Kategorie:Roundcube/Plugin

Aus Foxwiki

Roundcube/Plugin

Beschreibung

Installation

# apt install roundcube-plugins roundcube-plugins-extra

Aktivierung

/var/lib/roundcube/config/config.inc.php

$config['plugins'] = array("plugin1", "plugin2", "plugin3", ...


To enable a plugin you have to include it in $config['plugins'] in such a way

$config['plugins'] = array(
        'password',
        'managesieve',
        'sauserprefs',
        'markasjunk',
        'contextmenu',
        'newmail_notifier',
        'zipdownload',
        'persistent_login',
        'enigma',
        'swipe'
 );

Plugins

/var/lib/roundcube/plugins

Plugin Beschreibung
help
hide_blockquote
html5_notifier
http_authentication
identicon
identity_select
jqueryui
keyboard_shortcuts
krb_authentication
listcommands
managesieve which writes sieve scripts to filter the incoming mails (reject, move to specific folders etc.). Note that in order to use it you must have Dovecot managesieve enabled. It contains "Out of office" and "Forwarding".
markasjunk You can add the sender's email address to the blacklist, or run a command such as sa_learn. Requires sauprefs.
message_highlight
newmail_notifier can notify new mail focusing browser window and changing favicon, playing a sound and displaying desktop notification (using webkitNotifications feature).
new_user_dialog
new_user_identity
password change the user's password
redundant_attachments
sauserprefs SpamAssassin User Prefs SQL (sauserprefs), which writes the spamassassin user preferences in the DB. The user will be allowed to create a black/white list, to adjust the required_score and so on.
show_additional_headers
squirrelmail_usercopy
subscriptions_option
thunderbird_labels
userinfo
vcard_attachments
virtuser_file
virtuser_query
zipdownload which adds an option to download all attachments to a message in one zip file, when a message has multiple attachments.

Weitere Plugins

Plugin Beschreibung
MarkAsJunk Nachrichten in den Spam-Ordner verschieben
CardDAV Netzwerk-Adressbuch verwalten
Ispconfig3_Roundcube Einstellungen der Email-Konten bearbeiten. Sollte auf jedem ISPConfig-Server installiert sein.
Mobile Skin Handy-Ansicht für Roundcube
autologon Autologin from external Site e.g. (CMS, Portal ...)
logout redirect Modified version to only redirect to the homepage (depending on the domain part of the default identity)
rcguard This plugin logs failed login attempts and requires users to go through a reCAPTCHA verification process when the number of failed attempts go too high.
carddav CardDav client. You can sync your addressbook against a CardDav server like nextcloud or SoGO.
quickrules (abandoned project). Adds a button to the message list to allow the quick creation of rules in the SieveRules plugin. Information from selected emails is used to prefile the new rule form.



Anhang

Siehe auch

Dokumentation

  • /usr/share/doc/roundcube-plugins
  • /usr/share/doc/roundcube-plugins-extra/

Links

Projekt
Weblinks
  1. https://roundcube.net/
  2. Roundcube Plugins Repository: plugins.roundcube.net
  3. https://notes.sagredo.eu/en/qmail-notes-185/roundcube-plugins-35.html

TMP

Managing plugins via composer

Some of the mentioned above plugins are shipped with the Roundcube package, while the others can be easily installed from https://plugins.roundcube.net/ via composer. To learn how to use composer take a look to the home page of this site, where a quick howto is provided.

Installing composer

Install as follow if composer.phar is not already installed

cd /var/www/roundcube
chown -R root:apache .

wget https://getcomposer.org/composer-stable.phar 
mv composer-stable.phar composer.phar 
chown apache:apache composer.phar 
mkdir -p /var/www/.composer 
chown -R apache:apache /var/www/.composer

Since composer has to be runned by apache, it is the case to set up write priviledges in some folder and files that the apache user has to overwrite.

mkdir -p /srv/httpd
chown -R apache:apache /srv/httpd

touch composer.lock
chown apache:apache composer.lock composer.phar

chmod -R g+w plugins vendor composer.lock

Using composer

In a few words, just open your composer.json file and add a line like this for each plugin that is browseable from https://plugins.roundcube.net and you would like to install:

"require" : {
 ...,
 "roundcube/rcsample": ">=0.2.0"
}

This is my composer.json file that is needed to install the plugins described below:

 "require": {
       ............... other stuff
       "johndoh/contextmenu": ">=3.3.1", 
       "johndoh/swipe": ">=0.5"
}

Run composer as the apache user to update and install:

cd /var/www/roundcube
sudo -u apache php composer.phar update

Mark-as-junk

Adds the sender's email address to the blacklist, or run a command such as sa_learn.

  • Shipped with Roundcube
  • Plugin name: markasjunk
  • README (detailed drivers howto)

With this nice plugin the end user can add the sender's email address to the blacklist, or run a command such as sa_learn.

Create the config file from the template

cp config.inc.php.dist config.inc.php

sa_blacklist driver

  • Requires spamassassin-user-prefs (sauserprefs) plugin and Spamassassin Userprefs

Clicking on the button "Mark as Junk" creates a new "Black_list from" record in the database and moves the message in the Junk folder eventually marking it as read. Clicking on the button "Mark as Ham" creates a record "White_list from" in the database and restores the message in the Inbox.

To use the plugin with the driver sa_blacklist:

$config['markasjunk_learning_driver'] = 'sa_blacklist';

The following cmd_learn driver should not be used anymore, as we already setup a cronjob for training our bayesian filter and reporting our spam (more info here).

cmd_learn driver

  • Thanks to Gabriel Torres for the hints concerning this setup

This driver calls an external command to process the message. You can use it to call sa_learn and spamassassin in cascade. Be aware that you have to eventually remove shell_exec from disable_functions in your php.ini so that php can execute shell commands.

Prepare the shell script with the commands to run when clicking on the "Mark as junk" button. Save as /usr/local/bin/teach_spam.sh the following code

cat > /usr/local/bin/teach_spam.sh << __EOF__
#!/bin/bash
/usr/local/bin/sa-learn --spam --username=$1 $2 >> /var/log/spamassassin/sa_learn.log 2>&1​
/usr/local/bin/spamassassin --nocreate-prefs --report < $2 >> /var/log/spamassassin/spamassassin.log 2>&1
__EOF__

The first command feeds the mail to SpamAssassin, allowing it to 'learn' what signs are likely to mean spam. The latter one reports the mail as spam to Razor, Pyzor and Spamcop.

Now prepare the shell script with the commands to run when clicking on the "Mark as ham" button. Save as /usr/local/bin/revoke_spam.sh the following code

cat > /usr/local/bin/revoke_spam.sh << __EOF__
#!/bin/bash
/usr/local/bin/sa-learn --ham --username=$1 $2 >> /var/log/spamassassin/sa_learn.log 2>&1​
/usr/local/bin/spamassassin --nocreate-prefs --revoke < $2 >> /var/log/spamassassin/spamassassin.log 2>&1
__EOF__

Again, the first command feeds the mail to SpamAssassin, allowing it to 'learn' which signs are likely to mean ham. The latter one revoke the report to Razor. Apparently the revocation is not possible with Pyzor and Spamcop (but I didn't look deeply in my log yet).

Provide execute priviledges to the newly created scripts

chmod +x /usr/local/bin/teach_spam.sh /usr/local/bin/revoke_spam.sh

Set these options

$config['markasjunk_learning_driver'] = 'cmd_learn';
$config['markasjunk_spam_cmd'] = '/usr/local/bin/teach_spam.sh  %u %f';
$config['markasjunk_ham_cmd']  = '/usr/local/bin/revoke_spam.sh %u %f';

Setup che logrotate for the above log files:

cat > /etc/logrotate.d/spam_reports << __EOF__
/var/log/spamassassin/spamassassin.log /var/log/spamassassin/sa_learn.log {
su root apache
rotate 5
daily
missingok
notifempty
delaycompress
create 664 root apache 
sharedscripts
}
__EOF__

You have to assign +w priviledges to apache in the log dir and to Razor's identity-* files, as Roundcube is runned by apache:

chgrp apache /var/log/spamassassin
chmod g+w /var/log/spamassassin
chgrp apache /etc/mail/spamassassin/.razor/identity-*
chmod 640 /etc/mail/spamassassin/.razor/identity-*
chmod 644 /etc/mail/spamassassin/.razor/razor-agent.log

multi_driver driver

  • Original driver for the ancient markasjunk2 plugin
  • multi_driver plugin patched for markasjunk (diff here)

It is possible to run multiple drivers when marking a message as spam/ham. I patched the original version by Philip Weir to work with markasjunk and run sa_blacklist followed by cmd_learn.

Install as follows:

cd /var/www/roundcube/plugins/markasjunk/drivers
wget https://notes.sagredo.eu/files/qmail/patches/roundcube/markasjunk-multi_driver/multi_driver.txt
mv multi_driver.txt multi_driver.php

Set the correct driver in the config file:

$config['markasjunk_learning_driver'] = 'multi_driver';

Be aware that the markasjunk's multi_driver driver, when enabled, seems to prevent the display of the attached images. Why this driver is related to this problem is a mistery. Any comment on this will be welcome.

Context Menu

Adds context menus to the message list, folder list and address book. Menu includes the abilities mark messages as read/unread, delete, reply and forward.

  • Installed via composer johndoh/contextmenu
  • Plugin name: contextmenu

No configuration is needed.

swipe

  • Installed via composer johndoh/swipe
  • Plugin name: swipe

This plugin adds left/right/down swipe actions to entries in the the message list on touch devices (tables/phones).

Unfortunately this plugins does not have a config file of its own, so we have to add the configuration to the main RC config file.

This is how I configured it for myself. Look at the README file to find the list of all actions available.

$config['swipe_actions'] = [ 
 'messagelist' => [ 
   'left'  => 'delete', 
   'right' => 'reply-all', 
   'down'  => 'checkmail' 
 ], 
 'contactlist' => [ 
   'left'  => 'compose', 
   'right' => 'compose', 
   'down'  => 'vcard_attachments' 
 ] 
];

New mail notifier

Supports three methods of notification:

  1. Basic - focus browser window and change favicon
  2. Sound - play wav file
  3. Desktop - display desktop notification (using webkitNotifications feature, supported by Chrome and Firefox with 'HTML5 Notifications' plugin)
  • Shipped by Roundcube
  • Plugin name: newmail_notifier

You can enable it simply renaming the config file...

cd plugins/newmail_notifier
cp config.inc.php.dist config.inc.php

...and choosing the notification method you like:

// Enables basic notification
$config['newmail_notifier_basic'] = true;

// Enables sound notification
$config['newmail_notifier_sound'] = true;

// Enables desktop notification
$config['newmail_notifier_desktop'] = false;

Persistent login

  • Home page: https://github.com/mfreiholz/persistent_login
  • Plugin name: persistent_login

This nice plugin provides a "Keep me logged in" aka "Remember Me" functionality for Roundcube.

Unfortunately this is not available via composer. A fork of this on composer actually exists, but it's not updated and it's not working fine here. So let's install it manually

wget -O persistent_login-5.3.0.tar.gz https://github.com/mfreiholz/persistent_login/archive/refs/tags/version-5.3.0.tar.gz
tar xzf persistent_login-5.3.0.tar.gz
mv persistent_login-version-5.3.0 persistent_login
chown -R apache:apache persistent_login

The plugin works better for me with the sql driver, as the cookie driver sometimes disconnects me. So let's enable the sql driver in the config file:

cd persistent_login
mv config.inc.php.dist config.inc.php

Now turn on tokens here in your config file

$config['ifpl_use_auth_tokens'] = true;

I also renamed the php $rcmail_config variable to $config everywhere, because $rcmail_config is now obsolete in RoundCube.

Finally, if this is a fresh installation of this plugin, we have to create the MySQL table into the roundcube database. The sql code can be found in the sql/mysql.sql file:

USE roundcube;

CREATE TABLE IF NOT EXISTS `auth_tokens` (
`token` varchar(128) NOT NULL,
`expires` datetime NOT NULL,
`user_id` int(10) UNSIGNED NOT NULL,
`user_name` varchar(128) NOT NULL,
`user_pass` varchar(128) NOT NULL,
`host` varchar(255) NOT NULL,
PRIMARY KEY (`token`),
KEY `user_id_fk_auth_tokens` (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

ALTER TABLE `auth_tokens`
ADD CONSTRAINT `auth_tokens_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `users` (`user_id`) ON DELETE CASCADE;

Zip download

  • Shipped by RoundCube
  • Plugin name: zipdownload

Adds an option to download all attachments to a message in one zip file, when a message has multiple attachments. Also allows the download of a selection  of messages in one zip file. Supports mbox and maildir format.

Rename the template of config file and adjust the few options as you like. I left the default options intact.

mv config.inc.php.dist config.inc.php

Enigma

  • More info here
  • Requires: gpg (gnupg and libgpg-error on Slackware systems)
  • Shipped by Roundcube
  • Plugin name: enigma

Update: the enigma plugin included in 1.3.1 version seems to be not compatible with the old version of Crypt_GPG

This plugin adds support for viewing and sending of signed and encrypted messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format.  The plugin uses gpg binary on the server and stores all keys (including private keys of the users) on the server. Encryption/decryption is done server-side. So, this plugin is for users who trust the server.

Create a config file

cd /var/www/roundcube/plugins/enigma
cp -p config.inc.php.dist config.inc.php

The keys are stored by the server in the enigma/home dir. Let's move that dir to a folder that is not accessible from the web and assign to apache write permissions

mkdir -p /var/www/roundcube-enigma-home
chown -R root:apache /var/www/roundcube-enigma-home
chmod -R g+w /var/www/roundcube-enigma-home

Now modify your apache configuration to grant proper permissions to apache in the newly created dir:

Require all granted

Don't forget to restart your web server, for example:

apachectl restart

Now modify the enigma config file to point to the new home dir:

$config['enigma_pgp_homedir'] = '/var/www/roundcube-enigma-home';

The enigma plugin requires that the Crypt_GPG library is installed exactly in your /var/www/roundcube/plugins/enigma/lib/Crypt_GPG dir. Considering that roundcube resets the default include_path php variable (which is set by php.ini to /path/to/php/lib), if you choose to install it using pear you will get a "Server error". So let's manually download and install the package in the proper folder

cd /var/www/roundcube/plugins/enigma/lib
wget http://download.pear.php.net/package/Crypt_GPG-1.6.2.tgz
tar xzf Crypt_GPG-1.6.2.tgz
ln -s Crypt_GPG-1.6.2/Crypt
chown -R root:apache Crypt*

The set up of the certificates is easy. Refer to this blog page for more info.

Other plugins

I leave here the documentation for plugins that I've used in the past or that it's not valid anymore for the current version of Roundcube, in case it can still be useful for someone or for myself in the future.

rcguard

This plugin logs failed login attempts and requires users to go through a reCAPTCHA verification process when the number of failed attempts go too high. This provides protection against automated attacks.

  • Installed via composer dsoares/rcguard
  • Plugin name: rcguard
mv config.inc.php.dist config.inc.php

You have to obtain a key from http://www.google.com/recaptcha. Put the key in your config file:

> nano config.inc.php

// Public key for reCAPTCHA
$config['recaptcha_publickey'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';

// Private key for reCAPTCHA
$config['recaptcha_privatekey'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';

Create the mysql table where to store the logs of all failed attempts. IPs are released after a certain amount of time.

> mysql -u root -p
mysql> use roundcube;

CREATE TABLE `rcguard` (
  `ip` VARCHAR(40) NOT NULL,
  `first` DATETIME NOT NULL,
  `last` DATETIME NOT NULL,
  `hits` INT(10) NOT NULL,
  PRIMARY KEY (`ip`),
  INDEX `last_index` (`last`),
  INDEX `hits_index` (`hits`)
) ENGINE = InnoDB CHARACTER SET utf8 COLLATE utf8_general_ci;

quit;

That's it. The captha will be active after 5 failures. You can set this number in the config file.

Different themes and translations of recaptcha are available. Simply edit rcguard.js. For documentation, see:  https://developers.google.com/recaptcha

autologon

Performs an auto login from an external page

  • Shipped by Roundcube
  • Plugin name: autologon

You have to modify the default Thomas Bruederli's sample plugin like this (eventually change to $_GET):

<?php

/**
 * Sample plugin to try out some hooks.
 * This performs an automatic login if accessed from localhost
 *
 * @license GNU GPLv3+
 * @author Thomas Bruederli
 */
class autologon extends rcube_plugin
{ 
  public $task = 'login';

  function init()
  {
    $this->add_hook('startup', array($this, 'startup'));
    $this->add_hook('authenticate', array($this, 'authenticate'));
  }

  function startup($args)
  {
    $rcmail = rcmail::get_instance();

    // change action to login
    if (empty($_SESSION['user_id']) && !empty($_POST['_autologin']) && $this->is_localhost())
      $args['action'] = 'login';

    return $args;
  }

  function authenticate($args)
  {
    if (!empty($_POST['_autologin']) && $this->is_localhost()) {
      $args['user'] = $_POST['_user'];
      $args['pass'] = $_POST['_pass'];
      $args['host'] = '[localhost | mail-server-IP]';
      $args['cookiecheck'] = false;
      $args['valid'] = true;
    }

    return $args;
  }

  function is_localhost()
  {
    return true;
//    return $_SERVER['REMOTE_ADDR'] == '::1' || $_SERVER['REMOTE_ADDR'] == '127.0.0.1';
  }

}


Use a form like this one in your CMS page:

<form name="form" action="http://your.webmail.url/" method="post">
<input type="hidden" name="_action" value="login" />
<input type="hidden" name="_task" value="login" />
<input type="hidden" name="_autologin" value="1" />

<table>
<tr>
    <td>Utente</td>
    <td><input name="_user" id="rcmloginuser" autocomplete="off" value="" type="text" /></td>
</tr>
<tr>
    <td>Password</td>
    <td><input name="_pass" id="rcmloginpwd" autocomplete="off" type="password" /></td>
</tr>
<tr>
    <td colspan="2"><input type="submit" value="Login" /></td>
</tr>
</table>

</form>

Logout redirect

This plugin is not tested against Roundcube 1.4.1

In case you have installed the autologon plugin this one could be useful to redirect users to the home page of your site upon logout.

  • Info: http://www.std-soft.com/bfaq/52-cat-webmail/105-logout-redirect-fuer-roundcube.html (german)
  • Download local copy
  • Plugin name: logout_redirect
cd /var/www/roundcube/plugins
wget http://notes.sagredo.eu/files/qmail/tar/RC-plugins/logout_redirect_rc0.5_v1.2-MN.tar.gz
tar xzf logout_redirect_rc0.5_v1.2-MN.tar.gz
cd logout_redirect
chown -R root.apache logout_redirect
chmod -R o-rx logout_redirect

The plugin logout_redirect must be the last in the list of plugins in the main.inc.php otherwise the subsequent plugins will no longer run.

Configure like this editing the config.inc.php inside the plugin's config folder:

$ config['logout_redirect_url'] = 'http://www.yoursite.net';

CardDav

This is a plugin to access CardDAV servers like ownCloud or SoGO.

  • Installed via composer roundcube/carddav
  • Plugin name: carddav

This plugin was not tested against Roundcube 1.4

Setup the database tables using the suitable file saved in the dbmigrations/0000-dbinit/ subfolder.

Then you can configure you addressbook. If you use an ownCloud server, this is how to do it:

If you have an Android phone you may want to take a look to the CardDAV application here.

Troubleshoting

If you get a curl error like this when downloading the dependencies

All settings correct for using Composer

PHP Warning:  failed loading cafile stream: `/etc/ssl/certs/cacert.pem' in - on line 762
PHP Warning:  file_get_contents(): Failed to enable crypto in - on line 762
PHP Warning:  file_get_contents(https://getcomposer.org/versions): failed to open stream: operation failed in - on line 762
PHP Warning:  Invalid argument supplied for foreach() in - on line 508
None of the 0 stable version(s) of Composer matches your PHP version (5.6.21 / ID: 50621)

then you have to install a cert bundle:

cd /etc/ssl/certs
wget --no-check-certificate http://curl.haxx.se/ca/cacert.pem

and tell php where to find it editing your php.ini

openssl.cafile=/etc/ssl/certs/cacert.pem

quickrules

Adds a button to the message list to allow the quick creation of rules in the SieveRules plugin. Information from selected emails is used to prefile the new rule form.

  • Version: 2.0
  • Requires: managesieve plugin
  • Plugin name: quickrules

This package is abandoned and no longer maintained. No replacement package was suggested. I leave this documentation here, to be used with 1.3 and earlier versions of Roundcube.

The plugin version from github doesn't work with 0.9.2. I managed to install the new skin inside the old 0.6 version of the plugin and now it works fine. You can download my modified version from here.

cd /var/www/roundcube/plugins
wget https://notes.sagredo.eu/files/qmail/tar/old-RC-plugins/quickrules.tar.gz
tar xzf quickrules.tar.gz
chown -R root.apache quickrules
chmod -R o-rx quickrules