Roundcube Community Forum

 

Recent posts

#1
General Discussion / [RESOLVED] Weird problem with ...
Last post by maks - Today at 03:08:52 AM
I think I found it. The source of my problem was the nginx configuration. I try to hardening nginx against CSP and X-XSS-Protection with this directive:
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
inside my /etc/nginx/modules/headers.conf
When I commented out this line RC is working fine.
My headers.conf file:
Quote# security headers

add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
# add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
    deny all;
}
How can I modify Content-Security-Policy to be more secure? Is it ok to add just unsafe-eval like this?
Quote# security headers

add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
# add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
    deny all;
}
#2
Pending Issues / Subject Line Text Not Showing ...
Last post by carsonite - September 15, 2024, 10:19:07 PM
Several weeks ago (as of 9/15/24), the text (contents) in the Subject line for every incoming message disappeared. This happened in all archived messages dating back 10 years in all folders as well

I know there are contents in Subject lines because the contents appear when I reply to a message. (Not to mention that all archived messages in folders had text in Subject lines when originally received.)

I've tried dragging and moving the Subject column as well as other columns (e.g., From, Date, Attachments) to see if I can restore the Subject lines' text, but I think this screwed things up even more. This is because data from the Date column started appearing in the Subject line and data from the Size column began appearing in the Flag column.

Here is a link to a screenshot of the current Displayed Messages page:

https://tinyurl.com/4wpef8en

Is there a way to restore default configurations?

If I'm not stating the problem correctly, please ask for clarification.

Any help will be appreciated.

Thank you,

Marie
#3
Theme Releases / Re: Elastic2022
Last post by Seb1k - September 14, 2024, 06:36:24 AM
The "ipad/iphone" version has been corrected.

+ issue fixed on phone
+ other minor fixes
+ better display of text email (no scrollbar):

Elastic
Elastic2022
#4
General Discussion / Re: email filters not firing p...
Last post by JohnDoh - September 14, 2024, 06:10:22 AM
what filtering plugin are you using and what is the exact rule you have created?
#5
General Discussion / Re: Weird problem with mails
Last post by JohnDoh - September 14, 2024, 06:09:29 AM
i see you have already enabled `imap_debug`. That log is probably the first place to look for answer. You should see a `UID FETCH` request when you try and list messages.

BTW in your config file you have both "$config['enable_caching'] = false;" and "$config['enable_caching'] = true;" and `enable_caching` is not a Roundcube config option. If you are trying to enable IMAP caching then leave it disabled while you are investigating the listing issue.
#6
General Discussion / email filters not firing prope...
Last post by moby999 - September 12, 2024, 08:05:44 PM
I made a basic filter to move emails where the body contains the word "unsubscribe" into a specific imap folder. However it seems like the filter is missing over half the emails from newsletter which do contain the word "unsubscribe".

What's going on?

The "unsubscribe" text isn't an image and it doesn't appear to be some weird unicode that looks the same but is actually different characters.
#7
Pending Issues / Re: SMTP Error (): Authenticat...
Last post by mickelangelo - September 12, 2024, 05:16:28 AM
Hi, unfortunately not, I tried also other combinations (existing mail / imap IP etc).
#8
Pending Issues / Subject Content Missing Even T...
Last post by carsonite - September 11, 2024, 04:47:58 PM
Several weeks ago (as of 9/11/24), the contents in the Subject line for every incoming message disappeared. This happened in all archived messages dating back 10 years in all folders.

I know there are contents in Subject lines because the contents appear when I reply to a message. (Not to mention that all archived messages in folders had subjects.)

I've tried dragging and moving the Subject column as well as other columns (e.g., From, Date, Attachments) to see if I can restore the Subject lines' text, but I think this screwed things up even more. This is because data from the Date column started appearing in the Subject line and data from the Size column began appearing in the Flag column.

Here is a link to a screenshot of the current Displayed Messages page:

https://tinyurl.com/4wpef8en

Any help will be appreciated.

Marie
#9
Theme Releases / Re: Elastic2022
Last post by Seb1k - September 11, 2024, 06:39:56 AM
I just did a CSS fix for safari (it works properly on Ipad)

Can you tell me if it works well on a mac laptop : https://github.com/seb1k/Elastic2022/issues/10


Thanks !
#10
General Discussion / [RESOLVED] Weird problem with ...
Last post by maks - September 11, 2024, 04:46:14 AM
Hi guys,
I have really weird problem with RC 1.6.8-1 on ArchLinux machine. I try to build mail server. Right now I have dovecot installed and configured correctly. My users are store in LDAP and I'm able to login - everything is ok. I can read my emails via Thinderbird without a problem.

When I log into my account via Roundcube, I don't see any emails even though RC shows me the correct folder size and number of emails.
My config.inc.php

<?php

/*
+-----------------------------------------------------------------------+
| Local configuration for the Roundcube Webmail installation.          |
|                                                                      |
| This is a sample configuration file only containing the minimum      |
| setup required for a functional installation. Copy more options      |
| from defaults.inc.php to this file to override the defaults.          |
|                                                                      |
| This file is part of the Roundcube Webmail client                    |
| Copyright (C) The Roundcube Dev Team                                  |
|                                                                      |
| Licensed under the GNU General Public License version 3 or            |
| any later version with exceptions for skins & plugins.                |
| See the README file for a full license statement.                    |
+-----------------------------------------------------------------------+
*/

$config = [];

// Database connection string (DSN) for read+write operations
// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
// NOTE: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'
//      or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'
$config['db_dsnw'] = 'mysql://roundcube:Passw0rd@localhost/roundcubemail';;

// IMAP host chosen to perform the log-in.
// See defaults.inc.php for the option description.
$config['imap_host'] = 'ssl://myhost:993&#39;;
// 'tls://localhost:143&#39;

$config['imap_auth_type'] = 'LOGIN';

$config['imap_conn_options'] = array(
  'ssl' => array(
    'verify_peer' => false,
    'verify_peer_name' => false,
  ),
);

// $config['default_folders'] = array('INBOX', 'Inbox.Drafts', 'Inbox.Sent', 'Inbox.spam', 'Inbox.Trash');
// $config['default_folders'] = array('INBOX');
// SMTP server host (for sending mails).
// See defaults.inc.php for the option description.
$config['smtp_host'] = 'tls://myhost:587&#39;;

// SMTP username (if required) if you use %u as the username Roundcube
// will use the current username for login
$config['smtp_user'] = '%u';

// SMTP password (if required) if you use %p as the password Roundcube
// will use the current user's password for login
$config['smtp_pass'] = '%p';

// provide an URL where a user can get support for this Roundcube installation
// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
$config['support_url'] = '';

// Name your service. This is displayed on the login screen and in the window title
$config['product_name'] = 'My new, shiny Roundcube';

// This key is used to encrypt the users imap password which is stored
// in the session record. For the default cipher method it must be
// exactly 24 characters long.
// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
$config['des_key'] = '4amAY/YSU7IbkGu+B7XpQJv8MLTtqAeY';

$config['enable_caching'] = false;
$config['message_sort_limit'] = 5000;


// List of active plugins (in plugins/ directory)
$config['plugins'] = [
        'archive',
        'zipdownload',
//      'contextmenu',
//      'globaladdressbook',
//      'swipe',
//      'advanced_search',
//      'removeattachments',
//      'identity_from_directory',
        'password'
];

// skin name: folder from skins/
// $config['skin'] = 'elastic';
$config['mime_types'] = RCUBE_INSTALL_PATH . 'config/mime.types';
$config['imap_debug'] = true;
$config['smtp_debug'] = true;
$config['imap_log_session'] = true;
$config['sql_debug'] = true;
$config['debug_level'] = 5;

$config['log_driver'] = 'file';
$config['log_dir'] = '/var/log/roundcubemail/';
$config['log_file'] = 'all_logs.txt';


$config['enable_installer'] = false;
$config['enable_caching'] = true;
$config['imap_timeout'] = 30;
$config['imap_force_lsub'] = true;
$config['imap_force_ns'] = true;
$config['imap_log_session'] = true;
$config['imap_debug'] = true;
$config['message_sort_col'] = 'date';
$config['message_sort_order'] = 'DESC';

And I stuck here - why RC do not want to show me my emails?

Thanks for help.