- Official repository: http://plugins.roundcube.net/
My enabled plugins are (at the moment):
- Password, to change the user's password
- qmailforward, replaces the managesieve forward in order to handle the
qmail
forwards viavpopmail/valias
- ManageSieve, which writes sieve scripts to filter the incoming mails (reject, move to specific folders etc.). Note that in order to use it you must have Dovecot managesieve enabled.
It contains the "Out of office" feature. - SpamAssassin User Prefs SQL (sauserprefs), which writes the spamassassin user preferences in the DB. The user will be allowed to create a black/white list, to adjust the required_score and so on.
- MarkAsJunk. You can add the sender's email address to the blacklist, or run a command such as sa_learn. Requires sauprefs.
- ContextMenu. Adds context menus to the message list, folder list and address book. Menu includes the abilities mark messages as read/unread, delete, reply and forward.
- Newmail notifier. can notify new mail focusing browser window and changing favicon, playing a sound and displaying desktop notification (using webkitNotifications feature).
- Persistent login, which provides a "Keep me logged in" aka "Remember Me" functionality for Roundcube.
- ZipDownload, which adds an option to download all attachments to a message in one zip file, when a message has multiple attachments.
- enigma adds support for viewing and sending of signed and encrypted messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format
- swipe, which adds left/right/down swipe actions to entries in the the message list on touch devices (tables/phones).
- Attachment reminder reminds a user to attach the files
Other plugins that I have used in the past for which the old documentation might not be valid anymore
- autologon. Autologin from external Site e.g. (CMS, Portal ...)
- logout redirect. Modified version to only redirect to the homepage (depending on the domain part of the default identity)
- rcguard. This plugin logs failed login attempts and requires users to go through a reCAPTCHA verification process when the number of failed attempts go too high.
- carddav. CardDav client. You can sync your addressbook against a CardDav server like nextcloud or SoGO.
To enable a plugin you have to include it in $config['plugins']
in such a way
$config['plugins'] = array( 'password', 'managesieve', 'qmailforward', 'sauserprefs', 'markasjunk', 'contextmenu', 'newmail_notifier', 'zipdownload', 'persistent_login', 'enigma', 'swipe', 'attachment_reminder' );
Managing plugins via composer
Some of the mentioned above plugins are shipped with the Roundcube package, while the others can be easily installed from https://plugins.roundcube.net/ via composer
. To learn how to use composer take a look to the home page of this site, where a quick howto is provided.
Installing composer
Install as follow if composer.phar
is not already installed
cd /var/www/roundcube chown -R root:apache . wget https://getcomposer.org/composer-stable.phar mv composer-stable.phar composer.phar chown apache:apache composer.phar chmod +x composer.phar mkdir -p /var/www/.composer chown -R apache:apache /var/www/.composer
Since composer has to be runned by apache, it is the case to set up write priviledges in some folder and files that the apache user has to overwrite.
mkdir -p /srv/httpd chown -R apache:apache /srv/httpd touch composer.lock chown apache:apache composer.lock composer.phar chmod -R g+w plugins vendor composer.lock
Using composer
In a few words, just open your composer.json
file and add a line like this for each plugin that is browseable from https://plugins.roundcube.net and you would like to install:
"require" : { ..., "roundcube/rcsample": ">=0.2.0" }
This is my composer.json file that is needed to install the plugins described below:
"require": { ............... other stuff "sagredo-dev/qmailforward": ">=1.0.3", "johndoh/contextmenu": ">=3.3.1", "johndoh/swipe": ">=0.5" }
Run composer
as the apache
user to update and install:
cd /var/www/roundcube
sudo -u apache php composer.phar update
qmailforward
- Github v. 1.0.3
- By Roberto Puzzanghera
- Installed via
composer
: sagredo-dev/qmailforward - More info here
This plugin adds the ability for qmail
users to edit their forward from within Roundcube
with no need to ask their administrators for doing that via qmailadmin.
It saves the forward to MySQL
database in the vpopmail.valias
table. Unlike the managesieve plugin, from which this plugin is inspired but which only apparently behaves in the same way, qmailforward does not use the sieve
rules but saves the forwards on the database, also preserving the possibility of saving a record that enables the copy of messages on the mailbox. In this case the execution of your favorite delivery agent is launched, which can also be set from the configuration file.
Using this method instead of sieve
rules allows qmail
to keep the SPF
policies in effect.
Copy from config.inc.dist.php into config.inc.php your modifications to the default config files. You have to enter at least your credentials to the database, which are those contained in ~vpopmail/etc/vpopmail.mysql.
NB: This plugin works only with vpopmail
configured with --enable-valias.
To use it in conjunction with the sieve
rule have a look here.
Help in the translations is welcome. Grab a file from the localization folder, translate in your language and send it via mail using the contact button above.
Password
- Plugin name: password
This is shipped with Roundcube, so it doesn't need to be installed. You can use either vpopmaild
or sql
driver (thanks to John D. Trolinger).
This plugin provides some driver to enforce the password strenght and I tryied zxcvbn
with no success. Fortunately Tony Fung explained in a comment how to patch the plugin to use cracklib
as a password strenght library. If you want to use this approach read below.
Choosing the vpopmaild driver
# cd plugins/password # cp -p config.inc.php.dist config.inc.php # nano config.inc.php $config['password_driver'] = 'vpopmaild'; // Determine whether current password is required to change password. // Default: false. $config['password_confirm_current'] = true; // vpopmaild Driver options // ----------------------- // The host which changes the password $config['password_vpopmaild_host'] = '<mail-server-IP>'; // TCP port used for vpopmaild connections $config['password_vpopmaild_port'] = 89;
Remember to replace <mail-server-IP> with the IP address of your MTA (generally localhost).
Choosing the sql driver
// We have MYSQL for our VPOPMAIL DATABASE so we use the sql driver $config['password_driver'] = 'sql'; // Determine whether current password is required to change password. // Default: false. $config['password_confirm_current'] = true; // SQL Driver options // ------------------ // PEAR database DSN for performing the query. By default // Roundcube DB settings are used. // We have a VPOPMAIL DB and the database and table name is vpopmail $config['password_db_dsn'] = 'mysql://vpopmail:YOURPASSWORDGOESHERE@<mysql-IP>/vpopmail'; // The username and domainname are different columns JDT $config['password_query'] = 'UPDATE vpopmail set pw_passwd=ENCRYPT(%p,concat("$1$",right(md5(rand()),8 ),"$")), pw_clear_passwd=%p where pw_name=%l and pw_domain=%d'; // VPOPMAIL uses salted hash so md5 JDT $config['password_crypt_hash'] = 'md5';
Here <mysql-IP> is the IP address of your sql server (put localhost if qmail
and sql
servers share the same IP).
Cracklib
patch
You may want to patch the plugin to gain cracklib
's security benefits (thanks to Tony Fung for the patch), so that both roundcube and qmailadmin share the same password check system:
cd /var/www/roundcube wget https://notes.sagredo.eu/files/qmail/patches/roundcube/cracklib-roundcube_pwd_plugin.patch patch -p1 < cracklib-roundcube_pwd_plugin.patch
Be aware that the cracklib
library must be installed as already explained in the qmailadmin's page. You also have to remove exec
from disable_functions
in your php.ini
.
Managesieve
Writes sieve scripts to filter the incoming mails (reject, move to a specific folders etc.). Note that to use this you must have Dovecot managesieve enabled.
- Plugin name: managesieve
- Requires: Dovecot Pigeonhole
- Shipped with Roundcube
cd /var/www/roundcube/plugins cd managesieve cp -p config.inc.php.dist config.inc.php
Modify in such a way the config file. Remember that the port of the dovecot-managesive service is now 4190 (2000 is obsolete).
$config['managesieve_port'] = 4190; $config['managesieve_host'] = '<mail-server-IP>'; // Enables separate management interface for vacation responses (out-of-office) $config['managesieve_vacation'] = 1;
NB: <mail-server-IP> is the IP address of your mail server (localhost if qmail
and sql
share the same IP).
And this is what you are going to see in the dovecot log simply setting a redirect filter
Oct 22 00:03:13 lda(test@yourdomain.net): Info: sieve: msgid=<c3445037f979a8cb793df1f858b7a4f9@somedomain.com>: forwarded to <someone@somewhere.net>
Remember that, in order to the sieve rules to take place, you have to setup the .qmail
file at least for that user or the entire domain as explained earlier in the sieve note about Dovecot, otherwise the LDA will be vpopmail
instead of Dovecot
and the sieve rules will be ignored.
After ages of RoundCube
usage I finally became aware ofthe fact that this plugin has separate management interface for vacation responses!
If you are using this plugin to create forwards, have a look to the qmailforward plugin which does the same without breaking the SPF.
More info here.
SpamAssassin-User-Prefs-SQL
Writes the spamassassin user preferences in the DB. The user will be allowed to create a block/welcome list, to adjust the required_score and so on.
- Installed via
github
: johndoh / roundcube-sauserprefs - Plugin name: sauserprefs
If you migrated to spamassassin
v.4 you have to use the v. 1.20.1 which is not available on composer
yet. So you have to download it from github
and install by yourself:
cd /var/www/roundcube/plugins wget https://github.com/johndoh/roundcube-sauserprefs/archive/refs/tags/1.20.1.tar.gz tar xzf 1.20.1.tar.gz mv roundcube-sauserprefs-1.20.1/ sauserprefs cd sauserprefs mv config.inc.php.dist config.inc.php
Adjust the configuration:
$config['sauserprefs_db_dsnw'] = 'mysqli://spamassassin:<PASSWORD>@<mysql-IP>/spamassassin'; $config['sauserprefs_sav4'] = true;
NB: <mysql-IP> is the IP address of your mysql
server (localhost if the same of qmail
).
If 'mysqli
' extension is not available in your php
, then choose the old 'mysql
' in the line above.
If you have just upgraded to spamassassin v.4 you'd have to take a look to the following info.
Spamassassin userprefs
' funcionality has been explained in this page. Now we have to check just the creation/modification of the record inside the userprefs table of the spamassassin DB.
Mark-as-junk
Adds the sender's email address to the blacklist, or run a command such as sa_learn.
- Shipped with
Roundcube
- Plugin name: markasjunk
- README (detailed drivers howto)
With this nice plugin the end user can add the sender's email address to the blacklist, or run a command such as sa_learn
.
Create the config file from the template
cp config.inc.php.dist config.inc.php
sa_blacklist
driver
- Requires
spamassassin-user-prefs
(sauserprefs
) plugin andSpamassassin Userprefs
Clicking on the button "Mark as Junk" creates a new "Black_list from" record in the database and moves the message in the Junk folder eventually marking it as read. Clicking on the button "Mark as Ham" creates a record "White_list from" in the database and restores the message in the Inbox.
To use the plugin with the driver sa_blacklist
:
$config['markasjunk_learning_driver'] = 'sa_blacklist';
The following cmd_learn
driver should not be used anymore, as we already setup a cronjob for training our bayesian filter and reporting our spam (more info here).
cmd_learn
driver
- Thanks to Gabriel Torres for the hints concerning this setup
This driver calls an external command to process the message. You can use it to call sa_learn
and spamassassin
in cascade. Be aware that you have to eventually remove shell_exec
from disable_functions
in your php.ini
so that php
can execute shell commands.
Prepare the shell script with the commands to run when clicking on the "Mark as junk" button. Save as /usr/local/bin/teach_spam.sh
the following code
cat > /usr/local/bin/teach_spam.sh << __EOF__ #!/bin/bash /usr/local/bin/sa-learn --spam --username=$1 $2 >> /var/log/spamassassin/sa_learn.log 2>&1 /usr/local/bin/spamassassin --nocreate-prefs --report < $2 >> /var/log/spamassassin/spamassassin.log 2>&1 __EOF__
The first command feeds the mail to SpamAssassin
, allowing it to 'learn' what signs are likely to mean spam. The latter one reports the mail as spam to Razor
, Pyzor
and Spamcop
.
Now prepare the shell script with the commands to run when clicking on the "Mark as ham" button. Save as /usr/local/bin/revoke_spam.sh
the following code
cat > /usr/local/bin/revoke_spam.sh << __EOF__ #!/bin/bash /usr/local/bin/sa-learn --ham --username=$1 $2 >> /var/log/spamassassin/sa_learn.log 2>&1 /usr/local/bin/spamassassin --nocreate-prefs --revoke < $2 >> /var/log/spamassassin/spamassassin.log 2>&1 __EOF__
Again, the first command feeds the mail to SpamAssassin
, allowing it to 'learn' which signs are likely to mean ham. The latter one revoke the report to Razor
. Apparently the revocation is not possible with Pyzor
and Spamcop
(but I didn't look deeply in my log yet).
Provide execute priviledges to the newly created scripts
chmod +x /usr/local/bin/teach_spam.sh /usr/local/bin/revoke_spam.sh
Set these options
$config['markasjunk_learning_driver'] = 'cmd_learn'; $config['markasjunk_spam_cmd'] = '/usr/local/bin/teach_spam.sh %u %f'; $config['markasjunk_ham_cmd'] = '/usr/local/bin/revoke_spam.sh %u %f';
Setup che logrotate for the above log files:
cat > /etc/logrotate.d/spam_reports << __EOF__ /var/log/spamassassin/spamassassin.log /var/log/spamassassin/sa_learn.log { su root apache rotate 5 daily missingok notifempty delaycompress create 664 root apache sharedscripts } __EOF__
You have to assign +w
priviledges to apache
in the log dir and to Razor
's identity-* files, as Roundcube
is runned by apache:
chgrp apache /var/log/spamassassin chmod g+w /var/log/spamassassin chgrp apache /etc/mail/spamassassin/.razor/identity-* chmod 640 /etc/mail/spamassassin/.razor/identity-* chmod 644 /etc/mail/spamassassin/.razor/razor-agent.log
multi_driver
driver
- Original driver for the ancient
markasjunk2
plugin multi_driver
plugin patched formarkasjunk
(diff here)
It is possible to run multiple drivers when marking a message as spam/ham. I patched the original version by Philip Weir to work with markasjunk
and run sa_blacklist
followed by cmd_learn
.
Install as follows:
cd /var/www/roundcube/plugins/markasjunk/drivers wget https://notes.sagredo.eu/files/qmail/patches/roundcube/markasjunk-multi_driver/multi_driver.txt mv multi_driver.txt multi_driver.php
Set the correct driver in the config file:
$config['markasjunk_learning_driver'] = 'multi_driver';
Be aware that the markasjunk
's multi_driver
driver, when enabled, seems to prevent the display of the attached images. Why this driver is related to this problem is a mistery. Any comment on this will be welcome.
Context Menu
Adds context menus to the message list, folder list and address book. Menu includes the abilities mark messages as read/unread, delete, reply and forward.
- Installed via
composer
johndoh/contextmenu - Plugin name: contextmenu
No configuration is needed.
swipe
- Installed via
composer
johndoh/swipe - Plugin name: swipe
This plugin adds left/right/down swipe actions to entries in the the message list on touch devices (tables/phones).
Unfortunately this plugins does not have a config file of its own, so we have to add the configuration to the main RC config file.
This is how I configured it for myself. Look at the README file to find the list of all actions available.
$config['swipe_actions'] = [ 'messagelist' => [ 'left' => 'delete', 'right' => 'reply-all', 'down' => 'checkmail' ], 'contactlist' => [ 'left' => 'compose', 'right' => 'compose', 'down' => 'vcard_attachments' ] ];
New mail notifier
Supports three methods of notification:
- Basic - focus browser window and change favicon
- Sound - play wav file
- Desktop - display desktop notification (using webkitNotifications feature, supported by Chrome and Firefox with 'HTML5 Notifications' plugin)
- Shipped by Roundcube
- Plugin name: newmail_notifier
You can enable it simply renaming the config file...
cd plugins/newmail_notifier cp config.inc.php.dist config.inc.php
...and choosing the notification method you like:
// Enables basic notification $config['newmail_notifier_basic'] = true; // Enables sound notification $config['newmail_notifier_sound'] = true; // Enables desktop notification $config['newmail_notifier_desktop'] = false;
Persistent login
- Home page: https://github.com/mfreiholz/persistent_login
- Plugin name: persistent_login
This nice plugin provides a "Keep me logged in" aka "Remember Me" functionality for Roundcube.
Unfortunately this is not available via composer
. A fork of this on composer
actually exists, but it's not updated and it's not working fine here. So let's install it manually
wget -O persistent_login-5.3.0.tar.gz https://github.com/mfreiholz/persistent_login/archive/refs/tags/version-5.3.0.tar.gz tar xzf persistent_login-5.3.0.tar.gz mv persistent_login-version-5.3.0 persistent_login chown -R apache:apache persistent_login
The plugin works better for me with the sql driver, as the cookie driver sometimes disconnects me. So let's enable the sql driver in the config file:
cd persistent_login mv config.inc.php.dist config.inc.php
Now turn on tokens here in your config file
$config['ifpl_use_auth_tokens'] = true;
I also renamed the php
$rcmail_config
variable to $config
everywhere, because $rcmail_config
is now obsolete in RoundCube
.
Finally, if this is a fresh installation of this plugin, we have to create the MySQL
table into the roundcube
database. The sql code can be found in the sql/mysql.sql file:
USE roundcube; CREATE TABLE IF NOT EXISTS `auth_tokens` ( `token` varchar(128) NOT NULL, `expires` datetime NOT NULL, `user_id` int(10) UNSIGNED NOT NULL, `user_name` varchar(128) NOT NULL, `user_pass` varchar(128) NOT NULL, `host` varchar(255) NOT NULL, PRIMARY KEY (`token`), KEY `user_id_fk_auth_tokens` (`user_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; ALTER TABLE `auth_tokens` ADD CONSTRAINT `auth_tokens_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `users` (`user_id`) ON DELETE CASCADE;
Zip download
- Shipped by RoundCube
- Plugin name: zipdownload
Adds an option to download all attachments to a message in one zip file, when a message has multiple attachments. Also allows the download of a selection of messages in one zip file. Supports mbox and maildir format.
Rename the template of config file and adjust the few options as you like. I left the default options intact.
mv config.inc.php.dist config.inc.php
Enigma
- More info here
- Requires:
gpg
(gnupg
andlibgpg-error
onSlackware
systems) - Shipped by
Roundcube
- Plugin name: enigma
Update: the enigma plugin included in 1.3.1 version seems to be not compatible with the old version of Crypt_GPG
This plugin adds support for viewing and sending of signed and encrypted messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format. The plugin uses gpg binary on the server and stores all keys (including private keys of the users) on the server. Encryption/decryption is done server-side. So, this plugin is for users who trust the server.
Create a config file
cd /var/www/roundcube/plugins/enigma cp -p config.inc.php.dist config.inc.php
The keys are stored by the server in the enigma/home
dir. Let's move that dir to a folder that is not accessible from the web and assign to apache write permissions
mkdir -p /var/www/roundcube-enigma-home chown -R root:apache /var/www/roundcube-enigma-home chmod -R g+w /var/www/roundcube-enigma-home
Now modify your apache configuration to grant proper permissions to apache in the newly created dir:
Require all granted
Don't forget to restart your web server, for example:
apachectl restart
Now modify the enigma config file to point to the new home dir:
$config['enigma_pgp_homedir'] = '/var/www/roundcube-enigma-home';
The enigma plugin requires that the Crypt_GPG library is installed exactly in your /var/www/roundcube/plugins/enigma/lib/Crypt_GPG
dir. Considering that roundcube
resets the default include_path php
variable (which is set by php.ini
to /path/to/php/lib
), if you choose to install it using pear
you will get a "Server error". So let's manually download and install the package in the proper folder
cd /var/www/roundcube/plugins/enigma/lib wget http://download.pear.php.net/package/Crypt_GPG-1.6.2.tgz tar xzf Crypt_GPG-1.6.2.tgz ln -s Crypt_GPG-1.6.2/Crypt chown -R root:apache Crypt*
The set up of the certificates is easy. Refer to this blog page for more info.
Attachment reminder
- Shipped by
Roundcube
- Plugin name: attachment_reminder
A nice plugin that reminds a user to attach the files. You have to enable it via Settings->Composing messages.
Other plugins
I leave here the documentation for plugins that I've used in the past or that are no longer valid for the current version of Roundcube, in case they can still be useful for someone or for myself in the future.
rcguard
This plugin logs failed login attempts and requires users to go through a reCAPTCHA verification process when the number of failed attempts go too high. This provides protection against automated attacks.
- Installed via
composer
pbiering/roundcube-rcguard - Plugin name: rcguard
mv config.inc.php.dist config.inc.php
You have to obtain a key from http://www.google.com/recaptcha. Put the key in your config file:
> nano config.inc.php // Public key for reCAPTCHA $config['recaptcha_publickey'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; // Private key for reCAPTCHA $config['recaptcha_privatekey'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
Create the mysql table where to store the logs of all failed attempts. IPs are released after a certain amount of time.
> mysql -u root -p mysql> use roundcube; CREATE TABLE `rcguard` ( `ip` VARCHAR(40) NOT NULL, `first` DATETIME NOT NULL, `last` DATETIME NOT NULL, `hits` INT(10) NOT NULL, PRIMARY KEY (`ip`), INDEX `last_index` (`last`), INDEX `hits_index` (`hits`) ) ENGINE = InnoDB CHARACTER SET utf8 COLLATE utf8_general_ci; quit;
That's it. The captha will be active after 5 failures. You can set this number in the config file.
Different themes and translations of recaptcha are available. Simply edit rcguard.js
. For documentation, see: https://developers.google.com/recaptcha
autologon
Performs an auto login from an external page
- Shipped by
Roundcube
- Plugin name: autologon
You have to modify the default Thomas Bruederli's sample plugin like this (eventually change to $_GET):
<?php /** * Sample plugin to try out some hooks. * This performs an automatic login if accessed from localhost * * @license GNU GPLv3+ * @author Thomas Bruederli */ class autologon extends rcube_plugin { public $task = 'login'; function init() { $this->add_hook('startup', array($this, 'startup')); $this->add_hook('authenticate', array($this, 'authenticate')); } function startup($args) { $rcmail = rcmail::get_instance(); // change action to login if (empty($_SESSION['user_id']) && !empty($_POST['_autologin']) && $this->is_localhost()) $args['action'] = 'login'; return $args; } function authenticate($args) { if (!empty($_POST['_autologin']) && $this->is_localhost()) { $args['user'] = $_POST['_user']; $args['pass'] = $_POST['_pass']; $args['host'] = '[localhost | mail-server-IP]'; $args['cookiecheck'] = false; $args['valid'] = true; } return $args; } function is_localhost() { return true; // return $_SERVER['REMOTE_ADDR'] == '::1' || $_SERVER['REMOTE_ADDR'] == '127.0.0.1'; } }
Use a form like this one in your CMS page:
<form name="form" action="http://your.webmail.url/" method="post"> <input type="hidden" name="_action" value="login" /> <input type="hidden" name="_task" value="login" /> <input type="hidden" name="_autologin" value="1" /> <table> <tr> <td>Utente</td> <td><input name="_user" id="rcmloginuser" autocomplete="off" value="" type="text" /></td> </tr> <tr> <td>Password</td> <td><input name="_pass" id="rcmloginpwd" autocomplete="off" type="password" /></td> </tr> <tr> <td colspan="2"><input type="submit" value="Login" /></td> </tr> </table> </form>
Logout redirect
This plugin is not tested against Roundcube
1.4.1
In case you have installed the autologon plugin this one could be useful to redirect users to the home page of your site upon logout.
- Info: http://www.std-soft.com/bfaq/52-cat-webmail/105-logout-redirect-fuer-roundcube.html (german)
- Download local copy
- Plugin name: logout_redirect
cd /var/www/roundcube/plugins wget http://notes.sagredo.eu/files/qmail/tar/RC-plugins/logout_redirect_rc0.5_v1.2-MN.tar.gz tar xzf logout_redirect_rc0.5_v1.2-MN.tar.gz cd logout_redirect chown -R root.apache logout_redirect chmod -R o-rx logout_redirect
The plugin logout_redirect must be the last in the list of plugins in the main.inc.php otherwise the subsequent plugins will no longer run.
Configure like this editing the config.inc.php inside the plugin's config folder:
$ config['logout_redirect_url'] = 'http://www.yoursite.net';
CardDav
This is a plugin to access CardDAV servers like ownCloud or SoGO.
- Installed via
composer
roundcube/carddav - Plugin name: carddav
This plugin was not tested against Roundcube 1.4
Setup the database tables using the suitable file saved in the dbmigrations/0000-dbinit/
subfolder.
Then you can configure you addressbook. If you use an ownCloud server, this is how to do it:
If you have an Android phone you may want to take a look to the CardDAV application here.
Troubleshoting
If you get a curl
error like this when downloading the dependencies
All settings correct for using Composer PHP Warning: failed loading cafile stream: `/etc/ssl/certs/cacert.pem' in - on line 762 PHP Warning: file_get_contents(): Failed to enable crypto in - on line 762 PHP Warning: file_get_contents(https://getcomposer.org/versions): failed to open stream: operation failed in - on line 762 PHP Warning: Invalid argument supplied for foreach() in - on line 508 None of the 0 stable version(s) of Composer matches your PHP version (5.6.21 / ID: 50621)
then you have to install a cert bundle:
cd /etc/ssl/certs wget --no-check-certificate http://curl.haxx.se/ca/cacert.pem
and tell php
where to find it editing your php.ini
openssl.cafile=/etc/ssl/certs/cacert.pem
Comments
RoundCube Global Address Books
Bai Borko November 5, 2024 13:05 CET
Hi Roberto,
Recently I install "RoundCube SQL Global Address Books" from here here https://github.com/t3chguy/Roundcube-SQL-Global-Address-Books/tree/master?tab=readme-ov-file#installation
This plugin works great. With it you can see all vpopmail users in your address book.
The installation is like the other RoundCube plugins. The tricky part is to create mysql view because missing instructions from the autor how to create the view for vpopmail users.
This view must be created in roundcube database.
Here is the commands for mysql/madiadb.
Reply | Permalink
RoundCube Global Address Books
Roberto Puzzanghera Bai Borko November 5, 2024 13:17 CET
Thanks for the advice. But I don't like exposing the email addresses of users with no authorization ...
Reply | Permalink
RoundCube Global Address Books
Bai Borko Roberto Puzzanghera November 5, 2024 14:05 CET
in my case it very useful, because i am running corporate mail server. All mail users have address and names of all corporate users in their Address Book
Reply | Permalink
qmailforward
Cesare Luppi May 20, 2024 15:36 CET
Hi Roberto,
I succesfully installed qmailforward plugin into my mail server: I see the plugin in the Settings page, if I turn on the forward I see the record in valias table, but when I send a mail to that address is not forwarded to the new address.
I checked in log files, but I don't see errors, it seems that simply it is ignored...
Could you help me?
Cesare
Reply | Permalink
qmailforward
Roberto Puzzanghera Cesare Luppi May 20, 2024 15:46 CET
Ciao Cesare,
are you compiling vpopmail with --enable-defaultdelivery?
Reply | Permalink
qmailforward
Anonymous Roberto Puzzanghera May 20, 2024 16:19 CET
I found the problem: since before installing your pluing I used managesieve, in /home/vpopmail/domains/mydomain.com/.qmail-default file there was the dovecot's deliver string instead of vdelivermail string.
I changed it and now it works, thank you!
Reply | Permalink
qmailforward
Roberto Puzzanghera Roberto Puzzanghera May 20, 2024 16:08 CET
PS did you follow the instructions here https://notes.sagredo.eu/en/qmail-notes-185/sql-valias-with-sieve-solution-for-qmail-new-patches-and-roundcube-plugin-301.html concerning the dot-qmail files?
Reply | Permalink
qmailforward
Cesare Luppi Roberto Puzzanghera May 20, 2024 16:33 CET
The limit that I see is that I can't combine qmailforward and managesieve plugin since qmailforward uses vdelivermail while managesieve uses dovecot deliver... Or I'm missing something else?
Reply | Permalink
qmailforward
Roberto Puzzanghera Cesare Luppi May 20, 2024 16:38 CET
Yes, you are missing the page that I linked above :-) you can have both of them...
Reply | Permalink
roundcube - sieve
Ivelin Topalov March 10, 2024 21:43 CET
sieve - vacationn - iv made it to login default or tls ... but still anyway it sends somehow the vacation autorespond WITHOUT to be DKIM signed !
any ideas ?
Reply | Permalink
roundcube - sieve
Roberto Puzzanghera Ivelin Topalov March 11, 2024 09:45 CET
I can't get what you mean here
Is DKIM working on ordinary outgoing email? Which port are you using? Post the dkim config on that port
Reply | Permalink
roundcube - sieve
Ivelin Topalov Roberto Puzzanghera March 11, 2024 10:27 CET
roundcube config - port 587 host localhost - regular got signed
managesieve - port 587, host localhost - got NOT signed
Reply | Permalink
roundcube - sieve
Roberto Puzzanghera Ivelin Topalov March 11, 2024 11:51 CET
Can you post your DKIM configuration and the dot-qmail of user and domain?
Reply | Permalink
roundcube - sieve
Ivelin Topalov Roberto Puzzanghera March 11, 2024 13:09 CET
The difference:
normal send:
vacation autoreply:
It replays with defaultdomain ...
Reply | Permalink
roundcube - sieve
Ivelin Topalov Roberto Puzzanghera March 11, 2024 12:20 CET
it is an older install - so there is no .qmal for users
it has .qmail-default for domain: |/var/qmail/bin/preline -f /usr/local/dovecot/libexec/dovecot/deliver -d $EXT@$USER -e | /home/vpopmail/bin/vdelivermail '' delete
smtpd - run:
submission run:
Reply | Permalink
roundcube - sieve
Roberto Puzzanghera Ivelin Topalov March 11, 2024 17:34 CET
Which is the reason why you have both dovecot and vpopmail handling the delivery? I think that in this way you'll have every messages saved twice in the mailbox
Reply | Permalink
roundcube - sieve
Ivelin Topalov Roberto Puzzanghera March 11, 2024 22:13 CET
First - the .qmail-deafult comes from your website in the year of install creation
Also : The last parameter in the .qmail-default file tells vdelivermail what to do with non-matching emails. -
in the case it deletes them - so its right - im not gettin mails twice
I'm not investigated which part of scripts in fact signs the e-mails
but all mails get signed - except sieve ones - i think it uses port 25 directly - others are instructed to use 587
Reply | Permalink
roundcube - sieve
Roberto Puzzanghera Ivelin Topalov March 12, 2024 14:50 CET
considering your posted configuration files, you are signing at qmail-remote level, so you have to look at the RC file. When signing at qmail-remote level you run the script spawn-filter by means of the variable QMAILREMOTE in your RC file. spawn-filter is run before the message is queued
spawn-filter uses the file control/filterargs (or the variable FILTERARGS) to decide which program to run. Here is an example of control/filterargs
so qmail-dkim is the program which finally inserts the signature in the message's header
As you can see from my qmail changelog the logic of the DKIM program has been recently changed and it solves the sieve/vacation signature issue. So you have to update your qmail. Be aware that dk-filter and DKIMDOMAIN NODK and other variables have been dropped.
If you are signing with an old version of my qmail, the sieve/vacation DKIM signature won't work.
I've never tested such things with the dovecot proxy in the middle, so if you don't have particular reasons to use the dovecot submission service I suggest to disable it, at least during the initial DKIM tests
Reply | Permalink
roundcube - sieve
Roberto Puzzanghera Ivelin Topalov March 11, 2024 14:11 CET
Which qmail version do you have? In the latest version the dkim setup has been modified and your config should be updated accordingly.
Secondly, you are trying to sign twice, 1 in RC at qmail-remote level, 2 in qmail-smtpd.
But you have roundcube configured to send from port 587, so you are signing only at qmail-remote level here
Reply | Permalink
roundcube - sieve
Roberto Puzzanghera Roberto Puzzanghera March 11, 2024 14:39 CET
sorry forget about that. It's not correct as it serves for the verification
Reply | Permalink
roundcube - sieve - dovecot sieve
Ivelin Topalov Roberto Puzzanghera March 12, 2024 00:03 CET
if user has .sieve filter with mail redirection (uses submission_host) now dovecot submission_host is in 15-lda.conf - localhost:25 - but cant see auth settings ... when i change it to localhost:587 - it complains for auth ...
Reply | Permalink
roundcube - sieve
Ivelin Topalov Roberto Puzzanghera March 11, 2024 23:35 CET
So now iv got the logic - its ok from my side - i sign on 587 but dovecot sieve autoresponds on port 25
- can not see any way to configure it to use 587 - any other ideas ?
Reply | Permalink
roundcube - sieve
Roberto Puzzanghera Ivelin Topalov March 12, 2024 14:38 CET
No, considering your config files you are not signing at smtpd level. You are signing at qmail-remote level. Let me explain it in reply to your other post
Reply | Permalink
qmailforward
Ivelin Topalov March 7, 2024 19:41 CET
plugin qmailforward asks for php 8.0=> why???!!! :(
this new version of qmail install is all agains keep it simple and stable policy of slackware ...
Reply | Permalink
qmailforward
Roberto Puzzanghera Ivelin Topalov March 7, 2024 20:43 CET
because 8.0 and 8.2 are the php version I tested. If you tested it against php-7.4 I can lower the minimum version required.
what do you mean?
Reply | Permalink
corrections
Ivelin Topalov March 6, 2024 22:48 CET
Reply | Permalink
corrections
Roberto Puzzanghera Ivelin Topalov March 7, 2024 07:47 CET
Thank you. Corrected
Reply | Permalink
Managesieve - vacations , something is missing !
Pablo Murillo January 15, 2024 15:36 CET
Hi
I configured managesive on RC for vacations only
Dovecot, pingehole, managesieve, all is working
I configured the vacations form the webmail, the files are created, but the autoreply don't work
I read more and I found that the .qmail file must exit with the next text :
So, I created and everyting star working
The questions is .... why the .qmail file is not created / modified for the managesieve plugin ? or is there other way to make the vacation works without the .qmail file ?
Txs
Pablo Murillo
Reply | Permalink
Managesieve - vacations , something is missing !
Roberto Puzzanghera Pablo Murillo January 15, 2024 15:43 CET
Hi Pablo,
are you creating the vacation message with the managesieve "out of office" RC plugin? Then dovecot has nothing to do with .qmail files. You have to look for a sieve rule into the ~mailbox/.sieve folder.
If you want to handle the vacation message with dot-qmail files you have to use qmailadmin and not the RC "out of office" plugin
PS if you are using the sieve rule to generate the vacation message, I suggest to update you qmail patch because DKIM has improvements in making DKIM/DMARC valid in such cases, especially with google
Reply | Permalink
Managesieve - vacations , something is missing !
Pablo Murillo Roberto Puzzanghera January 15, 2024 18:28 CET
Hi Roberto
Yes, I'm using managesieve "out of office" RC plugin
The plugin create the folder .sieve and all the files, but when the email arrives to the mailbox nothing happens if the .qmail file not exists
The email is managed with qmail, and qmail, only look for .qmail files
If I don't have a .qmail file, the sieve scritp never is proceced
May be I'm doing something wrong or forget to do something ?
Reply | Permalink
Managesieve - vacations , something is missing !
Roberto Puzzanghera Pablo Murillo January 15, 2024 18:30 CET
what do you have in ~vpopmail/domain/yourdomain/.qmail-default?
PS and what do you have in ~vpopmail/domain/yourdomain/user/.qmail? do you have sql valiases for that mailbox?
Reply | Permalink
Managesieve - vacations , something is missing !
Roberto Puzzanghera Roberto Puzzanghera January 15, 2024 19:01 CET
Let me put few things about how sieve and dot-qmail files are related
To have sieve active, you have to enable the dovecot-lda in your dot-qmail (domain/.qmail-default or mailbox/.qmail) in this way
More info here https://notes.sagredo.eu/en/qmail-notes-185/sieve-interpreter-dovecot-managesieve-31.html#lda
You can do the same in an sql valias.
If dovecot-lda is not enabled in your dot-qmail file, then sieve won't work and vpopmail has the responsibility for the delivery. But in that case you can call qmail autoresponder in your dot-qmail (qmailadmin panel).
Reply | Permalink
Managesieve - vacations , something is missing !
Pablo Murillo Roberto Puzzanghera January 15, 2024 21:00 CET
Yes, we wrote at the same time
So, I'm right, :D sieve don't work if I don't have a .qmail file in user folder with the line to invoke deliver (deliver -> dovecot-lda), I will have to modify the managesieve plugin to write that file too !
I'm testing what happens if I add a line in valias
Anyway, I will need to modify the php script from managesieve because, don't work as is :D
Reply | Permalink
Managesieve - vacations , something is missing !
Roberto Puzzanghera Pablo Murillo January 15, 2024 21:03 CET
Have you read this? https://notes.sagredo.eu/en/qmail-notes-185/sql-valias-with-sieve-solution-for-qmail-new-patches-and-roundcube-plugin-301.html
Reply | Permalink
Managesieve - vacations , something is missing !
Pablo Murillo Roberto Puzzanghera January 15, 2024 19:01 CET
Hi
I have vpopmail with
--enable-mysql-limits
--enable-valias
--disable-many-domains
.qmail-default = normally, only the "catch all" or the reject unknow user
| /usr/local/vpopmail/bin/vdelivermail '' postmaster @ DOMAIN
in user folders, normally, there is not .qmail file
Reply | Permalink
Managesieve - vacations , something is missing !
Roberto Puzzanghera Pablo Murillo January 15, 2024 19:03 CET
so, as explained in my previous post (we were writing at the same time), you have to enable dovecot-lda in user's valias record
if you configured vpopmail with --enable-defaultdelivery this is done by vpopmail for you when you create the users
Reply | Permalink
Two pointers to be able to make Cracklib patch to work
Gabriel Torres August 3, 2022 16:16 CET
Two small adjustments I had to do in order to make the Cracklib patch to work:
1. In the patch, the path to cracklib-check is /usr/sbin/cracklib-check, however here in my server I was installed under /usr/local/sbin/cracklib-check
2. Remove exec from disable_functions in php.ini
Cheers.
Reply | Permalink
Two pointers to be able to make Cracklib patch to work
Roberto Puzzanghera Gabriel Torres August 8, 2022 10:08 CET
I improved the patch so that the program will find the correct path for cracklib-check. I also added an advice to remove exec from disable_functions
Reply | Permalink
QuickRules
Kenny Lee September 15, 2020 12:10 CET
Hi Mr Roberto,
the weblink to download quickrules is broken, is it no more support for this plugins?
thank you
Reply | Permalink
QuickRules
Roberto Puzzanghera Kenny Lee September 15, 2020 17:27 CET
No, you can see that I wrote the same above
Reply | Permalink
password plugin patch for cracklib
Tony Fung July 3, 2020 10:03 CET
Hi Roberto,
I created a patch for password plugin to check password with cracklib. So that both roundcube and qmailadmin have same password check ability.
The patch for vpopmaild in use at password_driver:
The patch for sql in use at password_driver:
Hence, thanks for your hard works to modify qmailadmin. Its much better than original.
Reply | Permalink
password plugin patch for cracklib
Roberto Puzzanghera Tony Fung July 24, 2020 16:33 CET
cracklib is not working with the latest 1.4.7 version. I'm reversing the patch for the time being. I'll try to do a fix asap
Reply | Permalink
password plugin patch for cracklib
Tony Fung Roberto Puzzanghera July 27, 2020 06:19 CET
Hi Roberto,
I just installed Roundcube 1.4.7 and verified that the cracklib and the patch still can work well. Be aware the patch require "exec" is allowed in php that could not list in "disable_functions" in "php.ini".
Reply | Permalink
password plugin patch for cracklib
Roberto Puzzanghera Tony Fung July 3, 2020 11:34 CET
I applied the patch and updated the guide. Thanks again
Reply | Permalink
Markasjunk plugin
Gabriel Torres May 29, 2020 05:12 CET
Hi all,
I spent a few hours to make markasjunk to work with all learning and reporting options we had setup with SpamAssassin, so here are few pointers.
1. You will need to remove shell_exec from disable_functions in php.ini
2. If you want to run two drivers (e.g. blacklist + sa-learn), you should create a new driver script based on the one linked below, adjusting it for your needs: https://gist.github.com/JohnDoh/8173505
3. In our case, we wanted to run two commands, not only sa-learn, but also spamassassin -r, which automatically reports spam to SpamCop, Pyzor, and Razor. Therefore, we created a small script:
Save it as /usr/local/bin/teach_spam.sh, and chmod 755 /usr/local/bin/teach_spam.sh
In /plugins/markasjunk/config.inc.php, adjust:
Now, you must make sure you have Razor correctly configured in your system. Follow the instructions presented in:
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/RazorSiteWide
Here, as pointed out at the end of the guide, we didn't need to bother with adding a new group, but make sure to adjust permissions or Razor reporting will fail with: razor2 report failed: No such file or directory Razor2 reporting requires authentication at
This last line was what took me hours to discover why I was getting the error I listed above. is the username you have to create with the razor-admin during the steps listed in the link above.
As for SpamCop, you must create an account there and get your custom reporting email address: https://www.spamcop.net/
As for Pyzor, Roberto didn't add it in his guide, and I highly recommend it. With Debian, all I needed to do was:
Make sure you have enabled SpamCop, Pyzor, and Razor in your /etc/mail/spamassassin/local.cf file:
Don't forget to create the pyzor directory:
Cheers.
Reply | Permalink
Markasjunk plugin
Roberto Puzzanghera Gabriel Torres July 15, 2020 13:44 CET
I slightly modified the multi_driver plugin ro run both cmd_learn and sa_blacklist. It's working fine here... have a look (diff here)
Reply | Permalink
Markasjunk plugin
Roberto Puzzanghera Gabriel Torres July 15, 2020 11:46 CET
I've just added Razor2, Pyzor, Spamcop to spamassassin's configuration and cmd_learn driver info to markasjunk plugin.
Thanks Gabriel for this great contribution
Reply | Permalink
Markasjunk plugin
Roberto Puzzanghera Gabriel Torres May 29, 2020 07:12 CET
Great, thank you! I'll check it out
Reply | Permalink
Small improvement on the guide regarding IP addresses
Gabriel Torres May 28, 2020 01:31 CET
Hi Roberto,
Following the recommendation I did in the other page, I think you should remember people to edit these:
your-IP
[mysql-IP]
mail-server-IP
People can simply copy and paste and forget to change it. Also, see how each time you use a different convention, you should use the same convention such as localhost or <IP ADDRESS>.
Cheers
Reply | Permalink
Small improvement on the guide regarding IP addresses
Roberto Puzzanghera Gabriel Torres May 28, 2020 11:56 CET
Thanks for the advice, I'll do it. Concerning convention, as you know, these three are not the same IP, as the mysql-IP is the IP of the database server to be distinguished from the IP of the mail server (mail-server-IP)
PS: sorry if I leave indications to replace the correct IP instead of putting localhost. Infact, in the general case, it can be difficult for people like me having the services installed in different virtual machines to remember which IP should replace localhost among the following
- the firewall
- the mail server
- the sql server
- the apache server hosting RoundCube, which calls spamassassin with a mysql account different from the one that is used by spamd
Reply | Permalink
Thanks for the config help with sauserprefs
Dave January 11, 2020 00:25 CET
Thanks for posting your config notes here. This was the only page I could find where the initial SQL to set up sauserprefs was posted. The author's Git repo and plugin documentation says nothing about the subject, and the plugin doesn't work until it's properly set up. Please do keep your notes online. :-)
Reply | Permalink
Thanks for the config help with sauserprefs
Roberto Puzzanghera Dave January 11, 2020 07:54 CET
Hi Dave, have a look here https://cwiki.apache.org/confluence/display/SPAMASSASSIN/UsingSQL
This page concerns the Roundcube's plugin which connects to the sauserprefs spamassassin's program. So the SQL stuff is up to spamassassin not RC
Reply | Permalink
Thanks for the config help with sauserprefs
Dave Roberto Puzzanghera January 11, 2020 12:02 CET
I had a look at that page, but there was no explicit reference to RC's sauserprefs module, so I would not have easily found the setup query. Still your notes were the only savior for a newbie to the plugin. The plugin's documentation needs updating, I'm going to volunteer to do that. Thanks again, man! ;-)
Reply | Permalink
Thanks for the config help with sauserprefs
Roberto Puzzanghera Dave January 11, 2020 12:05 CET
Thank you, of course every contribution from you would be welcome, as most of the improvements to this guide in latest years come from its visitors
Reply | Permalink
markasjunk skin not working
nic December 6, 2019 05:39 CET
Hi all,
Plugin markasjunk is lacking of elastic skin. If i change to larry skin, it works. Hoping someone can help to fix this.
Many thanks
nic
Reply | Permalink
markasjunk skin not working
Roberto Puzzanghera nic December 6, 2019 12:53 CET
It works here.
Sure that you're not still using the old markasjunk2 plugin?
Reply | Permalink
markasjunk skin not working
nic Roberto Puzzanghera December 9, 2019 07:08 CET
Sorry. Found out that it was a very old version of sauserprefs
Reply | Permalink
roundcube plugin for change password and set vacation message in qmailadmin cgi-module
Lee March 18, 2018 08:15 CET
roundcube plugin for change password and set vacation message in qmailadmin cgi-module
https://github.com/internero/roundcube-qmailadmin
Reply | Permalink
rcguard
Ed Vrijmoet November 13, 2017 13:40 CET
i installed rcguard and tested it.
it woks but i see a recaptcha wher i have to fill with text how can i change that to the same recaptcha u use with i'm not a robot
thanks
Reply | Permalink
rcguard
Roberto Puzzanghera Ed Vrijmoet November 13, 2017 14:54 CET
Unfortunately this plugin is recaptcha-1.1 based (or 1.0?), while the one that you can see below the comment form is v. 2.0. Take a look to this one https://github.com/dsoares/rcguard which should be a fork of the previous one and it's based on recaptcha v. 2.0. Please let me know if it works fine
Reply | Permalink
rcguard
Ed Vrijmoet Roberto Puzzanghera November 13, 2017 15:41 CET
changed to the new version and it works fine after giving the right password and clicking the recaptcha it logs me in
if i click on the recaptcha i get a challenge could this be changed in the preferences of the google recapthcha security settings.
i mean the difficulty off the challange or no challange at all like here with your recaptcha.
thanks very much for the info
Reply | Permalink
rcguard
Roberto Puzzanghera Ed Vrijmoet November 13, 2017 18:10 CET
thank you. I've just checked myself and updated this page
Reply | Permalink