Blog

Fix for undeletable user-defined Squirrelmail folder

I run my own mail server and use Squirrelmail to facilitate webmail access using HTTPS.  I encountered problems trying to delete a folder that I created as part of a test to find out if things were working correctly:

ERROR : Could not delete “Archive” 
Given: Invalid mailbox name

SquirrelMail is a Webmail application started by Nathan and Luke Ehresman and written in the PHP scripting language. It can be installed on almost all web servers so long as PHP is present and the web server has access to an IMAP and SMTP server

After some digging around, I found that after modifying a setting via ./conf.pl I was able to delete the folder.  If you’re experiencing the same thing, do the following:

1.   Open a terminal window.

2.   Navigate to Squirrelmail’s root dir, which in my case is /usr/share/squirrelmail.

3.   Navigate to the config/ folder then type: ./conf.pl.

4.   Select option 3 then 1 and enter none.

5.   Save your changes and exit.

It may not work on all situations, and some have said that in version 1.4.0, you may need to set/pick your IMAP server (I use Dovecot), like so:

1.   Open terminal window (again).

2.   Navigate to the config/ folder then type: ./conf.pl.

3.  From the menu options, select D, then save and exit.

If you still have problems after performing these steps, modify your php.ini config file to report more verbosely by changing the following lines:

display_errors = on
error_reporting = E_ALL

After saving the modifications you just made, restart your web server via (I run FC6 so) service httpd restart, then watch your Apache error_log for more info. 

That’s it.  Hopefully, this helps you from having to do the legwork.  Take care.  =0)

Accessing specific event logs on a remote server

An old friend and classmate of mine, Zahid Faisal, wanted to know how to access/read event logs on a remote server using Windows PowerShell. I thought it was an interesting challenge, so after some research and playing around I found that you can make use of the WMI objects to do this.

Follow along to try it out:

1. Open PowerShell and type in the following:

PS C:\> $logs = [System.Diagnostics.EventLog]::GetEventLogs(‘servername’)

This will create a new EventLog object that uses the GetEventLogs method, which by the way, accepts a machine name as an argument. This is exactly what we’re looking for.

2. If the command did not return any errors, continue with the following:

PS C:\> $logs[0]

You should get something like this:

Max(K) Retain OverflowAction     Entries Name

10,240      0 OverwriteAsNeeded      838 Application

The [0] after $logs is simply an array of the different types of event logs, which in this case, [0] equals the Application logs.

3. Next, the bread-and-butter – filtering:

PS C:\> $logs[0].entries | where `

>> {($_.Source -eq “Orion”) -AND ($_.TimeWritten -ge $recent)}

>>

By using the where object, we’re able to filter what we’re specifically looking for. In Zahid’s case, he wanted to grab the most recent logs that are only related to “Orion.”

Take note that this will only work if you’re an administrator on the remote server.

Hope this helps. =0)

Live HTTP Headers plugin for Firefox

Have you ever had the need to watch and inspect HTTP headers in real time while pages are being downloaded from the Internet? If you develop web applications or sites, I’m sure you have.

If so, check out the Live HTTP Headers plugin for Firefox. Not only will it capture what’s currently being downloaded, but it allows you to replay what was captured for simulation purposes, e.g., when you need to find out what arguments and values are needed to POST to a web page.

Here are some screenshots:

Fig. 1.1 – Live HTTP Headers Page Info tab

Fig. 1.2 – Live HTTP Headers Replay Window

I’m sure you will find this plugin/tool very helpful. Take care. =0)

Phish-safe Firefox

Phishing is serious business, so a while back I looked around for safeguards to assist me while browsing.

In computing, phishing is a criminal activity using social engineering techniques.[1] Phishers attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay and PayPal are two of the most targeted companies, and online banks are also common targets. Phishing is typically carried out using email or an instant message,[2] and often directs users to give details at a website, although phone contact has been used as well.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures

And ta-da, I found McAfee SiteAdvisor. Their site states:

We test the Web to help keep you safe from spyware, spam, viruses and online scams.

I’ve been using the Firefox plugin for about a year and so far it works pretty good. What happens is when you search with Google, Yahoo! or MSN, SiteAdvisor’s safety ratings appear next to search results. Also as you browse the web, a small button on your browser toolbar changes color based on SiteAdvisor’s safety results.

Take it easy! ;0)

Automatically redirect to HTTPS with .htaccess

I caught the flu last week that’s why I haven’t been posting regularly.  =0(

Anyway, I wrote previously on how to password-protect a website/page, but in this post I’ll show you how to redirect a user automagically to HTTPS.

All you need to do is add the following in the .htaccess file (I’ll be using the Squirrelmail website as an example):

1.  I use Apache 2, so I do:

vi /etc/httpd/conf.d/squirrelmail.conf

Initially, it will look like:

# SquirrelMail is a webmail package written in PHP.
Alias /webmail /usr/share/squirrelmail
<Directory /usr/share/squirrelmail>
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

2.  Add the following, like so:

# SquirrelMail is a webmail package written in PHP.
Alias /webmail /usr/share/squirrelmail
<Directory /usr/share/squirrelmail>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*)
https://%{HTTP_HOST}%{REQUEST_URI}
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

3.  Save and exit by typing :wq!.

4.  Restart Apache like so: service httpd restart.

That’s it!  When someone visits, http://www.website.com/webmail, Apache will automatically redirect the user to https://www.website.com/webmail.

Hope this helps.  Take care!