How to Install and Setup Roundcube Webmail on Debian 9

0
9880

In this tutorial, we are going to learn how to install Roundcube webmail on Debian 9. Roundcube webmail is a free and open source web-based IMAP email client. It is written in PHP and works just like any other email client. It provides a handful of features;

  • Full support for MIME and HTML messages
  • Sophisticated privacy protection
  • Compose messages with attachments
  • Multiple sender identities
  • Full featured address book with groups and LDAP connectors
  • Find-as-you-type address book integration
  • Richtext/HTML message composing
  • Forwarding messages with attachments
  • Searching messages and contacts
  • Spell checking

You can find comprehensive list of features of Roundcube here.

Prerequisites

As stated, Roundcube Webmail is written in PHP and thus it runs on a standard LAMPP server. The following are the minimum server requirements;

  • Apache, Lighttpd, Nginx, Cherokee or Hiawatha web server
  • PHP Version 5.4 or greater
  • MySQL, PostgreSQL, SQLite, MSSQL or Oracle database
  • SMTP server and IMAP server with IMAP4 rev1 support
  • PEAR packages distributed with Roundcube

Before you can proceed with installation and configuration of Roundcube webmail on Debian 9, update and upgrade your server packages;

apt update
apt upgrade

Download Roundcube

The latest stable release version for Rouncube can be installed by downloading the source code from the Roundcube downloads page. Download the Complete package under the Stable version section. Once you get the link, you can simply download it as shown below;

wget -P /tmp/ https://github.com/roundcube/roundcubemail/releases/download/1.3.8/roundcubemail-1.3.8-complete.tar.g

Extract the Roundcube tarball archive to the web root directory.

mkdir /var/www/roundcube
tar xzf /tmp/roundcubemail-1.3.8-complete.tar.gz -C /var/www/roundcube --strip-components 1

Set proper ownership for roundcube root directory and permissions for Roundcube /temp and /logs directories;

chown -R www-data.www-data /var/www/roundcube/
chmod -R 775 /var/www/roundcube/{temp,logs}

The /config, /temp and /logs directories should be protected.

Install and Configure Apache Web Server

In this tutorial, we are going to use Apache as our web server. Therefore, follow through to install and configure it.

Install Apache

apt install apache2 -y

Apache is started and enabled by default after installation.

If UFW is running, allow Apache2.

ufw allow WWW  < allows HTTP
ufw allow "WWW Full"  < allows both HTTP and HTTPs
ufw reload

Configure Apache Virtualhost for Roundcube

Next, it is wise to create a dedicated Apache virtualhost configuration file for Roundcube instead of editing the default Apache configuration. To create one see below;

vim /etc/apache2/sites-available/roundcube.conf
<VirtualHost *:80>
        ServerName roundcube.example.com
        ServerAdmin [email protected]
        DocumentRoot /var/www/roundcube

	<Directory /var/www/roundcube>
		Options +FollowSymLinks
		AddType text/x-component .htc
		<IfModule mod_php7.c>
			php_flag        display_errors  Off
			php_flag        log_errors      On
			php_value       upload_max_filesize     10M
			php_value       post_max_size           12M
			php_value       memory_limit            64M
			php_flag        zlib.output_compression         Off
			php_flag        magic_quotes_gpc                Off
			php_flag        magic_quotes_runtime            Off
			php_flag        zend.ze1_compatibility_mode     Off
			php_flag        suhosin.session.encrypt         Off
			php_flag        session.auto_start      Off
			php_value       session.gc_maxlifetime  21600
			php_value       session.gc_divisor      500
			php_value       session.gc_probability  1
		</IfModule>
		<IfModule mod_rewrite.c>
			RewriteEngine On
			RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico
			RewriteRule ^(?!installer)(\.?[^\.]+)$ - [F]
			RewriteRule ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F]
			RewriteRule /?(README\.md|composer\.json-dist|composer\.json|package\.xml)$ - [F]
		</IfModule>
		<IfModule mod_deflate.c>
			SetOutputFilter DEFLATE
		</IfModule>
		<IfModule mod_headers.c>
			# replace 'append' with 'merge' for Apache version 2.2.9 and later
			# Header append Cache-Control public env=!NO_CACHE
		</IfModule>
		<IfModule mod_expires.c>
			ExpiresActive On
			ExpiresDefault "access plus 1 month"
		</IfModule>
		FileETag MTime Size
		<IfModule mod_autoindex.c>
			Options -Indexes
		</ifModule>
		AllowOverride None
		Order allow,deny
		Allow from all
	</Directory>
	
	<Directory /var/www/roundcube/plugins/enigma/home>
		Options -FollowSymLinks
		AllowOverride None
		Order allow,deny
		Deny from all
	</Directory>
	<Directory /var/www/roundcube/config>
		Options -FollowSymLinks
		AllowOverride None
		Order allow,deny
		Deny from all
	</Directory>
	<Directory /var/www/roundcube/temp>
		Options -FollowSymLinks
		AllowOverride None
		Order allow,deny
		Deny from all
	</Directory>
	<Directory /var/www/roundcube/logs>
		Options -FollowSymLinks
		AllowOverride None
		Order allow,deny
		Deny from all
	</Directory>
        ErrorLog ${APACHE_LOG_DIR}/roundcube-error.log
        CustomLog ${APACHE_LOG_DIR}/roundcube-access.log combined
</VirtualHost>

Save and quit the configuration file.

If you need to use HTTPS, obtain the SSL/TLS certificates and configure Apache appropriately.

Disable Apache default site and enable Roundcube site.

a2dissite 000-default
a2ensite roundcube

Enable the following Apache Modules

a2enmod deflate expires headers rewrite

Verify syntactical errors in Rouncube site configuration.

apachectl -t
Syntax OK

Restart Apache if there is error.

systemctl restart apache2

Database Configuration

Roundcube supports various database backends as stated above. In this guide, we are going to use MySQL.

Install MySQL

MySQL is available on default Debian repositories and can be installed by running the command below;

apt-get install mysql-server -y

Run the MySQL basic secure script to set the root password, remove test databases, disable remote root login and remove anonymous users.

mysql_secure_installation

Create Roundcube database and and grant privileges to a separate database user.

mysql -u root -p
create database roundcube;
grant all privileges on roundcube.* to [email protected] identified by "STRONGPASSWORD";

Be sure to replace the database, username and password accordingly.

Run the command below to reload the database tables and effect the changes made above. Quit the database after that.

flush privileges;

Log out of the MySQL command prompt;

quit

Import the Roundcube data to the newly created database above;

mysql -u root -p roundcube < /var/www/roundcube/SQL/mysql.initial.sql

Install and Configure PHP

PHP is a server side scripting language that helps generate dynamic web content. To install PHP and all the requires dependencies for Roundcube, run the command below;

apt-get install php php-mcrypt php-mysql php-gd php-xml php-mbstring php-intl php-zip php-json php-pear openssl composer -y

Install PEAR packages

pear install Net_SMTP Net_IDNA2-0.1.1 Mail_mime Mail_mimeDecode
pear install channel://pear.php.net/Auth_SASL2-0.2.0

Configure PHP

Once the installation is done, run the command below to enable PHP mbstring, xml and dom modules respectively.

phpenmod mbstring xml dom mcrypt intl

Verify with the command;

php7.0 -m | egrep "mbs|int|dom|xml"
dom
intl
libxml
mbstring
xml

Edit the /etc/php/7.0/apache2/php.ini and set the timezone

sed -i 's/^;date.timezone =/date.timezone = Africa\/Nairobi/g' /etc/php/7.0/apache2/php.ini

Configure Roundcube

Create Rouncube configuration file based on the sample configuration file. You can simply copy the sample config as shown below;

sudo -u www-data cp /var/www/roundcube/config/config.inc.php{.sample,}

Open the configuration file for editing and put the contents below;

vim /var/www/roundcube/config/config.inc.php
<?php

// SQL DATABASE
$config['db_dsnw'] = 'mysqli://admin:[email protected]/roundcube';

// LOGGING
$config['log_driver'] = 'syslog';
$config['syslog_facility'] = LOG_MAIL;

// IMAP
$config['default_host'] = 'ssl://imap.gmail.com';
$config['default_port'] = 993;
$config['imap_auth_type'] = 'LOGIN';
$config['imap_delimiter'] = '/';
// Required if you're running PHP 5.6 or later
$config['imap_conn_options'] = array(
    'ssl' => array(
        'verify_peer'  => false,
        'verify_peer_name' => false,
    ),
);

// SMTP
$config['smtp_server'] = 'ssl://smtp.gmail.com';
$config['smtp_port'] = 587;
$config['smtp_user'] = '';
$config['smtp_pass'] = '';
$config['smtp_auth_type'] = 'LOGIN';
// Required if you're running PHP 5.6 or later
$config['smtp_conn_options'] = array(


    'ssl' => array(
        'verify_peer'      => false,
        'verify_peer_name' => false,
    ),
);

// Use user's identity as envelope sender for 'return receipt' responses,
// otherwise it will be rejected by iRedAPD plugin `reject_null_sender`.
$config['mdn_use_from'] = true;

// SYSTEM
$config['force_https'] = false;
$config['login_autocomplete'] = 2;
$config['ip_check'] = true;
$config['des_key'] = 'ysyjjWMLN3VURByePIH5a4gr';
$config['cipher_method'] = 'AES-256-CBC';
$config['useragent'] = 'Roundcube Webmail'; // Hide version number
//$config['username_domain'] = 'example.com';
$config['mime_types'] = '/etc/mime.types';

// USER INTERFACE
$config['create_default_folders'] = true;
$config['quota_zero_as_unlimited'] = true;

// USER PREFERENCES
$config['default_charset'] = 'UTF-8';
//$config['addressbook_sort_col'] = 'name';
$config['draft_autosave'] = 60;
$config['default_list_mode'] = 'threads';
$config['autoexpand_threads'] = 2;
$config['check_all_folders'] = true;
$config['default_font_size'] = '12pt';
$config['message_show_email'] = true;
$config['layout'] = 'widescreen';   // three columns
//$config['skip_deleted'] = true;

// PLUGINS
$config['plugins'] = array('archive', 'zipdownload');

Note that you can replace the IMAP and SMTP connection details appropriately. In this guide, am using gmail as my mail server.

You can as well check our previous article on how to setup a fully fledged mail server with iRedMail on Ubuntu 18.04.

Restart Apache

service apache2 restart

You are now ready to access Roundcube web interface. Navigate to http://roundcube.example.com and log in using your email account’s username and password.

roundcube gmail login page

roundcube dashboard

You have successfully install and setup your Roundcube webmail client and you can now be able to accessible you emails normally. In our next tutorial, we will learn how to connect to iRedMail mail server from a remote Roundcube. Enjoy