Cant login to roundcube

Discussion in 'ISPConfig 3 Priority Support' started by Trix, Sep 3, 2020.

  1. Trix

    Trix Member HowtoForge Supporter

    Hello,

    After setting up the newest version of roundcube and finally setting up roundcube config for tls logins i managed to log in and start using roundcube. After a server restart something happened now when i try to log in i get an error

    Since then i only run ubuntu updates so i dont know what happened.

    This is my dovecot config file:
    Code:
    listen = *,[::]
    protocols = imap pop3 lmtp sieve
    auth_mechanisms = plain login
    disable_plaintext_auth = yes
    log_timestamp = "%Y-%m-%d %H:%M:%S "
    mail_privileged_group = vmail
    postmaster_address = [email protected]
    #ssl_cert = </etc/postfix/smtpd.cert
    #ssl_key = </etc/postfix/smtpd.key
    ssl_cert = </etc/ssl/certificate.crt
    ssl_key = </etc/ssl/private/mail_x_com.key
    #ssl_ca = </etc/ssl/private/mail_x_com.ca-bundle
    ssl_protocols = !SSLv2 !SSLv3
    mail_max_userip_connections = 100
    mail_plugins = $mail_plugins quota
    passdb {
      args = /etc/dovecot/dovecot-sql.conf
      driver = sql
    }
    userdb {
      driver = prefetch
    }
    userdb {
      args = /etc/dovecot/dovecot-sql.conf
      driver = sql
    }
    plugin {
      quota = dict:user::file:/var/vmail/%d/%n/.quotausage
      sieve=/var/vmail/%d/%n/.sieve
      sieve_max_redirects = 25
    }
    service auth {
      unix_listener /var/spool/postfix/private/auth {
        group = postfix
        mode = 0660
        user = postfix
      }
      unix_listener auth-userdb {
        group = vmail
        mode = 0600
        user = vmail
      }
      user = root
    }
    service lmtp {
      unix_listener /var/spool/postfix/private/dovecot-lmtp {
       group = postfix
       mode = 0600
       user = postfix
      }
    }
    service imap-login {
      client_limit = 1000
      process_limit = 512
    }
    protocol imap {
      mail_plugins = quota imap_quota
    }
    protocol pop3 {
      pop3_uidl_format = %08Xu%08Xv
      mail_plugins = quota
    }
    protocol lda {
    postmaster_address = [email protected]
      mail_plugins = sieve quota
    }
    protocol lmtp {
    postmaster_address = [email protected]
      mail_plugins = quota sieve
    }
    
    
    #2.3+ service stats {
    #2.3+     unix_listener stats-reader {
    #2.3+         user = vmail
    #2.3+         group = vmail
    #2.3+         mode = 0660
    #2.3+     }
    #2.3+
    #2.3+     unix_listener stats-writer {
    #2.3+         user = vmail
    #2.3+         group = vmail
    #2.3+         mode = 0660
    #2.3+     }
    #2.3+ }
    
    And this is my roundcube config:

    Code:
    <?php
    
    /*
    +-----------------------------------------------------------------------+
    | Local configuration for the Roundcube Webmail installation.           |
    |                                                                       |
    | This is a sample configuration file only containing the minimum       |
    | setup required for a functional installation. Copy more options       |
    | from defaults.inc.php to this file to override the defaults.          |
    |                                                                       |
    | This file is part of the Roundcube Webmail client                     |
    | Copyright (C) 2005-2013, The Roundcube Dev Team                       |
    |                                                                       |
    | Licensed under the GNU General Public License version 3 or            |
    | any later version with exceptions for skins & plugins.                |
    | See the README file for a full license statement.                     |
    +-----------------------------------------------------------------------+
    */
    
    $config = array();
    
    /* Do not set db_dsnw here, use dpkg-reconfigure roundcube-core to configure database ! */
    include_once("/etc/roundcube/debian-db-roundcube.php");
    
    // The IMAP host chosen to perform the log-in.
    // Leave blank to show a textbox at login, give a list of hosts
    // to display a pulldown menu or set one host as string.
    // To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
    // Supported replacement variables:
    // %n - hostname ($_SERVER['SERVER_NAME'])
    // %t - hostname without the first part
    // %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
    // %s - domain name after the '@' from e-mail address provided at login screen
    // For example %n = mail.domain.tld, %t = domain.tld
    
    $config['default_host'] = 'localhost';
    $config['default_port'] = 143;
    $config['imap_auth_type'] = 'LOGIN';
    // SMTP server host (for sending mails).
    // Enter hostname with prefix tls:// to use STARTTLS, or use
    // prefix ssl:// to use the deprecated SSL over SMTP (aka SMTPS)
    // Supported replacement variables:
    // %h - user's IMAP hostname
    // %n - hostname ($_SERVER['SERVER_NAME'])
    // %t - hostname without the first part
    // %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
    // %z - IMAP domain (IMAP hostname without the first part)
    // For example %n = mail.domain.tld, %t = domain.tld
    $config['smtp_conn_options'] = array(
      'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false
      )
    );
    
    $config['smtp_server'] = 'tls://%h';
    $config['smtp_auth_type'] = 'LOGIN';
    // SMTP port (default is 25; use 587 for STARTTLS or 465 for the
    // deprecated SSL over SMTP (aka SMTPS))
    $config['smtp_port'] = 587;
    
    // SMTP username (if required) if you use %u as the username Roundcube
    // will use the current username for login
    $config['smtp_user'] = '%u';
    
    // SMTP password (if required) if you use %p as the password Roundcube
    // will use the current user's password for login
    $config['smtp_pass'] = '%p';
    
    // provide an URL where a user can get support for this Roundcube installation
    // PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
    $config['support_url'] = '';
    
    // Name your service. This is displayed on the login screen and in the window title
    $config['product_name'] = 'X Webmail';
    
    // this key is used to encrypt the users imap password which is stored
    // in the session record (and the client cookie if remember password is enabled).
    // please provide a string of exactly 24 chars.
    // YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
    $config['des_key'] = 'xxxxxx';
    
    // List of active plugins (in plugins/ directory)
    // Debian: install roundcube-plugins first to have any
    $config['plugins'] = array("zipdownload","newmail_notifier","emoticons", "jqueryui", "ispconfig3_account", "ispconfig3_autoreply", "ispconfig3_autoselect", "ispconfig3_pass", "ispconfig3_spam", "ispconfig3_fetchmail", "ispconfig3_filter", "ispconfig3_forward", "ispconfig3_wblist");
    
    // skin name: folder from skins/
    $config['skin'] = 'elastic';
    
    // Disable spellchecking
    // Debian: spellshecking needs additional packages to be installed, or calling external APIs
    //         see defaults.inc.php for additional informations
    $config['enable_spellcheck'] = false;
    
    If anyone could help me out to get to the source of the problem would be much appreaciated since i ran out of ideas.

    Thanks
    Trix
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Most likely you disabled plaintext auth in postfix.
     
  3. Trix

    Trix Member HowtoForge Supporter

    In dovecot config i have "disable_plaintext_auth=yes" but i never changed this its been like this from the beginnings and it worked. If i change it to no then it starts working but isnt that unsecure? The server uses STARTTLS.
    And i didnt change anything in postfix either.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Plaintext auth over tls is fine. I just checked the ispconfig sources and the config files we deliver contain:

    disable_plaintext_auth = no

    so I guess you changed that manually to yes.
     
  5. Trix

    Trix Member HowtoForge Supporter

    Many thanks @till for the help.

    Cheers.
     

Share This Page