Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- centos:mail_c6:roundcube_1 [11.06.2013 06:10. ] – Dokument fertig gestellt und freigegeben django
+++ centos:mail_c6:roundcube_1 [22.11.2013 11:42. ] – [vHost Definition] django
@@ Zeile 1: / Zeile 1: @@
+====== Webmail mit Roundcube ======
+{{:centos:mail_c6:roundcube_logo.png?nolink |Bild: Roundcube Logo}}Benötigt man statt einer Groupwarelösung wie [[ centos:mail_c6:horde_1|Horde]] nur einen Webmailer, bietet sich der Webmailer [[http://roundcube.net/|Roundcube]] an. Dieser Webmailer ist zum einen einfach und schnell installiert und zeichnet sich durch seine Robustheit aus.
+===== Installation =====
+==== Voraussetzungen und Abhängigkeiten ====
+Für die Installation des Webmailers benötien wir noch ein paar **PHP**-Pakete, die wir Dank der Intergration des [[centos:epel6|epel-Repositories]] mit Hilfe von **yum** einfach installieren können.
+Im Detail sind das folgende Pakete:
+  * **php-pspell**
+  * **php-mcrypt**
+  * **GraphicsMagick**
+   # yum install php-pspell php-mcrypt GraphicsMagick -y
+Für die deutsche Rechtschreibkorrektur gibt es unter CentOS 6 kein RPM. Wir können jedoch das passende Paket aus dem Fedora-Zweig verwenden. Das Paket [[http://ftp.tu-chemnitz.de/pub/linux/fedora/linux/releases/18/Everything/x86_64/os/Packages/a/aspell-de-20030222-9.fc18.x86_64.rpm|aspell-de]] holen wir daher auf unseren Rechner.
+   # cd /usr/local/src/packages/
+   # wget ttp://ftp.tu-chemnitz.de/pub/linux/fedora/linux/releases/18/Everything/x86_64/os/Packages/a/aspell-de-20030222-9.fc18.x86_64.rpm
+Anschließend installieren wir dieses RPM.
+   # yum install --nogpgcheck localinstall /usr/local/src/packages/aspell-de-20030222-9.fc18.x86_64.rpm
+Wie immer kann man sich mit Hilfe des Aufrufes **rpm -qil <Paketname>** anzeigen lassen, was jedes einzelne Paket mit in das System gebracht hat.
+==== Installation roundcube ====
+Die Installation von Roundcube selbst ist kein Hexenwerk, braucht man doch nur das entsprechende RPM-Paket mit Hilfe von **yum** installieren.
+   # yum install roundcubemail -y
+===== Konfiguration =====
+==== Apache vHost ====
+=== vHost Definition ===
+Für unsere Webmailer richten wir uns nun einen geeigneten vHost ein. Im Konfigurationsverzeichnis unseres [[centos:webserver:start|Apache-Webservers]] legen wir uns eine neue vHOST-Konfigurationsdatei an.
+   # vim /etc/httpd/conf.d/vHost_roundcube.conf
+<file apache /etc/httpd/conf.d/vHost_roundcube.conf>#
+# roundcube webmailer
+#
+<VirtualHost *:80>
+        ServerAdmin webmaster@nausch.org
+        ServerName webmail.nausch.org
+        ServerPath /
+        <Location />
+                Options -Indexes FollowSymLinks
+                Order allow,deny
+                Allow from all
+        </Location>
+        RewriteEngine on
+        RewriteCond %{HTTPS} off
+        RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
+        DirectoryIndex index.php
+        ErrorLog logs/webmail_error.log
+        CustomLog logs/webmail_access.log combined
+</VirtualHost>
+<VirtualHost *:443>
+        ServerAdmin webmaster@nausch.org
+        ServerName webmail.nausch.org
+        ServerPath /
+        DocumentRoot "/usr/share/roundcubemail"
+        # Django
+        # Required, because there is a host with same ServerName and
+        # ServerAlias LISTENING ON PORT 80, - and if these lines are
+        # not present, and .htaccess-Files or LDAP-Access is enabled
+        # for one or more Directory the host on PORT 443 and PORT 80
+        # will ASK for .htaccess ord LDAP-Access, so please remember
+        # ----------------------------------------------------------
+        # -- DO NOT DELETE THE FOLLOWING LINES, STARTING WITH SSL --
+        # --         WHEN USING .htaccess or LDAP-Access!         --
+        # ----------------------------------------------------------
+        SSLEngine on
+        SSLProtocol -ALL +SSLv3 +TLSv1
+        SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
+        SSLCertificateFile /etc/pki/tls/private/CAcert-class3-wildcard.crt
+        SSLCertificateKeyFile /etc/pki/tls/private/ca.key
+        SSLCertificateChainFile /etc/pki/tls/private/CAcert_chain.crt
+        <Directory "/usr/share/roundcubemail">
+                Options FollowSymLinks
+                Order allow,deny
+                Allow from all
+        </Directory>
+        DirectoryIndex index.php
+        ErrorLog logs/webmail_error.log
+        CustomLog logs/webmail_access.log combined
+</VirtualHost>
+</file>
+<WRAP round important>**Wichtig:**
+Solange wir unseren vHost noch nicht in der Produktionsumgebung steht und fertig konfiguriert wurde, beschränken wir den Zugriff auf den vHost noch. Hierzu tragen wir in der **Directive //Directory//** folgendes ein:
+<code apache>...
+                # Access-stuff (Zugriff nur vom Admin-Host aus!)
+                Order deny,allow
+                Deny from all
+                Allow from <Administrations-Host-IP>
+...
+</code>
+Nach erfolgter Konfiguration, geben wir dann den Zugriff für alle frei.
+<code apache>...
+                # Access-stuff (Zugriff von überall erlauben.)
+                Order allom,deny
+                Allow from all
+...
+</code>
+</WRAP>
+=== Konfiguration aktivieren ===
+Bevor unseren Webserver starten, damit der neue vHost auch bedient werden kann, überprüfen wir die Konfiguration noch auf syntaktische Fehler.
+   # service httpd configtest
+   Syntax OK
+Abschließend starten wir den Webserver einmal durch.
+   # service httpd restart
+   Stopping httpd:                                            [  OK  ]
+   Starting httpd:                                            [  OK  ]
+==== mySQL Datenbank ====
+Ein Großteil der Benutzer-Konfigurationsdaten werden in einer [[centos:mysql|mySQL-Datenbank]] gespeichert und vorgehalten.
+=== Datenbank anlegen ===
+Diese [[centos:mysql|mySQL-Datenbank]] und der zugehörige Datenbankuser werden wird nun im ersten Schritt anlegen.
+Wir melden uns also als berechtigter Datenbankuser an der mySQL-Datenbank an.
+    # mysql -h localhost -u root -p
+<code>Enter password:
+Welcome to the MySQL monitor.  Commands end with ; or \g.
+Your MySQL connection id is 1942
+Server version: 5.1.67 Source distribution
+Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+Oracle is a registered trademark of Oracle Corporation and/or its
+affiliates. Other names may be trademarks of their respective
+owners.
+Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
+mysql>
+</code>
+Dort legen wir als aller erst einmal eine Datenbank mit dem Namen **roundcubemail** an.
+   mysql> create database roundcubemail;
+   Query OK, 1 row affected (0.03 sec)
+=== Datenbankuser anlegen ===
+==== Datenuserbank anlegen ====
+Anschließend legen wir uns einen Datenbankuser an, denen wir entsprechende Rechte an der, gerade angelegten Datenbank **horde** einräumen. Als Namen nehme wir einfach **hode_admin_user**.
+   mysql> CREATE USER 'roundcube_user'@'10.0.0.90' IDENTIFIED BY 'rbgsDK39DeM2b2btx9sCHfzd';
+   Query OK, 0 rows affected (0.00 sec)
+und
+   mysql> CREATE USER 'roundcube_user'@'vml000090.dmz.nausch.org' IDENTIFIED BY 'rbgsDKMS39DeM2b2btx9sCHfzd';
+   Query OK, 0 rows affected (0.00 sec)
+=== Nutzerberechtigungen setzen ===
+Dem gerade angelebtem Datenbankuser für **[[http://roundcube.net|Roundcube]]** gewähren wir nun die nötigen Rechte, damit dieser vom Webserver aus, Tabellen anlegen, befüllen und verändern darf.
+   mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO 'roundcube_user'@'10.0.0.90' IDENTIFIED BY 'rbgsDKMS39DeM2b2btx9sCHfzd' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
+   Query OK, 0 rows affected (0.00 sec)
+und
+   mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO 'roundcube_user'@'vml000090.dmz.nausch.org' IDENTIFIED BY 'rbgsDKMS39DeM2b2btx9sCHfzd' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
+   Query OK, 0 rows affected (0.00 sec)
+=== Nutzerberechtigungen zuweisen ===
+Zum Ende unserer mySQL-Userkonfiguration weisen wir unserem Nutzer die Berechtigungen zu.
+   mysql> FLUSH PRIVILEGES;
+   Query OK, 0 rows affected (0.00 sec)
+=== Zugriff testen ===
+Als nächstes überprüfen wir, ob der zuvor angelegt User/Zugang auch funktioniert.
+   # mysql -D roundcubemail -h mysql.dmz.nausch.org -u roundcube_user -p
+<code>Enter password:
+Reading table information for completion of table and column names
+You can turn off this feature to get a quicker startup with -A
+Welcome to the MySQL monitor.  Commands end with ; or \g.
+Your MySQL connection id is 28823
+Server version: 5.1.69 Source distribution
+Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+Oracle is a registered trademark of Oracle Corporation and/or its
+affiliates. Other names may be trademarks of their respective
+owners.
+Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
+mysql> show tables;
++-------------------------+
+| Tables_in_roundcubemail |
++-------------------------+
+| cache                   |
+| cache_index             |
+| cache_messages          |
+| cache_thread            |
+| contactgroupmembers     |
+| contactgroups           |
+| contacts                |
+| dictionary              |
+| identities              |
+| searches                |
+| session                 |
+| users                   |
++-------------------------+
+rows in set (0.00 sec)
+mysql>
+</code>
+Da der Test positiv ausgefallen ist, können wie uns wieder von unserem Datenbankserver abmelden.
+  mysql> quit
+  Bye
+==== Datenbanktabellen anlegen ====
+Die von Roundcube benötigten Datebanktabellen, erstellen wir mit folgendem Aufruf.
+   # mysql -D roundcubemail -h mysql.dmz.nausch.org -u roundcube_user -p < /usr/share/doc/roundcubemail-0.8.6/SQL/mysql.initial.sql
+==== Datenbank-Anbindung ====
+Damit roundcube später auf unsere Datenbank auch zugreifen kann, definieren wir nun die Datenbankanbindung von roundcube an unseren MySQL-Datenbank-Server.
+Im Verzeichnis //**/etc/roundcubemail/**// finden wir die entsprechende Konfigurationsdatei **db.inc.php**. Diese bearbeiten wir mit dem Editor unserer Wahl, z.B. **vim**.
+   # vim /etc/roundcubemail/db.inc.php
+<file php /etc/roundcubemail/db.inc.php><?php
+/*
+ +-----------------------------------------------------------------------+
+ | Configuration file for database access                                |
+ |                                                                       |
+ | This file is part of the Roundcube Webmail client                     |
+ | Copyright (C) 2005-2009, The Roundcube Dev Team                       |
+ | Licensed under the GNU GPL                                            |
+ |                                                                       |
+ +-----------------------------------------------------------------------+
+*/
+$rcmail_config = array();
+// PEAR database DSN for read/write operations
+// format is db_provider://user:password@host/database
+// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
+// Django : 2012-10-12
+// default: $rcmail_config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail';
+$rcmail_config['db_dsnw'] = 'mysql://roundcube_user:rbgsDKMS39DeM2b2btx9sCHfzd@mysql.dmz.nausch.org/roundcubemail';
+// postgres example: 'pgsql://roundcube:pass@localhost/roundcubemail';
+// Warning: for SQLite use absolute path in DSN:
+// PEAR database DSN for read only operations (if empty write database will be used)
+// useful for database replication
+$rcmail_config['db_dsnr'] = '';
+// maximum length of a query in bytes
+$rcmail_config['db_max_length'] = 512000;  // 500K
+// use persistent db-connections
+// beware this will not "always" work as expected
+// see: http://www.php.net/manual/en/features.persistent-connections.php
+$rcmail_config['db_persistent'] = FALSE;
+// you can define specific table names used to store webmail data
+$rcmail_config['db_table_users'] = 'users';
+$rcmail_config['db_table_identities'] = 'identities';
+$rcmail_config['db_table_contacts'] = 'contacts';
+$rcmail_config['db_table_contactgroups'] = 'contactgroups';
+$rcmail_config['db_table_contactgroupmembers'] = 'contactgroupmembers';
+$rcmail_config['db_table_session'] = 'session';
+$rcmail_config['db_table_cache'] = 'cache';
+$rcmail_config['db_table_cache_index'] = 'cache_index';
+$rcmail_config['db_table_cache_thread'] = 'cache_thread';
+$rcmail_config['db_table_cache_messages'] = 'cache_messages';
+// you can define specific sequence names used in PostgreSQL
+$rcmail_config['db_sequence_users'] = 'user_ids';
+$rcmail_config['db_sequence_identities'] = 'identity_ids';
+$rcmail_config['db_sequence_contacts'] = 'contact_ids';
+$rcmail_config['db_sequence_contactgroups'] = 'contactgroups_ids';
+$rcmail_config['db_sequence_cache'] = 'cache_ids';
+$rcmail_config['db_sequence_searches'] = 'search_ids';
+// end db config file
+</file>
+==== Roundcube Konfiguration ====
+Die Konfiguration von Roundcube erfolgt über die zentrale Konfigurationsdatei **main.inc.php** im Verzeichnis //**/etc/roundcubemail/**//.
+Die Parameter sind gut dokumentiert, so dass es im allgemeinen kein großes Problem darstellen sollte, die Benutzerindividuellen Einstellungen vorzunehmen. Im folgenden Beispiel sind die Änderungen mit **Django** und Datum versehen.
+   # vim /etc/roundcubemail/main.inc.php
+<file php /etc/roundcubemail/main.inc.php><?php
+/*
+ +-----------------------------------------------------------------------+
+ | Main configuration file                                               |
+ |                                                                       |
+ | This file is part of the Roundcube Webmail client                     |
+ | Copyright (C) 2005-2011, The Roundcube Dev Team                       |
+ | Licensed under the GNU GPL                                            |
+ |                                                                       |
+ +-----------------------------------------------------------------------+
+*/
+$rcmail_config = array();
+// ----------------------------------
+// LOGGING/DEBUGGING
+// ----------------------------------
+// system error reporting: 1 = log; 2 = report (not implemented yet), 4 = show, 8 = trace
+$rcmail_config['debug_level'] = 1;
+// log driver:  'syslog' or 'file'.
+$rcmail_config['log_driver'] = 'file';
+// date format for log entries
+// (read http://php.net/manual/en/function.date.php for all format characters)
+$rcmail_config['log_date_format'] = 'd-M-Y H:i:s O';
+// Syslog ident string to use, if using the 'syslog' log driver.
+$rcmail_config['syslog_id'] = 'roundcube';
+// Syslog facility to use, if using the 'syslog' log driver.
+// For possible values see installer or http://php.net/manual/en/function.openlog.php
+$rcmail_config['syslog_facility'] = LOG_USER;
+// Log sent messages to <log_dir>/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+// Log successful logins to <log_dir>/userlogins or to syslog
+// Django : 2012-10-12
+// default: $rcmail_config['log_logins'] = false;
+$rcmail_config['log_logins'] = true;
+// Log session authentication errors to <log_dir>/session or to syslog
+$rcmail_config['log_session'] = false;
+// Log SQL queries to <log_dir>/sql or to syslog
+$rcmail_config['sql_debug'] = false;
+// Log IMAP conversation to <log_dir>/imap or to syslog
+$rcmail_config['imap_debug'] = false;
+// Log LDAP conversation to <log_dir>/ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+// Log SMTP conversation to <log_dir>/smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+// ----------------------------------
+// IMAP
+// ----------------------------------
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+// Django : 2012-10-12
+// default: $rcmail_config['default_host'] = '';
+$rcmail_config['default_host'] = 'imap.dmz.nausch.org';
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+// ----------------------------------
+// SMTP
+// ----------------------------------
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+// Django : 2012-10-12
+// default: $rcmail_config['smtp_server'] = '';
+$rcmail_config['smtp_server'] = 'smtp.dmz.nausch.org';
+// SMTP port (default is 25; 465 for SSL)
+$rcmail_config['smtp_port'] = 25;
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+// SMTP HELO host
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages
+// Leave this blank and you will get the server variable 'server_name' or
+// localhost if that isn't defined.
+// Django : 2012-10-12
+// default: $rcmail_config['smtp_helo_host'] = '';
+$rcmail_config['smtp_helo_host'] = 'vml000090.dmz.nausch.org';
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '${_tmppath}';
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+// Django : 2012-10-12
+// default: $rcmail_config['force_https'] = false;
+$rcmail_config['force_https'] = true;
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// Django : 2012-10-12
+// default: $rcmail_config['use_https'] = false;
+$rcmail_config['use_https'] = true;
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+// If users authentication is not case sensitive this must be enabled.
+// You can also use it to force conversion of logins to lower case.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = false;
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form hostname:port
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211' );
+// check client IP in session athorization
+// Django : 2012-10-12
+// default: $rcmail_config['ip_check'] = false;
+$rcmail_config['ip_check'] = true;
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+// Django : 2012-10-12
+// default: $rcmail_config['des_key'] = 's1GdgDLxZRtnzOwICF97k9xy';
+$rcmail_config['des_key'] = 's1GdgDLxZRtnzOwICF97k9xy';
+//$rcmail_config['des_key'] = 'Np+l%tj2XI9Jzk6I!IVbY%xw';
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0;
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0;
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+// use this name to compose page titles
+// Django : 2012-10-12
+// default: $rcmail_config['product_name'] = 'Roundcube Webmail';
+$rcmail_config['product_name'] = 'nausch.org (Webmailer)';
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+// Django : 2012-10-12
+// default: $rcmail_config['identities_level'] = 0;
+//$rcmail_config['identities_level'] = 3;
+// Django : 2013-05-17
+// old    : $rcmail_config['identities_level'] = 3;
+$rcmail_config['identities_level'] = 0;
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+// Django : 2012-10-12
+// default: $rcmail_config['client_mimetypes'] = null;  # null == default
+$rcmail_config['client_mimetypes'] = 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png';
+// mime magic database
+$rcmail_config['mime_magic'] = '/usr/share/misc/magic';
+// path to imagemagick identify binary
+// Django : 2012-10-12
+// default: $rcmail_config['im_identify_path'] = null;
+$rcmail_config['im_identify_path'] = '/usr/bin/gm';
+// path to imagemagick convert binary
+// Django : 2012-10-12
+// default: $rcmail_config['im_convert_path'] = null;
+$rcmail_config['im_convert_path'] = '/usr/bin/gm';
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+// Enable DNS checking for e-mail address validation
+// Django : 2012-10-12
+// default: $rcmail_config['email_dns_check'] = false;
+$rcmail_config['email_dns_check'] = true;
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+// List of active plugins (in plugins/ directory)
+// Django : 2012-10-12
+// default: $rcmail_config['plugins'] = array();
+$rcmail_config['plugins'] = array('archive','managesieve','new_user_dialog','password','vcard_attachments');
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+// default messages sort column. Use empty value for default server's sorting,
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+// Django : 2012-10-12
+// default: $rcmail_config['language'] = null;
+$rcmail_config['language'] = 'de_DE';
+// use this format for date display (date or strftime format)
+// Django : 2012-10-12
+// default: $rcmail_config['date_format'] = 'Y-m-d';
+$rcmail_config['date_format'] = 'd.m.Y';
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'd.m.Y H:i';
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Junk';
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = false;
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+// if in your system 0 quota means no limit set this option to true
+$rcmail_config['quota_zero_as_unlimited'] = false;
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+// Django : 2012-10-12
+// default: $rcmail_config['spellcheck_engine'] = 'googie';
+$rcmail_config['spellcheck_engine'] = 'pspell';
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+// Django : 2012-10-12
+// default: $rcmail_config['spellcheck_languages'] = NULL;
+$rcmail_config['spellcheck_languages'] = array('en'=>'English', 'de'=>'Deutsch');
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+// If you are going to use LDAP for individual address books, you will need to
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/*
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'mail',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'locality'    => 'l',
+    'country'     => 'c',
+    'organization' => 'o',
+  ),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters!
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}<br/>{locality} {zipcode}<br/>{country} {region}';
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+// Use this charset as fallback for message decoding
+$rcmail_config['default_charset'] = 'ISO-8859-1';
+// skin name: folder from skins/
+// Django : 2013-05-17
+// default: $rcmail_config['skin'] = 'default';
+$rcmail_config['skin'] = 'classic';
+// show up to X items in list view
+$rcmail_config['pagesize'] = 40;
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+// use this timezone to display date/time
+$rcmail_config['timezone'] = 'auto';
+// is daylight saving On? Default: (bool)date('I');
+// Django : 2012-10-12
+// default: $rcmail_config['dst_active'] = null;
+$rcmail_config['dst_active'] = (bool)date('I');
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only
+$rcmail_config['htmleditor'] = 0;
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+// save compose message every 300 seconds (5min)
+// Django : 2012-10-12
+// default: $rcmail_config['draft_autosave'] = 300;
+$rcmail_config['draft_autosave'] = 60;
+// default setting if preview pane is enabled
+// Django : 2012-10-12
+// default: $rcmail_config['preview_pane'] = false;
+$rcmail_config['preview_pane'] = true;
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+// Compact INBOX on logout
+// Django : 2012-10-12
+// default: $rcmail_config['logout_expunge'] = false;
+$rcmail_config['logout_expunge'] = true;
+// Display attached images below the message body
+$rcmail_config['inline_images'] = true;
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+// If true all folders will be checked for recent messages
+// Django : 2012-10-12
+// default: $rcmail_config['check_all_folders'] = false;
+$rcmail_config['check_all_folders'] = true;
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+// 0 - Do not expand threads
+// 1 - Expand all threads automatically
+// 2 - Expand only threads with unread messages
+$rcmail_config['autoexpand_threads'] = 0;
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_imap_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+// Enables spell checking before sending a message.
+// Django : 2012-10-12
+// default: $rcmail_config['spellcheck_before_send'] = false;
+$rcmail_config['spellcheck_before_send'] = false;
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+// end of config file
+</file>
+===== Plugins =====
+Mit Hilfe von Plugins kann Roundgroup um verschiedene Funktionen und Fähigkeiten erweitert werden. In unserem konfigurationsbeispiel beschränken wir uns dabei auf die zwei wichtigsten Plugins, nämlich **Password** und **Managesieve**.
+==== Password ====
+Damit unsere User später Ihr Passwort eigenständig ändern können, konfigurieren wir nun das zugehörige Plugin **password**.
+Als erstes kopieren wir die Vorgabedatei, die im RPM-Paket enthalten ist.
+   # cp /usr/share/roundcubemail/plugins/password/config.inc.php.dist /usr/share/roundcubemail/plugins/password/config.inc.php
+Anschließend bearbeiten wir diese Datei und tragen dort die Datenbankanbindung zur MySQL sowie das benötigte SQL-Statement ein. Auch hier sind in dem nachfolgenden Beispiel die Änderungen mit **Django** gekennzeichnet.
+   # vim /usr/share/roundcubemail/plugins/password/config.inc.php
+<file php /usr/share/roundcubemail/plugins/password/config.inc.php><?php
+// Password Plugin options
+// -----------------------
+// A driver to use for password change. Default: "sql".
+// See README file for list of supported driver names.
+$rcmail_config['password_driver'] = 'sql';
+// Determine whether current password is required to change password.
+// Default: false.
+$rcmail_config['password_confirm_current'] = true;
+// Require the new password to be a certain length.
+// set to blank to allow passwords of any length
+$rcmail_config['password_minimum_length'] = 0;
+// Require the new password to contain a letter and punctuation character
+// Change to false to remove this check.
+$rcmail_config['password_require_nonalpha'] = false;
+// Enables logging of password changes into logs/password
+$rcmail_config['password_log'] = false;
+// SQL Driver options
+// ------------------
+// PEAR database DSN for performing the query. By default
+// Roundcube DB settings are used.
+// Django : 2012-10-18
+// default: $rcmail_config['password_db_dsn'] = '';
+$rcmail_config['password_db_dsn'] = 'mysql://postfixadmin_user:E7Lnlg0MRG7l1bD74eZ81sUO@mysql.dmz.nausch.org/postfix';
+// The SQL query used to change the password.
+// The query can contain the following macros that will be expanded as follows:
+//      %p is replaced with the plaintext new password
+//      %c is replaced with the crypt version of the new password, MD5 if available
+//         otherwise DES.
+//      %D is replaced with the dovecotpw-crypted version of the new password
+//      %o is replaced with the password before the change
+//      %n is replaced with the hashed version of the new password
+//      %q is replaced with the hashed password before the change
+//      %h is replaced with the imap host (from the session info)
+//      %u is replaced with the username (from the session info)
+//      %l is replaced with the local part of the username
+//         (in case the username is an email address)
+//      %d is replaced with the domain part of the username
+//         (in case the username is an email address)
+// Escaping of macros is handled by this module.
+// Default: "SELECT update_passwd(%c, %u)"
+// Django : 2012-10-18
+// default: $rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)';
+$rcmail_config['password_query'] = 'UPDATE mailbox SET password = %D, modified=NOW() WHERE username = %u LIMIT 1';
+// By default domains in variables are using unicode.
+// Enable this option to use punycoded names
+$rcmail_config['password_idn_ascii'] = false;
+// Path for dovecotpw (if not in $PATH)
+// Django : 2012-10-18
+// default: unset
+$rcmail_config['password_dovecotpw'] = '/usr/bin/doveadm pw';
+// Dovecot method (dovecotpw -s 'method')
+// Django : 2012-10-18
+// default: $rcmail_config['password_dovecotpw_method'] = 'CRAM-MD5';
+$rcmail_config['password_dovecotpw_method'] = 'MD5-CRYPT';
+// Enables use of password with crypt method prefix in %D, e.g. {MD5}$1$LUiMYWqx$fEkg/ggr/L6Mb2X7be4i1/
+$rcmail_config['password_dovecotpw_with_method'] = false;
+// Using a password hash for %n and %q variables.
+// Determine which hashing algorithm should be used to generate
+// the hashed new and current password for using them within the
+// SQL query. Requires PHP's 'hash' extension.
+$rcmail_config['password_hash_algorithm'] = 'sha1';
+// You can also decide whether the hash should be provided
+// as hex string or in base64 encoded format.
+$rcmail_config['password_hash_base64'] = false;
+// Poppassd Driver options
+// -----------------------
+// The host which changes the password
+$rcmail_config['password_pop_host'] = 'localhost';
+// TCP port used for poppassd connections
+$rcmail_config['password_pop_port'] = 106;
+// SASL Driver options
+// -------------------
+// Additional arguments for the saslpasswd2 call
+$rcmail_config['password_saslpasswd_args'] = '';
+// LDAP and LDAP_SIMPLE Driver options
+// -----------------------------------
+// LDAP server name to connect to.
+// You can provide one or several hosts in an array in which case the hosts are tried from left to right.
+// Exemple: array('ldap1.exemple.com', 'ldap2.exemple.com');
+// Default: 'localhost'
+$rcmail_config['password_ldap_host'] = 'localhost';
+// LDAP server port to connect to
+// Default: '389'
+$rcmail_config['password_ldap_port'] = '389';
+// TLS is started after connecting
+// Using TLS for password modification is recommanded.
+// Default: false
+$rcmail_config['password_ldap_starttls'] = false;
+// LDAP version
+// Default: '3'
+$rcmail_config['password_ldap_version'] = '3';
+// LDAP base name (root directory)
+// Exemple: 'dc=exemple,dc=com'
+$rcmail_config['password_ldap_basedn'] = 'dc=exemple,dc=com';
+// LDAP connection method
+// There is two connection method for changing a user's LDAP password.
+// 'user': use user credential (recommanded, require password_confirm_current=true)
+// 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW)
+// Default: 'user'
+$rcmail_config['password_ldap_method'] = 'user';
+// LDAP Admin DN
+// Used only in admin connection mode
+// Default: null
+$rcmail_config['password_ldap_adminDN'] = null;
+// LDAP Admin Password
+// Used only in admin connection mode
+// Default: null
+$rcmail_config['password_ldap_adminPW'] = null;
+// LDAP user DN mask
+// The user's DN is mandatory and as we only have his login,
+// we need to re-create his DN using a mask
+// '%login' will be replaced by the current roundcube user's login
+// '%name' will be replaced by the current roundcube user's name part
+// '%domain' will be replaced by the current roundcube user's domain part
+// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+// Exemple: 'uid=%login,ou=people,dc=exemple,dc=com'
+$rcmail_config['password_ldap_userDN_mask'] = 'uid=%login,ou=people,dc=exemple,dc=com';
+// LDAP search DN
+// The DN roundcube should bind with to find out user's DN
+// based on his login. Note that you should comment out the default
+// password_ldap_userDN_mask setting for this to take effect.
+// Use this if you cannot specify a general template for user DN with
+// password_ldap_userDN_mask. You need to perform a search based on
+// users login to find his DN instead. A common reason might be that
+// your users are placed under different ou's like engineering or
+// sales which cannot be derived from their login only.
+$rcmail_config['password_ldap_searchDN'] = 'cn=roundcube,ou=services,dc=example,dc=com';
+// LDAP search password
+// If password_ldap_searchDN is set, the password to use for
+// binding to search for user's DN. Note that you should comment out the default
+// password_ldap_userDN_mask setting for this to take effect.
+// Warning: Be sure to set approperiate permissions on this file so this password
+// is only accesible to roundcube and don't forget to restrict roundcube's access to
+// your directory as much as possible using ACLs. Should this password be compromised
+// you want to minimize the damage.
+$rcmail_config['password_ldap_searchPW'] = 'secret';
+// LDAP search base
+// If password_ldap_searchDN is set, the base to search in using the filter below.
+// Note that you should comment out the default password_ldap_userDN_mask setting
+// for this to take effect.
+$rcmail_config['password_ldap_search_base'] = 'ou=people,dc=example,dc=com';
+// LDAP search filter
+// If password_ldap_searchDN is set, the filter to use when
+// searching for user's DN. Note that you should comment out the default
+// password_ldap_userDN_mask setting for this to take effect.
+// '%login' will be replaced by the current roundcube user's login
+// '%name' will be replaced by the current roundcube user's name part
+// '%domain' will be replaced by the current roundcube user's domain part
+// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+// Example: '(uid=%login)'
+// Example: '(&(objectClass=posixAccount)(uid=%login))'
+$rcmail_config['password_ldap_search_filter'] = '(uid=%login)';
+// LDAP password hash type
+// Standard LDAP encryption type which must be one of: crypt,
+// ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear.
+// Please note that most encodage types require external libraries
+// to be included in your PHP installation, see function hashPassword in drivers/ldap.php for more info.
+// Default: 'crypt'
+$rcmail_config['password_ldap_encodage'] = 'crypt';
+// LDAP password attribute
+// Name of the ldap's attribute used for storing user password
+// Default: 'userPassword'
+$rcmail_config['password_ldap_pwattr'] = 'userPassword';
+// LDAP password force replace
+// Force LDAP replace in cases where ACL allows only replace not read
+// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
+// Default: true
+$rcmail_config['password_ldap_force_replace'] = true;
+// LDAP Password Last Change Date
+// Some places use an attribute to store the date of the last password change
+// The date is meassured in "days since epoch" (an integer value)
+// Whenever the password is changed, the attribute will be updated if set (e.g. shadowLastChange)
+$rcmail_config['password_ldap_lchattr'] = '';
+// LDAP Samba password attribute, e.g. sambaNTPassword
+// Name of the LDAP's Samba attribute used for storing user password
+$rcmail_config['password_ldap_samba_pwattr'] = '';
+// LDAP Samba Password Last Change Date attribute, e.g. sambaPwdLastSet
+// Some places use an attribute to store the date of the last password change
+// The date is meassured in "seconds since epoch" (an integer value)
+// Whenever the password is changed, the attribute will be updated if set
+$rcmail_config['password_ldap_samba_lchattr'] = '';
+// DirectAdmin Driver options
+// --------------------------
+// The host which changes the password
+// Use 'ssl://host' instead of 'tcp://host' when running DirectAdmin over SSL.
+// The host can contain the following macros that will be expanded as follows:
+//     %h is replaced with the imap host (from the session info)
+//     %d is replaced with the domain part of the username (if the username is an email)
+$rcmail_config['password_directadmin_host'] = 'tcp://localhost';
+// TCP port used for DirectAdmin connections
+$rcmail_config['password_directadmin_port'] = 2222;
+// vpopmaild Driver options
+// -----------------------
+// The host which changes the password
+$rcmail_config['password_vpopmaild_host'] = 'localhost';
+// TCP port used for vpopmaild connections
+$rcmail_config['password_vpopmaild_port'] = 89;
+// cPanel Driver options
+// --------------------------
+// The cPanel Host name
+$rcmail_config['password_cpanel_host'] = 'host.domain.com';
+// The cPanel admin username
+$rcmail_config['password_cpanel_username'] = 'username';
+// The cPanel admin password
+$rcmail_config['password_cpanel_password'] = 'password';
+// The cPanel port to use
+$rcmail_config['password_cpanel_port'] = 2082;
+// Using ssl for cPanel connections?
+$rcmail_config['password_cpanel_ssl'] = true;
+// The cPanel theme in use
+$rcmail_config['password_cpanel_theme'] = 'x';
+// XIMSS (Communigate server) Driver options
+// -----------------------------------------
+// Host name of the Communigate server
+$rcmail_config['password_ximss_host'] = 'mail.example.com';
+// XIMSS port on Communigate server
+$rcmail_config['password_ximss_port'] = 11024;
+// chpasswd Driver options
+// ---------------------
+// Command to use
+$rcmail_config['password_chpasswd_cmd'] = 'sudo /usr/sbin/chpasswd 2> /dev/null';
+// XMail Driver options
+// ---------------------
+$rcmail_config['xmail_host'] = 'localhost';
+$rcmail_config['xmail_user'] = 'YourXmailControlUser';
+$rcmail_config['xmail_pass'] = 'YourXmailControlPass';
+$rcmail_config['xmail_port'] = 6017;
+// hMail Driver options
+// -----------------------
+// Remote hMailServer configuration
+// true:  HMailserver is on a remote box (php.ini: com.allow_dcom = true)
+// false: Hmailserver is on same box as PHP
+$rcmail_config['hmailserver_remote_dcom'] = false;
+// Windows credentials
+$rcmail_config['hmailserver_server'] = array(
+    'Server' => 'localhost', // hostname or ip address
+    'Username' => 'administrator', // windows username
+    'Password' => 'password' // windows user password
+);
+// Virtualmin Driver options
+// -------------------------
+// Username format:
+// 0: username@domain
+// 1: username%domain
+// 2: username.domain
+// 3: domain.username
+// 4: username-domain
+// 5: domain-username
+// 6: username_domain
+// 7: domain_username
+$rcmail_config['password_virtualmin_format'] = 0;
+</file>
+==== Managesieve ====
+Damit unsere Mailkunden ihre sieve-Regeln direkt aus Roundcube heraus komfortabel ändern können, aktivieren wir das zugehörige Plugin **managesieve**
+Als erstes kopieren wir die Vorgabedatei, die im RPM-Paket enthalten ist.
+   # cp /usr/share/roundcubemail/plugins/managesieve/config.inc.php.dist /usr/share/roundcubemail/plugins/managesieve/config.inc.php
+Anschließend bearbeiten wir diese Datei und tragen dort die benötigten sieve-Konfigurationsdetail ein. Auch hier sind in dem nachfolgenden Beispiel die Änderungen mit **Django** gekennzeichnet.
+   # vim /usr/share/roundcubemail/plugins/managesieve/config.inc.php
+<file php /usr/share/roundcubemail/plugins/managesieve/config.inc.php><?php
+// managesieve server port
+// Django : 2012-10-12
+// default: $rcmail_config['managesieve_port'] = 2000;
+$rcmail_config['managesieve_port'] = 4190;
+// managesieve server address, default is localhost.
+// Replacement variables supported in host name:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+// Django : 2012-10-12
+//default: $rcmail_config['managesieve_host'] = 'localhost';
+$rcmail_config['managesieve_host'] = 'imap.dmz.nausch.org';
+// authentication method. Can be CRAM-MD5, DIGEST-MD5, PLAIN, LOGIN, EXTERNAL
+// or none. Optional, defaults to best method supported by server.
+$rcmail_config['managesieve_auth_type'] = null;
+// Optional managesieve authentication identifier to be used as authorization proxy.
+// Authenticate as a different user but act on behalf of the logged in user.
+// Works with PLAIN and DIGEST-MD5 auth.
+$rcmail_config['managesieve_auth_cid'] = null;
+// Optional managesieve authentication password to be used for imap_auth_cid
+$rcmail_config['managesieve_auth_pw'] = null;
+// use or not TLS for managesieve server connection
+// it's because I've problems with TLS and dovecot's managesieve plugin
+// and it's not needed on localhost
+$rcmail_config['managesieve_usetls'] = false;
+// default contents of filters script (eg. default spam filter)
+$rcmail_config['managesieve_default'] = '/etc/dovecot/sieve/global';
+// The name of the script which will be used when there's no user script
+$rcmail_config['managesieve_script_name'] = 'managesieve';
+// Sieve RFC says that we should use UTF-8 endcoding for mailbox names,
+// but some implementations does not covert UTF-8 to modified UTF-7.
+// Defaults to UTF7-IMAP
+$rcmail_config['managesieve_mbox_encoding'] = 'UTF-8';
+// I need this because my dovecot (with listescape plugin) uses
+// ':' delimiter, but creates folders with dot delimiter
+$rcmail_config['managesieve_replace_delimiter'] = '';
+// disabled sieve extensions (body, copy, date, editheader, encoded-character,
+// envelope, environment, ereject, fileinto, ihave, imap4flags, index,
+// mailbox, mboxmetadata, regex, reject, relational, servermetadata,
+// spamtest, spamtestplus, subaddress, vacation, variables, virustest, etc.
+// Note: not all extensions are implemented
+$rcmail_config['managesieve_disabled_extensions'] = array();
+// Enables debugging of conversation with sieve server. Logs it into <log_dir>/sieve
+$rcmail_config['managesieve_debug'] = false;
+// Enables features described in http://wiki.kolab.org/KEP:14
+$rcmail_config['managesieve_kolab_master'] = false;
+// Script name extension used for scripts including. Dovecot uses '.sieve',
+// Cyrus uses '.siv'. Doesn't matter if you have managesieve_kolab_master disabled.
+$rcmail_config['managesieve_filename_extension'] = '.sieve';
+// List of reserved script names (without extension).
+// Scripts listed here will be not presented to the user.
+$rcmail_config['managesieve_filename_exceptions'] = array();
+?>
+</file>
+===== Programmstart/-aufruf =====
+Nun ist es an der Zeit unseren Webmailer zu testen.
+   $ firefox https://webmail.nausch.org
+{{ :centos:mail_c6:horde-47.png?direct&750 |Bild: Loginmaske im Browser}}
+====== Links ======
+  * **[[centos:mail_c6:start?&#roundcube_webmail|Zurück zum Kapitel "Roundcube Webmail"]]**
+  * **[[centos:mail_c6:start|Zurück zum Kapitel >>Mailserverinstallation unter CentOS 6<<]]**
+  * **[[wiki:start|Zurück zu >>Projekte und Themenkapitel<<]]**
+  * **[[http://dokuwiki.nausch.org/doku.php/|Zurück zur Startseite]]**
+~~DISCUSSION~~