Here’s how to install Roundcube on your mail server

Posted by

Not so long ago I wrote a series on what mail server administrators could use to make sure that their emails reached recipients’ inboxes in the modern world.

While the mail world has seen little change since the 1970s, influential internet organisations such as Microsoft, Google, Yahoo! and others have been making important additions to the email-sphere to reflect the hostile internet of today. Some of these technologies include DKIM, DMARC and SPF records which we looked at.

One other feature of the modern world is cloud computing. In an increasingly mobile world, people want to be able to access their email accounts on the go and from anywhere at anytime with little changes in the user interface. As a result most people only ever use their webmail clients.

While actual MDAs like Outlook and Mozilla Thunderbird used to be popular, the Digital Natives tend to favour webmail. For example I am the only one of my friends who knows and uses an actual Email Client (Geary) that sits on my desktop. One of the reasons for this is that most email users either do not know or do not want to fiddle with IMAP, POP and SMTP settings just so they can send mail.

What is Roundcube anyway?

advertisement

Roundcube is a PHP web based IMAP client that makes extensive use of the AJAX technology. This means you can deploy it using your favourite PHP stack including LAMP and the ever increasingly popular LEMP with no problems at all.

It is a very popular Open Source project and as such is actively developed unlike other niche projects out there. There are several Android and IOS apps out there that support Roundcube Webmail including the Roundcube Webmail App for Android. Roundcube is themable (which means you can install skins to make it look like Gmail, or Outlook online or whatever the heck you want) and has a plugin API which means it is extensible.

Installing and configuring Roundcube

We are going to assume that you have been following our previous guides and you already have a working email configuration on an Ubuntu LTS machine dedicated for email services which has no webserver running on it.

Having multiple services is not just so-2005 it is also dangerous as it means your machine has multiple potential breach points. Such a machine would be an administrative nightmare: I know a friend who has one and he is always skipping about like a mad kangaroo as he fixes vulnerability after vulnerability.

  • First you need to install the LAMP stack if you have not yet already done so:
    sudo apt-get install lamp-server^

    Or using the tasksel command select LAMP server after running the command:

    sudo tasksel
  • Create a Mysql database for Roundcube to use using the following commands:
    mysql -u root -p

    You will be presented with the Mysql shell after you enter your Mysql password.

    create database roundcubedb;
    create user tsamba;
    set password for 'tsamba' = password('some_strong_password_here');
    grant all privileges on roundcubedb.* to ‘tsamba’ identified by ‘some_strong_password_here’;
    FLUSH PRIVILEGES;
    exit

    You should press the return key after each command

  • Download and install Roundcube using the following commands:
    mkdir roundcube
    cd ./roundcube && wget -O roundcubemail.tar.gz https://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.1.3/roundcubemail-1.1.3-complete.tar.gz
    sudo tar -xzvf roundcubemail.tar.gz -C /var/www
    sudo mv /var/www/roundcubemail* /var/www/webmail
    sudo chown -R www-data.www-data /var/www/webmail/temp
    sudo chown -R www-data.www-data /var/www/webmail/logs
    mysql -u root -p roundcubedb < /var/www/webmail/SQL/mysql.initial.sql
    cd && rm -rf ./roundcube

    Remember to press the return key at the end of each command

  • Now open your browser and visit the address: http://your_mailserver_address/webmail/installer/ to complete the installation. You will be asked to enter your SMTP and IMAP settings.
  • Go back to your server and backup the configuration files.main.inc.php db.inc.php
  • Remove the installer directory using the command:
    sudo rm -rf  /var/www/webmail/installer
  • You can now sign in using your username and password by visiting the URL: http://your_mailserver_address/webmail/ You can always change this in your Apache configuration to something probably more palatable e.g. mail.domain.co.zw.
  • Using http to access your email server is stupid especially if you are using PAM authentication which means if someone gets your password they now have access to the system if you are one of those people who continues to use password authentication. It also means a spammer can get his dirty hands on your precious clean ISP and continue to shred your reputation by sending Spam messages.
  • You are strongly encouraged therefore to use https. You can just follow the guide here making slight adjustments of course to suit your needs.

NB – I hope the person who asked for this guide as well as others find it useful. As always, you can improve on the article by leaving your comments below.

Image credit:roundcubeskins.net

3 Comments

  1. SystemAdmin says:

    Thanks for the article. However:

    > This is a technical article to install and application, but the time one looks for a HowTo, they know the history on the internet, email included.
    > What do your acronyms mean, “DKIM, DMARC, SPF, IMAP, AJAX, LAMP, LEMP, PAM, MDAs, POP, “?
    > What are the common pitfalls in installing the application? How can resolve these issue?
    > Which niche projects out there are not being actively developed?
    > Why is there an increased adoption of web based applications?
    > You write “Using http to access your email server is stupid especially if you are…” yet this is a HowTo for installing a web based application, i’m accessed via HTTP
    > Its HTTP, not http
    > “Email Client (Geary) that sits on my desktop”, software does not sit, rather its installed.
    > “Having multiple services is not just so-2005 it is also dangerous as it means your machine has multiple potential breach points. Such a machine would be an administrative nightmare: I know a friend who has one and he is always skipping about like a mad kangaroo as he fixes vulnerability after vulnerability.” Is there an editor around?
    > “You are strongly encouraged therefore to use https. You can just follow the guide here making slight adjustments of course to suit your needs.” It’s not ‘make slight adjustments’, rather configure.
    > I GIVE UP.

    1. Garikai Dzoma says:

      I have never been a fan of shackling languages and have them stick to some rigid routine. While you criticisms seem reasonable on the surface there are some fatal flaws:
      1) This is part of a series that is meant to be gentle: think of it as an Ubuntu of how tos, not everyone can do Gentoo so I we don’t care about silly technical terms, we just want to get the job done.
      2) There is evidence that this is useful because this article was in response to an actual request by an actual person.
      3) Of course software sits on a Desktop after you have installed it!
      4) Adjustments to the configurations where I tell people how to configure WordPress to use https instead of http, so they can access it over https.
      5) The acronyms are carefully defined in the series.
      I GIVE UP TOO!

  2. kmadhara says:

    Gari Thanx man….i have been looking for an article just like this

Leave a Reply

Your email address will not be published.

css.php