Open WebMail is a webmail system based on
the Neomail version 1.14 from Ernie Miller.

Open WebMail is targeted on dealing with very big mail folder files in a
memory efficient way. It also provides many features to help users to
switch from Microsoft Outlook smoothly.

Open WebMail has the following enhanced features:

For Users:

* Auto Login
* Multiple Languages/Multiple Charsets
* Strong MIME Message Capability
* Full Content Search
* Draft Folder Support
* Confirm Reading Support
* Spelling Check Support
* vCard compliant Addressbook
* POP3 Support
* Mail Filter Support
* AntiSpam Support through SpamAssassin (
* AntiVirus Support through ClamAV (
* Calendar with Reminder/Notification Support
* Webdisk Support
* HTTP Compression

For System:

* Fast Folder Access
* Efficient Message Movement
* Smaller Memory Footprint
* Graceful File Lock
* Various Authentication Modules
* PAM support
* Remote SMTP Relaying
* Virtual Hosting
* User Alias
* Pure Virtual User Support
* Per User Capability Configuration
* Persistent Running through SpeedyCGI

Apache web server with cgi enabled
Perl 5.005 or above            (required)
MIME-Base64-3.01.tar.gz       (required)
libnet-1.19.tar.gz            (required)
Digest-1.08.tar.gz            (required)
Digest-MD5-2.33.tar.gz        (required)
Text-Iconv-1.2.tar.gz         (required)
libiconv-1.9.1.tar.gz         (required if system doesn't support iconv)

CGI-SpeedyCGI-2.22.tar.gz     (optional but highly recommended, for persistent running)
Compress-Zlib-1.33.tar.gz     (optional, for HTTP compression)
ispell-3.1.20.tar.gz          (optional, for spellcheck)
Quota-1.4.10.tar.gz           (optional, for unixfs quota support)
Authen-PAM-0.14.tar.gz        (optional, for auth_pam support)
openssl-0.9.7d.tar.gz         (optional, for pop3 over SSL support,
                               required only if system doesn't support libssl)     (optional, for pop3 over SSL support)
IO-Socket-SSL-0.96.tar.gz     (optional, for pop3 over SSL support)
clamav-0.70.tar.gz            (optional, for viruscheck,
                               available at
Mail-SpamAssassin-3.02.tar.gz (optional, for spamcheck,
                               available at
antiword-0.35.tar.gz          (optional, for msword preview)
ImageMagick-5.5.3.tar.gz      (optional, for thumbnail support in webdisk)
tnef-           (optional, tnef is used mostly by mails from MS Outlook and Exchange)
wget-1.9.1.tar.gz             (optional, for URL uploading support in webdisk & msg composing)
lsof_4.73A.freebsd.tar.bz2    (optional, for openwebmail-tool --unlock)

First, you have to download required packages from
and copy them to /tmp installation:

   cd /tmp
   tar -zxvf
   perl Makefile.PL
   make install

ps: It is reported that Open Webmail will hang in attachment uploading
    when used with older version of CGI module. We recommend using CGI
    version 2.74 or above for Open WebMail.
    To check the version of your CGI module :

    perl -MCGI -e 'print $CGI::VERSION'

MIME-Base64 installation:

   cd /tmp
   tar -zxvf MIME-Base64-3.01.tar.gz
   cd MIME-Base64-3.01
   perl Makefile.PL
   make install

ps: Though you may already have the MIME-Base64 perl module,
    we recommended you install MIME-Base64 module from source.
    This would enable the XS support in this module which greatly
    improves the encoding/decoding speed of MIME attachment.

libnet installation:

   cd /tmp
   tar -zxvf libnet-1.19.tar.gz
   cd libnet-1.19
   perl Makefile.PL (ans 'no' if asked to update configuration)
   make install

Text-Iconv-1.2 installation:

   Since Text-Iconv-1.2 is actually a perl interface to the underlying iconv()
   support, you have to check if iconv() support is available in your system.
   Please type the following command

   man iconv

   If there is no manual page for iconv, your system might not support iconv(),
   You need to install libiconv package to get iconv() support.

   cd /tmp
   tar -zxvf libiconv-1.9.1.tar.gz
   cd libiconv-1.9.1
   make install

   Type 'man iconv' again to make sure the libiconv is successfully installed.
   Then we start to install the Text-Iconv package

   cd /tmp
   tar -zxvf Text-Iconv-1.2.tar.gz
   cd Text-Iconv-1.2
   perl Makefile.PL

   ps: If your system is FreeBSD, or you just installed libiconv manually,
       please edit the Makefile.PL and change the LIBS and INC lines
       as the following before doing 'perl Makefile.PL'

       'LIBS'         => ['-L/usr/local/lib -liconv'], # e.g., '-lm'
       'INC'          => '-I/usr/local/include',      # e.g., '-I/usr/include/other'

   make test

   ps: If the 'make test' failed, it means you set wrong value for LIBS and
       INC in Makefile.PL or your iconv support is not complete.
       You may copy the misc/patches/ to shares/ to make
       openwebmail work without iconv support.

   make install

The latest released or current version is available at

If you are using FreeBSD and install apache with pkg_add,

1. chmod 4555 /usr/bin/suidperl
   (It seems perl after 5.8.1 should set the suidperl to 555 instead,
    or the suid support may not work)

2. cd /usr/local/www
   tar -zxvBpf openwebmail-X.XX.tar.gz

3. cd /usr/local/www/cgi-bin/openwebmail/etc
   modify openwebmail.conf for your need.

4. execute /usr/local/www/cgi-bin/openwebmail/ --init

ps: If you are using FreeBSD and your perl is compiled from port,
    then please note that the SUID support is disabled by default
    since the port for perl 5.8.1 or later

    You need to do 'make -DENABLE_SUIDPERL' in making port

If you are using RedHat 7.x (or most Linux) with Apache

1. cd /var/www
   tar -zxvBpf openwebmail-X.XX.tar.gz
   mv data/openwebmail html/
   rmdir data

2. cd /var/www/cgi-bin/openwebmail/etc

   modify auth_unix.conf from defaults/auth_unix.conf
   a. set passwdfile_encrypted to '/etc/shadow'
   b  set passwdmkdb           to 'none'

   modify openwebmail.conf
   a. set mailspooldir to '/var/spool/mail'
   b. set ow_htmldir   to '/var/www/html/openwebmail'
      set ow_cgidir    to '/var/www/cgi-bin/openwebmail'
   c. set spellcheck   to '/usr/bin/ispell -a -S -w "-" -d @@@DICTIONARY@@@ -p @@@PDICNAME@@@'
   d. change default_signature for your need
   e. other changes you want

3. add
   /var/log/openwebmail.log {
           /usr/bin/killall -HUP syslogd
   to /etc/logrotate.d/syslog to enable logrotate on openwebmail.log

4. execute /var/www/cgi-bin/openwebmail/ --init

If you are using RedHat 6.2, please use /home/httpd instead of /var/www
ps: It is highly recommended to read the doc/RedHat-README.txt(contributed by if you are installing Open WebMail on RedHat Linux.

ps: Thomas Chung ( maintains the rpm for all
    released and current version of openwebmail, It is available at

    Documents for RH7.3/RH8/RH9, RHEL3, FC1/FC2/FC3 are available at
    You can get openwebmail working in 5 minutes with this :)

If you are using other UNIX with apache, that is okay

Try to find the parent directory of both your data and cgi-bin directory,
eg: /usr/local/apache/share, then

1. cd /usr/local/apache/share
   tar -zxvBpf openwebmail-X.XX.tar.gz
   mv data/openwebmail htdocs/
   rmdir data

2. cd /usr/local/apache/share/cgi-bin/openwebmail

   modify openwebmail*.pl
   change the #!/usr/bin/suidperl to the location where your suidperl is.

3. cd /usr/local/apache/share/cgi-bin/openwebmail/etc

   modify openwebmail.conf
   a. set mailspooldir to where your system mail spool is
   b. set ow_htmldir   to '/usr/local/apache/share/htdocs'
      set ow_cgidir    to '/usr/local/apache/share/cgi-bin'
   c. set spellcheck   to '/usr/local/bin/ispell -a -S -w "-" -d @@@DICTIONARY@@@ -p @@@PDICNAME@@@'
   d. change default_signature for your need
   e. other changes you want

   modify auth_unix.conf from defaults/auth_unix.conf
   a. set passwdfile_encrypted to '/etc/shadow'
   b  set passwdmkdb           to 'none'

4. execute /usr/local/apache/share/cgi-bin/openwebmail/ --init

ps:If you are installing Open WebMail on Solaris, please put
   'the path of your openwebmail cgi directory' in the first line of
   file /etc/openwebmail_path.conf.

   For example, if the script is located at

   then the content of /etc/openwebmail_path.conf should be:

ps: If you are using Apache server 2.0 or later,
    please edit your Apache Configuration file, replace

    AddDefaultCharset ISO-8859-1


    AddDefaultCharset off

In the last step of installing openwebmail, you have done:

cd the_directory_of_openwebmail_cgi_scripts
./ --init

This init will create the mapping tables used by openwebmail in the future.
If you skip this step, you will not be able to access the openwebmail through
web interface.

As perl on various platforms may use different underlying dbm system, the
default setting in the_directory_of_openwebmail_cgi_scripts/etc/dbm.conf
may be not correct for your system.

The init routine will test them and try to give you some useful suggestions.

1. it checks options in etc/dbm.conf,
   if they are set to wrong value, you may see output like
Please change '/the_directory_of_openwebmail_scripts/etc/dbm.conf' from

dbm_ext                 .db
dbmopen_ext             none
dbmopen_haslock         no


dbm_ext                 .db
dbmopen_ext             none
dbmopen_haslock         no

2. it checks if the dbm system uses by default and will
   suggest a necessary patch to, you may see output like
Please modify /usr/libdata/perl/5.00503/mach/ by adding

        $arg[3] = 0666 unless defined $arg[3];

before the following text (about line 247)

        # make recno in Berkeley DB version 2 work like recno in version 1

Please follow the suggestion or the openwebmail may not work properly.
And don't forget to redo './ --init' after you complete
the modification.

To make openwebmail use other SMTP server for mail sending,
you have to set the option 'smtpserver' in openwebmail.conf.
Just change the default value '' to the name/ip of that SMTP server.

Please be sure the SMTP server allows mail relayed from your openwebmail host.

The mailfilter checks if messages in INBOX folder matches the filters rules
defined by user. If matches, move/copy the message to the target folder.
If you move a message to the DELETE folder, which means deleting messages
from a folder. If you use INBOX as the destination in a filter rule,
any message matching this rule will be kept in the INBOX folder and
other rules will be ignored.

Openwebmail can call external programs to do viruscheck for pop3 or
other messages in INBOX. To enable virus check support, you have to

1. install ClamAV (
   And ensure you have started up the daemon of the clamav - clamd
2. modify option viruscheck_pipe according to the location of clamdscan
   (it is the client side of ClamAV)
3. set viruscheck_source_allowed to either pop3 or all.
   This depends on the configuration of your mail system
   If MTA or mail deliver will do virus scanning,
   then you should set this to pop3, otherwise, you may set it to all.
4. set enable_viruscheck to yes in openwebmail.conf
5. there are some other viruscheck related options in defaults/openwebmail.conf,
   please refer to for more detail

ps: Thomas Chung has written a document
    "HOWTO install and configure ClamAV for Open WebMail on Red Hat/Fedora Core"
    It is available at

Openwebmail can call external programs to do spamcheck for pop3 or
other messages in INBOX. To enable spam check support, you have to

1. install SpamAssassin (
   And ensure you have started up the daemon of the spamassasin (spamd)
ps:Please be sure that the spamd is started with -L or --local option
   This causes spamd to do local only test, or the spamcheck will take
   a much longer time.
2. modify option spamcheck_pipe according to the location of spamc
   (it is the client side of spamassassin)
3. set spamcheck_source_allowed to either pop3 or all.
   This depends on the configuration of your mail system
   If MTA or mail deliver will do spam scanning,
   then you should set this to pop3, otherwise, you should set it to all.
4. set enable_spamcheck to yes in openwebmail.conf
5. there are some other spamcheck related options in defaults/openwebmail.conf,
   please refer to for more detail

ps: If you have set 'allow_user_rules 1' in the of your spamassassin,
    you may set option 'enable_saprefs' to yes in your openwebmail.conf,
    this would allow users to set the test rules, whilelist and blacklist in
    the spamassassin userprefs file (~/.spamassassin/userprefs).

ps: How and when does openwebmail call the external programs to check messages?

    The pop3 messages are checked when they are fetched
    from remote pop3 server, the fetching and checking are done in background.
    Other new messages in INBOX (which is delivered by mail system) are checked
    at the time user accesses the mail folder. A mail filtering process will be
    forked at background to check the messages in INBOX.

ps: An option "wait time for background filtering" is provided in preference,
    which can be used to control how long user would like to wait for mail
    filtering before the folder message list or message content is returned.

    Please don't set it too short or some spam/virus may not get filtered
    in time before user accesses them.

ps: The viruscheck/spamcheck is majorly designed to check messages fetched
    from pop3 server since these messages won't be checked by scanners in
    MTA or local deliver.

    While viruscheck/spamcheck can also check all messages in INBOX, but
    we suggest that the sysadm should install antispam/antivurs softwares
    in either MTA or local deliver so mails can get checked before delivered
    into INBOX. It is more efficient than scanning all mails in Open WebMail.
    And the mails will get checked even the user is using client other than
    Open WebMail.

Openwebmail can call external programs to learn HAM/SPAM messages by storing
the tokens of messages in per user bayesian db..
To enable learn ham/spam support, you have to

1. install SpamAssassin (
2. modify option learnspam_pipe and learnham_pipe according to the location
   of sa-learn (it is the ham/psam learner of spamassassin)
3. set enable_learnspam to yes in openwebmail.conf

ps:The learned result are stored as per user bayesian db,
   and learnspam is useful only if the db is referenced.

   The two cases that the per user bayesian db is used:
   a. spamassassin check is called in local deliver, or
   b. spamassassin check is enabled in openwebmail

The disk space used by webmail, webcalendar or webdisk are counted together as
the user quota usage. There are five options can be used to control the user
quota in defaults/openwebmail.conf. You may override the defaults by setting
them in openwebmail.conf.

1. quota_module

This option is used to choose the quota system for your openwebmail.
There are two quota modules available currently.


This is the recommended quota module if the openwebmail user is the real
unix user and you system has enables the disk quota.
It has the minimal overhead.

ps:You have to install the Quota-1.4.10.tar.gz to use the module.


This is the recommended module only if could not be used on
your system (eg: openwebmail user is not standard unix user or unix quota
is not available.), because it uses the 'du -sk' to get the user quota usage.

Since running 'du -sk' on a large directory may be quote time consuming,
this module will cache the result of the 'du -sk' to avoid too much overhead.
The default cache lifetime is 60 seconds and could be changed in

If you set this option to 'none', then no quota system will be used in openwebmail

2. quota_limit

This option sets the limit (in kb) for user quota usage.
The webmail and webdisk operation is limited to 'delete' if quota is hit.
This option won't prevent the operation taking the user over this limit
from completing but simply inhibits further saving of messages or files
until the user quota usage is brought down again.

ps: The value set in this option is used only if quota module doesn't support
    quotalimit. ( whose quota_info() routine returns the quotalimit as -1 )

ps: If you use the as the quota module,
    please be sure that there is some space between the softlimit and
    hardlimit (eg:5mb)

    eg: filesystem quota softlimit=25000, hardlimit=30000

3. quota_threshold

Normally, the user quota info will be put in the window title of the browser.
But if the user quota usage is more the threshold set by this option,
a big quota string will be displayed at the top of webmail and webdisk main menu

4. delmail_ifquotahit

Set this option to yes to make openwebmail remove oldest messages from user
mail folders automatically in case his quotalimit is hit. the new total
size will be cut down to apporximately 90% of option quota_limit

5. delfile_ifquotahit

Set this option to yes to make openwebmail remove oldest files from webdisk
/ automatically in case his quotalimit is hit. the new total
size will be cut down to apporximately 90% of option quota_limit

ps: The above options are used to control quota of user homedir.
    if you want to limit the size of user mail spool (the INBOX folder),
    you have to use the spool_limit option.
    Please refer to for more detail.

ps: Since openwebmail 20031128, you may set the option
    use_syshomedir_for_dotdir to no to have openwebmail put index db
    in ow_usersdir instead of user homedir, thus creating db won't be
    limited by user quota.
    This would fix the problem that user exceeding his quota was unable
    to login openwebmail because of corrupt index folder db

Since mail filtering is activated only in Open WebMail, it means messages
will stay in the INBOX until user reads their mail with Open WebMail.
So 'finger' or other mail status check utility may give you wrong
information since they don't know about the filter.

A command tool '' can be used as finger replacement.
It does mail filtering before reporting mail status.

Some fingerd allow you to specify the name of finger program by -p option
(eg: fingerd on FreeBSD). By changing the parameter to fingerd in
/etc/inetd.conf, users can get their mail status from remote host. can be also used in crontab to prefetch pop3mail or
do folder index verification for users. For example:

59 5 * * *  /usr/local/www/cgi-bin/openwebmail/ -q -a -p -i

The above line in crontab will do pop3mail prefetching, mail filtering and
folder index verification quietly for all users at 5:59 every morning.

If you have enabled the calendar_email_notifyinterval in openwebmail.conf,
you will also need to use in crontab to check the calendar
events for sending the notification emails. For example:

0 */2 * * *  /usr/local/www/cgi-bin/openwebmail/ -q -a -n

The above line will use to check the calendar events for all
users every two hours. Please note we use this frequency because the default
value of option calendar_email_notifyinterval is 120 (minute).
You have to set the crontab according to  your calendar_email_notifyinterval.

Open WebMail supports multiples global addressbooks, the location for global
addressbook files is specified in the option ow_addressbooksdir.

The sysadm have to create the empty global addressbooks manually with command
'touch addressbook_filename', then other user may read/write the global
addressbook from the web addressbook interface in openwebmail.

The global addressbook will be editable to a user only if:
1. the option abook_globaleditable is set to yes, and
2. the user has enough privilege to write the global addressbook file.

Current support for global filterrule/calendar is very limited.
The administrator has to make a copy of filterbook/calendar to the file
specified by global_filterbook or global_calendarbook by himself.

ps: An account may be created to maintain the global addressbook/filterbook,
    for example: 'global'

    ln -s your_global_filterbook   ~global/.openwebmail/webmail/
    ln -s your_global_calendarbook ~global/.openwebmail/webcal/

    Please be sure that the global files are writeable by user 'global'
    and readable by others

To enable the spell check in openwebmail, you have to install the ispell or
aspell package.

1. download ispell-3.1.20.tar.gz from and install it,
   or you can install binary from FreeBSD package or Linux rpm

ps: if you are compiling ispell from source, you may enhance your ispell
    by using a better dictionary source.
    a. download
    b. gzip -d words.gz
    c. mkdir /usr/dict; cp words /usr/dict/words
    d. start to make your ispell by reading README

2. check the openwebmail.conf to see if spellcheck is pointed to the
   ispell binary

3. If you have installed multiple dictionaries for your ispell/aspell,
   you may put them in option spellcheck_dictionaries in openwebmail.conf
   and these dictionary names should be separated with comma.

ps: To know if a specific dictionary is successfully installed on
    your system, you can do a test with following command

    ispell -d dictionaryname -a

4. If the language used by a dictionary has a different character set than
   English, you have to define the characters in %dictionary_letters in
   the for that dictionary.

The auto reply function in Open WebMail is done with the vacation utility.
Since vacation utility is not available on some unix, a perl version of
vacation utility '' is distributed with openwebmail.
This has the same syntax as the one on Solaris.

If the autoreply doesn't work on your system,
you can do debug with the -d option

1. choose a user, enable his autoreply in openwebmail user preference
2. edit the ~user/.forward file,
   add the '-d' option after
3. send a message to this user to test the autoreply
4. check the /tmp/vacation.debug for possible error information

Things you may find in /tmp/vacation.debug

'User ... not found in to: and cc:',

This tends to occur (assuming the address is legitimate) when your email
addresses don't match your system accounts.  For instance, when mail for is deposited in system account twood.  The error will look
something like this:

20040505 170028 User twood not found in to: and cc:, autoreply canceled assumes that the user part of the email address (e.g. tim.wood)
will match their account on the system (e.g. twood).  If they don't you can
work around this by

a. add the -j after in option vacationpipe in openwebmail.conf

vacationpipe            %ow_cgidir%/ -j -t60s

ps: this modification won't take effect until user reset their .forward
    file by switching on and off the email forwarding in openwebmail,
    so you may wish to use the following modification instead

b. editing (in the openwebmail folder, typically at
   /var/www/cgi-bin/openwebmail/). At the top of the 'MAIN' section,
   you'll find a while that's used to parse options:

    # parse options, handle initialization or interactive mode
    while (defined($ARGV[0]) && $ARGV[0] =~ /^-/) {
       $_ = shift;

   Immeadiately after that section, add:


   This tells to not check that the email address and system
   account match.  Note: this means that everytime the user receives an email
   from a mailing list, everyone on the mailing list will know the user is
   out-of-office.  And if it's a busy list, they'll hear about it a lot.
   (by twood,

The webdisk module provides a web interface for user to use his home
directory as a virtual disk on the web. It is also designed as a
storage of the mail attachments, you can freely copy attachments
between mail messages and the webdisk.

The / of the virtual disk is mapped to the user's home directory,
any item displayed in the virtual disk is actually located under the
user home directory.

Webdisk supports basic file operation (mkdir, rmdir, copy, move, rm),
file upload and download (multiple files or directories download is supported,
webdisk compresses them into a zip stream on the fly when transmitting).
It can also handle many types of archives, including zip, arj, rar, tar.gz,, tar.bz2, tgz, tbz, gz, z...

Obviously, WebDisk have to call external program to provide all the above
features, it finds the external programs in /usr/local/bin, /usr/bin
and /bin respectively.

the external programs used by webdisk are:

basic file uty                 - cp, mv, rm,
file compression/decompression - gzip, bzip2,
archive uty                    - tar, zip, unzip, unrar, unarj, lha
image thumbnail uty            - convert (in ImageMagick package)

ps: You don't have to install all external programs to use WebDisk,
    a feature will be disabled if related external program is not available.

External commands are invoked with exec() and parameters are passed by
array, which prevents using /bin/sh for shell escaped character
interpretation and thus is quite secure.

To limit the WebDisk space used by the user, please refer to the
'USER QUOTA' section

You can have as many virtual domains as you want on same server with only one
copy of openwebmail installed. Open Webmail supports per domain config file.
Each domain can have its own set of configuration options, including
domainname, authentication module, quota limit, mailspooldir ...

You can even setup mail accounts for users without creating real unix accounts
for them. Please refer to Kevin Ellis's webpage:
"How to setup virtual users on Open WebMail using Postfix & vm-pop3d"

eg: To create configuration file for virtualdomain ''

1. cd cgi-bin/openwebmail/etc/sites.conf/
2. cp ../openwebmail.conf
3. edit options in file '' for domain ''

Open Webmail can use the sendmail virtusertable for user alias mapping.
The loginname typed by user may be pure name or name@somedomain. And this
loginname can be mapped to another pure name or name@otherdomain in the
virtusertable. This gives you the great flexibility in account management.

Please refer to for more detail

When a user logins Open WebMail with a loginname,
this loginname will be checked in the following order:

if (loginname is in the form of 'someone@somedomain') {
} else {  	# a purename
   domain=HTTP_HOST	# hostname in url

is user@domain a virtualuser defined in virtusertable?
if not {
   if (domain is mail.somedomain) {
      is user@somedomain defined in virtusertable?
   } else {
      is user@mail.domain defined in virtusertable?

if (no mapping found && loginname is pure name) {
   is loginname a virtualuser defined in virtusertable?

if (any mapping found) {
   if (mappedname is in the form of 'mappedone@mappeddomain') {
   } else {

if (option auth_withdomain is on) {
   check_userpassword for user@domain
} else {
   if (domain == HTTP_HOST) {
      check_userpassword for user
   } else {
      user not found!

ps: if any alias found in virtusertable,
    the alias will be used as default email address for user

Here is an example of /etc/virtusertable

projectmanager		pm	john1	tom1	tom2	mary3

Assume the url of the webmail server is

The above virtusertable means:
1. if a user logins as projectmanager,
   openwebmail checks
                       projectmanager as virtualuser	---> pm

2. if a user logins as
   openwebmail checks	---> john1

   if a user logins as johnson,
   openwebmail checks
             	---> john1

3. if a user logins as,
   openwebmail checks		---> tom1

   if a user logins as,
   openwebmail checks		---> tom2

   if a user logins as tom,
   openwebmail checks
             		---> tom1

4. if a user logins as mary,
   openwebmail checks
                       mary as virtualuser	---> not an alias

Pure virtual user means a mail user who can use pop3 or openwebmail
to access his mails on the mail server but actually has no unix account
on the server.

Openwebmail pure virtual user support is currently available for system
running vm-pop3d + postfix. The authentication module is
designed for this purpose. Openwebmail also provides the web interface
which can be used to manage(add/delete/edit) these virtual users under
various virtual domains.

Please refer to the description in and auth_vdomain.conf
for more detail.

ps: vm-pop3d :
    PostFix  :

    Kevin L. Ellis ( has written a tutorial
    for openwebmail + vm-pop3d + postfix
    Iis available at

While options in system config file(openwebmail.conf) are applied to all
users, you may find it useful to set the options on per user basis sometimes.
For example, you may want to limit the client ip access for some users or
limit the domain which the user can sent to. This could be easily done with
the per user config file support in Open Webmail.

The user capability file is located in cgi-bin/openwebmail/etc/user.conf/
and named as the realusername of user. Options in this file are actually
a subset of options in openwebmail.conf. An example 'SAMPLE' is provided.

eg: To creat the capability file for user 'guest':

1. cd cgi-bin/openwebmail/etc/users.conf/
2. cp SAMPLE guest
3. edit options in file 'guest' for user guest

ps: Openwebmail loads configuration files in the following order

1. cgi-bin/openwebmail/etc/defaults/openwebmail.conf
2. cgi-bin/openwebmail/etc/openwebmail.conf
3. cgi-bin/openwebmail/etc/sites.conf/domainname if file exists

   a. authentication module is loaded
   b. user alias is mapped to real userid.
   c. userid is authenticated.

4. if (option auth_withdomain is yes) {
      user conf = cgi-bin/openwebmail/etc/users.conf/domain/username
   } else {
      user conf = cgi-bin/openwebmail/etc/users.conf/username
   Then openwebmail will load user conf if file exists.

Options set in the later files will override the previous ones

PAM (Pluggable Authentication Modules) provides a flexible mechanism
for authenticating users. More detail is available at Linux-PAM webpage.

Solaris 2.6, Linux and FreeBSD 3.1 are known to support PAM.
To make Open WebMail use the support of PAM, you have to:

1. download the Perl Authen::PAM module (Authen-PAM-0.14.tar.gz)
   It is available at
2. cd /tmp
   tar -zxvf Authen-PAM-0.14.tar.gz
   cd Authen-PAM-0.14
   perl Makefile.PL
   make install

ps: Doing 'make test' is recommended when making the Authen::PAM,
    if you encounter error in 'make test', the PAM on your system
    will probable-ly not work.

3. change auth_module to '' in the openwebmail.conf

4. check and auth_pam.conf for further information.

ps: Since the authentication module is loaded only once in persistent mode,
    you need to do 'touch openwebmail*pl' to make the modification active.
    To avoid this, you may change your openwebmail backto suid perl mode
    before you make the modifications.
ps: For more detail about PAM configuration, it is recommended to read
    "The Linux-PAM System Administrators' Guide"
    by Andrew G. Morgan,

ps: The script in cgi-bin/openwebmail/misc/test/ can used to
    test if the a authentication module under cgi-bin/openwebmail/auth/ works
    on your system.

    eg: cd your_cgi-bin/openwebmail/
        perl someusername passwd
        perl someusername passwd

    ps: On some system, root is not allowed to login,
        and PAM will always return false for root login

Various authentications are directly available for openwebmail, including

In case you found these modules not suitable for your need,
you may write a new authentication module for your own.

To add new authentication module into openwebmail, you have to:

1. choose an abbreviation name for this new authentication, eg: xyz

2. declare the package name in the first line of file

   package ow::auth_xyz;

3. implement the following 4 function:

   ($retcode, $errmsg, $realname, $uid, $gid, $homedir)=
    get_userinfo($r_config, $domain, $user);

   ($retcode, $errmsg, @userlist)=
    get_userlist($r_config, $domain);

   ($retcode, $errmsg)=
    check_userpassword($r_config, $domain, $user, $password);

   ($retcode, $errmsg)=
    change_userpassword($r_config, $domain, $user, $oldpassword, $newpassword);

   where $retcode means:
    -1 : function not supported
    -2 : parameter format error
    -3 : authentication system internal error
    -4 : username/password incorrect

   $errmsg is the message to be logged to openwebmail log file,
   this would ease the work for sysadm in debugging problem of openwebmail

   $r_config is the reference of the openwebmail %config,
   you may just leave it untouched

   ps: You may refer to or to start.
       And please read doc/auth_module.txt

4. modify option auth_module in openwebmail.conf to

5. test your new authentication module :)

ps: If you wish your authentication module to be included in the next release
    of openwebmail, please submit it to
ps: Since the authentication module is loaded only once in persistent mode,
    you need to do 'touch openwebmail*pl' to make the modification active.
    To avoid this, you may change your openwebmail backto suid perl mode
    before you make the modifications.

It is very simple to add support for your language into openwebmail

1. choose an abbreviation for your language, eg: xy

ps: You may choose the abbreviation by referencing the following url

2. cd cgi-bin/openwebmail/etc.
   cp lang/en lang/xy
   cp -R templates/en templates/xy

3. translate file lang/xy and templates/xy/* from English to your language

4. change the package name of you language file (in the first line)

   package ow::xy

5. add the name and charset of your language to %languagenames,
   %languagecharsets in modules/, then set default_language
   to 'xy' in openwebmail.conf

6. check, if the charset is not listed, add a line for this charset
   in both %charset_localname and %charset_convlist.

7. translate the files used by HTML editor

   cd data/openwebmail/javascript/htmlarea.openwebmail/popups
   cp -R en xy
   cd xy

   then translate htmlarea-lang.js, insert_image.html, insert_sound.html,
   insert_table.html and select_color.html into language xy

   Some style sheel setting in insert*html may need to be adjusted to
   get the best layout for your language. They are

   a. the width and height of the pop window, defined in the first line
      <html style="width: 398; height: 243">

   b. the boxies for fieldsets, defined in middle of the file
      .fl { width: 9em; float: left; padding: 2px 5px; text-align: right; }
      .fr { width: 6em; float: left; padding: 2px 5px; text-align: right; }

      .fl is for box in the left and .fr is for box in the right,
      you may try wider width for better layout

8. If you want, you may create the holidays of your language with the
   openwebmail calendar, then copy the ~/.openwebmail/webcal/ into
   etc/holidaysdir/your_languagename. Them the holidays will be displayed
   to all users of this language

9. If you want, you may also translation help tutorial to your language
   the help files are located under data/openwebmail/help.

ps: if your language is Right-To-Left oriented and you can read Arabic,
    you can use the Arabic template instead of English as the start templates.
    And don't forget to mention it when you submit the templates
    to the openwebmail team.
ps: Since the language and templates are loaded only once in persistent mode,
    you need to do 'touch openwebmail*pl' to make the modification active.
    To avoid this, you may change your openwebmail backto suid perl mode
    before you make the modifications.

ps: If you just want support of different charset of existing language,
    you may try the --langconv command

    a. choose a new name for the converted language
    b. add the new name and it charset to %languagenames,%languagecharsets
       in modules/
    c. execute ' --langconv oldlangname newlangname'
    d. if you see any error complaing directory doesn't exist,
       you may creat it manually and re-execute above command
    e. After conversion, don't forget to test the converted lang file by
       'perl etc/lang/newlangname' to ensure it is valid for perl parser.

ps: If you wish your translation to be included in the next release of
    openwebmail, please submit it to

    Please be sure your translation is based on the template files in the
    latest openwebmail-current.tar.gz. And please send both your tranlsation
    and english version files it based on to us. So we can check if there
    is any latest modification should be added your translation.

Openwebmail can do charset conversion automatically if a message is written
with charset other than the one you are using. Openwebmail does this by calling
the iconv() charset conversion function, as defined by the Single UNIX Specification.

To make openwebmail do auto-convert a new charset for your language:
1. find the charset used by your language in %charset_convlist in
2. put this new charset to the convlist of the charset of your language
3. define the localname of the new charset on your OS to the %charset_localname.
   (It is always the same as the name of charset but in capitals.)

Note: The possible conversions and the quality of the conversions depend on the
      available iconv conversion tables and algorithms, which are in most cases
      supplied by the operating system vendor.

If you would like to add some background images into openwebmail for your
user, you can copy them into %ow_htmldir%/images/backgrounds.
Then the user can choose these backgrounds from user preference menu.

ps: If you wish to share your wonderful backgrounds with others,
    please email it to

If you are interested in designing your own image iconset in the openwebmail,
you have to

1. create a new sub directory in the %ow_htmldir%/images/iconsets/,
   eg: MyIconSet
   ps: %ow_htmldir% is the dir where openwebmail could find its html objects,
       it is defined in openwebmail.conf
2. copy all images from %ow_htmldir%/images/iconsets/Default to MyIconSet
3. modify the image files in the %ow_htmldir%/images/iconsets/MyIconSet
   for your need

ps:In case you want to design iconsets with text inside, the default font used
   in Default.English and Cool3D.English is 'Arial Narrow'.

If you are interested in designing your own text iconset in the openwebmail,
you have to

1. create a new sub directory started with Text. in the %ow_htmldir%/images/iconsets/,
   eg: Text.MyLang
   ps: %ow_htmldir% is the dir where openwebmail could find its html objects,
       it is defined in openwebmail.conf
2. copy %ow_htmldir%/images/iconsets/Text.English/icontext to Text.MyLnag/icontext
3. modify the Text.MyLang/icontext for your language

ps: If your are going to make Cool3D iconset for your language with Photoshop,
    you may start with the psd file created by Jan Bilik <>,
    it could save some of your time. The psd file is available at

ps: If you wish the your new iconset to be included in the next release of
    openwebmail, please submit it to

1. chdir to openwebmail cgi dir (eg: /usr/local/www/cgi-bin/openwebmail)
   and check the owner, group and permission of the following files

   ~/openwebmail*.pl            - owner=root, group=mail, mode=4755
   ~/                - owner=root, group=mail, mode=0755
   ~/etc                        - owner=root, group=mail, mode=755
   ~/etc/sessions               - owner=root, group=mail, mode=771
   ~/etc/users                  - owner=root, group=mail, mode=771

   /var/log/openwebmail.log     - owner=root, group=mail, mode=660

2. test your webmail with http://your_server/cgi-bin/openwebmail/

If there is any problem, please check the faq.txt.
The latest version of FAQ will be available at


"SpeedyCGI is a way to run perl scripts persistently, which can make
them run much more quickly." - Sam Horrocks.

Openwebmail can get almost 5x to 10x speedup when running with SpeedyCGI.
You can get a quite reactive openwebmail systems on a very old P133 machine :)

Note: Don't try to fly before you can walk...
      Please do this speedup modification only after
      your openwebmail is working with regular suidperl

1. install SpeedyCGI

   get the latest SpeedyCGI source from

   cd /tmp
   tar -zxvf path_to_source/CGI-SpeedyCGI-2.22.tar.gz
   cd CGI-SpeedyCGI-2.22
   perl Makefile.PL (ans 'no' with the default)

   then edit speedy/Makefile
   and add " -DIAMSUID" to the end of the line of "DEFINE = "

   make install
   (If you encounter error complaining about install mod_speedy,
    that is okay, you can safely ignore it.)

2. set speedy to setuid root

   Find the speedy binary according to the messages in previous step,
   it is possible-ly at /usr/bin/speedy or /usr/local/bin/speedy.

   Assume it is installed in /usr/bin/speedy

   cp /usr/bin/speedy /usr/bin/speedy_suidperl
   chmod 4555 /usr/bin/speedy_suidperl

3. modify openwebmail for speedy

   The code of openwebmail has already been modified to work with SpeedyCGI,
   so all you have to do is to
   replace the first line of all cgi-bin/openwebmail/openwebmail*pl
	#!/usr/bin/suidperl -T
	#!/usr/bin/speedy_suidperl -T -- -T/tmp/speedy

   The first -T option (before --) is for perl interpreter.
   The second -T/tmp/speedy option is for SpeedyCGI system,
   which means the prefix of temporary files used by SpeedyCGI.

   ps: You will see a lot of /tmp/speedy.number files if your system is
       quite busy, so you may change this to value like /var/run/speedy

4. test you openwebmail for the speedup.

5. If you are installing openwebmail on a low end machine, then you may
   wish to eliminate the firsttime startup delay of the scripts for the user.
   You may use the, it acts as a http client to start
   openwebmail on the web server automatically.

   a. through web interface
      Please refer to for default password and how to change it.

   b. through command line or you can put the following line in crontab
      to preload the most frequently used scripts into mempry

      0 * * * *	/usr/local/www/cgi-bin/openwebmail/ -q

      If your machine has a lot of memory, you may choose to preload all
      openwebmail scripts

      0 * * * *	/usr/local/www/cgi-bin/openwebmail/ -q --all

6. Need more speedup?

   Yes, you can try to install the mod_speedycgi to your Apache,
   but you may need to recompile Apache to make it allow using root as euid
   Please refer to README in SpeedyCGI source tar ball..

   Another approach for speedup is to use some httpd that handles muliples
   connections with only one process, eg:,
   instead of the apache web server.

   Please refer to doc/thttpd.txt for some installation tips.

ps: Kevin L. Ellis ( has written a tutorial
    and benchmark for OWM + SpeedyCGI.
    It is available at

7. Compatibility with perl 5.8.4

   The latest perl 5.8.4 does more strict check for suid scripts,
   and the following two may cause incompatibility for some users

   a. the name of the perl interpreter must include the 'perl' string

      We used suggest 'speedy_suid' as the name of suid speedy perl interpreter,
      but we would like to suggest 'speedy_suidperl' as the name of speedy perl
      interpreter now.

   b. the parameter passed in the first line of the script must be the same
      as the one the perl interpreter get.

      This restirction stop us from using the following line in the script

	#!/usr/bin/speedy_suidperl -T -- -T/tmp/speedy

      All we can use is


      In other words, we can't use "-- -parameter_for_speedy" to pass parameter
      to speedycgi itself

   ps: If you really need to change the tmpbase for SpeedyCGI, you may apply the
       patch in cgi-bin/openwebmail/misc/patches/speedycgi.tmpbase.patch to the
       SpeedyCGi 2.22 source, it changes tmpbase from /tmp/speedy to /var/run/speedy

To make this feature work, you have to install the Compress-Zlib-1.33.tar.gz.
HTTP Compression is very useful for users with slow connection to the
openwebmail server (eg: dialup user, PDA user).

Note: There are some compatibility issues for HTTP compression

1. Some proxy servers only support HTTP compression via HTTP 1.1,
   the user have to enable the use of HTTP1.1 for proxy in their browser
2. Some proxy servers don't support HTTP compression at all,
   the user have to list the webmail server as directly connected in
   the advanced proxy setting in their browser
3. Some browsers have problems when using HTTP compression with SSL,
4. Some browsers claim to support HTTP compression but actually not.

The login screen has a checkbox for HTTP compression.
So in case there is any problem, the user can relogin with checkbox unchecked.

A small script has been made to let static html page display the
user mail/calendar status dynamically.
All you need to do is to put the following text in html source code.

<table cellspacing=0 cellpadding=0><tr><td>
<script language="JavaScript"


<table cellspacing=0 cellpadding=0><tr><td>
<script language="JavaScript"

If the user has ever logined openwebmail successfully,
then his mail/calendar ststus would be displayed in this html page
as an link to the openwebmail login page.

Features that we would like to implement first...

1. web bookmark
2. PGP/GNUPG integration
3. shared folder/calendar

Features that people may also be interested

1. maildir support
2. online people sign in
3. log analyzer