安裝環境說明:

郵件伺服器postfix + dovecot

dovecot 提供pop3 pop3s imap imaps 

安裝Roundcube webmil需求

官方說明如下:

REQUIREMENTS
============

* The Apache, Lighttpd, Cherokee or Hiawatha web server
* .htaccess support allowing overrides for DirectoryIndex
* PHP Version 5.2.1 or greater including
   - PCRE, DOM, JSON, XML, Session, Sockets (required)
   - PHP Data Objects (PDO) with driver for either MySQL, PostgreSQL or SQLite (required)
     Note: MySQL database driver requires PHP 5.3 or newer.
   - Libiconv, Zip (recommended)
   - Fileinfo, Mcrypt, mbstring (optional)
* PEAR packages distributed with Roundcube or external:
   - Mail_Mime 1.8.1 or newer
   - Mail_mimeDecode 1.5.5 or newer
   - Net_SMTP (latest from https://github.com/pear/Net_SMTP/)
   - Net_IDNA2 0.1.1 or newer
   - Auth_SASL 1.0.6 or newer
* php.ini options (see .htaccess file):
   - error_reporting E_ALL & ~E_NOTICE (or lower)
   - memory_limit > 16MB (increase as suitable to support large attachments)
   - file_uploads enabled (for attachment upload features)
   - session.auto_start disabled
   - zend.ze1_compatibility_mode disabled
   - suhosin.session.encrypt disabled
   - mbstring.func_overload disabled
   - magic_quotes_runtime disabled
   - magic_quotes_sybase disabled
* PHP compiled with OpenSSL to connect to IMAPS and to use the spell checker
* A MySQL (4.0.8 or newer), PostgreSQL, MS SQL Server (2005 or newer) database engine
  or SQLite support in PHP
* One of the above databases with permission to create tables
* An SMTP server (recommended) or PHP configured for mail delivery

1.登入mysql

[root@dns etc]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.1.69 Source distribution

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

2.建立Roundcube使用的資料庫名為ROUNDCUBE

mysql> CREATE DATABASE IF NOT EXISTS ROUNDCUBE;
Query OK, 1 row affected (0.00 sec)

3.建立存取ROUNDCUBE資料庫的帳號roundcube

mysql> CREATE USER 'roundcube'@'localhost' IDENTIFIED BY '密碼';
Query OK, 0 rows affected (0.00 sec)

4.授權帳號roundcube存取資料庫roundcube權限

mysql> GRANT ALL PRIVILEGES ON ROUNDCUBE . * TO 'roundcube'@'localhost';
Query OK, 0 rows affected (0.00 sec)
 

5.重新裝載授權表讓新設定的權限生效

mysql>  flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye
[root@dns etc]#

6.下載roundcube

    於http://roundcube.net/download/ 目前最新版本為roundcubemail-0.9.5.tar.gz

7.解縮縮檔案到/var/www,解壓縮後會產生/var/www/roundcube-0.9.5目錄

  tar -xzvf roundcubemail-0.9.5.tar.gz -C /var/www/html

8.更改目錄名稱

   mv /var/www/html/roundcubemail-0.9.5  /var/www/html/roundcube

9.更改權限

[root@dns ~]# chown root:root -R /var/www/html/roundcube
[root@dns ~]# chmod 777 -R /var/www/html/roundcube/temp/
[root@dns ~]# chmod 777 -R /var/www/html/roundcube/logs/

10.執行 http://你的網址/roundcube/installer/   進行設定與安裝

     此頁面會檢查roundcube所需的一切環境設定,若確認問題都已排除且滿足系統安裝的需求後,點選下方的Next按鈕進行下一步驟

     若執行產生下列錯誤訊息:

     ERROR: Wrong 'suhosin.session.encrypt' option value and it wasn't possible to set it to required value (). Check your PHP configuration (including php_admin_flag).

     解決方法:

     修改php suhosin設定檔/etc/php.d/suhosin.ini 參數

     suhosin.session.encrypt = off

     重啟動apache

     service httpd restart

12.於第二步驟填入您系統的相關設定

General configuration
product_name
The name of your service (used to compose page titles)
support_url
Provide an URL where a user can get support for this Roundcube installation.
PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!

Enter an absolute URL (inculding http://) to a support page/form or a mailto: link.

skin_logo
Custom image to display instead of the Roundcube logo.

Enter a URL relative to the document root of this Roundcube installation.

temp_dir
Use this folder to store temp files (must be writeable for webserver)
des_key
This key is used to encrypt the users imap password before storing in the session record

It's a random generated string to ensure that every installation has its own key. If you enter it manually please provide a string of exactly 24 chars.

ip_check

This increases security but can cause sudden logouts when someone uses a proxy with changing IPs.

enable_spellcheck
spellcheck_engine

GoogieSpell implies that the message content will be sent to Google in order to check the spelling.

identities_level
Level of identities access

Defines what users can do with their identities.

Logging & Debugging
debug_level


log_driver
How to do logging? 'file' - write to files in the log directory, 'syslog' - use the syslog facility.
log_dir
Use this folder to store log files (must be writeable for webserver). Note that this only applies if you are using the 'file' log_driver.
syslog_id
What ID to use when logging with syslog. Note that this only applies if you are using the 'syslog' log_driver.
syslog_facility
What ID to use when logging with syslog. Note that this only applies if you are using the 'syslog' log_driver.
Database setup
db_dsnw

Database settings for read/write operations:





IMAP Settings
default_host
The IMAP host(s) chosen to perform the log-in

Leave blank to show a textbox at login. To use SSL/IMAPS connection, type ssl://hostname

default_port
TCP port used for IMAP connections
username_domain
Automatically add this domain to user names for login

Only for IMAP servers that require full e-mail addresses for login

auto_create_user

A user is authenticated by the IMAP server but it requires a local record to store settings and contacts. With this option enabled a new user record will automatically be created once the IMAP login succeeds.

If this option is disabled, the login only succeeds if there's a matching user-record in the local Roundcube database what means that you have to create those records manually or disable this option after the first login.

sent_mbox
Store sent messages in this folder

Leave blank if sent messages should not be stored. Note: folder must include namespace prefix if any.

trash_mbox
Move messages to this folder when deleting them

Leave blank if they should be deleted directly. Note: folder must include namespace prefix if any.

drafts_mbox
Store draft messages in this folder

Leave blank if they should not be stored. Note: folder must include namespace prefix if any.

junk_mbox
Store spam messages in this folder

Note: folder must include namespace prefix if any.

SMTP Settings
smtp_server
Use this host for sending mails

To use SSL connection, set ssl://smtp.host.com. If left blank, the PHP mail() function is used

smtp_port
SMTP port (default is 25; 465 for SSL; 587 for submission)
smtp_user/smtp_pass
SMTP username and password (if required)

smtp_log
Display settings & user prefs
language *
The default locale setting. This also defines the language of the login screen.
Leave it empty to auto-detect the user agent language.

Enter a RFC1766 formatted language name. Examples: en_US, de_DE, de_CH, fr_FR, pt_BR

skin *
Name of interface skin (folder in /skins)
mail_pagesize *
Show up to X items in the mail messages list view.
addressbook_pagesize *
Show up to X items in the contacts list view.
prefer_html *
preview_pane *
htmleditor *
draft_autosave *
mdn_requests *
Behavior if a received message requests a message delivery notification (read receipt)
mime_param_folding *
How to encode attachment long/non-ascii names

*  These settings are defaults for the user preferences

 

 

13.將產生的兩個檔案main.inc.php和db.inc.php置入 /var/www/html/roundcube/config後,點選

     CONTINUE按鈕繼續

14.點選 Initialize database按鈕初建立系統要用的資料表

15.設定roundcube存取權限,建立檔案/etc/httpd/conf.d/roundcube.conf

      內容如下:

  Alias /webmail /var/www/html/roundcube

<Directory /var/www/html/roundcube>
  Options -Indexes
  AllowOverride All
</Directory>

<Directory /var/www/html/roundcube/config>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory /var/www/html/roundcube/temp>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory /var/www/html/roundcube/logs>
  Order Deny,Allow
  Deny from All
</Directory>

16.編輯ROUNDCUBE設定檔 /var/www/html/roundcube/config/main.inc.php,設定與檢查下列參數

roundcube進階設定

//設定各類除錯與記錄檔參數,請依個人需求設定
// system error reporting, sum of: 1 = log; 4 = show, 8 = trace
$rcmail_config['debug_level'] = 1;

// Log sent messages to <log_dir>/sendmail or to syslog
$rcmail_config['smtp_log'] = true;

// Log successful logins to <log_dir>/userlogins or to syslog
$rcmail_config['log_logins'] = true;

// Log session authentication errors to <log_dir>/session or to syslog
$rcmail_config['log_session'] = true;

// Log SQL queries to <log_dir>/sql or to syslog
$rcmail_config['sql_debug'] = true;

// Log IMAP conversation to <log_dir>/imap or to syslog
$rcmail_config['imap_debug'] = true;

// Log LDAP conversation to <log_dir>/ldap or to syslog
$rcmail_config['ldap_debug'] = true;

// Log SMTP conversation to <log_dir>/smtp or to syslog
$rcmail_config['smtp_debug'] = true;


//設定郵件伺服器相關參數
// ----------------------------------
// IMAP
// ----------------------------------
//設定您的郵件伺服器位置
// The mail host chosen to perform the log-in.
// Leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
// Supported replacement variables:
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %s - domain name after the '@' from e-mail address provided at login screen
// For example %n = mail.domain.tld, %t = domain.tld
// WARNING: After hostname change update of mail_host column in users table is
// required to match old user data records with the new host.
$rcmail_config['default_host'] = 'localhost';//若使用DOVECOT提供imaps服務時,則寫成ssl://localhost

// TCP port used for IMAP connections
$rcmail_config['default_port'] = 143; //若使用imaps,則改為993

// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
$rcmail_config['imap_cache'] = null;

// Enables messages cache. Only 'db' cache is supported.
$rcmail_config['messages_cache'] = false;

//設定SMTP伺服器連線位置與方式
// ----------------------------------
// SMTP
// ----------------------------------
// SMTP server host (for sending mails).
// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
// If left blank, the PHP mail() function is used
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
$rcmail_config['smtp_server'] = '您的網域'; //若使用smtps,則改寫為 tls://您的網域

// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
// deprecated SSL over SMTP (aka SMTPS))
$rcmail_config['smtp_port'] = 25;

//如果寄信需要驗證,smtp_user與smtp_pass參數一定要設定
//否則無法寄信,可能會出現類似SMTP 554.5.7.1 Relay access denied的錯誤訊息
// SMTP username (if required) if you use %u as the username Roundcube
// will use the current username for login
$rcmail_config['smtp_user'] = '%u';

// SMTP password (if required) if you use %p as the password Roundcube
// will use the current user's password for login
$rcmail_config['smtp_pass'] = '%p';

// ----------------------------------
// SYSTEM
// ----------------------------------
//如果有設定SSL,請啟用此參數,增加安全性
//若force_https為true且未使用SSL連線網頁郵件伺服器時,
//會登入失敗並顯示類似下列錯誤訊息
//要求無效!未儲存任何資料。
//若force_https和use_https都設定為true時,
//當使用者連線到網頁郵件伺服器時時,
//系統不會強迫轉址使用https,
//此兩參數只有一個能設定為true,
// enforce connections over https
// with this option enabled, all non-secure connections will be redirected.
// set the port for the ssl connection as value of this option if it differs from the default 443
$rcmail_config['force_https'] = true;

// tell PHP that it should work as under secure connection
// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
// e.g. when you're running Roundcube behind a https proxy
// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
$rcmail_config['use_https'] = false;

//設定網頁快取,如果系統有提供
// Use these hosts for accessing memcached
// Define any number of hosts in the form of hostname:port or unix:///path/to/socket.file
$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );

//記得修改roundcube用來加密儲存使用者密碼的字串
//目前使用系統自動產生的字串
// this key is used to encrypt the users imap password which is stored
// in the session record (and the client cookie if remember password is enabled).
// please provide a string of exactly 24 chars.
$rcmail_config['des_key'] = 'CPINUNb*f509w$$oA2DBI*dp';

//設定後,網頁郵件伺服器登入頁面的帳號欄位只需要輸入帳號,
//無需輸入完整電子郵件帳號
// Automatically add this domain to user names for login
// Only for IMAP servers that require full e-mail addresses for login
// Specify an array with 'host' => 'domain' values to support multiple hosts
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
$rcmail_config['username_domain'] = '您的網域';

// This domain will be used to form e-mail addresses of new users
// Specify an array with 'host' => 'domain' values to support multiple hosts
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - http hostname ($_SERVER['SERVER_NAME'])
// %d - domain (http hostname without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
$rcmail_config['mail_domain'] = '您的網域';

// use this name to compose page titles
//$rcmail_config['product_name'] = 'Roundcube Webmail';
$rcmail_config['product_name'] = '我的郵件伺服器';

// the default locale setting (leave empty for auto-detection)
// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
$rcmail_config['language'] = 'zh_TW';

// Use this charset as fallback for message decoding
//$rcmail_config['default_charset'] = 'ISO-8859-1';
$rcmail_config['default_charset'] = 'BIG5';

// Make use of the built-in spell checker. It is based on GoogieSpell.
// Since Google only accepts connections over https your PHP installatation
// requires to be compiled with Open SSL support
$rcmail_config['enable_spellcheck'] = true;

//設定拼字檢查
// Enables spellchecker exceptions dictionary.
// Setting it to 'shared' will make the dictionary shared by all users.
//$rcmail_config['spellcheck_dictionary'] = false;
$rcmail_config['spellcheck_dictionary'] = shared;

#開啟上傳附件檔案進度列的功能
// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
// By default refresh time is set to 1 second. You can set this value to true
// or any integer value indicating number of seconds.
//$rcmail_config['upload_progress'] = false;
$rcmail_config['upload_progress'] = true;

//設定時區為亞洲臺北
// use this timezone to display date/time
// valid timezone identifers are listed here: php.net/manual/en/timezones.php
// 'auto' will use the browser's timezone settings
//$rcmail_config['timezone'] = 'auto';
$rcmail_config['timezone'] = 'Asia/Taipei';

//顯示郵件中嵌入的外部圖片的方式
/var/www/html/roundcube/config/main.inc.php
// display remote inline images
// 0 - Never, always ask
// 1 - Ask if sender is not in address book
// 2 - Always show inline images
$rcmail_config['show_images'] = 0;

//啟用郵件預覽
// default setting if preview pane is enabled
//$rcmail_config['preview_pane'] = false;
$rcmail_config['preview_pane'] = true;

17.郵件附件檔案上傳相關設定

    .檢查/etc/php.ini 參數設定

        file_uploads = on ;啟用http上傳功能

        memory_limit = 256M ;每次執行PHP腳本可使用記憶體上限

        post_max_size = 200M ;PHP接受POST傳值的上限,此值需大於upload_max_filesize

        upload_max_filesize = 100M ;上傳檔案大小上限

        max_input_time = 60 ;每次執行PHP腳本解析資料時的最長執行時間

        max_execution_time = 30 ;執行每一段PHP腳本的最長執行時間

        請依伺服器與網路狀況設定上列參數值

    .編輯/var/www/html/roundcube/.htaccess 設定附件上傳大小

       將下列參數值設定與/etc/php.ini中相同參數名稱的值一樣

       php_value upload_max_filesize 100M
       php_value post_max_size 200M
       php_value memory_limit 256M

    .檢查postfix設定檔設定 /etc/postfox/main.cf  郵件信箱與信件大小是否大於附件檔大小

      #每個人收件匣mailbox大小上限需大於message_size_limit

      #收件匣mailbox大小改為1G

      mailbox_size_limit = 1073741824

      #信件大小改為150MB

      message_size_limit = 157286400

18.重啟動apache

[root@dns ~]#servce httpd restart

19.測試登入 http://localhost/roundcube/

若一直無法登入時,先檢查錯誤記錄檔

/var/www/html/roundcube/logs/errors

若記錄檔出現下列類似訊息:

[22-Nov-2013 16:21:58 +0800]: IMAP Error:

Login failed for 帳號@網域名稱 from localhost.

Could not connect to localhost:143:

拒絕不符權限的操作

in /var/www/html/roundcube/program/lib/Roundcube/

rcube_imap.php on line 184

(POST /roundcube/?_task=login&_action=login)

  則是因為SELinux造成的權限問題,需執行下列指令

[root@dns audit]# setsebool -P httpd_can_network_connect 1

      若仍然無法登入,在檢視dovecot的相關記錄

      發現有下列類似訊息:

Nov 22 19:10:27 imap-login: Info: Disconnected (auth failed, 1 attempts): user=<帳號@網域名稱>, method=PLAIN, rip=::1, lip=::1, secured

去設定 /etc/dovecot/conf.d/10-auth.conf ,設定auth_username_format參數為

# Username formatting before it's looked up from databases. You can use
# the standard variables here, eg. %Lu would lowercase the username, %n would
# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into
# "-AT-". This translation is done after auth_username_translation changes.
#auth_username_format =
auth_username_format = %n

20.由Roundcube試著寄信給同網域收件人與外部收件人,測試寄件功能是否正常

     如果一直無法透過網頁寄信,檢查SELinux中有關httpd的規則

[root@dns log]# getsebool -a | grep httpd
allow_httpd_anon_write --> off
allow_httpd_mod_auth_ntlm_winbind --> off
allow_httpd_mod_auth_pam --> off
allow_httpd_sys_script_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_network_connect --> on
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
httpd_can_network_memcache --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> on
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> off
httpd_execmem --> off
httpd_manage_ipa --> off
httpd_read_user_content --> off
httpd_run_stickshift --> off
httpd_setrlimit --> off
httpd_ssi_exec --> off
httpd_tmp_exec --> off
httpd_tty_comm --> on
httpd_unified --> on
httpd_use_cifs --> off
httpd_use_fusefs --> off
httpd_use_gpg --> off
httpd_use_nfs --> off
httpd_use_openstack --> off
httpd_verify_dns --> off
[root@dns log]#

 發現

httpd_can_sendmail --> off

httpd_read_user_content --> off

 執行指令開啟上列功能並寫入規則

[root@dns audit]# setsebool -P httpd_can_sendmail 1

 

21.若測試成功則移除安裝設定檔

[root@dns ~]#rm -rf /var/www/html/roundcube/installer

 

備註:

安裝完成設定檔放入/var/www/roundcube/config後,
http://localhost/roundcube/installer連結便無法正常執行,
會出現錯誤訊息

The installer is disabled!

To enable it again, set $rcmail_config['enable_installer'] = true; in RCUBE_CONFIG_DIR/main.inc.php

 

安裝參考資料:

http://trac.roundcube.net/wiki/Howto_Install

 

, ,

K 發表在 痞客邦 PIXNET 留言(0) 人氣()