How to Install and configure mail web-interface (RoundCube) in CentOS/RHEL 7

Installing RoundCube webmail

First of all install the RoundCube and driver for MySQL:

$ yum -y install php-pear-MDB2-Driver-mysqli roundcubemail

Now SELinux allow network connections to the Web server:

$ setsebool -P httpd_can_network_connect=on

We prepare the Apache and PHP for RoundCube:

$ nano -w /etc/httpd/conf.d/roundcubemail.conf
<Directory /usr/share/roundcubemail/>
#   php_flag error_reporting E_ALL & ~E_NOTICE
#   php_flag memory_limit 256MB
    php_flag file_uploads On
    php_flag session.auto_start 0
    php_flag zend.ze1_compatibility_mode 0
    php_flag suhosin.session.encrypt 0
    php_flag mbstring.func_overload 0
    php_flag magic_quotes_runtime Off
    php_flag magic_quotes_sybase Off
...
    <IfModule mod_authz_core.c>
    ...
	Require ip 192.168.255.0/24
    </IfModule>
    <IfModule !mod_authz_core.c>
    ...
	Allow from 192.168.255.0/24
    </IfModule>
...
</Directory>
<Directory /usr/share/roundcubemail/installer/>
...
    <IfModule mod_authz_core.c>
    ...
	Require ip 192.168.255.0/24
    </IfModule>
    <IfModule !mod_authz_core.c>
    ...
	Allow from 192.168.255.0/24
    </IfModule>
...
</Directory>
$ systemctl reload httpd.service

If you plan to not use the service with certain subnets, and anywhere from the Internet, then in block instead of the line Require ip 192.168.255.0/24 you must write a Require all granted and instead Allow from 192.168.255.0/24 – line Allow from All. But in the block best to leave only trusted IP addresses or subnets.
 
RoundCube is created by default the alias /roundcubemail, that is, to access the RoundCube in the browser, enter the address http://domain.example.com/roundcubemail/. I want to do to RoundCube to access need to enter the address http://mail.example.com/, for that will do the following:

$ nano -w /etc/httpd/vhost.d/vhost-mail.example.com
# HTTP Virtual Host
<VirtualHost *:80>
    ServerName    mail.example.com
    ServerAdmin   admin@example.com

    CustomLog     "|/usr/sbin/cronolog logs/mail.example.com/access_log.%Y-%m" combined env=!dontlog
    ErrorLog      "|/usr/sbin/cronolog logs/mail.example.com/error_log.%Y-%m"

    RewriteEngine On
    RewriteCond   %{HTTPS} Off
    RewriteRule   ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

# HTTPS Virtual Host
<VirtualHost *:443>
    ServerName    mail.example.com
    ServerAdmin   admin@example.com
    DocumentRoot  /usr/share/roundcubemail

    CustomLog     "|/usr/sbin/cronolog logs/mail.example.com/access_log.%Y-%m" combined env=!dontlog
    ErrorLog      "|/usr/sbin/cronolog logs/mail.example.com/error_log.%Y-%m"

    RewriteEngine On
    RewriteRule   ^(.*)favicon\.ico /skins/larry/images/favicon.ico [L]
</VirtualHost>
$ systemctl reload httpd.service

This part of the configuration file to open access to RoundCube at https://mail.example.com/, and if someone enters the address with https, and http Web server will redirect to https.
PS. To the virtual hosts work with files type /etc/httpd/vhost.d/vhost-mail.example.com in CentOS 7, Apache must be configured as described in this article.

 
For RoundCube needs to create a database and a user in MySQL:

$ mysql -u root -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 2639
Server version: 5.5.40-MariaDB MariaDB Server

Copyright (c) 2000, 2014, Oracle, Monty Program Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE `RCMailDB` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
Query OK, 1 row affected (0.01 sec)

MariaDB [(none)]> CREATE USER 'RCMailUser'@'localhost' IDENTIFIED BY 'RCMailPassWord';
Query OK, 0 rows affected (0.10 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON `RCMailDB`.* TO 'RCMailUser'@'localhost';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> \q
Bye

 
Further customize Roundcube will be in the browser, so open the link https://mail.acmenet.ru/installer/.
Look in the «Check the environment» block next to all the items spelled out OK (except for PostgreSQL and other unused database drivers) and click on «Next» button.
In the next window, Create the «config» most of the items can be left with the default settings, you need to edit only three blocks: «Database setup», «IMAP Settings» and «SMTP Settings». In the «Database Setup», specify the database user and password that we created earlier. In the «IMAP Settings« in the default_host set ssl://localhost in the specify default_port 993. Also pay attention to the default names of the system folders. I have, for example, a folder with spam called Spam and not Junk. In the SMTP Settings in the smtp_server set ssl://% h, in the smtp_port specify port 465, as Note ticked the box «Use the current IMAP username and password for SMTP authentication» to RoundCube authorize before sending mail to the SMTP server.
You can even block «Display settings & user prefs» check box, preview_pane, and in the htmleditor, you can click «on reply to an HTML message only», or even at all, «always».
After the initial configuration of RoundCube, you can click on the button «Create Config».

 
Further, we will show the generated config file we need to copy the /etc/roundcubemail/config.inc.php:

$ nano -w /etc/roundcubemail/config.inc.php
...
$ chcon -u system_u /etc/roundcubemail/config.inc.php
$ chown root:apache /etc/roundcubemail/config.inc.php
$ chmod 0640 /etc/roundcubemail/config.inc.php

 
After you create the configuration file, go back to your browser and click on the button «Continue». We will open the last window Installer – «Test config». See that everywhere is «OK», except «DB Schema». This is due to the fact that in the database for RoundCube we did not create any tables. In order to create these tables, click on the «Initialize database». We now have all written «OK». You can check out more conscience to soothe the sending mail and the connection to the IMAP server.
 
Now restrict access to pages of the RoundCube Installer and remove it:

$ nano -w /etc/roundcubemail/config.inc.php
/* Local configuration for Roundcube Webmail */
$config['enable_installer'] = false;
$ rm -rf /usr/share/roundcubemail/installer/

Keep in mind, the installer will need to be deleted manually each time after you upgrade the RoundCube!
 
You can now open https://mail.example.com/ in your Web browser and try to log in.
 
Some tips on the fine tuning of the RoundCube:

  • If you want to add the ability to login from RoundCube to several different mail server, you need to edit the configuration file as follows:
    $ nano -w /etc/roundcubemail/config.inc.php
    $config['default_host'] = array(
      'ssl://mail.example.com:993' => 'Company #01 (example.com)',
      'ssl://mail.example.org:993' => 'Company #02 (example.org)'
    );
    $config['smtp_server'] = 'ssl://%h';
    $config['username_domain'] = '%z';
    $config['login_autocomplete'] = 1;
    
  • Also, I advise you, add a few more stitches in RoundCube configuration file:
    $ nano -w /etc/roundcubemail/config.inc.php
    ...
    $config['skip_deleted'] = true;
    $config['check_all_folders'] = true;
    $config['autoexpand_threads'] = 2;
    

    Enabling skip_deleted will remove deleted messages from inbox and other folders, option check_all_folders allows you to check for new messages in all folders, and change the parameter autoexpand_threads will make RoundCube group letter in discussion. In general, you should see all the available options in the file /etc/roundcubemail/defaults.inc.php and, if you desire, add the required parameters with the appropriate values in the /etc/roundcubemail/config.inc.php file.

  • Include a couple of built-in plug-ins:
    $ nano -w /etc/roundcubemail/config.inc.php
    ...
    $config['plugins'] = array( 'emoticons', 'markasjunk', 'new_user_dialog' );
    

    Plugin emoticons add smileys, and is responsible for the markasjunk plugin adds a toolbar button that moves the email to the Spam folder. And thanks to the plugin the user has new_user_dialog, after the first login window will appear, where it will be able to enter your full name and the name of the Organization to be sent emails was attributed to the From field.

Leave a Reply