Multiserver - How to point Roundcube on Web server to look at Mail Server mailbox accounts?

Hi everyone,

Here I am again asking for help. I do try my best to find an answer goggling around and searching ISPConfig forums but sure looks like setting up ISPConfig Multi-server with only one server configured with Apache is somewhat tricky.

• I configured three servers in a multi-server set up: Web/Mail/DB.
• The only server that has Apache installed is the Web server.
• Roundcube is installed on Web server

I am trying to setup Roundcube to look at email accounts setup in Mail server. Here is what I have done so far:

• In " /etc/roundcube/config.inc.php " I kept " $config['default_host'] = '' " so that whenever I invoke the Roundcube UI, I get a field to specify the mail server name.

If I type in the username, password and server names in the fields, I get to access the user mailbox and works fine.

What I would prefer to accomplish is:

• When I click in the webmail icon in ISPConfig mailbox list for the servername to be preselected with the correct mail server name corresponding to the user mailbox. That way I can hide the server field from the user and make it easier for them.

• Also if possible, that whenever the user accesses Roundcube UI from within a browser by https://domain.tld/webmail that the mail server name is preselected as well. In this case I am of course hosting the user domain website in ISPConfig Web server.

I looked at ISPConfig Mail tab in System Config UI suspecting I can setup what I like from there through setting the [SERVERNAME] placeholder in the Web URL field but that does not seem to be the way to accomplish my objective.

So I have two questions:
1) What do I need to change in Roundcube configuration file or within ISPConfig to accomplish my objectives?
2) What is the purpose of "Placeholder" in Web URL within ISPConfig Configuration UI? How is this placeholder used?

Thanks in advance.

 

Thanks Jesse, I appreciate your help.
You are right; I only have one mail server so why complicate things unnecessarily.
I guess I was thinking to keep it generic enough to work if I another email server is added later on but I will go with your suggested solution.
I really like ISPConfig but it takes some time to navigate through some of its somewhat hidden details, again this forum to to the rescue of rookies like me
Do you know what is the purpose of the [SERVERNAME] "Placeholder" in Web URL within ISPConfig Configuration UI? How is this placeholder used?
I know it gets replaced automatically with the servername prefixed with the word mail (mail/my.mailserver.tld) but I find no use-case anywhere. It sure looks like it is meant to point to the right mail server. That is why I thought this was the way to my intended use.
Just curious to learn as there are a lot of [PLACEHOLDER] in the ISPConfig UI. Be nice to know.

Thanks a million!

 

Hi Jesse,
Yes, I meant to say 'Webmail URL'. Thanks for your usage clarification much clearer in my mind now.
Playing around a little bit a found a way to make it can work for multiple Mail servers provided the right DNS records are set ( I have not tested in multiple servers).
Here is what I did:
First, I set two CNAME DNS records for each domain I want to host in my mail server(s)
map pointed to imap.my_mail_server_domain.com
smtp pointed to smtp.my_mail_server_domain.com
Then I change the roundcube configuration as follows:
$config['default_host'] = 'imap.%s';
$config['smtp_server'] = 'smtp.%s';

Using '%s' forces Roundcube to use the domain name after the '@' from e-mail address provided at login screen. Since I created the DNS records it gets routed to the correct mail server.

I first try using '%t' and '%d' instead of '%s' but for some reason it behaves differently in ISPConfig-Mail roundcube link than in https://domain_name/webmail so I went with the '%s' approach that works for both. Pitty, '%t' would not required the DNS records.

It is a little bit convoluted since it requires the DNS records but it works fine with my single mail server setup and should work with multi mail server, just need the DNS CNAME records pointed to the correct mail server.

Again, many thanks for all your help.

 

Hi Guys,
I just want to alert everyone of an issue with solution I presented on Post #5 after securing the mail server with SSL certificates.

I followed Jesse Norell excellent posting on Securing standalone mail server, after doing so, Roundecube stop being able to send messages.
Tracing back issues I was able to identify the problem to this statement in Roundcube configuration file:

Code:

$config['smtp_server'] = 'smtp.%s';

If I keep this statement here is the error I get in Roundcube error log:

Code:

[17-Apr-2020 21:36:16 UTC] ERROR: SMTP server does not support authentication ()
[17-Apr-2020 21:36:16 +0000]: <6lv0jlo0> SMTP Error: Authentication failure: SMTP server does not support authentication (Code: ) in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1667 (POST /webmail/?_task=mail&_unlock=loading1587159383177&_lang=undefined&_framed=1&_action=send)

Some comments:

• Changing $config['smtp_server'] to point to the actual mail server URL fixes the issues
• $config['default_host'] = 'imap.%s' statement is not an issue

I will continue to debug why this is happening and report my findings here. In mean time if someone can shed some light I gladly accept it.
Thanks

 

Hi Jesse,
As always thanks for responding.
I am slowly but surely making progress in debugging this issue and at the same time learning quite a bit.
From what I have been able to gather so far, I think there two sides to the problem:

1. As far as the secure connections are concerned the issue is definitely only with IMAP and TLS connection. In other words the SMTP connects fine under SSL as well as TLS and IMAP connects fine with SSL but not with TLS.
2. There seems to be a differenct behaviour on connecting to Roundcube from the ISPConfig-Sites link and connecting from ISPConfig-Email-Mailbox link.

I am concentrating on issue #1 for now and will deal with #2 when I arrive at a solution to #1. I will continue to debug and report my findings and hopefully a solution in this post when I arrive at something tangible. I am going slow but I am learning that is good for me.

BTW, I do not get email alerts when you or anyone else replies or comments in my posts. I have checked to make sure I allow such communication in my profile and I do. Any suggestions on who I can contact to check this out? Thanks

 

Hi Till,
Thanks for checking and my apologies. It turns out there were going to junk. I thought I had checked before asking but I guess I missed it. I fix it in my side.
Thanks so much

 

Thanks Jessie,
It was a problem on my side: there were going to junk. I thought I had checked but it looks like I missed it.
Thanks again,
Carlos

 

Hi Jesse,
To complete this post, after searching through Roundcube code and includding debugging messages to verify, I came to the following conclusions:
Assuming the correct DNS entries have been set as explained in Posting #5, Roundcube should be configured as follows:

Code:

$config['default_host'] = 'ssl://imap.%t';
$config['default_port'] = 993;
$config['smtp_server'] = 'tls://smtp.%t';
$config['smtp_port'] = 587;

String replacement for Roundcube IMAP/SMTP settings take place at:

Code:

/var/lib/roundcube/program/lib/Roundcube/rcube_smtp.php
/var/lib/roundcube/program/lib/Roundcube/rcube_utils.php

• Using the tls:// prefix with IMAP host will yield an error. There is no string replacement for tls:// prefix in Roundcube IMAP code.
• Using the ssl:// prefix with SMTP host yield an error. There is no string replacement for ssl:// prefix in Roundcube SMTP code.
• There is no string substitution for %s in Roundcube SMTP code. Using it may yield unpredictable results but ussually localhost.
  
• There is no differenct behaviour on connecting to Roundcube from the ISPConfig-Sites link and connecting from ISPConfig-Email-Mailbox link as I wrongly mentioned in Post # 10.

Thanks to everyone that helped me, specially Jesse Norell.

 

Thanks Jesse,
I think it is finally clear to me: TLS is really referring to use "STARTTLS" and not referring to the modernized version of SSL protocol.
I was going to close ports 110 and 143 but now it seems to me I should leave them open so that clients can upgrade the connection through STARTTLS. I did configure Postfix and Dovecot to require encrypted connections so unencrypted sessions will not progress.
I am glad of of the issues I faced in this setup, I have learned a lot thanks to you guys.

 

Ok, so few final comments on this subject:
If we require SSL on Postfix/Dovecot then setting CNAME or A DSN records for emaill domains hosted will yield certificate errors unless we install multiple SSL certifictaes which I don't know how to do.
Also, linking to Roundcube from ISPConfig-Email-Email Mailbox link yields different results for "Roundcube variable replacement"
that if we link from: https:/hosted_domain.tld/webmail. In the latter case "Roundcube variable replacement" appears to be messed up.
I added this debugging code in "/var/lib/roundcube/program/lib/Roundcube/rcube_utils.php" to check it out:

Code:

// CJS Debugging
        if (rcube::get_instance()->config->get('debug_level') >= 1)
        {
        rcube::write_log('errors',"CJS Debugging rcube_utils.php ========================");
        rcube::write_log('errors',"Configured host: ".$name);
        rcube::write_log('errors'," %h = ".$h);
        rcube::write_log('errors'," %n = ".$n);
        rcube::write_log('errors'," %t = ".$t);
        rcube::write_log('errors'," %d = ".$d);
        rcube::write_log('errors'," %z = ".$z);
        if (strpos($name, '%s') !== false)
        {
         rcube::write_log('errors'," User email = ".$user_email);
         rcube::write_log('errors'," %s1        = ".$s[1]);
         rcube::write_log('errors'," %s2        = ".$s[2]);
        }
        rcube::write_log('errors',"CJS Debugging Block End ^^^^^^^^^^^^^^^^^^^^^^^^^^");
        }
// End CJS Debugging

Here is debug output when logging first into Email link and then into Webmail link for domain: pr-homes.us hosted on server web.onpointswr.com:

Code:

[04-May-2020 14:38:45 +0000]: <6fiqt066> CJS Debugging rcube_utils.php ========================
[04-May-2020 14:38:45 +0000]: <6fiqt066> Configured host: ssl://mail.onpointswr.com
[04-May-2020 14:38:45 +0000]: <6fiqt066>  %h =
[04-May-2020 14:38:45 +0000]: <6fiqt066>  %n = web.onpointswr.com
[04-May-2020 14:38:45 +0000]: <6fiqt066>  %t = onpointswr.com
[04-May-2020 14:38:45 +0000]: <6fiqt066>  %d = onpointswr.com:8080
[04-May-2020 14:38:45 +0000]: <6fiqt066>  %z =
[04-May-2020 14:38:45 +0000]: <6fiqt066> CJS Debugging Block End ^^^^^^^^^^^^^^^^^^^^^^^^^^
[04-May-2020 14:38:59 +0000]: <hggocnda> CJS Debugging rcube_utils.php ========================
[04-May-2020 14:38:59 +0000]: <hggocnda> Configured host: ssl://smtp.%z
[04-May-2020 14:38:59 +0000]: <hggocnda>  %h = mail.onpointswr.com
[04-May-2020 14:38:59 +0000]: <hggocnda>  %n = web.onpointswr.com
[04-May-2020 14:38:59 +0000]: <hggocnda>  %t = onpointswr.com
[04-May-2020 14:38:59 +0000]: <hggocnda>  %d = onpointswr.com:8080
[04-May-2020 14:38:59 +0000]: <hggocnda>  %z = onpointswr.com
[04-May-2020 14:38:59 +0000]: <hggocnda> CJS Debugging Block End ^^^^^^^^^^^^^^^^^^^^^^^^^^


[04-May-2020 14:39:33 +0000]: <td6nm207> CJS Debugging rcube_utils.php ========================
[04-May-2020 14:39:33 +0000]: <td6nm207> Configured host: ssl://mail.onpointswr.com
[04-May-2020 14:39:33 +0000]: <td6nm207>  %h =
[04-May-2020 14:39:33 +0000]: <td6nm207>  %n = pr-homes.us
[04-May-2020 14:39:33 +0000]: <td6nm207>  %t = us
[04-May-2020 14:39:33 +0000]: <td6nm207>  %d = us
[04-May-2020 14:39:33 +0000]: <td6nm207>  %z =
[04-May-2020 14:39:33 +0000]: <td6nm207> CJS Debugging Block End ^^^^^^^^^^^^^^^^^^^^^^^^^^
[04-May-2020 14:39:46 +0000]: <cu0alcln> CJS Debugging rcube_utils.php ========================
[04-May-2020 14:39:46 +0000]: <cu0alcln> Configured host: ssl://smtp.%z
[04-May-2020 14:39:46 +0000]: <cu0alcln>  %h = mail.onpointswr.com
[04-May-2020 14:39:46 +0000]: <cu0alcln>  %n = pr-homes.us
[04-May-2020 14:39:46 +0000]: <cu0alcln>  %t = us
[04-May-2020 14:39:46 +0000]: <cu0alcln>  %d = us
[04-May-2020 14:39:46 +0000]: <cu0alcln>  %z = onpointswr.com
[04-May-2020 14:39:46 +0000]: <cu0alcln> CJS Debugging Block End ^^^^^^^^^^^^^^^^^^^^^^^^^^

I guess I can not figure out how to point to the correct Email server in a multiserver setup for Webmail connecttions using "Roundcube Variable replacements". Don't know if there is any other way of doing it either. I do not really need multiple Email servers so I am going to hardcode the mail host for IMAP and SMTP in Roundcube.
I hope someone figures out how to really do it.