[BlueOnyx:06277] Re: Help with webmail predicament: moving web to different server, keeping email on existing

Thu Jan 6 15:38:02 -05 2011

On 1/6/2011 11:11 AM, Chuck Tetlow wrote:
> >
> > I've been giving this a bit more thought. Our DNS MX record points to
> > nomealaska.org and this is working. Our new website will be
> > www.nomealaska.org <http://www.nomealaska.org/> - and my A record 
> will point to that new ip address.
> >
> > I've created an A record of webmail.nomealaska.org pointing to our 
> email
> > server's ip address. Can I have webmail users access their mail by 
> going
> > to https://webmail.nomealaska.org <https://webmail.nomealaska.org/> 
> instead of having our new hosting
> > company create a redirect on the new website from
> > www.nomealaska.org <http://www.nomealaska.org/>/webmail ?
> >
>
> Yes - we do that in a number of cases.
>
> Companies that want to host their own website, or have some specific 
> MS requirement keep their website elsewhere.  We host their e-mail and 
> they use webmail using the name "mail.domain.tld/webmail".
>
> The only think you must be sure to configure - make sure the BX server 
> site uses a different name than "www" in the site configuration.  If 
> you leave it "www", each time a person hits the name webmail - the DNS 
> will correctly point them to your box.  But the BX will automatically 
> redirect to www - and they'll be directed to the off-site box.  Its a 
> vicious loop that is frustrating and keeps them from using webmail.  
> So make sure the site is configured with the name "mail" or "webmail" 
> in the site set up configuration (we use mail).  Then the DNS simply 
> points that name (mail or webmail) to your BX site IP.
>
>
>
> > I see in /etc/httpd/conf.d/squirrelmail.conf there is an Alias field
> > that now has "/webmail  /usr/share/squirrelmail". Can that be 
> changed to
> > "webmail/   /usr/share/squirrelmail" assuming the server remains named
> > nomealaska.org with an alias of webmail.nomealaska.org? Or is this
> > possible and if so, how to do it?
> >
> > Do I need to install a new SSL certificate for
> > https://webmail.nomealaska.org <https://webmail.nomealaska.org/> 
> even though it would be an alias of
> > existing nomealaska.org?
> >
>
> I'm not a expert on certificates - but I believe that a certificate is 
> uniquely tied to a name, not simply the domain.
>
> So if the site's name changes from www.domain.tld to 
> webmail.domain.tld - you will need a new certificate.  If you leave 
> the old certificate on the box when you change the site name - I think 
> your users will get those "name doesn't match the certificate" 
> security warnings.
>
> Good luck and let us know which way you go!
>
>
>
> Chuck
>

Thanks Chuck!

I think I have it working now at https://webmail.nomealaska.org/webmail 
. Haven't migrated the website yet so still have ample opportunity to 
break things but should be fairly straightforward to change the www from 
the name of the server as you and Jon suggested.

The cert: I may just get a wildcard cert to reduce my cert confusion. 
The above link does work but Firefox did give me the dialog about 
security risks and I had to add the cert and exception to get to the 
squirrelmail login.

Regardless of type of cert, I suppose I should delete the current one as 
it is in my /home/.sites/X/certs directory and I don't see how I can 
install a second one there - unless you can create a new directory to 
stuff it in there? or rename the certificate? Not sure how all that is 
handled. Maybe the GUI does it for you?

cheers, Jim

-- 
Jim Dory
Engineering
City of Nome
PO Box 281
102 Division St.
Nome, AK 99762
907.443.6604

http://www.nomealaska.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110106/8613a5bf/attachment.html>