1.0 Introduction

This is the fourth in a series of six posts explaining how I set up an email server on CentOS 7. It will assume you’ve read the first, second and third articles in the series and taken the steps described there.

We left the previous installment with Postfix and Dovecot working well together to allow us to send and receive emails. With a suitable email client installed on our desktop (such as Thunderbird), we were able to use email effectively. However, the original requirement was to be able to use web mail -that is, to access our email via a web browser, just as we would if we were still using Gmail or outlook.com.

So in this installment, we’ll be adding web mail capabilities to our server by installing Roundcube. It’s a web application that has a nice interface that lets you manage email pretty comprehensively. (As an alternative, you could install something like Squirrelmail to do the same thing, but I find it much less capable and a lot uglier, so Roundcube wins it by a knockout in my estimation!)

2.0 Installing Roundcube and Prerequisites

First, enable the EPEL repository:

yum -y install epel-release

Currently, your mail server has mail capabilities and nothing else -but, if it is to present a web application to the world, it needs web capabilities… and that means we need to start things off by installing Apache and its related packages.

As root, therefore, run this command:

yum -y install httpd php php-common php-json php-xml php-mbstring php-imap php-pear-DB php-mysql

That gets you Apache (the ‘httpd’ bit) and various bits of PHP. Next, you need to tweak the PHP parts of the installation:

nano /etc/php.ini

Find the parameter date.timezone. Uncomment it and set it as you did previously in Section 4.1. of Part 1 of this series. In other words, if you previously set your server to timezone Australia/Sydney, that’s what you set PHP to use now by adding or editing the line:

date.timezone = Australia/Sydney

Also find the parameter upload_max_filesize. By default, it’s set to 2MB, which means you probably won’t be able to attach anything bigger than that to your emails. You probably want to increase that by adding or editing the line:

upload_max_filesize = 128M

…which is probably a bit excessive as mail attachments go, but I like to keep my options open!

Next, we have to prepare MySQL to house the database that will make Roundcube work. Still as root, type the following command:

mysql -u root -p

Supply the administrative password to connect to MySQL and then type this lot:

create database webmail /*!40101 CHARACTER SET utf8 COLLATE utf8_general_ci */;
grant all privileges on webmail.* to hjr@localhost identified by 'some-password';
flush privileges;
exit

So that creates a new, empty database called “webmail” and grants all permissions on it to the same user we created previously -in this case, ‘hjr@localhost’.

Finally, it’s time to obtain the Roundcube software and add it to our server:

cd

wget http://nchc.dl.sourceforge.net/project/roundcubemail/roundcubemail/1.1.4/roundcubemail-1.1.4-complete.tar.gz

tar -zxpvf roundcubemail-1.1.4-complete.tar.gz -C /var/www/html/

mv /var/www/html/roundcubemail-1.1.4 /var/www/html/roundcube

chown -R apache:apache /var/www/html/roundcube

That makes sure we’re sitting in /root to begin with, then it fetches the latest Roundcube software version from sourceforge’s servers. You may want to browse the files available at http://nchc.dl.sourceforge.net/project/roundcubemail/ manually before issuing this command to make sure that you are getting the latest version: 1.1.4 was the latest at the time of writing, but that may not be true by the time you come to read this!

Having fetched the software tarball, the commands unzip it into the /var/www/html directory (which is Apache’s document root) and then renames the sub-directory created to plain “roundcube” from a version-specific name. Finally, it makes sure the Apache user has rights on the new software.

Finish things off by issuing these two commands:

systemctl enable httpd
systemctl start httpd

That starts Apache and makes sure it restarts automatically at every future server bounce.

3.0 Running the Roundcube Install Wizard

At this point, you should be able to open a browser and visit your mail domain/roundcube/installer directory, by typing as the requested URL (in my case) mail.dizwell.com/roundcube/installer …you will need to specify the ’roundcube’ subdirectory explicitly at this point.

The first time you do this, you’ll see the Roundcube installation wizard:

installer01

There is quite a lot to look at here, but you shouldn’t need to change any of it. It’s evaluating your system and ensuring it meets minimum requirements. Where there are some orange ‘Not Available’ messages, those should be checked …and probably ignored. The fact that there’s no Oracle database on your mail server isn’t an issue, for example, provided that some other database is available!

Scroll down when you’re ready and click [Next].

installer02

There is a lot to look at here, and quite a bit of it will need setting to valid values. For starters, I suggest you customise the product_name so that it displays something relevant to you, rather than just ‘Roundcube Webmail’. Additionally, fill in a mailto: item for support purposes. Then scroll down a bit.

In the Database setup section, type in all the details of the webmail database you just created, as shown here. The user being prompted for is that of the administrative user of the webmail database we created earlier (that is, the user account to whom you said ‘grant all permissions on webmail.* to….’). Note that although you may have said ‘to hjr@localhost’, only the ‘hjr’ bit is specified as the username here: the localhost bit is implied by specifying as the Database server name field:

installer03

Scroll down further and you’ll get to the all-important IMAP section:

installer04

Fill in the username_domain as shown: ‘dizwell.com’ in my case. Scroll down yet further, and you’ll get to the SMTP section:

installer05

It’s not obvious, but leave the smtp server line blank, change the port to 587 (which is encrypted, whereas the default port 25 is not), and select the ‘use current IMAP username and password for SMTP authentication’ check box.

Next, scroll down to the ‘display settings and user prefs’ section:

installer05b

Your mileage may very well vary here, but I’d suggest adding a language to the settings (en-US is the one I’m using here), switching on the preview_pane (which I forgot to do when taking that screenshot!) and I also think it’s a good idea to enable the HTML composing of emails ‘always’.

For the rest, you can scroll down further and start adding various plugins to your Roundcube setup if you like. At this stage, I would suggest selecting only the minimum: emoticons, markasjunk and zipdownload. These are not complicated and require no configuration. Start selecting some of the others and they may not work or may indeed cause widespread breakages. Keep it simple at this stage: you can always add more plugins to your webmail server once it’s actually working.

When you’re done with the plugins section, click the [Create Config] button. This will write your configuration details out to a file and confirm the fact to you:

installer06

Click the [Continue] button. You get a summary of the state of play, part of which will appear to be a problem:

installer07

Note that is says the DB Schema is ‘NOT OK’ because the database hasn’t been initialised: that’s not surprising, because although you created an empty database called ‘webmail’, you didn’t create any tables in it. Click that [Initialize Database] button, however, and that’s exactly what will now happen -after which, the ‘NOT OK’ message will change to a green ‘OK’ one.

Once the database is OK, you can move on to test things. First, the SMTP test:

installer08

That’s me sending a test email to an external email account (for example, a Gmail or Outlook.com one) over which I have control. Check that external mail to make sure the email was actually sent properly (a word of warning: all my test emails ended up in the external account’s Junk Email folder! So make sure you look in all the right places before you declare your new mail server can’t send email properly!)

If the SMTP test works, try your hand at the IMAP test, too: that just requires you to practice a log on (so I’d still be using my hjr@dizwell.com account I set up when configuring Dovecot).

Once both tests pass, do what the big red box at the bottom of the page tells you: connect via ssh to your mail server once more and delete the /var/www/html/roundcube/installer directory:

cd /var/www/html/roundcube
rm -rf installer/

There remains one minor thing to do before using Roundcube for the first time:

nano /etc/dovecot/dovecot.conf

Change the part of the file which currently reads:

namespace {
    type = private
    separator = .
    prefix = INBOX.
}

…into this:

namespace {
    type = private
    separator = .
    prefix = INBOX.
    mailbox Sent {
        auto = subscribe
        special_use = \Sent
    }
    mailbox Drafts {
        auto = subscribe
        special_use = \Drafts
    }
    mailbox Trash {
        auto = subscribe
        special_use = \Trash
    }
    mailbox Junk {
        auto = subscribe
        special_use = \Junk
    }
}

This just means that users are given a few ‘special’ folders as well as a plain inbox: trash, drafts, sent and junk folders will be pre-created for you (otherwise you have to set them up yourself, which is a bit of a pain).

Finish off with:

systemctl restart dovecot

And at this point, you can now browse to http://mail.dizwell.com/roundcube …and start using your new webmail capabilities:

installer10

Notice that you log on with your full email address: your username is ‘someone@mailserver.com’, not just ‘someone’. However, because of the option called “username_domain” which I set under the IMAP server settings during the Roundcube setup, I could actually get away with saying my username was just ‘hjr’: that setting will append the ‘dizwell.com’ domain name ‘under the hood’ to anyone that tries logging in without one. So either way: force of habit means I know to type in with fully-qualified username anyway!

You should find that once you successfully log on, you see something like this:

roundcube20

So that’s me with a complete set of ‘special’ folders (thanks to our Dovecot configuration efforts) …and, indeed, some freshly-delivered spam from US Insurance, whoever they might be! If you click on that email and click the [Junk] button toward the top of the list of mails, you’ll find that your spam disappears into its own special junk folder, from which it can be later purged.

The only other thing to mention is the cog-wheel icon down in the bottom left-hand corner. Click that and select the Manage Folders button to create any further new folders you’d like to store your mail in. New folders can be children of existing ones (use ‘—‘ as the parent to mean ‘Inbox’), so you can get quite a nice hierarchy of email filing going, if that suits 🙂

5.0 Conclusion

As always, this is a good time to stop this particular article: you now have webmail abilities. Of course, there are issues. For a start, the webmail component is currently running on http, which is completely insecure: every time you log on, your username and password are being transmitted over the Internet in plain text. We’ll want to make the thing run on https, encrypted http, before too long.

But it’s a start, and it’s working, and we can thus leave it at that for now.

In the next installment of this series, we’ll add important anti-spam and anti-virus capabilities to our mail server, to stop you being swamped with mail that wastes your time or, worse, damages your systems.