Roundcube is a free opensource web-based IMAP email client. It provides full functionality you expect from an email client, including MIME support, address book, folder manipulation, message searching and spell checking. At the time of this writing, Roundcube just released v1.1.5.
Download souce code
cd /usr/local/src/ |
Now copy the source code to web root:cp -r /usr/local/src/roundcubemail-1.1.5 /var/www/html/roundcubemail
chown -R nginx:nginx /var/www/html/roundcubemail
Database
Roundcube uses MariaDB as the backend database. So create a database and add a database user:#mysql -uroot -p
CREATE DATABASE roundcubemail;
GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY 'RCpassword';
FLUSH PRIVILEGES;
quit
Nginx Configuration
Create a new Nginx site configrration file /etc/nginx/conf.d/roundcube.confserver {
listen 80;
server_name roundcube.mydomain.com;
return 301 https://$server_name$request_uri; # enforce https
}
server {
listen 443 ssl;
server_name roundcube.mydomain.com;
root /var/www/html/roundcubemail;
index index.php;
charset utf-8;
## SSL settings
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
ssl_dhparam /etc/nginx/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ecdh_curve secp521r1;
add_header Strict-Transport-Security max-age=31536000;
# add_header X-Frame-Options DENY;
# auth_basic "Restricted area";
# auth_basic_user_file /etc/nginx/passwd;
location / {
try_files $uri $uri/ index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
}
}
Reload Nginxsystemctl reload nginx
Web installation
Now I can start installation by go to https://roundcube.mydomain.com/installer/
Check environment
First the RouncCube installer will check the environment. There may be some items show as “NOT AVAILABLE”, for these items I only need make sure what I needed is “OK”
I found that it complain that “Mcrypt” and “Intl” PHP modules shows as “NOT AVALIABLE”, so let’s intall them and restart PHP-FPM”yum -y install php-mcrypt php-intl
systemctl restart php-fpm
Then refreash the web page and now the environment is ready. Click “NEXT” button to go on.
Create config
Fill the “Database password”. Also fill in SMTP and IMAP configration. Create the config file
Test config
Go ahead to inatialize database.
When test SMTP and IMAP there are errors. I manually edited the configured file config/config.inc.php// ----------------------------------
// SQL DATABASE
// ----------------------------------
$config['db_dsnw'] = 'mysql://roundcube:RCpassword@localhost/roundcubemail';
// ----------------------------------
// IMAP
// ----------------------------------
$config['default_host'] = 'ssl://smtp.mydomain.com';
$config['default_port'] = 993;
$config['imap_auth_type'] = 'PLAIN';
// ----------------------------------
// SMTP
// ----------------------------------
$config['smtp_server'] = 'tls://smtp.mydomain.com';
$config['smtp_port'] = 587;
$config['smtp_auth_type'] = 'PLAIN';
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
Save the configration file. To test again, go back to
https://roundcube.mydomain.com/installer/index.php?_step=1
All tests passed. Last remove the installer folder.rm -rf /var/www/html/roundcubemail/installer
Now Roundcube wabmail is working. I can use it at https://roundcube.mydomain.com/
Sieve filter
One of the reason I use Dovecot is that I need to use Sieve filter in RoundCube Mail, so user can setup their own filter such as Vacation Autoresponse.
LMTP
Till now my mail server use Postfix as the LDA(Local Delivery Agent) to diliver mails to users maildir. For sieve to work we need to use dovecot as a LDA. This means that dovecot has to write the email to the email folder of the user for the final delivery.
We will configure dovecot acting as local delivery using LMTP. (The other option is using LDA, which works like a binary command, each time that postfix sends a email lda deliver is called.)
Configure LMTP by editing /etc/dovecot/conf.d/10-master.confservice lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
unix_listener lmtp {
#mode = 0666
}
# Create inet listener only if you can't use the above UNIX socket
#inet_listener lmtp {
# Avoid making LMTP visible for the entire internet
#address =
#port =
#}
}
Also set up a postmaster addr at /etc/dovecot/conf.d/20-lmtp.confprotocol lmtp {
postmaster_address = postmaster@yourdomain.com
}
Then we will enable lmtp protocol in /etc/dovecot/dovecot.confprotocols = imap pop3 lmtp
Now I need tell Postfix to use Dovecot LDA, edit /etc/postfix/main.cf add lines:#use dovecot lmtp as virtual transport
virtual_transport = lmtp:unix:private/dovecot-lmtp
Restart Dovecot and MailScanner, send a test email then check maillog to see LMTP in action for local delivery:
Apr 24 13:29:32 smtp dovecot: master: Dovecot v2.2.10 starting up for imap, pop3, lmtp (core dumps disabled) |
Managesieve
I use dovecot-pigeonhole and it’s been installed already.
Enable sieve filter, edit /etc/dovecot/conf.d/20-lmtp.confprotocol lmtp {
# Space separated list of plugins to load (default is global mail_plugins).
mail_plugins = $mail_plugins sieve
postmaster_address = postmaster@mydomain.com
}
Configure sieve, edit /etc/dovecot/conf.d/90-sieve.confplugin {
# The path to the user's main active script. If ManageSieve is used, this the
# location of the symbolic link controlled by ManageSieve.
sieve = ~/sieve/.dovecot.sieve
sieve_dir = ~/sieve
...
}
Configure managesieve, edit /etc/dovecot/conf.d/20-managesieve.confprotocols = $protocols sieve
service managesieve-login {
inet_listener sieve {
port = 4190
}
...
}
(Note, make sure all brackets are closed properly.)
Now restart Dovecot then test to see if managesieve works:# telnet localhost 4190
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave"
"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN CRAM-MD5"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."
^]
telnet> quit
Connection closed.
Roundcube Plugin SieveRules
I will install the SieveRules plugin created by JohnDoh at Github:
https://github.com/JohnDoh/Roundcube-Plugin-SieveRules-Managesieve
Save to roundcube plugins folder as /var/www/html/roundcube/plugins/sieverules
Then make a config.inc.php from config.inc.php.distcd /usr/local/src/
git clone https://github.com/JohnDoh/Roundcube-Plugin-SieveRules-Managesieve
cp -r Roundcube-Plugin-SieveRules-Managesieve /var/www/html/roundcubemail/plugins/sieverules
cd /var/www/html/roundcubemail/plugins/sieverules
cp config.inc.php.dist config.inc.php
chown -R nginx:nginx /var/www/html/roundcubemail/plugins/sieverules
Edit /var/www/html/roundcubemail/plugins/sieverules/config.inc.php, set$config['sieverules_auth_type'] = 'PLAIN';
Last add the plugin to /var/www/html/roundcube/config/config.inc.php:// List of active plugins (in plugins/ directory)
$config['plugins'] = array(
'archive',
'zipdownload',
'fail2ban',
'password',
'jqueryui',
'sieverules',
);
(Note: jqueryui is needed for this plugin to work.)
Now login to Roundcube webmail to create a filter and test it.
Quick links:
- Part 1: LEMP
- Part 2: Postfix and Dovecot
- Part 3: MailScanner and MailWatch
- Part 4: SPF, DKIM and DMARC
- Part 5: Roundcube Webmail
- Part 6: Afterthoughts