Hello all I have a nagging problem with setting up roundcubemail-1.6.2 with SSL/TLS authentication. I want to use : POP or IMAP on SSL/TLS not STARTLS. This is how my current config.inc.php looks like :
// IMAP
$config['imap_host'] = '127.0.0.1';
$config['default_host'] = 'ssl://imap.uwb.edu.pl';
$config['default_port'] = 993;
$config['imap_auth_type'] = 'LOGIN';
$config['imap_delimiter'] = '/';
// Required if you're running PHP 5.6 or later
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
// SMTP
$config['smtp_host'] = '127.0.0.1';
$config['smtp_server'] = 'ssl://smtp.uwb.edu.pl';
$config['default_port'] = 465;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['smtp_auth_type'] = 'LOGIN';
// Required if you're running PHP 5.6 or later
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
In dovecot.conf :
ssl_min_protocol = TLSv1.2
ssl = required
verbose_ssl = no
disable_plaintext_auth = yes
auth_mechanisms = PLAIN LOGIN
mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/
In postfix main.cf :
# Sender restrictions
smtpd_sender_restrictions =
permit_mynetworks
reject_unknown_sender_domain
reject_non_fqdn_sender
reject_unlisted_sender
permit_sasl_authenticated
check_sender_access pcre:/etc/postfix/sender_access.pcre
# Recipient restrictions
smtpd_recipient_restrictions =
reject_unknown_recipient_domain
reject_non_fqdn_recipient
reject_unlisted_recipient
check_policy_service inet:127.0.0.1:7777
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
check_policy_service inet:127.0.0.1:12340
And in postfix master.cf :
smtp inet n - y - 1 postscreen
smtpd pass - - y - - smtpd
dnsblog unix - - y - 0 dnsblog
tlsproxy unix - - y - 0 tlsproxy
# Submission, port 587, force TLS connection.
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o content_filter=smtp-amavis:[127.0.0.1]:10026
# smtps, port 465, force SSL connection.
465 inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o content_filter=smtp-amavis:[127.0.0.1]:10026
The `default_host`, `default_port` and 'smtp_server' where all removed in Roundcube 1.6 as described in the release announcement (https://roundcube.net/news/2022/07/28/roundcube-1.6.0-released). I guess you upgraded from an earlier version and thats where you got the old vars from.
I think what you want is:
// IMAP
$config['imap_host'] = 'ssl://imap.uwb.edu.pl:993';
$config['imap_auth_type'] = 'LOGIN';
$config['imap_delimiter'] = '/';
// Required if you're running PHP 5.6 or later
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
// SMTP
$config['smtp_host'] = 'ssl://smtp.uwb.edu.pl:465';
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['smtp_auth_type'] = 'LOGIN';
// Required if you're running PHP 5.6 or later
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
If you are trying to connect to 127.0.0.1 rather then *.uwb.edu.pl then just swap those. Since 1.6.0 there is only 1 config var *_host and that contains the protocol, host and port.
Thanks