I have tried over the years with lots of duct tape and patchwork to get simple DAV integration in Roundcube. I think I have cracked it.

It is a standalone DAV server specifically tailored to use with Roundcube using a provisioning plugin to make it all work seamlessly together.

I have been testing this for quite some time and think I have the kinks worked out. I need help to find more, or make a little better.

There are 3 total Roundcube Plugins created to establish the bridge between RoundDAV and Roundcube. Check it out and the README for RoundDAV will tell you everything you need.

This is meant for small personal setups.

If you would like to check out RoundDAV and see if it right for you, I would love to get some feedback. My repo is located on github at https://github.com/texxasrulez/rounddav

Create issue reports at RoundDAV Issues Page

Thanks and Happy Holidays to all.

Hi everyone,

I have a technical question regarding how replacement variables work in Roundcube's configuration.

I am trying to ensure that new users automatically get the correct domain in their identity. My IMAP server (Dovecot) correctly returns mail.example.com when running dovecot --hostdomain, so I expected that setting:

$config['mail_domain'] = '%z';

would allow Roundcube to extract "example.com". However, the result is an empty string (users see their email as user@ without a domain). I have verified that if I change the variable to %t, it works perfectly, but I would like to understand why %z is failing.

I suspect the issue lies in how my IMAP host is defined, as I include both the protocol and the port:

$config['imap_host'] = 'tls://mail.example.com:143';
My questions are:

• What exactly does %z check? Does it extract information directly from the imap_host string, or does it query the system/server?
• Does the tls:// prefix or the :143 port break the parsing logic for the %z variable?
• Is %t the recommended workaround in these cases, or is there a way to make %z ignore the protocol and port?

Thanks in advance for your help!

About: https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc2 - Migrate existing configs with either the installto.sh or the update.sh scripts.

For upgrading from 1.6.x to 1.7 via docker (https://hub.docker.com/r/roundcube/roundcubemail) image, just to be sure, does one also require to fire that update.sh script? (for example to update the database migration / fix?)

Thank you!

Typically it is a Wordfence or mod_security on the HTTP server. Logs should tell you that.

What does the Roundcube and web server error logs say?

Im sending mails with no problems, replying no problems, BUT when i reply to e-mail that has for exapmle pictures in signature i got "Failed to reach server" error


but when i delete this signature with images, tables and so on it goes through.
how do i fix it.


thnx

Hello RC Community,

I tried to join Kabyle translation team but I think that there is a bug on Transifex to show "Kabyle" language on the list to join the team.

Our actual Coordinator is no more active. Can you please send me a link to join the team.
Thanks !

My profile is : https://app.transifex.com/user/profile/butterflyoffire_temp/
Also available on Mastodon : https://mstdn.fr/@ButterflyOfFire

We just published the second release candidate for the next major version 1.7 of Roundcube webmail.

This release fixes two security issues and one syntax error in a database migration file for Postgres databases.

The changes are:

• Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike.
• Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev.
• Fix syntax error in DDL scripts for Postgres (#10052)

We believe it is production ready, but we recommend to test it on a separate environment.

Migrate existing configs with either the installto.sh or the update.sh scripts.

And don't forget to backup your data before installing it!

Source: https://roundcube.net/news/2025/12/15/roundcube-1.7-rc2-released
Get it Now: https://roundcube.net/download

We just published security updates to the 1.6 and 1.5 LTS versions of Roundcube Webmail. They both contain fixes for recently reported two security vulnerabilities.

Security fixes

• Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike.
• Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev.

See the full changelogs in the release notes on the Github download pages for the updated versions 1.6.12 and 1.5.12.

We strongly recommend to update all productive installations of Roundcube 1.6.x and 1.5.x with this new versions.

Source: https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12
Get it Now: https://roundcube.net/download

Quote from: Kaleb47 on December 05, 2025, 02:50:07 PMReally excited for the Abu Dhabi GP with Lando, Max and Oscar still in contention to win the world drivers' championship.

Max pushed Lando till the end but he came just short as McLaren finished the season on a high by winning both the Championships.