Roundcube Community Forum

 

Recent posts

#11
API Based Plugins / Re: Issue configuring Roundcub...
Last post by Cascuda - September 12, 2025, 02:08:01 AM
Last night I forgot to attach the configuration I use in the plugin, just in case the error is there. I'd appreciate any help.

<?php
$rcmail_config
['password_driver'] = 'ldap';
$rcmail_config['password_ldap_host'] = 'ldap://mail-server_lldap:3890';
$rcmail_config['password_ldap_base'] = 'ou=people,dc=dockermailserver,dc=lan';
$rcmail_config['password_ldap_userDN'] = 'uid=%u,ou=people,dc=dockermailserver,dc=lan'
$rcmail_config['password_ldap_pass'] = 'xxxXXXxxxXXXxxx';
$rcmail_config['password_ldap_method'] = 'plain'
$rcmail_config['password_ldap_starttls'] = false
$rcmail_config['password_ldap_debug'] = false;
#12
Release Discussion / Re: Round cube worked on PHP 8...
Last post by mary4 - September 11, 2025, 06:26:34 PM
it might be a postfix config issue or a php ssl issue

#13
API Based Plugins / Issue configuring Roundcube Pa...
Last post by Cascuda - September 11, 2025, 03:38:05 PM
Hi everyone,

I have a mail server running with DockerMailServer authenticating against LDAP (lldap/lldap:stable). Everything works fine so far: user logins against LDAP work perfectly, and Roundcube itself can authenticate without issues.

From inside the Roundcube container, if I install the LDAP tools and drop into Bash, I can run commands like ldapsearch or ldappasswd and successfully change user passwords directly in LDAP.

The problem is with the Roundcube password plugin. I cannot get it properly configured to connect to my LDAP server and allow users to change their password from the web interface.

To summarize:
  • DockerMailServer + LDAP (lldap) is working.
  • Roundcube login against LDAP works.
  • From inside the Roundcube container, I can use ldappasswd to change passwords (so LDAP connection itself is fine).

Has anyone managed to get this working with lldap and could share a working plugin configuration (or some hints on what's missing)?

Thanks in advance!
#14
General Discussion / Phishing email received: Deact...
Last post by ncscot - September 11, 2025, 02:44:58 PM
I received this phishing email from "RoundCube Webmail Security <[email protected]>"


Our security filters have detected spam activity associated with your email account [************] on Thursday, September 11, 2025, at 8:58 AM.

This activity involved sending unsolicited emails to recipients who did not give consent to receive them. As a result, your email account [************] has exceeded its mailbox quota and is at risk of being deactivated.
What do i need to do ?
It is essential that you take immediate action. Please follow our email troubleshooting process to resolve the mailbox quota issue. If you do not address this issue, your email account may be deactivated.

{Click here to Resolve Issue} [LINK to creci-am.gov.br]
#15
Off-Topic / Re: Can any team challenge McL...
Last post by Kaleb47 - September 10, 2025, 08:04:41 AM
Quote from: Kaleb47 on July 12, 2025, 05:23:43 PM
Quote from: Kaleb47 on June 13, 2025, 09:48:48 AMThe only real question is which of their driver will win the WDC.

It will be tight, that's for sure!

The gap is currently 31 points with 8 races to go.
#16
General Discussion / 1.4.14 Call CSS From JS
Last post by ElasticUser - September 07, 2025, 02:46:08 PM
In 1.4.14 program/js/tinymce/plugins/emoticons/plugin.min.js, how can I call a custom CSS file?   I tested various ways to see if I could get animated SVG Emoticons calling a CSS file from that JS file with No success yet.  That's why I asked this on here over a week ago.  Does anybody here actually know the answer.  :)
#17
Issues & Bugs / Roundcube is very unreliable i...
Last post by BrianP - September 05, 2025, 10:27:20 AM
I've been using Roundcube for a couple of years now, using Safari under MacOS on an M1 MacBook Pro and found it to be very unreliable. It constantly lost contact with the server or failed to send replies, to the point where I would copy my replies to the clipboard before clicking Send. It's frequently the case that, because Chrome is the most widely used browser, many developers only test on Chrome - as a Mac user, I frequently find this problem, even with high profile web sites, like the Waitrose online ordering site here in the UK. Fed up with constantly having to reload it, I finally tried Roundcube on Chrome a few days ago, and what a transformation - perfect performance! This is fine for me as a tech-aware person, but I have many Mac-owning friends who haven't a clue what Safari is or that there is an alternative. Can I please ask the developers to investigate Roundcube in this environment and see if these issues can be resolved. I'm happy to provide any diagnostics on request, but 5 minutes of trials on an equivalent Mac setup will show the problems
#18
Roundcube Discussion / Getting Error 400: redirect_ur...
Last post by tekchand - September 04, 2025, 09:51:52 AM
Hello Team,
I am working on project where I need to test cyrus-imap mail server with oauth login. My cyrus-imap server is working fine with sasl username and password login. I have tested it with Thunderbird and Roundcube client.

Now I i need to test it with Google oauth.

Server Domain Name: abc.promobi.tech
User Mail ID Domain [email protected] (Google Client ID and Secret ID created for this)

`imapd.conf`

root@cyrus-mail:/var/log/nginx# cat /etc/imapd.conf
# Cyrus IMAP Configuration for cyrus.promobi.tech
configdirectory: /var/lib/cyrus
partition-default: /var/spool/cyrus/mail
admins: cyrus@cyrus-mail [email protected]
sievedir: /var/spool/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
#allowplaintext: no

# SSL/TLS Configuration
# SSL/TLS Configuration (Updated paths)
tls_server_cert: /etc/cyrus/ssl/fullchain.pem
tls_server_key: /etc/cyrus/ssl/privkey.pem
tls_client_ca_file: /etc/cyrus/ssl/chain.pem

# SASL Configuration (Virtual Users with sasldb)
sasl_pwcheck_method: auxprop oauth2
sasl_auxprop_plugin: sasldb oauth2
#sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
#sasl_mech_list: oauthbearer xoauth2 plain login
sasl_auto_transition: no
virtdomains: on
sasl_default_realm: promobitech.com
servername: promobitech.com
sasl_realm: promobitech.com
# Allow cross-realm authentication for local server
sasl_minimum_layer: 0
allowplaintext: yes
# Only allow plain text from localhost
tcp_keepalive: 1


sasl_mech_list: XOAUTH2 PLAIN LOGIN
sasl_oauth2_discovery_url: https://accounts.google.com/.well-known/openid-configuration
sasl_oauth2_client_id: abc
sasl_oauth2_client_secret: abc
sasl_oauth2_redirect_uri: https://abc.promobi.tech/roundcube/?_task=login
sasl_oauth2_scope: openid profile email
sasl_oauth2_audience: 328667475191-g8hr7raiqh834ge6t15ongdcqiru62sq.apps.googleusercontent.com

sasl_oauth2_token_endpoint: https://oauth2.googleapis.com/token
sasl_oauth2_userinfo_endpoint: https://www.googleapis.com/oauth2/v2/userinfo
sasl_oauth2_introspection_endpoint: https://oauth2.googleapis.com/tokeninfo
sasl_oauth2_use_introspection: yes

sasl_oauth2_user_claim: email
sasl_oauth2_username_attribute: email

# Performance and Security
lmtp_over_quota_perm_failure: 1
duplicatesuppression: 1
autocreate_quota: 100000
reject8bit: no
munge8bit: no
defaultdomain: promobitech.com
sasl_log_level: 7

`Cyrus.conf`
root@cyrus-mail:/var/log/nginx# cat /etc/sasl2/Cyrus.conf
#pwcheck_method: auxprop
#auxprop_plugin: sasldb
#mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
#sasldb_path: /etc/sasldb2
#log_level: 3
#auto_transition: no
pwcheck_method: auxprop oauth2
auxprop_plugin: sasldb oauth2
mech_list: XOAUTH2 PLAIN LOGIN
oauth2_discovery_url: https://accounts.google.com/.well-known/openid-configuration
oauth2_client_id: abc
oauth2_client_secret: abc
oauth2_redirect_uri: https://abc.promobi.tech/roundcube/?_task=login
oauth2_scope: openid profile email
oauth2_audience: 328667475191-g8hr7raiqh834ge6t15ongdcqiru62sq.apps.googleusercontent.com
log_level: 7

oauth2_token_endpoint: https://oauth2.googleapis.com/token
oauth2_userinfo_endpoint: https://www.googleapis.com/oauth2/v2/userinfo
oauth2_introspection_endpoint: https://oauth2.googleapis.com/tokeninfo
oauth2_validate_endpoint: https://www.googleapis.com/oauth2/v1/tokeninfo
oauth2_use_introspection: yes

oauth2_user_claim: email
oauth2_username_attribute: email


Config fot oauth for roundcube `/var/www/html/roundcube/config/config.inc.php file`

// OAuth2 Configuration for Google
$config['oauth_provider'] = 'google';
$config['oauth_provider_name'] = 'Google';
$config['oauth_client_id'] = "abc";
$config['oauth_client_secret'] = "abc";
$config['oauth_auth_uri'] = "https://accounts.google.com/o/oauth2/auth";
$config['oauth_token_uri'] = "https://oauth2.googleapis.com/token";
$config['oauth_identity_uri'] = 'https://www.googleapis.com/oauth2/v1/userinfo';
$config['oauth_scope'] = "email profile openid";
$config['oauth_auth_parameters'] = ['access_type' => 'offline', 'prompt' => 'consent'];
$config['oauth_login_redirect'] = true;


Error during login: Please refer the attached screenshot.

Can you please point help me?



#19
Pending Issues / Re: smtp server not used for o...
Last post by alec - September 04, 2025, 03:40:03 AM
This is controlled by the managesieve/imap server, not Roundcube.
#20
Pending Issues / smtp server not used for out o...
Last post by computel - September 04, 2025, 03:36:52 AM
we are using roundcube 16.11

we have configured this as smtp server $config['smtp_host'] = 'smtp.ourdomain.com:587';

which works perfect when sending and replying.

in managesieve you can have an out-of-office. that messages is not send via the configured smtp server, but via localhost

the localserver doesnt have a dkim server, the server configured via smtp_host does.

why is roundcube not using the correct smtp server?