Symptoms
Create a custom CNAME record for accessing webmail from customer control panel
CNAME webmail.example.com. webmail.provider.com 3600 Manual Active Yes
Access https://webmail.example.com and get the error message:
This page was disabled by security reason. You can log into webmail using POA CP or url like 'webmail.yourdomain'. Username and Password text box disabled
What is the correct way to setup webmail to work in customer's domain with proper branding without the need to login to CCP?
Cause
This is expected behavior, resulting from incorrect configuration.
It should not be necessary to add manual CNAME or A records for webmail.domain.tld.
Resolution
How it should work:
There must be a server in the system (usually it is branding CP server) that must have webmail_login (type=other) OA package installed. Refer to Mail Hosting module deployment guide for detailed instructions how install webmail servce in OA environment.
After package installation it creates the following configuration file on the branding server:
<VIRTUALHOST 11.11.11.11:80> <IfModule mod_ssl.c> SSLEngine off </IfModule> SERVERNAME 11.11.11.11 SERVERALIAS webmail.* DOCUMENTROOT /tmp REWRITEENGINE on REWRITECOND %{HTTP_HOST} ^webmail.* REWRITERULE ^(.*)$ http://10.10.10.10:8080/servlet/WebMailRedirector?host=%{HTTP_HOST} [P] </VIRTUALHOST> <IfModule mod_ssl.c> <VIRTUALHOST 11.11.11.11:443> SSLEngine on SSLCertificateFile /usr/local/pem/etc/apache/httpsd.pem SERVERNAME 11.11.11.11 SERVERALIAS webmail.* DOCUMENTROOT /tmp REWRITEENGINE on REWRITECOND %{HTTP_HOST} ^webmail.* REWRITERULE ^(.*)$ http://10.10.10.10:8080/servlet/WebMailRedirector?host=%{HTTP_HOST} [P] </VIRTUALHOST> </IfModule>
- With this configuration in place, when Qmail subscription is created and Qmail hosting is added to domain, OA automatically creates "A" record for webmail.domain.tld pointing to the IP address of the proxy server. When customer goes to http://webmail.domain.tld, he is redirected to http://10.10.10.10:8080/servlet/WebMailRedirector?host=%{HTTP_HOST} which in turn redirects customer to appropriate branded webmail login form.
Make sure that there is a server with webmail_login
package present in the system.
The following query in database can be used to check this:
SELECT * FROM components WHERE pkg_id IN (SELECT pkg_id from packages where name = 'webmail_login');
If no such hosts are found - install webmail_login package to a server (usually branding control panel server). For new subscriptions appropriate A record will be added automatically during service provisioning. For existing ones it will be necessary to add the records manually.