within this tutorial and explains that - I think what you'll need is to configure your MX record to point to a subdomain for mail (mail.yourdomain.com), and create a DNS A record for mail.yourdomain.com that maps to your mail server's IP address. You might want to change the myhostname parameter to your mail subdomain too, so the helo matches the DNS record. Sam

I've been at it for a few days now. Just hit a complete stop, even after uninstalling and purging
A few lines down from the top, after:
sudo apt-get update
sudo apt-get install apache2
sudo a2enmod ssl
sudo a2ensite default-ssl
sudo service apache2 reload
Job for apache2.service failed. See 'systemctl status apache2.service' and 'journalctl -xn' for details.
pi@raspberrypi:~ $ systemctl status apache2.service
● apache2.service - LSB: Apache2 web server
Loaded: loaded (/etc/init.d/apache2)
Drop-In: /lib/systemd/system/apache2.service.d
└─forking.conf
Active: inactive (dead) since Wed 2016-12-14 22:23:00 GMT; 2min 20s ago
pi@raspberrypi:~ $ journalctl -xn
No journal files were found.
I'd tear my hair out if I had any left....
I'd love to send all the config files, just tell me which ones.
Needless to say, I can't get my CACert to accept my hostname. Ho Hum..
Merry Christmas.

Thanks for replying. As luck would have it, I was staring dejectedly at the screen when the mail came in.

pi@raspberrypi:~ $ sudo apachectl configtest
[Thu Dec 15 14:14:05.434962 2016] [alias:warn] [pid 7934:tid 3069743632] AH00671: The Alias directive in /etc/apache2/sites-enabled/squirrelmail.conf at line 1 will probably never match because it overlaps an earlier Alias.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
pi@raspberrypi:~ $

pi@raspberrypi:~ $ sudo journalctl -u apache2
-- Logs begin at Thu 2016-12-15 06:50:12 GMT, end at Thu 2016-12-15 14:15:51 GMT. --
pi@raspberrypi:~ $

GNU nano 2.2.6 File: /etc/apache2/sites-enabled/squirrelmail.conf

Alias /squirrelmail /usr/share/squirrelmail

<Directory /usr/share/squirrelmail>
Options FollowSymLinks
<IfModule mod_php5.c>
php_flag register_globals off
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>

# access to configtest is limited by default to prevent information leak
<Files configtest.php>
order deny,allow
deny from all
allow from 127.0.0.1

Do you have an alias in another virtualhost for /squirrelmail, or an enabled config file in /etc/apache2/conf-enabled/ for squirrelmail that you're not using? You can delete/disable stuff in the conf-enabled folder using sudo a2disconf foo where the config file is foo.conf, which leaves the file in /etc/apache2/conf-available/ but removes the symlink into conf-enabled so the config file isn't loaded. The journalctl command (with -xn) will only show you the last 10 lines of the log, which is useful right after you have an error but not if you leave it for a while and then try it since it might be showing unrelated lines - this is why I gave you the command with -u apache2, which filters for messages related to apache (although you might want to try apache instead of apache2, since it didn't yield any results - I can't remember what the unit file is called). Sam

Add new comment

The content of this field is kept private and will not be shown publicly.

Filtered HTML

  • Web page addresses and email addresses turn into links automatically.
  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.