Email Server With Postfix Dovecot and MailScanner (Part 5 - Roundcube webmail)

Roundcube is a free opensource web-based IMAP email client. It provides full functionality you expect from an email client, including MIME support, address book, folder manipulation, message searching and spell checking. At the time of this writing, Roundcube just released v1.1.5.

Download souce code

cd /usr/local/src/
tar zvxf roundcubemail-1.1.5-complete.tar.gz

Now copy the source code to web root:

cp -r /usr/local/src/roundcubemail-1.1.5 /var/www/html/roundcubemail
chown -R nginx:nginx /var/www/html/roundcubemail


Roundcube uses MariaDB as the backend database. So create a database and add a database user:

#mysql -uroot -p
CREATE DATABASE roundcubemail;
GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY 'RCpassword';

Nginx Configuration

Create a new Nginx site configrration file /etc/nginx/conf.d/roundcube.conf

server {

listen 80;
return 301 https://$server_name$request_uri; # enforce https


server {

listen 443 ssl;
root /var/www/html/roundcubemail;
index index.php;
charset utf-8;

## SSL settings
ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ecdh_curve secp521r1;

add_header Strict-Transport-Security max-age=31536000;
# add_header X-Frame-Options DENY;

# auth_basic "Restricted area";
# auth_basic_user_file /etc/nginx/passwd;

location / {
try_files $uri $uri/ index.php;

location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;


Reload Nginx

systemctl reload nginx

Web installation

Now I can start installation by go to

Check environment

First the RouncCube installer will check the environment. There may be some items show as “NOT AVAILABLE”, for these items I only need make sure what I needed is “OK”

I found that it complain that “Mcrypt” and “Intl” PHP modules shows as “NOT AVALIABLE”, so let’s intall them and restart PHP-FPM”

yum -y install php-mcrypt php-intl
systemctl restart php-fpm

Then refreash the web page and now the environment is ready. Click “NEXT” button to go on.

Create config

Fill the “Database password”. Also fill in SMTP and IMAP configration. Create the config file

Don't warray to much about put in wrong configration inforamtion on the IMAP and SMTP sections. I will fix them later by manually editing the configration file later.

Test config

Go ahead to inatialize database.

When test SMTP and IMAP there are errors. I manually edited the configured file config/

// ----------------------------------
// ----------------------------------
$config['db_dsnw'] = 'mysql://roundcube:RCpassword@localhost/roundcubemail';

// ----------------------------------
// ----------------------------------
$config['default_host'] = 'ssl://';
$config['default_port'] = 993;
$config['imap_auth_type'] = 'PLAIN';

// ----------------------------------
// ----------------------------------
$config['smtp_server'] = 'tls://';
$config['smtp_port'] = 587;
$config['smtp_auth_type'] = 'PLAIN';
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';

Save the configration file. To test again, go back to

All tests passed. Last remove the installer folder.

rm -rf /var/www/html/roundcubemail/installer

Now Roundcube wabmail is working. I can use it at

Sieve filter

One of the reason I use Dovecot is that I need to use Sieve filter in RoundCube Mail, so user can setup their own filter such as Vacation Autoresponse.


Till now my mail server use Postfix as the LDA(Local Delivery Agent) to diliver mails to users maildir. For sieve to work we need to use dovecot as a LDA. This means that dovecot has to write the email to the email folder of the user for the final delivery.

We will configure dovecot acting as local delivery using LMTP. (The other option is using LDA, which works like a binary command, each time that postfix sends a email lda deliver is called.)

Configure LMTP by editing /etc/dovecot/conf.d/10-master.conf

service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
unix_listener lmtp {
#mode = 0666

# Create inet listener only if you can't use the above UNIX socket
#inet_listener lmtp {
# Avoid making LMTP visible for the entire internet
#address =
#port =

Also set up a postmaster addr at /etc/dovecot/conf.d/20-lmtp.conf

protocol lmtp {
postmaster_address =

Then we will enable lmtp protocol in /etc/dovecot/dovecot.conf

protocols = imap pop3  lmtp

Now I need tell Postfix to use Dovecot LDA, edit /etc/postfix/ add lines:

#use dovecot lmtp as virtual transport
virtual_transport = lmtp:unix:private/dovecot-lmtp

Restart Dovecot and MailScanner, send a test email then check maillog to see LMTP in action for local delivery:

Apr 24 13:29:32 smtp dovecot: master: Dovecot v2.2.10 starting up for imap, pop3, lmtp (core dumps disabled)
Apr 24 13:32:34 smtp dovecot: lmtp(3544): Connect from local
Apr 24 13:32:35 smtp dovecot: lmtp(3544, ZIvkJGJx6FbYDQAA1qURPQ: msgid=<>: saved mail to INBOX
Apr 24 13:32:35 smtp postfix/lmtp[3543]: D23571331C6: to=<>,[private/dovecot-lmtp], delay=12, delays=11/0.31/0.24/0.81, dsn=2.0.0, status=sent (250 2.0.0 <> ZIvkJGJx6FbYDQAA1qURPQ Saved)
Apr 24 13:32:35 smtp dovecot: lmtp(3544): Disconnect from local: Successful quit
Apr 24 13:32:35 smtp postfix/qmgr[3461]: D23571331C6: removed


I use dovecot-pigeonhole and it’s been installed already.

Enable sieve filter, edit /etc/dovecot/conf.d/20-lmtp.conf

protocol lmtp {
# Space separated list of plugins to load (default is global mail_plugins).
mail_plugins = $mail_plugins sieve
postmaster_address =

Configure sieve, edit /etc/dovecot/conf.d/90-sieve.conf

plugin {
# The path to the user's main active script. If ManageSieve is used, this the
# location of the symbolic link controlled by ManageSieve.
sieve = ~/sieve/.dovecot.sieve
sieve_dir = ~/sieve

Configure managesieve, edit /etc/dovecot/conf.d/20-managesieve.conf

protocols = $protocols sieve

service managesieve-login {
inet_listener sieve {
port = 4190


(Note, make sure all brackets are closed properly.)

Now restart Dovecot then test to see if managesieve works:

# telnet localhost 4190
Trying ::1...
telnet: connect to address ::1: Connection refused
Connected to localhost.
Escape character is '^]'.
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave"
"NOTIFY" "mailto"
"VERSION" "1.0"
OK "Dovecot ready."
telnet> quit
Connection closed.

Roundcube Plugin SieveRules

I will install the SieveRules plugin created by JohnDoh at Github:

Save to roundcube plugins folder as /var/www/html/roundcube/plugins/sieverules
Then make a from

cd /usr/local/src/
git clone
cp -r Roundcube-Plugin-SieveRules-Managesieve /var/www/html/roundcubemail/plugins/sieverules
cd /var/www/html/roundcubemail/plugins/sieverules
chown -R nginx:nginx /var/www/html/roundcubemail/plugins/sieverules

Edit /var/www/html/roundcubemail/plugins/sieverules/, set

$config['sieverules_auth_type'] = 'PLAIN';

Last add the plugin to /var/www/html/roundcube/config/

// List of active plugins (in plugins/ directory)
$config['plugins'] = array(

(Note: jqueryui is needed for this plugin to work.)

Now login to Roundcube webmail to create a filter and test it.

Quick links: