148 lines
5.2 KiB
Text
148 lines
5.2 KiB
Text
Mail Fetch
|
|
|
|
Downloads mail from a pop3 server to your SquirrelMail account.
|
|
|
|
Features
|
|
========
|
|
|
|
* Copies messages from remote server
|
|
* Saves server, alias, username, and password in prefs file...
|
|
* Remembers where to resume downloading messages if
|
|
your pop server supports UIDL.
|
|
* Optionally deletes mail from the remote server.
|
|
* Allow an infinite amount of remote servers
|
|
* Optional to not save password - prompt on check
|
|
* Save messages into a local IMAP folder instead of INBOX
|
|
* Check mail during login (Needs SM 1.1.3 or older).
|
|
* Check mail during folder refreshes.
|
|
* Allows gettext translations.
|
|
|
|
|
|
Description
|
|
===========
|
|
|
|
Feel like grabbing your messages from a different mail server into
|
|
SquirrelMail? This might be able to help.
|
|
|
|
|
|
Configuration
|
|
=============
|
|
|
|
Under the options you can add, delete or modify server list where
|
|
fetching mail. For each server you can set also username and password;
|
|
if you leave password blank, the password whore required when you fetch
|
|
mail. Make sure "Leave Mail On Server" is checked if you do not want
|
|
Mail_Fetch to delete it from the remote server. Once configured,
|
|
click 'Fetch' in the SquirrelMail menu to get your mail; you can fetch
|
|
mail from all server instead or from only one by selecting the options
|
|
dispayed.
|
|
|
|
If you want to check mail periodicaly choose "Check mail during login"
|
|
or "Check mail during folder refresh". Of course passwords have to be
|
|
entered in order for this to work.
|
|
|
|
In order to secure a little bit the system, pop3 passwords can be encrypted.
|
|
The encryption key may be defined in to places. The first, and more secure,
|
|
is in the httpd configuration as an enviromental variable called MF_TIT
|
|
only accesible from the SquirrelMail directory.
|
|
|
|
the way you can do this from apache is adding the following directives to
|
|
httpd.conf (supposing that SquirrelMail is located at /usr/local) or an
|
|
included configuration file:
|
|
|
|
<Directory "/usr/local/squirrelmail">
|
|
SetEnv MF_TIT "MailFetch Secure for SquirrelMail 1.x"
|
|
</Directory>
|
|
|
|
Of course, you should replace the text inside double quotes with the key
|
|
you want to (some kind of secret text). A please remember that the file
|
|
where you decided to place this must be root only readable.
|
|
|
|
The second way is to edit functions.php and look for:
|
|
|
|
if( !isset( $MF_TIT ) ) {
|
|
$MF_TIT = "MailFetch Secure for SquirrelMail 1.x";
|
|
}
|
|
|
|
Once again change the text "MailFetch Secure for SquirrelMail 1.x"
|
|
with a secret text.
|
|
|
|
Please note that you must redefine passwords each time you change the key.
|
|
|
|
To maintain compatibilty with older systems, mail_fetch can work with old
|
|
pref files, with no encrypted passwords. If this occurs, you'll see that
|
|
the "Encrypt Password" checkbox in the option page is not checked. If you
|
|
reenter account's passwords the system will switch to encrypted mode.
|
|
|
|
|
|
Security
|
|
========
|
|
|
|
By default, the user is not allowed to enter a non-standard POP3 port
|
|
number when configuring an external server with this plugin. This prevents
|
|
the use of this plugin as a port scanner against other servers. However,
|
|
if you need to allow users to access a POP3 service running on a non-
|
|
standard port, you may create a "config.php" file by copying "config_example.php"
|
|
and editing the list of allowable port numbers therein. If "ALL" is added
|
|
to the list of allowable port numbers, then there will be no restriction
|
|
on port numbers whatsoever. Be aware that although this may not represent
|
|
any security threat to servers elsewhere on the Internet that does not
|
|
already exist (other port scanners are freely available), if your server
|
|
resides on a network behind a firewall, this could allow a malicious user
|
|
to scan the servers and services behind your firewall that they'd normally
|
|
not have access to.
|
|
|
|
The user will also not be allowed to enter server addresses starting
|
|
with "10.", "192.", "127." and "localhost" by default. This prevents users
|
|
from being able to scan an internal network for the presence of other servers
|
|
they are not allowed to access. If other server addresses should be banned,
|
|
or this list is too restrictive, you may create a "config.php" file by copying
|
|
"config_example.php" and then edit the list of blocked server addresses
|
|
therein.
|
|
|
|
|
|
Future Work
|
|
===========
|
|
|
|
* Add IMAP server stealing
|
|
|
|
* Limit number of pop accounts
|
|
|
|
|
|
Installation
|
|
============
|
|
|
|
Go back to the main directory, run configure and add the plugin.
|
|
|
|
Some plugin settings can be adjusted in config/mail_fetch_config.php or
|
|
plugins/mail_fetch/config.php files.
|
|
|
|
See plugins/mail_fetch/config_sample.php
|
|
|
|
|
|
Note for mod_gzip users
|
|
=======================
|
|
|
|
As fetching module shows information while fetching is taking place, it
|
|
is a good idea to disable compression for that operation. The way to do
|
|
this with mod_gzip is:
|
|
|
|
mod_gzip_item_exclude file fetch.php
|
|
|
|
|
|
Note for Newmail Plugin users
|
|
=============================
|
|
|
|
In order to Newmail plugin detect new mails during folder refreshes
|
|
make sure that Mail_Fetch is listed first that Newmail in the
|
|
SM configuration. To do so you only have to remove Newmail plugin
|
|
and then add it again.
|
|
|
|
|
|
Credits
|
|
=======
|
|
|
|
This plugin has been originally created by Tyler Akins, with contributions
|
|
from Philippe Mingo, Tomaso Minelli and Joshua Pollak. It's now maintained
|
|
by the SquirrelMail Project Team.
|
|
|