How to Setup webmail.domain.com with OpenLiteSpeed and DirectAdmin

How to Setup Webmail Domain with OpenLiteSpeed and DirectAdmin

If you’ve recently moved control panels from cPanel to DirectAdmin you may have noticed that by default DirectAdmin doesn’t use the subdomain webmail.domain.com to provide access to the default email client but instead provides access using domain.com/webmail. Many people have become accustomed to using the webmail subdomain to access their emails via the web and because of the flexibility that DirectAdmin provides there is an easy way to enable it.

DirectAdmin provides two different webmail applications RoundCube and SquirrelMail. However, we would strongly recommend not using SquirrelMail on any DirectAdmin server. Unfortunately, the open-source project with a once active, vibrant developer community has diminished and the project appears abandoned having not been updated since 30th May 2013. RoundCube, on the other hand, is regularly updated with the latest version v1.4.3 being released on 19th February 2020. Also, with the newly released Elastic theme, Roundcube’s first officially responsive skin, it now provides support for desktops, tablets and phones.

Roundcube Dashboard

In this guide, we will show you how to set up the webmail.domain.com subdomain using RoundCube for any new user accounts added to the DirectAdmin server using OpenLiteSpeed. We will also show you how to update the DirectAdmin configuration file to enable the ability to select Let’s Encrypt SSL certificates for the new webmail subdomain, add a new subdomain webmail DNS record to all existing domains and pointer zones and enable automatic redirection of the webmail aliases (webmail/roundcube) to point to our newly created webmail subdomain.

Create Webmail Virtualhost

Firstly, we will need to set up the webmail subdomain using a custom OpenLiteSpeed template. In our example, we are using the CUSTOM8 location which will be inserted at the end of the OpenLiteSpeed Virtualhost file of every domain on the server.

Now we need to create the custom template file by using the following command and your favourite command line text editor. In our example, we will be using nano.

nano /usr/local/directadmin/data/templates/custom/cust_OpenLiteSpeed.CUSTOM.8.pre

The code in the custom template below will create the webmail.domain.com subdomain on all the IP addresses associated with the users’ account and will even work with accounts setup using a subdomain such as webmail.subdomain.domain.com. Although it will enable the subdomain to be used with an SSL certificate, it will not automatically set up SSL redirection. We will cover this a bit later in the guide.

In the cust_OpenLiteSpeed.CUSTOM.8.pre file you will need to copy and paste the following code.

virtualHost webmail.|SDOMAIN|-|VH_PORT| {
|CUSTOM|
 user                    webapps
 group                   webapps
 vhRoot                  /var/www/html
 allowSymbolLink         1
 enableScript            1
 restrained              1
 setUIDMode              2
 # listeners  listener1, listener2, listener3
 listeners |LISTENERS|
 
 #VirtualHost config settings
 docRoot                   /var/www/html/roundcube
 vhDomain                  webmail.|SDOMAIN|
 vhAliases                 webmail.|SDOMAIN|
 adminEmails               |ADMIN|
 enableGzip                1
 enableIpGeo               1

 errorlog |APACHELOGDIR|/|LOG_NAME|.error.log {
   useServer               0
   logLevel                NOTICE
   rollingSize             0
 }
 accesslog |APACHELOGDIR|/|LOG_NAME|.log {
   useServer               0
   logFormat               %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"
   logHeaders              5
   rollingSize             0
 }
 accesslog |APACHELOGDIR|/|LOG_NAME|.bytes {
   useServer               0
   logFormat               %O %I
   rollingSize             0
 }

 scripthandler  {
   add                     lsapi:|SCRIPTHANDLER| inc
   add                     lsapi:|SCRIPTHANDLER| php
   add                     lsapi:|SCRIPTHANDLER| phtml
   add                     lsapi:|SCRIPTHANDLER| php|PHP1_RELEASE|
 }

 phpIniOverride  {
   php_admin_flag engine |PHP|
   php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f |PHP_EMAIL|"
   |CLI_PHP_MAIL_LOG|
 |*if HAVE_SAFE_MODE="1"|
   php_admin_flag safe_mode |SAFE_MODE|
 |*endif|
 }

 rewrite  {
   enable                  1
   autoLoadHtaccess        1
   |FORCE_SSL_REDIRECT|
 }

 |*if SSL_TEMPLATE="1"|
 vhssl  {
   |CUSTOM6|
   keyFile                 |KEY|
   certFile                |CERT|
   certChain               1
   sslProtocol             |SSLPROTOCOL|
 }
 |*endif|

 # include aliases
 include /usr/local/lsws/conf/httpd-alias.conf
}

After you have saved the OpenLiteSpeed template file and exited from the nano text editor, you will need to rewrite the existing OpenLiteSpeed domain configuration files to add the custom template into it by using the following code.

cd /usr/local/directadmin/custombuild
./build rewrite_confs

Now you will need to set up the DNS records for the webmail subdomain. We will create a new DNS template file by copying the existing DNS A (IPv4) and AAAA (IPv6) configuration files. If your server only has IPv4 connectivity you will not need to create an AAAA DNS template file.

First, we will make the A DNS Record template file using the following code.

cd /usr/local/directadmin/data/templates
cp dns_a.conf custom
cd custom
perl -pi -e "s/^smtp=\\|IP\\|\n/smtp=\\|IP\\|\nwebmail=\\|IP\\|\n/" dns_a.conf

If your server has an IPv6 address you can create a AAAA DNS Record template file using the following code.

cd /usr/local/directadmin/data/templates
cp dns_aaaa.conf custom
cd custom
perl -pi -e "s/^smtp=\\|IP\\|\n/smtp=\\|IP\\|\nwebmail=\\|IP\\|\n/" dns_aaaa.conf

The above A and AAAA DNS record templates will setup the webmail subdomain for any new user accounts created with their assigned IP addresses. For all existing user accounts DNS records you will update them manually or use our script to update the existing A DNS records.

That’s it. You have now successfully created a new OpenLiteSpeed Virtualhost template to add the webmail subdomain and create new A and AAAA DNS record templates to automatically add the webmail subdomain DNS records. Now we will move onto updating the DirectAdmin configuration file to add the ability to select Let’s Encrypt SSL certificates for the new webmail subdomain.

Enable SSL Certificate

Now we will need to change the DirectAdmin configuration file directadmin.conf to update the available options to generate a Let’s Encrypt SSL certificate for the webmail subdomain.

You can check the defaults Let’s Encrypt SSL certificate using the following code.

/usr/local/directadmin/directadmin c | grep letsencrypt_list
letsencrypt_list=www:mail:ftp:pop:smtp
letsencrypt_list_selected=www

As you can see the Let’s Encrypt SSL certificate options cover the user domain, both non-www and www, mail, FTP, POP and SMTP with the domain (WWW and non-WWW) selected as the default option.

Next, we will update the directadmin.conf file to include the webmail subdomain and make it selected by default to be included in the Let’s Encrypt SSL certificate request then restart DirectAdmin so the change can take effect.

echo "letsencrypt_list=www:mail:ftp:pop:smtp:webmail" >> /usr/local/directadmin/conf/directadmin.conf
echo "letsencrypt_list_selected=www:webmail" >> /usr/local/directadmin/conf/directadmin.conf
echo "action=directadmin&value=restart" >> /usr/local/directadmin/data/task.queue; /usr/local/directadmin/dataskq d2000

Now if we query the directadmin.conf file you will see the webmail subdomain has been included in the Let’s Encrypt SSL certificate request.

/usr/local/directadmin/directadmin c | grep letsencrypt_list
letsencrypt_list=www:mail:ftp:pop:smtp:webmail
letsencrypt_list_selected=www:webmail
TIP We highly recommend that all domains are set up to force SSL encryption using the HTTPS redirect. This will ensure that anytime you visit the URL webmail.domain.com it will be served over HTTPS and encrypt all communication.

You can enable the force SSL option in the user dashboard by selecting SSL Certificates then selecting the checkbox Force SSL with https redirect. Make you click the Save to ensure DirectAdmin update the domains configuration file.

Force SSL Redirect DirectAdmin

That’s it. You have now successfully updated the DirectAdmin configuration file to enable the ability to select Let’s Encrypt SSL certificates for the new webmail subdomain and enabled them to be selected as default. Now we will move onto adding DNS A record for the new webmail subdomain to all existing domains and pointer zones.

Update Existing DNS Records

If you have existing domains on your DirectAdmin server you will need to either manually update the DNS A records to point the new webmail subdomain to the existing server IP address or you can use the following script to automatically update the DNS A records.

This script will go through all existing domains and domain pointers, and add a new DNS A record using the existing server IP address or if your domain uses a dedicated IP address add that instead. To add the script simply copy and paste the following code.

cd /usr/local/directadmin/scripts/custom/

Now we will create the script file using the following command and your favourite command line text editor. In our example, we will be using nano.

nano adddnsrecord.sh

Once you have opened the adddnsrecord.sh file you will need to copy and paste the following code.

#!/bin/sh 
DATAU=/usr/local/directadmin/data/users
for u in `ls $DATAU`; do
{
      IP=`grep ip= $DATAU/$u/user.conf | cut -d= -f2`
      for d in `cat $DATAU/$u/domains.list $DATAU/$u/domains/*.pointers 2>/dev/null | cut -d= -f1`; do
      {
            echo "adding new record with IP $IP to $d";
            echo "webmail   14400    IN   A   $IP" >> /var/named/${d}.db
      };
      done;
};
done;
exit 0;

After pasting the script into the file, simply save the file, change file permissions and execute the script using the following commands.

chmod 755 adddnsrecord.sh
./adddnsrecord.sh

Once the script has completed adding the new DNS A record you will need to restart the Named service using the following command.

service named restart

Once you have restarted Named service it is also a good idea to rewrite all .db files to update their serials and trigger DNS sync to your remote DNS systems by using the following command.

echo "action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue

That’s it. You have now successfully added a new DNS A record for the webmail subdomain to all existing domains and pointer zones. Now we will move onto automatically redirecting the webmail aliases (webmail/roundcube) to point to our newly created webmail subdomain.

Redirect Webmail Aliases

Now we will set up the redirection of the existing webmail aliases (webmail/roundcube) to point automatically to the webmail subdomain. In our example, we are using the CUSTOM5 location which will be inserted into the rewrite{} section of the OpenLiteSpeed virtualhost file of every domain on the server.

We will create the custom template file using the following command and your favourite command line text editor. In our example, we will be using nano.

nano /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.5.pre

The code in the custom template below will redirect any requests to the virtualhost aliases to the webmail subdomain, for example, if a request was made to domain.com/webmail, OpenLiteSpeed will automatically rewrite that request as webmail.domain.com. These rewrites rules are fully compatible with the single sign-on feature included within DirectAdmin.

In the cust_OpenLiteSpeed.CUSTOM.5.pre file you will need to copy and paste the following code.

RewriteRule ^/roundcube//?(.*)$ https://webmail.|SDOMAIN|//$1 [L,R=301]
RewriteRule ^/webmail//?(.*)$ https://webmail.|SDOMAIN|//$1 [L,R=301]

After you have saved the OpenLiteSpeed template file and exited from the nano text editor, you will need to rewrite the existing OpenLiteSpeed domain configuration files to add the custom template into it by using the following code.

cd /usr/local/directadmin/custombuild
./build rewrite_confs

That’s it. You have now successfully created a new OpenLiteSpeed Virtualhost template for the webmail subdomain, created new A and AAAA DNS record template files to automatically add the webmail subdomain to the DNS records, updated the DirectAdmin configuration file to enable the ability to select Let’s Encrypt SSL certificates for the new webmail subdomain and enabled them to be selected as default, added DNS A record for the new webmail subdomain to all existing domains and pointer zones and automatically redirected the webmail aliases (webmail/roundcube) to point to the webmail subdomain.

VPSBasics

VPSBasics

This guide was written by the VPS Basics editorial team, led by Gilberto Van Roosen. They are a unique blend of people who are dedicated to providing highly detailed, comprehensive and easy to follow tutorials, written in plain English. They specialise in tutorials for managing Linux servers, its software and WordPress.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.