Roundcube for OS X Server

Important: Server 5.1 Upgrade Issue

Upgrading to Server 5.1 may disable the Rouncube WebApp, follow this link for the fix.
Why did Server 5.1 break Roundcube Webmail ?

What’s new in version 1.1.4?
  • Roundcube Webmail 1.1.4
  • El Capitan and Server 5 support (SIP compliant)
  • Updated MCrypt installer (SIP compliant)
  • Updated managesieve (mail filtering, vacation auto-responder)
Optional plugins (automatically configured)
  • Plugin: CardDAV Address Book
  • Plugin: HTML5 Desktop Notifications
  • Plugin: Multiple message selection
  • Plugin: Image Paster (paste clipboard images directly into message)
Why we made this installer

Mac OS X Server administrators usually wear many hats (entrepreneur, designer, etc.). We choose the Mac expecting it to have a nice GUI interface and all our basic needs to be met out of the box.
Apple used to provide webmail services in earlier versions of OS X Server (10.7 and earlier). For reasons unknown, webmail was dropped in 10.8 leaving it up to administrators to roll their own solution.

An OS X Server administrator with a Unix background could jump through all the hoops in a couple of hours – but lets face it, most OS X Server administrators would be stuck facing a day or more of tutorials, articles and frustration to get webmail working on their server.

As consultants specializing in mail services for OS X Server, we found ourselves repeating the same steps over and over with each new server installation. So we decided to apply our rule of thumb: if a repeatable process takes more than 30 minutes – document, automate and share.

What does the installer do?

Our installer for Roundcube for OS X Server installs Roundcube Webmail as a simple WebApp available to any website configured inside Server.app. When the WebApp is enabled (by default, its enabled for all sites), you can access webmail by adding /mail /webmail or /roundcube to your website URL.

Furthermore and if you haven’t already done so yourself, MCrypt (a requirement for Roundcube) is installed.
The Roundcube database is initialized. A core set of plugins is installed along with a choice of optional plugins. The finer details like: permissions, php.ini settings, apache config are all updated. Updated files are backed up and the process is logged to /var/log/installer.log

Please browse our FAQs for answers to most questions.
Compatibility
  • OS X 10.11.x (El Capitan with OS X Server 5.x)
  • OS X 10.10.x (Yosemite with OS X Server 4.x or 5.x)
  • Mac OS X Server 10.9.x (Mavericks with Server.app 3.x)
  • Mac OS X Server 10.8.3+. (Mountain Lion withServer app 2.x)

See current changelog for a complete list of fixes and additions.
Please read our FAQs as well.

The topicdesk Roundcube installer is a free download.

 

 

160 replies
« Older Comments
  1. Chris Leach
    Chris Leach says:

    So all I can say is WOW. I recently upgraded from an OS X server running 10.6 to a new server running El Capitan. I was shocked that webmail wasn’t included. I had literally just sat down with drinks, snacks, and the next 4 hours of my life cleared to install roundcube from scratch. Then I stumbled onto your site and within 10 minutes I’m looking at my e-mail in a web browser? Outstanding. If you all are ever out in the Bay Area I owe you a beer or 6. If not I’d be happy to paypal or bitcoin a token of appreciation.

    Reply
  2. Gavin Lawrie
    Gavin Lawrie says:

    Roundcube working fine on Server 5, but not displaying any message dates. The dates are there (e.g. if you look at mail in Mail.app the messages all have dates) and messages appear be sorted by these dates (i.e. latest messages appear at top of Roundcube window) – but just not showing up. Also, if you reply or forward a message within Roundcube, the replied to message has the fomr “On , Username wrote:” – i.e. the date element is simply missing.

    I guess something needs to be adjusted in Roundcube settings – any thoughts about what?

    Thanks!

    Reply
    • Jeff Johnson
      Jeff Johnson says:

      A few possibilities….

      The left-most column has a gear which allows each user to choose which columns are visible to them.
      Did you confirm the date column is selected?

      The fact that the date isn’t displayed in the reply-quote “On , Username wrote:” is curious..
      Each user can choose their time zone (Preferences/User Interface). The defautl is Auto, try setting the timezone vs Auto.

      Have you made any changes to the roundcube config files? You will find them here:
      /usr/local/topicdesk/roundcube/WebApp/config/config.inc.php
      /usr/local/topicdesk/roundcube/WebApp/config/defaults.inc.php

      PHP might have a config problem, watch the apache logs during roundcube login.

      Hope that helps… If you are still stuck, I’d like to take a look myself (screensharing). You can reach me from the contact page.

      Jeff

      Reply
      • Gavin Lawrie
        Gavin Lawrie says:

        Hi Jeff

        Yes, date column selected (that’s how I know it is blank).
        Changing from Auto to UTC for timezone has no effect (as in date not displayed either way).
        Made no changes to files.
        Recently the only error appearing in Apache error log is this one, which is appearing daily just once:

        [Wed Mar 30 06:49:47.848567 2016] [cgi:error] [pid 69008] [client 188.138.41.45:64398] AH02811: script not found or unable to stat: /Library/Server/Web/Data/CGI-Executables/system_cmd.cgi

        Happy for you to have a look via screen sharing – I’ll drop you a note directly.

        Reply
        • Alex
          Alex says:

          I had same issue. Finally solved.

          Turns out that OSX Server has its own php.ini override in

          /Library/Server/Web/Config/php/php.ini

          which by default doesn’t specify a timezone and that then overrides the /etc php.ini to nothing

          Editing that for UTC or your preferred timezone and then re-starting web server did the trick.

          Reply
    • MacCrack
      MacCrack says:

      @ Simon

      That happened to me too. In installed Roundcube again and it worked just like before. All the settings were still there.

      Reply
    • Jeff Johnson
      Jeff Johnson says:

      Server 5.1 doesn’t activate webapps properly for the two default sites.
      The webapp may be checked/enabled on all sites, but only the customSites (not default sites) will be updated.

      The quick fix is:
      sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/webappctl start com.topicdesk.roundcube

      Reply
  3. Sean
    Sean says:

    Some comments on the included config.inc.php:

    1) Shouldn’t this:
    $config[list_cols] = array(chbox, subject, status, fromto, date, size, flag, attachment);

    have quotes like this:
    $config[‘list_cols’] = array(‘chbox’, ‘subject’, ‘status’, ‘fromto’, ‘date’, ‘size’, ‘flag’, ‘attachment’);

    2) $config[‘imap_auth_type’] = CRAM_MD5;

    I think null would be better, as per defaults.inc.php, which says “or null to use best server supported one”.

    3) I would argue for security by default, in other words, instead of:

    $config[‘default_host’] = ‘localhost’;
    $config[‘default_port’] = 143;
    $config[‘smtp_server’] = ‘localhost’;

    I would suggest:

    $config[‘default_host’] = ‘ssl://localhost’;
    $config[‘default_port’] = 993;
    $config[‘smtp_server’] = ‘ssl://localhost’;
    $config[‘smtp_port’] = 587;

    4) Why are some lines “$config” and others “$rcmail_config”? I don’t see “rcmail_config” anywhere in defaults.inc.php.

    5) What is this?:
    $config[‘default_folders’] = array(‘INBOX’, ‘Drafts’, ‘Sent Messages’, ‘Junk’, ‘Deleted Messages’);

    I don’t find “default_folders” anywhere in defaults.inc.php. It’s the only one not in there. Is it maybe leftover from an older roundcube?

    Thanks.

    Reply
  4. Jeff Johnson
    Jeff Johnson says:

    Hi Sean…

    $config[list_cols] = array(chbox, subject, status, fromto, date, size, flag, attachment);
    Should these be quotes?

    Quotes aren’t necessary for this array, but its a good idea to use them anyway.
    I’ll add it to the list for the next update.

    $config[‘imap_auth_type’] = CRAM_MD5;
    I think null would be better, as per defaults.inc.php, which says “or null to use best server supported one”.

    I’ve had a few issues letting roundcube choose the best auth method.
    CRAM-MD5 is enabled by default on every server version supported with this package.

    $config[‘default_host’] = ‘ssl://localhost’;
    $config[‘default_port’] = 993;
    $config[‘smtp_server’] = ‘ssl://localhost’;
    $config[‘smtp_port’] = 587;
    I would argue for security by default, in other words, instead of:

    These are localhost connections. No traffic passing across a network.
    It’s common practice to accep less secure methods for localhost connections.
    We like these settings to maintain compatability with older server versions which may not have SSL enabled.

    Why are some lines “$config” and others “$rcmail_config”? I don’t see “rcmail_config” anywhere in defaults.inc.php.

    This is a carrover from older ( < 1.0 ) versions of roundcube, for now – either works.
    Thanks for mentioning this, we’ll update the config file in the next release.

    What is this?:
    $config[‘default_folders’] = array(‘INBOX’, ‘Drafts’, ‘Sent Messages’, ‘Junk’, ‘Deleted Messages’);
    I don’t find “default_folders” anywhere in defaults.inc.php. It’s the only one not in there. Is it maybe leftover from an older roundcube?

    Its not well documented.
    As I understand it, these are the folders every user should have.
    Its used alog with the “create_default_folders” option to setup the user’s folder structure automatically.


    How can we improve the Roundcube Installer ?
    We’d like to hear any suggestions: better defaults, useful plugins, etc.
    Please post any suggestions here.

    Reply
    • Sean
      Sean says:

      Jeff, thanks for your helpful reply. Not sure how to quote here, but…

      Anything with “md5” in its name worries me, since md5 is long since broken, as I’m sure you know. https://en.wikipedia.org/wiki/MD5#Security I’m not sure what the strongest authentication mechanism OS X’s dovecot supports… maybe GSSAPI? http://wiki.dovecot.org/Authentication/Mechanisms So far, using null for the setting is working for me. Have you seen issues in 1.1.4 or only older?

      It’s your product of course, but I still feel strongly that the setup should be more secure out-of-the-box. If you don’t want to set SSL by default, might I suggest at least keeping the comments from “defaults.inc.php” in your custom config file? That way people can know they can add the “ssl://” prefix. I naively assumed roundcube would automatically prefer SSL, but it seems not. 🙁

      Reply
      • Jeff Johnson
        Jeff Johnson says:

        Sean

        When roundcube and the imap/smtp server exist on the same host and use the loopback interface (127.0.0.1), there are zero packets to sniff on a wire. While it can be possible to sniff the loopback, this requires admin creds and access to the machine, if a hacker has that type of access, you have bigger problems – they can simply navigate to your mailstore and read all the mail stored in plain-text.

        Same goes with SSL. Sure, you can use SSL on a the loopback… If I were a bad guy with the necessary access to your system, I wouldn’t be sniffing packets when I could simply read each message (past and present) straight from the disk.

        IMO, there’s no point discussing how to secure imap/smtp traffic which never leaves the host when the focus should be on securing the server which stores that data in clear-text in postfix queues, backups, mailstore, bcc archive, etc.

        I agree with your opinion when roundcube and the imap/smtp server are on different hosts.
        Our installer is made for same-host installations but can be adapted as needed.

        Jeff

        Reply
  5. Sean
    Sean says:

    Jeff, sorry, let me try to be more clear. Yes, I understand your point about being on the same host, and agree. I should have said explicitly: I run roundcube and imap/smtp on different hosts. Your last paragraph above is key.

    Here’s a not-so-hypothetical scenario: someone installs your package. He finds your config.inc.php file. He sees “$config[‘default_host’] = ‘localhost’;” (with no surrounding comments) and naively changes it to the hostname of his mail server. Things work. He assumes things prefer SSL automagically, but they don’t. He didn’t know about defaults.inc.php, where the comments indicate an explicit “ssl://” prefix is required.

    To be sure, in this scenario, the admin is at fault for not investigating thoroughly enough. But the Mac philosophy has always been one of user-friendliness and forgiveness of errors. And I’d wager most of your users are not full time UNIX greybeards. 🙂

    If at least you include the defaults.inc.php comments, the error above is made much less likely.

    If you additionally include “ssl://” by default, it’s less likely still. Agreed, it’s not so beneficial when using localhost, but it’s not harmful either! (Except I guess if your mail server doesn’t support SSL, but really who running their own email server doesn’t want their email private?!)

    I guess my thinking is that as there’s little harm, but possibly great benefit, in including the “ssl://” by default, that it is preferable.

    Reply
    • Jeff Johnson
      Jeff Johnson says:

      I see your case for including comments, I’ll include that in the next rev.

      The settings will remain as-is to maintain the broadest compatability with default installations with or without SSL.
      Somoene modifying the config to support other configurations is on their own 🙂

      Thanks for the discussion, you had several great points we’ll use to improve the installation.

      Jeff

      Reply
  6. Andreanne D.
    Andreanne D. says:

    I just can’t get Roundcube to work on my Macbook Pro, no matter if I try to reinstall it. It’s as if it disappears right after I download it.

    The app tries to send me to the following address, but it doesn’T work every time.
    (https://127.0.0.1/roundcube).

    Anybody can help with that? (I use round cube to host my email for my professional portfolio online).

    Thank you in advance!

    Reply
  7. Gik
    Gik says:

    Very nice installer, all work fine, but when the mail (body) has unicode characters (i.e. Greek, like: Ελληνικά) the message can not be displayed and I get an message saying: “An error occurred! Could not load message from server.”…

    Any ideas on what can I do to fix this?
    (SquirrelMail has no problem on reading the same message,
    so this is not a problem on the message/IMAP/server side)

    Reply
      • Gik
        Gik says:

        Well, you kinda helped…
        Although the forum seems broken, I found an answer that solved my problem.

        Changing in rcube_imap_generic.php from $binary = true; to $binary = false; fixes the problem.

        I guess it’s a unicode thing…
        (If you could include it at your FAQ, it would help a lot of non-english-using people… there are a lot of us out there) 😉

        Reply
        • Jeff Johnson
          Jeff Johnson says:

          Thanks for posting the solution.

          Hopefully the issue is fixed in Roundcube 1.2 (released and available on roundcube.net)
          If its not fixed in 1.2, we’ll add the FAQ.

          FYI… We’ll have our installer upgraded to 1.2 in a few weeks
          For those that want to try 1.2 asap, its easy enough to upgrade.

          First step is alway to backup 🙂

          Download 1.2 and unpack it
          https://github.com/roundcube/roundcubemail/releases/download/1.2.0/roundcubemail-1.2.0-complete.tar.gz

          In Terminal, cd into the bin directory of the new version, something like:
          cd ~/Downloads/roundcubemail-1.2.0/bin

          Then run the install script
          sudo ./installto.sh /usr/local/topicdesk/roundcube/WebApp

          Reply
          • Gik
            Gik says:

            Installed it and it works fine.
            So it looks like its probably fixed
            (assuming that the new rcube_imap_generic.php is not the one from 1.1 that I had fixed)
            THNX! 🙂

          • Steve
            Steve says:

            Jeff, I realize this is free software that you do on your own time. That said, about 7 months ago you said, “We’ll have our installer upgraded to 1.2 in a few weeks.”

            The last release of your installer for RoundCube was 1.1.4, and that was 11 months ago.

            Are you dong this? If not, let us know and we’ll look for another option. No hard feelings, and thanks for the work so far.

  8. Patrick
    Patrick says:

    Server 5.2 breaks my Roundcube under OS X 10.11.6 ? Also after clean install Roundcube on a other server running 5.2 ?
    Anybody know where to look. I can see the login page, i can login but after that the screen goes blank.

    Reply
  9. Jeff Johnson
    Jeff Johnson says:

    I finally had a chance to check a machine with Server 5.2 installed.

    The issue I encountered today stems from a change in the CardDAV server port.
    CardDAV has defaulted to 8443 in the past, but Server 5.2 defaults to 443.

    To confirm, look at the carddav plugin log
    /usr/local/topicdesk/roundcube/WebApp/logs/errors
    You’ll see this error
    Failed to connect to localhost port 8443: Connection refused

    To resolve this, we need to know if carddav is running:
    sudo serveradmin status addressbook
    If carddav is running, you’ll see:
    addressbook:state = “RUNNING”

    If carddav is RUNNING, change the carddav port to default with
    sudo sed -i.bak ‘s/:8443//’ /usr/local/topicdesk/roundcube/WebApp/plugins/carddav/config.inc.php
    Logout/Login to Roundcube.
    Working?

    If carddav is -NOT- RUNNING, the plugin should be disabled.
    Edit
    /usr/local/topicdesk/roundcube/WebApp/config/config.inc.php
    Find this line, and remove carddav from the array
    $config[‘plugins’] = array(‘image_paster’,’html5_notifier’,’chbox’,’carddav’,’managesieve’);
    result
    $config[‘plugins’] = array(‘image_paster’,’html5_notifier’,’chbox’,’managesieve’);

    Hope that works for everyone 🙂

    Reply
  10. Eric Boinaud
    Eric Boinaud says:

    Hi Jeff,
    i have always this message..

    Forbidden
    You don’t have permission to access /webmail/ on this server.
    Apache Server at miniserver.domaine-boinaud.com Port 80

    Any solution Please ?

    Eric

    Reply
  11. Jan Cobb
    Jan Cobb says:

    I was originally going to follow up on the problem raised by Eric Boinaud, in that I was receiving an error very similar to his, together with an error log entry of:

    “[Sat Nov 19 23:04:35.760521 2016] [autoindex:error] [pid 82841] [client 192.168.147.21:64917] AH01276: Cannot serve directory /usr/local/topicdesk/roundcube/WebApp: No matching DirectoryIndex (index.php,index.html) found, and server-generated directory index forbidden by Options directive”.

    However, part of my problem was camouflaged by having my own redirect in operation in Server 5.2 which meant that the (alias) contents of ‘/usr/local/topicdesk/roundcube/httpd.topicdeskroundcube.conf’ were bypassed. Nevertheless, I still found a problem because the main website uses a CMSms configuration that rewrites URLs to include .html for appearance’s sake, which meant that /mail was not aliased to the roundcube directory but was transformed to /mail.html, which went nowhere!! Eventually, to prevent the pre-emptive action of my PHP scripts (and .htaccess) and to ensure consistency, I amended ‘/usr/local/topicdesk/roundcube/httpd.topicdeskroundcube.conf’ to read:

    Alias “/webmail/” “/usr/local/topicdesk/roundcube/WebApp/”
    Alias “/Webmail/” “/usr/local/topicdesk/roundcube/WebApp/”
    Alias “/WebMail/” “/usr/local/topicdesk/roundcube/WebApp/”
    Alias “/mail/” “/usr/local/topicdesk/roundcube/WebApp/”
    Alias “/roundcube/” “/usr/local/topicdesk/roundcube/WebApp/”
    Alias “/Roundcube/” “/usr/local/topicdesk/roundcube/WebApp/”

    AllowOverride All
    Options -Indexes +FollowSymLinks

    with trailing slashes. While the original format, Jeff, works adequately and correctly, to be absolutely specific could you do the same in the next iteration of the installation package, please?

    Reply
  12. Hina Mirza
    Hina Mirza says:

    I am no expert at things like this and if anyone can help, it will be much appreciated. I have my own company email address hence I need to have access to it on my mac and specially on my phone 24/7. The mail default for the business emails are Roundcube. I cam across this page and tried to download it, however once the Safari page opens, it says, ‘Safari was unable to connect to server’. Am I doing something wrong? Or is there a setting which needs to be adjusted? I just want it on both my devices (and my employers too) so they have access to it rather than going safari and logging in.

    Reply
  13. Hina Mirza
    Hina Mirza says:

    I am no expert at things like this and if anyone can help, it will be much appreciated. I have my own company email address hence I need to have access to it on my mac and specially on my phone 24/7. The mail default for the business emails are Roundcube. I cam across this page and tried to download it, however once the Safari page opens, it says, ‘Safari was unable to connect to server’. Am I doing something wrong? Or is there a setting which needs to be adjusted? I just want it on both my devices (and my employers too) so they have access to it rather than going safari and logging in.

    Reply
  14. Johan Ylinenjarvi
    Johan Ylinenjarvi says:

    Don’t know if I’m clumsy or have configured something really wrong.

    I host 2 domains for 2 different users.

    user1 have info@user1.com
    user2 have info@user2.com

    They have 2 very different password but when user2 made the mistake and typed her email-adress instead of username as login she gets the webmail of user1?

    Any clues?

    Reply
« Older Comments

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *