Install Roundcube Webmail on Debian 11/10 with Apache/Nginx
Roundcube is a free open-source, full-featured webmail client written in PHP. A webmail is a mail client in your browser. Instead of reading and sending emails from a desktop mail client like Mozilla Thunderbird, you can access your email from a web browser. This tutorial is going to show you how to install Roundcube webmail on Debian 11/10 with Apache or Nginx web server.
Roundcube Features
Roundcube functionality includes:
- Address book
- Folder management
- Message searching
- Message filter
- Spell checking
- MIME support
- PGP encryption and signing
- Mailvelope integration
- Users are able to change their passwords in Roundcube.
- Import MIME or Mbox formatted emails.
- Email Resent (Bounce)
- Support for Redis and Memcached cache
- Support for SMTPUTF8 and GSSAPI
- A responsive skin called Elastic with full mobile device support
- OAuth2/XOauth support (with plugin hooks)
- Collected recipients and trusted senders
- Full Unicode support with MySQL database
- Support of IMAP LITERAL- extension
Requirements
To follow this tutorial, it’s assumed that
- Postfix SMTP server and Dovecot IMAP server have been installed on your Debian 11/10 server
If not, please click the above links and follow the instructions to complete the prerequisites. Note that if you set up your email server using iRedMail before, then your server meets all requirements and Roundcube is already installed on your server.
Now let’s proceed to install Roundcube.
Step 1: Download Roundcube Webmail on Debian 11/10
Log in to your Debian server via SSH, then run the following command to download the latest stable version from Roundcube Github repository.
wget https://github.com/roundcube/roundcubemail/releases/download/1.6.0/roundcubemail-1.6.0-complete.tar.gz
Note: You can always use the above URL format to download Roundcube from command line. If a new version comes out, simply replace 1.6.0 with the new version number. You can check if there’s new release at Roundcube downloade page.
Extract the tarball, move the newly created folder to web root (/var/www/) and rename it as roundcube at the same time.
tar xvf roundcubemail-1.6.0-complete.tar.gz sudo mkdir -p /var/www/ sudo mv roundcubemail-1.6.0 /var/www/roundcube
Change into the roundcube directory.
cd /var/www/roundcube
Make the web server user (www-data) as the owner of the temp and logs directory so that web server can write to these two directories.
sudo chown www-data:www-data temp/ logs/ -R
Step 2: Install PHP Extensions
Run the following command to install the required PHP extensions.
sudo apt install software-properties-common sudo add-apt-repository ppa:ondrej/php sudo apt update sudo apt install php-net-ldap2 php-net-ldap3 php-imagick php8.1-fpm php8.1-common php8.1-gd php8.1-imap php8.1-mysql php8.1-curl php8.1-zip php8.1-xml php8.1-mbstring php8.1-bz2 php8.1-intl php8.1-gmp php8.1-redis
Step 3: Create a MariaDB Database and User for Roundcube
Log into MariaDB shell as root.
sudo mysql -u root
Then create a new database for Roundcube using the following command. This tutorial name it roundcube, you can use whatever name you like for the database.
CREATE DATABASE roundcubemail DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
Next, create a new database user on localhost using the following command. Again, this tutorial name it roundcubeuser, you can use whatever name you like. Replace password with your preferred password.
CREATE USER roundcube@localhost IDENTIFIED BY 'password';
Then grant all permission of the new database to the new user so later on Roundcube webmail can write to the database.
GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost;
Flush the privileges table for the changes to take effect.
flush privileges;
Exit MariaDB Shell:
exit;
Import the initial tables to roundcube database.
sudo mysql roundcubemail < /var/www/roundcube/SQL/mysql.initial.sql
Step 4: Create Apache Virtual Host or Nginx Config File for Roundcube
Apache
If you use Apache web server, create a virtual host for Roundcube.
sudo nano /etc/apache2/sites-available/roundcube.conf
Note: If you followed my Postfix/Dovecot tutorial, a virtual host already exists. you should edit the following file. (Delete the existing content.)
sudo nano /etc/apache2/sites-available/mail.example.com.conf
Put the following text into the file. Replace mail.example.com with your real domain name and don’t forget to set DNS A record for it.
<VirtualHost *:80>
ServerName mail.example.com
DocumentRoot /var/www/roundcube/
ErrorLog ${APACHE_LOG_DIR}/roundcube_error.log
CustomLog ${APACHE_LOG_DIR}/roundcube_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/roundcube/>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Save and close the file. Then enable this virtual host with:
sudo a2ensite roundcube.conf
Reload Apache for the changes to take effect.
sudo systemctl reload apache2
Now you should be able to see the Roundcube web-based install wizard at http://mail.example.com/installer.
Nginx
If you use Nginx web server, create a virtual host for Roundcube.
sudo nano /etc/nginx/conf.d/roundcube.conf
Note: If you followed my Postfix/Dovecot tutorial, a virtual host already exists. you should edit the following file. (Delete the existing content.)
sudo nano /etc/nginx/conf.d/mail.example.com.conf
Put the following text into the file. Replace the domain name and don’t forget to set DNS A record for it.
server {
listen 80;
listen [::]:80;
server_name mail.example.com;
root /var/www/roundcube/;
index index.php index.html index.htm;
error_log /var/log/nginx/roundcube.error;
access_log /var/log/nginx/roundcube.access;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /.well-known/acme-challenge {
allow all;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
location ~ ^/(bin|SQL)/ {
deny all;
}
# A long browser cache lifetime can speed up repeat visits to your page
location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
access_log off;
log_not_found off;
expires 360d;
}
}
Save and close the file. Then test Nginx configurations.
sudo nginx -t
If the test is successful, reload Nginx for the changes to take effect.
sudo systemctl reload nginx
Now you should be able to see the Roundcube web-based install wizard at http://mail.example.com/installer.
Step 5: Enabling HTTPS
It’s highly recommended that you use TLS to encrypt your webmail. We can enable HTTPS by installing a free TLS certificate issued from Let’s Encrypt. Run the following command to install Let’s Encrypt client (certbot) on Debian 11/10 server.
sudo apt install certbot
If you use Nginx, then you also need to install the Certbot Nginx plugin.
sudo apt install python3-certbot-nginx
Next, run the following command to obtain and install TLS certificate.
sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email [email protected] -d mail.example.com
If you use Apache, install the Certbot Apache plugin.
sudo apt install python3-certbot-apache
And run this command to obtain and install TLS certificate.
sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email [email protected] -d mail.example.com
Where
--nginx: Use the nginx plugin.--apache: Use the Apache plugin.--agree-tos: Agree to terms of service.--redirect: Force HTTPS by 301 redirect.--hsts: Add the Strict-Transport-Security header to every HTTP response. Forcing browser to always use TLS for the domain. Defends against SSL/TLS Stripping.--staple-ocsp: Enables OCSP Stapling. A valid OCSP response is stapled to the certificate that the server offers during TLS.
The certificate should now be obtained and automatically installed.
Note: If you followed my Postfix/Dovecot tutorial, and now you install Roundcube on the same server, then certbot will probably tell you that a certificate for mail.example.com already exists as shown below, so you can choose to install the existing TLS certificate to your web server configuration file.
Step 6: Adding Local DNS Entry
It’s recommended to edit the /etc/hosts file on the mail server and add the following entry, so that Roundcube won’t have to query the public DNS, which will speed up web page loading a little bit.
127.0.0.1 localhost mail.example.com
Step 7: Configure Roundcube
Go to the Roundcube configuration directory.
cd /var/www/roundcube/config/
Copy the sample configuration file.
sudo cp config.inc.php.sample config.inc.php
Edit the new file.
sudo nano config.inc.php
Find the following line, which tells Roundcube how to connect to the database.
$config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail';
You need to replace pass with the real Roundcube password. If the password contains special characters, you need to use percent encoding. For example, if the password is mPcEIRxyJhCz8uiWIUopqWzaSTk=, then the line will look like this:
$config['db_dsnw'] = 'mysql://roundcube:mPcEIRxyJhCz8uiWIUopqWzaSTk%3D@localhost/roundcubemail';
The special character = is represented by %3D.
Then find the following two lines.
$config['imap_host'] = 'localhost:143'; $config['smtp_host'] = 'localhost:587';
Replace the value as follows:
$config['imap_host'] = 'tls://mail.example.com:143'; $config['smtp_host'] = 'tls://mail.example.com:587';
Find the following line.
$config['des_key'] = 'rcmail-!24ByteDESkey*Str';
Replace the default key with some random characters like below.
$config['des_key'] = '58kptbzEcNKi/bc9OL90//3ATnQ=';
Next, find the following lines
// List of active plugins (in plugins/ directory)
$config['plugins'] = [
'archive',
'zipdownload',
];
By default, only two plugins are enabled. We can enable more plugins like below.
// List of active plugins (in plugins/ directory) $config['plugins'] = ['acl', 'additional_message_headers', 'archive', 'attachment_reminder', 'autologon', 'debug_logger', 'emoticons', 'enigma', 'filesystem_attachments', 'help', 'hide_blockquote', 'http_authentication', 'identicon', 'identity_select', 'jqueryui', 'krb_authentication', 'managesieve', 'markasjunk', 'new_user_dialog', 'new_user_identity', 'newmail_notifier', 'password', 'reconnect', 'redundant_attachments', 'show_additional_headers', 'squirrelmail_usercopy', 'subscriptions_option', 'userinfo', 'vcard_attachments', 'virtuser_file', 'virtuser_query', 'zipdownload'];
Finally, we can enable the built-in spell-checker by adding the following line at the end of this file.
$config['enable_spellcheck'] = true;
Save and close the file.
Go to your Webmail domain and log in.
Roundcube Webmail interface
Now you should remove the whole installer folder from the document root or make sure that enable_installer option in config.inc.php file is disabled.
sudo rm /var/www/roundcube/installer/ -r
These files may expose sensitive configuration data like server passwords and encryption keys to the public. Make sure you cannot access the installer page from your browser.
Step 8: Configure the Sieve Message Filter
You can create folders in Roundcube webmail and then create rules to filter email messages into different folders. In order to do this, you need to install the ManageSieve server with the following command.
sudo apt install dovecot-sieve dovecot-managesieved
By default, Postfix uses its builtin local delivery agent (LDA) to move inbound emails to the message store (inbox, sent, trash, Junk, etc). We can configure it to use Dovecot to deliver emails, via the LMTP protocol, which is a simplified version of SMTP. LMTP allows for a highly scalable and reliable mail system and it is required if you want to use the sieve plugin to filter inbound messages to different folders.
Install the Dovecot LMTP Server.
sudo apt install dovecot-lmtpd
Edit the Dovecot main configuration file.
sudo nano /etc/dovecot/dovecot.conf
Add lmtp and sieve to the supported protocols.
protocols = imap lmtp sieve
Save and close the file. Then edit the Dovecot 10-master.conf file.
sudo nano /etc/dovecot/conf.d/10-master.conf
Change the lmtp service definition to the following.
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
Next, edit the Postfix main configuration file.
sudo nano /etc/postfix/main.cf
Add the following lines at the end of the file. The first line tells Postfix to deliver emails to local message store via the dovecot LMTP server. The second line disables SMTPUTF8 in Postfix, because Dovecot-LMTP doesn’t support this email extension.
mailbox_transport = lmtp:unix:private/dovecot-lmtp smtputf8_enable = no
Save and close the file. Open the /etc/dovecot/conf.d/15-lda.conf file.
sudo nano /etc/dovecot/conf.d/15-lda.conf
Scroll to the end of the file, uncomment the mail_plugins line and add the sieve plugin to local delivery agent (LDA).
protocol lda {
# Space separated list of plugins to load (default is global mail_plugins).
mail_plugins = $mail_plugins sieve
}
Save and close the file. If you can find the 20-lmtp.conf file under /etc/dovecot/conf.d/ directory, then you should also enable the sieve plugin in that file like below.
protocol lmtp {
mail_plugins = quota sieve
}
Edit the /etc/dovecot/conf.d/10-mail.conf file.
sudo nano /etc/dovecot/conf.d/10-mail.conf
Sieve scripts are stored under each user’s home directory. If you followed my PostfixAdmin tutorial and are using virtual mailbox domains, then you need to enable mail_home for the virtual users by adding the following line in the file, because virtual users don’t have home directories by default.
mail_home = /var/vmail/%d/%n
Save and close the file.
Finally, restart Postfix and Dovecot.
sudo systemctl restart postfix dovecot
Now you can go to Roundcube webmail, open an email message and click the more button, and select create filters to create message filters. For example, I create a filter that moves every email sent from redhat.com to the Red Hat folder.
If you don’t have the create filter option, it’s probably because you didn’t enable the managesieve plugin. Edit the config.inc.php file.
sudo nano /var/www/roundcube/config/config.inc.php
At the end of this file, you will find a list of active plugins. add the managesieve plugin in the arrary. The plugin order doesn’t matter.
// ----------------------------------
// PLUGINS
// ----------------------------------
// List of active plugins (in plugins/ directory)
$config['plugins'] = ['acl', 'additional_message_headers', 'archive', 'attachment_reminder', 'autologon', 'debug_logger', 'emoticons', 'enigma', 'filesystem_attachments', 'help', 'hide_blockquote', 'http_authentication', 'identicon', 'identity_select', 'jqueryui', 'krb_authentication', 'managesieve', 'markasjunk', 'new_user_dialog', 'new_user_identity', 'newmail_notifier', 'password', 'reconnect', 'redundant_attachments', 'show_additional_headers', 'squirrelmail_usercopy', 'subscriptions_option', 'userinfo', 'vcard_attachments', 'virtuser_file', 'virtuser_query', 'zipdownload'];
Save and close the file.
Note that if you move a sieve filter set from an old mail server to your new mail server, you need to go to Settings -> Filters, then click Actions and enable the filter set, or Dovecot LMTP server won’t execute the sieve filter.
Step 9: Removing Sensitive Information from Email Headers
By default, Roundcube will add a User-Agent email header, indicating that you are using Roundcube webmail and the version number. You can tell Postfix to ignore it so recipient can not see it. Run the following command to create a header check file.
sudo nano /etc/postfix/smtp_header_checks
Put the following lines into the file.
/^User-Agent.*Roundcube Webmail/ IGNORE
Save and close the file. Then edit the Postfix main configuration file.
sudo nano /etc/postfix/main.cf
Add the following line at the end of the file.
smtp_header_checks = regexp:/etc/postfix/smtp_header_checks
Save and close the file. Then run the following command to rebuild hash table.
sudo postmap /etc/postfix/smtp_header_checks
Reload Postfix for the change to take effect.
sudo systemctl reload postfix
Now Postfix won’t include User-Agent: Roundcube Webmail in the headers when sending outgoing emails.
Step 10: Configure the Password Plugin in Roundcube
Roundcube includes a password plugin that allows users to change their passwords from the webmail interface. Edit the config.inc.php file.
sudo nano /var/www/roundcube/config/config.inc.php
Make sure the password plugin in the plugin list at the end of this file. The plugin order doesn’t matter.
$config['plugins'] = array('acl', 'additional_message_headers', 'password', .....);
Save and close the file.
However, we need to configure this plugin before it will work. Run the following command to copy the distributed password plugin config file to a new file.
sudo cp /var/www/roundcube/plugins/password/config.inc.php.dist /var/www/roundcube/plugins/password/config.inc.php
Edit the password plugin configuration file.
sudo nano /var/www/roundcube/plugins/password/config.inc.php
Find the following line:
$config['password_db_dsn'] = '';
This parameter is used to tell the password plugin where the user passwords are stored. By default, the value is empty and it will query the roundcube database, which doesn’t store user passwords. If you followed my PostfixAdmin tutorial, then user passwords are stored in the postfixadmin.mailbox table, so we need to change the value to:
$config['password_db_dsn'] = 'mysql://postfixadmin:postfixadmin_database_password@127.0.0.1/postfixadmin';
The tells the password plugin to connect to the postfixadmin database. If you don’t remember your postfixadmin database password, you can find it in the /etc/dovecot/dovecot-sql.conf.ext file. If your PostfixAdmin password contains a single quote character, then you can use backslash (\') to escape it.
Then find the following line.
$config['password_query'] = 'SELECT update_passwd(%c, %u)';
Change it to the following.
$config['password_query'] = 'UPDATE mailbox SET password=%D,modified=NOW() WHERE username=%u';
I recommend enabling a password strength checker to prevent users from setting weak passwords. Go to the beginning of this file, you can find the following line.
$config['password_strength_driver'] = null;
We can use the zxcvbn password strength driver, so change it to:
$config['password_strength_driver'] = 'zxcvbn';
Add the following line in this file to allow strong passwords only.
$config['password_zxcvbn_min_score'] = 5;
Note: The $config['password_minimum_score'] parameter doesn’t work with the zxcvbn driver, so leave it alone.
You can also set a minimum length for the password. Find the following line.
$config['password_minimum_length'] = 0;
Change it to:
$config['password_minimum_length'] = 8;
Recall that we used the ARGON2I password scheme in the PostfixAdmin tutorial, so we also need to configure the password plugin to use ARGON2I. Find the following lines in the file.
$config['password_algorithm'] = 'clear';
By default, the password will be stored as clear text, change the value to the following to use Dovecot’s built-in password algorithm.
$config['password_algorithm'] = 'dovecot';
Then find the following line, which tells where the Dovecot’s password hash generator is located.
$config['password_dovecotpw'] = '/usr/local/sbin/dovecotpw'; // for dovecot-1.x
Change it to the following.
$config['password_dovecotpw'] = '/usr/bin/doveadm pw -r 5';
Then find the following line, which tells which password scheme will be used.
$config['password_dovecotpw_method'] = 'CRAM-MD5';
Change it to:
$config['password_dovecotpw_method'] = 'ARGON2I';
Find the following line.
$config['password_dovecotpw_with_method'] = false;
Change false to true. This will add an {ARGON2I} prefix to the hashed password, so you will recognize which password scheme is used.
$config['password_dovecotpw_with_method'] = true;
Save and close the file. Since this file contains the database password, we should allow only the www-data user to read and write to this file.
sudo chown www-data:www-data /var/www/roundcube/plugins/password/config.inc.php sudo chmod 600 /var/www/roundcube/plugins/password/config.inc.php
Now users should be able to change their passwords in the Roundcube webmail interface.
How to Set Up Vacation/Out-of-Office Messages
We can use the sieve filter to create vacation/out-of-office messages. Go to Roundcube Settings -> Filters. Then click the create button to create a filter.
- Give this filer a name like “out of office”.
- New filters are not disabled, so you can leave the button alone.
- In the Scope field, select all messages.
- Select Reply with message in the Actions settings, and enter the message that will be automatically sent.
- Enter 1 in how often send messages, so the auto-reply will be sent only once per day for each sender. If you set this value to 7, then the auto-reply will be sent once per 7 days for each sender.
- Leave other text fields empty.
- Click the Save button and you are done.
When you are back to office, you can toggle the “Filter disabled” button, and click the Save button to disable this filter.
Increase Upload File Size Limit
If you use PHP-FPM to run PHP scripts, then files such as images, PDF files uploaded to Roundcube can not be larger than 2MB. To increase the upload size limit, edit the PHP configuration file.
sudo nano /etc/php/8.0/fpm/php.ini
Find the following line (line 846).
upload_max_filesize = 2M
Change the value like below. Note that this value should not be larger than the attachment size limit set by Postfix SMTP server.
upload_max_filesize = 50M
Then find the following line (line 694).
post_max_size = 8M
Change the maximum size of POST data that PHP will accept.
post_max_size = 50M
Save and close the file. Alternatively, you can run the following two commands to change the value without manually opening the file.
sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /etc/php/8.0/fpm/php.ini sudo sed -i 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php/8.0/fpm/php.ini
Then restart PHP-FPM.
sudo systemctl restart php8.1-fpm
Nginx also sets a limit of upload file size. The default maximum upload file size limit set by Nginx is 1MB. If you use Nginx, edit the Nginx configuration file.
sudo nano /etc/nginx/conf.d/mail.example.com.conf
Add the following line in the SSL virtual host.
client_max_body_size 50M;
Save and close the file. Then reload Nginx for the changes to take effect.
sudo systemctl reload nginx
There are 3 plugins in Roundcube for attachments/file upload:
- database_attachments
- filesystem_attachments
- redundant_attachments
Roundcube can use only one plugin for attachments/file uploads. I found that the database_attachment plugin can be error_prone and cause you trouble. To disable it, edit the Roundcube config file.
sudo nano /var/www/roundcube/config/config.inc.php
Scroll down to the end of this file. You will see a list of active plugins. Remove 'database_attachments' from the list. Note that you need to activate at least one other attachment plugin, for example, filesystem_attachments.
// ---------------------------------- // PLUGINS // ---------------------------------- // List of active plugins (in plugins/ directory) $config['plugins'] = ['acl', 'additional_message_headers', 'archive', 'attachment_reminder', 'autologon', 'debug_logger', 'emoticons', 'enigma', 'filesystem_attachments', 'help', 'hide_blockquote', 'http_authentication', 'identicon', 'identity_select', 'jqueryui', 'krb_authentication', 'managesieve', 'markasjunk', 'new_user_dialog', 'new_user_identity', 'newmail_notifier', 'password', 'reconnect', 'redundant_attachments', 'show_additional_headers', 'squirrelmail_usercopy', 'subscriptions_option', 'userinfo', 'vcard_attachments', 'virtuser_file', 'virtuser_query', 'zipdownload'];
Save and close the file.
Setting Up Multiple Mail Domains
To host multiple mail domains, please read the following article:
Troubleshooting Tips
If you encounter errors, you can check the web server error logs at /var/log/apache2/roundcube_error.log (if you are using Apache), or /var/log/nginx/roundcube.error (if you are using Nginx.), also the Roundcube error logs in /var/www/roundcube/logs/ directory.
Connection to Storage Server Failed
If you see the Connection to storage server failed error when trying to log into RoundCube, it’s probably because
- Dovecot server isn’t running. You can restart Dovecot with
sudo systemctl restart dovecotand check its status withsystemctl status dovecot. - You are using a self-signed TLS certificate. Roundcube requires a valid TLS certificate issued from a trusted certificate authority such as Let’s Encrypt.
- Your TLS certificate expired. You can renew the Let’s Encrypt TLS certificate with
sudo certbot renew, then restart Postfix and Dovecot (sudo systemctl restart postfix dovecot).
You can also try adding a custom DNS entry in /etc/hosts file as described in step 8 on the Roundcube server, so Roundcube can properly resolve the mail server hostname.
Could Not Load Message From Server
If you see the “Internal error: could not load message from server” error, it’s probabaly because you are trying to open a deleted email (invalid URL). Try going to the mail root domain (mail.example.com) to see if it works.
Sieve Message Filter Doesn’t Work?
If you followed step 8 to set up sieve filter to the letter, but still can’t get it to work, then you can enable debugging in Dovecot to find out what’s wrong.
sudo nano /etc/dovecot/dovecot.conf
Add the following line at the end of this file to enable debugging in Dovecot.
mail_debug=yes
Save and close the file. Then restart Dovecot.
sudo systemctl restart dovecot
Next, send a test email to your domain email address and open the mail log file.
sudo nano /var/log/mail.log
You can find debugging information for Sieve message filter. For example, I found that Dovecot was unable to run my Sieve script.
Jan 10 11:35:24 mail dovecot: lmtp([email protected]) Debug: sieve: Aborted running script `/var/vmail/linuxbabe.com/xiao/.dovecot.svbin'
It turns out that my Sieve filter has too many rules and some of them are conflicting with each other. I delete those conflicting rules and it works again.
Temporary lookup failure (Code: 451)
If you encounter this error when trying to send an email in Roundcube, it’s probably something wrong with your Postfix configuration. For example, some folks might have the following error in the /var/log/mail.log file.
warning: connect to pgsql server localhost: connection to server at "localhost" (127.0.0.1), port 5432 failed: FATAL: password authentication failed for user "postfixadmin"?connection to server at "localhost" (127.0.0.1), port 5432 failed: FATAL: password authentication failed for user "postfixadmin"?
This means your password authentication for the Postfixadmin database is not working.
How to Upgrade Roundcube
It’s very simple. For example, here’s how to upgrade to Roundcube 1.6.1 after it’s released.
Download the Roundcube latest version to your home directory.
cd ~ wget https://github.com/roundcube/roundcubemail/releases/download/1.6.1/roundcubemail-1.6.1-complete.tar.gz
Extract the archive.
tar xvf roundcubemail-1.6.1-complete.tar.gz
Change the owner to www-data.
chown www-data:www-data roundcubemail-1.6.1/ -R
Then run the install script.
roundcubemail-1.6.1/bin/installto.sh /var/www/roundcube/
Once it’s done, log in to Roundcube webmail and click the About button to check what version of Rouncube you are using.
Wrapping Up
I hope this tutorial helped you install Roundcube Webmail on Debian 11/10. As always, if you found this post useful, subscribe to our free newsletter to get more tips and tricks 🙂
Hey, can you provide steps for me to install Squirrelmail on Ubuntu?
I found a tutorial on the Rosehosting blog, but it is intended for Centos. So I don’t think that it will be of use.
Thank you.
Hi Ross. The tutorial is out. Click the link below to check it out.
—-> How to Install SquirrelMail on Ubuntu 16.04 <-----
Hi Xiao, thanks for the reply on Disqus. I checked my Nginx error log and found nothing. But I went and checked the Roundcube error log and saw that this line in my config file might be the issue:
location = /50x.html { root /usr/share/nginx/html; }The error log produces this line each time I visit mail.myserver.com/installer
When I remove that above line from my config, I get a 502 bad gateway & the following error:
That means Nginx can’t access
unix:/run/php/php7.0-fpm.sock, which is the unix socket php-fpm is listening on. You can check whether that file exists with:Usually you would see something like this:
By default that file is owned by www-data user and group. Make sure your Nginx is running as www-data. You can set the user in Nginx by adding the this line at the top of /etc/nginx/nginx.conf.
If you install Nginx from nginx.org repository, the default user is
nginx.This is good stuff, Linuxbabe! Thank you so much. It seems that php7.0-fpm wasn’t even installed! I installed it, enabled it, and restarted nginx and all is good. Thank you again! 🙂
Hello, thank you for this tutorial. I have followed it through step by step.. everything works except that mail isn’t being fetched into the inbox of Roundcube. How can I solve this?
ok the problem was the dovecote mail_location, I had set it to mbox but that wasn’t accessible for some reason. so I changed mail_location to maildir:~/Maildir.
Hello,
When i upgraded roundcube to 1.6, it’s stopped working, because of the config changes.
Do you plan to give instructions about upgrade to 1.6?
Thank You
I just update this article for Roundcube 1.6. The only change you need to make is in step 7.
Thank You!
Hello,
affter every login I had this error. What I should do with that?
https://prnt.sc/2Ydmk6tMud_n
Roundcube log:
This is probably fixed. But I have error in dovecot.
You need to remove the
database_attachmentsplugin in the/var/www/roundcube/config/config.inc.phpfile.Thanks. I was blind and didnt read error. But I have new one.
This is probably fixed. But I have error in dovecot.
Idk if it is oky. but for some reason
this file is not created
I tried to reinstall and I have this errror in
Fixed… mail_location need to be first in
Hi iam new using roundcube and also linux for my school lesson,
i got notif: connection to IMAP server failed. when i login to roundcube
here my some configuration :
Step1 : apt install roundcube
Step2 : apt install php7.4-*
Step3 :
…
CREATE USER user1@localhost IDENTIFIED BY ‘password’;
…
Step4: use Apache
Step5: not use
Step7: file attached
until last step skipped
please correct my configuration that cause can’t login to localhost roundcube and maybe already connect to database. thanks
Configuring the Password Plugin in Roundcube section seems like there is a typo in this line
$config[‘password_query’] = ‘UPDATE mailbox SET password=%D,modified=NOW() WHERE username=%u’;
should be:
$config[‘password_query’] = ‘UPDATE mailbox SET password=%P,modified=NOW() WHERE username=%u’;
%P is replaced with the crypted/hashed new password
Hi Xiao
Thank you for these. I am just starting up with a mail server and they are very beneficial.
I am stuck at Step 2 – Install PHP Extensions. The repository reports errors followed by more errors when installing PHP.
Do you know if these repository have been updated? Thanks
Amazing Tutorials 🙂 Donation incoming! Since it saved my life dozen times:
After i finished until here i am not able to change my password via Roundcube, same goes for my lady..
All i can fetch so far is the tail of the mail.log below
Debian 11 – php 7.4
Thanks a LOT!
I’ve got the first five parts of this series working properly (with a few minor challenges along the way) but I cannot get this to work. I’m running in to trouble at Step2 : Install php Extensions. I cannot get past “sudo add-apt-repository ppa:ondrej/php” This part of the process throws many errors and no amount of googling has come up with the answer. My question is: If I installed php earlier, to get postfixadmin working, why am I doing it again anyway? Can I bypass this step?
Hi Xiao
i have same problem
yours recomendation?
Hello,
Great work here Xiao,very hepful website. I installed Debian Bookworm on my dedicated server. New installation.
I don’t know how you collect so much knowledge about those things, your website “linuxbabe” is impressive. You should spend huge time to read the friendly manuals, other tutorials and work around those things.
I installed ispconfig. Ispconfig work and allow me to create email boxes. When i “adduser” it not make
an email adress, i can’t use it to login it not appear with “doveadm user ‘*'”, i have to use ispconfig to create one.
I made your setting for Postfix and Dovecot. I tryed Thunderbird and all work fine to send
and receive emails. But after follow all your steps roundcube not work for Debian 12. I can’t login in roundcube with your settings for debian 10/11. After a few tests i can connect and send email but not with TLS.
To be able to login and send email, have to keep “localhost’ for ‘impa_host’ and ‘smtp_host’ in config.inc.php
$config[‘imap_host’] = ‘localhost:143’; $config[‘smtp_host’] = ‘localhost:25’;
//Port 587 for smtp give smtp error 250 authentification failed.
No problem with my certificats, they are at the right place and functionnal. All work fine when i send with thunderbird.
Do you know correct setting to fix the problem and having 100% functionnal roundcube with Debian 12 ?
It work with my settings but would better with tls. Thank you.
PS :
I think 2 little mistake in your page.
After nano /etc/apache2/sites-available/mail.example.com.conf
you have to : sudo a2ensite mail.example.conf and not a2ensite roundcube.conf
In config.inc.php
They say :
// This key is used to encrypt the users imap password which is stored
// in the session record. For the default cipher method it must be exactly 24 characters long.
// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
You changed the key but you puted a key longer than 24. Better to keep 24 characters probably.
I uninstalled my server, too many problems with ispconfig which is not well updated. Then i reinstalled all with Debian 12 bookworm and i tryed Postfixadmin that i didn’t know. It seem great and well updated even with php 8.2. All your tutorial work fine with fresh install Debian 12 until part 6 roundcube. I didn’t do the others for now. I had a problem with roundcube but maybe i made mistake i m not sure. I had empty page error 404 when i tryed to access installer roundcube. To fix it delete ssl file for roundcube in sites-available. Then do again certbot –apache –agree-tos –redirect –hsts –staple-ocsp –email [email protected] -d mail.example.com.
All your work Xiao is huge work here, where did you get all those knowledge ? Cause you didn’t invent it. You found all those settings and parameters in the various friendly manuals ? Your postfixAdmin tutorial is huge, and should be created by those who made PostfixAdmin. No one can install their software without they say how to do it. Tell your secret Xiao. I m not a Linux expert like you are.
PS : You didn’t make real mistake like i wrote before.
If create roundcube.conf then do “a2ensite roundcube.conf” as it is wrote.
And if have “mail.example.com.conf” then do “a2ensite mail.example.com.conf”
I write that for beginners who come here, others not need.
Finally if you chose “linuxbabe” name to impress the girls, not many girls will come here to look at your work sadly. Better you spend more time in gym than in friendly manuals to impress the girls ). But stay balance and keep your great work here, you deserve friendship and beers. You are right, as far i know, your tutorial is the best online.
Hi !
Just a few note on my roundcube experience with my server :
– Sqlite used less CPU and memory than mariadb
– Last RC version is the 1.6.2 : https://github.com/roundcube/roundcubemail/releases/download/1.6.2/roundcubemail-1.6.2-complete.tar.gz
– This skin works great on my phone : https://github.com/seb1k/Elastic2022
Enjoy !
– The “persistent_login” should be included by default !
Add it to $config[‘plugins’] = …. , ‘persistent_login’ …
Hello – I’m having some trouble adding the repository:
Any ideas? I’m testing on Debian 12 Bookworm.
root@mail-test:/var/www/roundcube# sudo add-apt-repository ppa:ondrej/php
Traceback (most recent call last):
File “/usr/bin/add-apt-repository”, line 362, in
sys.exit(0 if addaptrepo.main() else 1)
^^^^^^^^^^^^^^^^^
File “/usr/bin/add-apt-repository”, line 345, in main
shortcut = handler(source, **shortcut_params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/shortcuts.py”, line 40, in shortcut_handler
return handler(shortcut, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/ppa.py”, line 86, in __init__
if self.lpppa.publish_debug_symbols:
^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/ppa.py”, line 126, in lpppa
self._lpppa = self.lpteam.getPPAByName(name=self.ppaname)
^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/ppa.py”, line 113, in lpteam
self._lpteam = self.lp.people(self.teamname)
^^^^^^^^^^^^^^
AttributeError: ‘NoneType’ object has no attribute ‘people’
root@mail-test:/var/www/roundcube# sudo add-apt-repository ppa:ondrej/php
Traceback (most recent call last):
File “/usr/bin/add-apt-repository”, line 362, in
sys.exit(0 if addaptrepo.main() else 1)
^^^^^^^^^^^^^^^^^
File “/usr/bin/add-apt-repository”, line 345, in main
shortcut = handler(source, **shortcut_params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/shortcuts.py”, line 40, in shortcut_handler
return handler(shortcut, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/ppa.py”, line 86, in __init__
if self.lpppa.publish_debug_symbols:
^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/ppa.py”, line 126, in lpppa
self._lpppa = self.lpteam.getPPAByName(name=self.ppaname)
^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/softwareproperties/ppa.py”, line 113, in lpteam
self._lpteam = self.lp.people(self.teamname)
^^^^^^^^^^^^^^
AttributeError: ‘NoneType’ object has no attribute ‘people’
root@mail-test:/var/www/roundcube#
I’m having the exact same issue on Debian 11