Re: [RCU] Roundcube Webmail 1.4.9 released
On 28/09/2020 20:11, Thomas Bruederli wrote: Dear subscribers We proudly announce yesterday's release of version 1.4.9. It's a service update to the stable version 1.4 of Roundcube Webmail. It contains fixes and general improvements from our issue tracker, mainly related to email composition and UI oddities in Elastic skin and with the TinyMCE richtext editor. See the full changelog in the release notes on the Github download page [1]. This version is considered stable and we recommend updating all productive installations of Roundcube with it. Download the latest tarballs from https://roundcube.net/download Is there a security based reason for upgrading to this version? ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Signature in Webmail 0.8.1
I doubt that version is going to be supported. Please check what you may be exposing yourself to: https://www.cvedetails.com/vulnerability-list/vendor_id-8905/Roundcube.html On 27/08/2020 13:35, Mario Jorge Lima wrote: Hello, I use a very old version of Roundcube, 0.8.1, and it works for me. I never tried to update it because I don't want, at that moment, to have new problems that I don't have now. I was wondering how to put a signature on this version. I looked through all the menu items and didn't find them. can anybody help me? Thanks a lot in advance. Mario Lima./ ___ Mario Jorge Lima mariol...@multisites.com.br OBS: Eventualmente nao acentuo algumas palavras do Portugues, para evitar bugs na recepcao dos emails. ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users -- Giles Coochey ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] email list
On 03/08/2020 10:02, Imi Fekete wrote: Hi Guys, Is it possible to create an email list? If so, how can I do it? Thanks for your help! Difficult to understand what you mean, I use email addresses separated by commas. -- Giles Coochey ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Update 1.4.1 released
On 25/11/2019 10:54, Jari Fredriksson wrote: If you need help in configuring SSL into your server, you need to read howtos of said server, be it Apache http or Nginx. I think the OP was talking about SSL/TLS for IMAPS / STARTTLS for SMTP, not SSL / TLS for HTTPS. ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Plugin to reset password
On 29/04/2019 21:58, Mike Burger wrote: On 2019-04-29 08:51, Giles Coochey wrote: On 29/04/2019 13:29, Andreas Meyer wrote: Hello! There is no plugin available to let a user reset her password, right? Kind regards Andreas If you think about this, you'll realise that the answer is no. Roundcube is simply using the supplied credentials to the IMAP server, which could be on a completely different machine to the one running Roundcube. Therefore, as within the IMAP protocol, there is no API for changing a user's password Roundcube could not do that by itself. If you're looking for a user self-service method of changing a password, then you'll need to look at the authentication method used by your IMAP server and provide a relevant tool at that end, not on the RoundCube front-end. Andreas, As you'll see by way of the two images I've attached, I'm afraid that the above response is incorrect. If you can't find it in /plugins/password, you can find it at: https://github.com/roundcube/roundcubemail/tree/master/plugins/password That plugin makes a lot of assumptions (for a lot of use cases it assumes that RoundCube is installed on the IMAP server systems itself, which is unlikely, Roundcube is likely to be installed in the DMZ/WEB tier, whereas mailbox servers are likely to be installed in the APP tier, fronted by loadbalancers in the DMZ tier), in many use cases it also requires your to write your own password change module - so at best it is a skeleton plugin and not ready for easy deployment. ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Plugin to reset password
On 29/04/2019 13:29, Andreas Meyer wrote: Hello! There is no plugin available to let a user reset her password, right? Kind regards Andreas If you think about this, you'll realise that the answer is no. Roundcube is simply using the supplied credentials to the IMAP server, which could be on a completely different machine to the one running Roundcube. Therefore, as within the IMAP protocol, there is no API for changing a user's password Roundcube could not do that by itself. If you're looking for a user self-service method of changing a password, then you'll need to look at the authentication method used by your IMAP server and provide a relevant tool at that end, not on the RoundCube front-end. ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] How to avoid accessing mailboxes elsewhere
On 27/02/2018 11:23, Mario Jorge Lima wrote: Hello, I will explain what I need to know. I have 3 Servers: 1) One of them is just a Domains Server. 2) The other two are Mailboxes Servers. They have the email accounts for all the Domains from the first Server. All these mailboxes' POP and SMTP are accessed through the Server address: mail.domainnamea.com. mail.domainnameb.com. mail.domainnamec.com. and so on. If someone who accesses my Roundcube, fill the Server field with any other POP Server name elsewhere, he will read those emails. How to avoid it, so that only mailboxes in one of my two Mailboxes mentioned above can be accessed? Perhaps an outbound iptables firewall rule, so prevent the roundcube server from accessing any POP3 / IMAP server other than your servers? Thanks a lot. Mario./ ___ Mario Jorge Lima mariol...@multisites.com.br OBS: Eventualmente nao acentuo algumas palavras do Portugues, para evitar bugs na recepcao dos emails. ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Creating new email address from existing account
You could - Find a way to get console access on the web host that is running Roundcube Locate the config.inc.php file that configures roundcube Read the file, look for something like: $config['default_host'] This may be set to the host that actually hosts the mailboxes of the users in question It might be a service provided by a third party or it might be a server that is internal to your company. Find a way to get console access on that mailbox server. Try to identify what email software is running (e.g. dovecot IMAP server or something else) Discover how it handles accounts. Create account. But as Thomas wrote, Roundcube is a piece of software that is provided 'as-is' which people take and integrate with their existing mail systems, it sounds like the OP is in a difficult situation, and he should probably blame the prior employee he has replaced for not providing any documentation. On 19/01/17 19:57, Thomas Bruederli wrote: Hi I'm sorry but you wrote to the wrong people. We don't host your e-mails and we're not responsible for the system you're using to access them. Please contact your internet hosting provider or IT responsible for first level support. If you don't know who this might be please review your bills and see who you are paying for email or web hosting services. Roundcube is not a service but free software which your hosting provider installed on their servers. Best regards, Thomas On Thu, Jan 5, 2017 at 12:41 AM, Wes Gonzalez <w...@theroyalroomseattle.com <mailto:w...@theroyalroomseattle.com>> wrote: Hello, I'm not sure if this is the right place to be emailing, but I recently started this new job that uses Webmail/Roundcube and they're asking me to create a new work email address for another new employee. The employee I replaced created all of the email addresses so no one at my work knows how to and any help would be greatly appreciated. Thank you, Wes ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users -- Regards, Giles Coochey +44 (0) 7584 634 135 +44 (0) 1803 529 451 gi...@coochey.net smime.p7s Description: S/MIME Cryptographic Signature ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Email standards project
On 15/08/2014 10:17, madalin wrote: I will email them too. Seems to me that the site is pretty much defunct... no mention of Outlook 2010, Outlook 2013 etc... only Outlook 2007. -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7983 877438 http://www.netsecspec.co.uk giles.cooc...@netsecspec.co.uk -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk gi...@coochey.net smime.p7s Description: S/MIME Cryptographic Signature ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Session timeouts all over the place
On 03/05/2012 23:05, Michael Heydekamp wrote: Am 03.05.2012 09:11, schrieb Claudio Kuenzler: On Thu, May 3, 2012 at 12:01 AM, Michael Heydekamplistu...@freexp.de wrote: [02-May-2012 23:45:15 +0200]: Session authentication failed for 3bnr138hd6pj2p1sfbhm27uod1; invalid auth cookie sent [02-May-2012 23:45:17 +0200]: Aborted session 3bnr138hd6pj2p1sfbhm27uod1; no valid session data found This has already been found and discussed. Alec created a new bug in trac and Thomas already created some bugfixes. There are other threads concerning session timeouts/keep-alive problems - I suggest you read them, too. I believe that I've read all of them since I am subscribed to this list, but well, probably I may have missed something. Can you provide a link to those some bugfixes? Or are you talking about these ones: http://trac.roundcube.net/ticket/1488449 http://trac.roundcube.net/changeset/6134 http://trac.roundcube.net/changeset/6135 If so, these fixes are related to the change of the User-Agent header, as far as I understand (and the title of the ticket says). But can they be related to the scenario that I'm thrown back to the login screen in the middle of composing a message after say 10-20 mins. of composing? Can a browser change the User-Agent header even WHILE composing a message at all? And does the User-Agent header play a role in this situation at all..? I think some plugins like Google Frame change the User-Agent header. -- Best Regards, Giles Coochey, CCNA Security, CCNA NetSecSpec Ltd giles.cooc...@netsecspec.co.uk Tel: +44 (0) 7983 877 438 Live Messenger: gi...@coochey.net http://www.netsecspec.co.uk http://www.coochey.net smime.p7s Description: S/MIME Cryptographic Signature ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Your session is invalid or expired
On 27/04/2012 11:22, Claudio Kuenzler wrote: The bug is already open by the way: http://trac.roundcube.net/ticket/1488449 On Fri, Apr 27, 2012 at 12:21 PM, Giles Coochey gi...@coochey.net mailto:gi...@coochey.net wrote: On 27/04/2012 11:17, Claudio Kuenzler wrote: It doesn't happen to me in Firefox nor Chrome. It does happen to me on Firefox, too. Yes, sadly you are correct, it's just happened to me in Firefox... I've just found the time to checkout 0.9-svn [SVN r6140] trunk and give it a try. Initial impressions are that IE9 actually now appears to work! Whereas before it was almost immediately expiring my session. I'll keep on using it and let you know if I have any problems. -- Best Regards, Giles Coochey, CCNA Security, CCNA NetSecSpec Ltd giles.cooc...@netsecspec.co.uk Tel: +44 (0) 7983 877 438 Live Messenger: gi...@coochey.net http://www.netsecspec.co.uk http://www.coochey.net smime.p7s Description: S/MIME Cryptographic Signature ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Session timeouts all over the place
On 02/05/2012 16:13, Arne Berglund wrote: On 05/01/2012 17:44, Michael Heydekamp wrote: Well, as you now know our environment - anything wrong with it? Not with the part I have seen. But the less obvious things like installed plugins, config options, database type and location, other web-apps hosted on the same server, etc. are part of the environment too. So not IE... That's the main difference I'm seeing. Longer explanation - while I use primarily Safari on a Mac, my organization provides aggregated services to numerous other autonomous agencies. My email system actually serves 13 different domains/agencies. My org has over 400 users, about 60/40% Mac/Windows. But the other 12 agencies are all over the map. A couple are mostly Mac, a few exclusively PC, and at least two of them use IE exclusively. Doesn't mean your problem isn't browser related, but if so I suspect browser interaction with some other aspect. I did get the following update on a bug raised, but have not had the time to checkout the SVN: #1488449: Session invalid because of User-Agent change + Reporter: alec| Owner: Type: Bugs| Status: new Priority: 5 | Milestone: 0.8-rc Component: Core functionality | Version: svn-trunk Severity: normal | Resolution: Keywords: | + Comment (by thomasb): User-Agent check removed and general improvements in sending and validating keep-alive requests made in r6134 and r6135. Please test with latest SVN checkout. -- Best Regards, Giles Coochey, CCNA Security, CCNA NetSecSpec Ltd giles.cooc...@netsecspec.co.uk Tel: +44 (0) 7983 877 438 Live Messenger: gi...@coochey.net http://www.netsecspec.co.uk http://www.coochey.net smime.p7s Description: S/MIME Cryptographic Signature ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
[RCU] Your session is invalid or expired
I'm getting this issue with Roundcube 0.8-beta. It currently only happens with IE9 as soon as I login, I get logged out with the Your session is invalid or expired message. It doesn't happen to me in Firefox nor Chrome. This is a new migrated install. I see, by googling, that many people ask Are you behind a proxy? when this problem surfaces. Well yes, I am, I'm behind a Squid Caching Reverse Proxy which is also stripping SSL as well as behind a Apache director reverse proxy. Unfortunately, in the 'googled' posts I have seen, although this question is often asked, I don't see any further reference to it? What are the issues with being behind a proxy? I have tried the various fixes that have been suggested, but the problem still occurs with IE9. Firefox is fine (I'm using it to compose this message in Roundcube). smime.p7s Description: S/MIME cryptographic signature ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] Your session is invalid or expired
On 27/04/2012 11:17, Claudio Kuenzler wrote: It doesn't happen to me in Firefox nor Chrome. It does happen to me on Firefox, too. Yes, sadly you are correct, it's just happened to me in Firefox... smime.p7s Description: S/MIME Cryptographic Signature ___ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Re: [RCU] New skin?
On 2012-02-28 15:49, l...@airstreamcomm.net wrote: Hi Devs, you're probably getting this question every day now, but will we be seeing a February announcement for the beta release including the new skin for Roundcube? Thanks for all your hard work and talent! I've been keeping my eye on this list for this info over the last couple of days as well! Giles Coochey +44 (0) 7983 877438 CCNAS, CCNA, CCENT NetSecSpec Ltd -- Message sent via my webmail account. -- List info: http://lists.roundcube.net/users/ BT/8f4f07cd
Re: [RCU] Inbox problems
On 2012-02-01 22:44, Randy Blum wrote: I am running Roundcube v 0.7 on Ubuntu with posfix and dovecot. I can see sent messages, drafts, and trash in the client, but can not see new messages. My new messages on the server are stored in /var/mail/user I set my configuations to use Maildir. Any ideas of where I can look to fix this issue? Thanks Randy This looks like a mail delivery problem, which means it's a postfix / dovecot issue and probably not a roundcube issue. Check your postfix configuration for how you are delivering local mail. Also check that dovecot is configured correctly, for instance: mail_location = maildir:~/.maildir But I would try the postfix / dovecot mailing lists about this. -- Message sent via my webmail account. -- List info: http://lists.roundcube.net/users/ BT/8f4f07cd
Re: [RCU] Sending email via Submission Port 587
On 2012-01-20 10:58, Charles Marcus wrote: On 2012-01-19 6:46 PM, Roberto Fulgado rober...@dmtserv.com wrote: I have roundcube 0.3.1 and daovecot 1.2.15 from the debian squeeze repo installed. I am trying to send email via MSP (port 587). I am very new to Roundcube, I only set it up two days ago and I only joined this list yesterday. However, with the current version I have the following which works just great with STARTTLS on the submission port: $rcmail_config['smtp_server'] = 'tls://my.smtp.host'; $rcmail_config['smtp_port'] = 587; $rcmail_config['smtp_user'] = '%u'; $rcmail_config['smtp_pass'] = '%p'; $rcmail_config['smtp_auth_type'] = 'PLAIN'; -- Message sent via my webmail account. -- List info: http://lists.roundcube.net/users/ BT/8f4f07cd