Webserver einrichten Debian 8

Info:

Zur grundsätzlichen Installation habe ich folgende Anleitung befolgt: https://skrilnetz.net/setup-your-own-mailserver/

Die Installation beschränkt sich auf das Mailen mit Linux Systembenutzern. Es ist nicht möglich mit folgender Konfiguration virtuelle Mailuser zu verwenden.

Ich habe jedoch meine Installation um den Webmailer “Roundcube” erweitert und dafür einige Anpassungen gemacht. Ebenfalls bring mir Outlook nicht mehr eine Fehlermeldung beim Senden von E-Mails.

verwendete Software:

Apache2.4
Dovecot
Postfix
Roundcube 1.2

meine Konfigfiles:

Informationen zu den angepassten Parametern sind markiert und allenfalls kommentiert.

Postfix:

nano /etc/postfix/main.cf

#Base config
myhostname = mail.yourdomain.com
myorigin = /etc/mailname
mydestination = $myhostname, $mydomain, localhost, localhost.$mydomain
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
relay_domains = $mydestination
syslog_name=postfix/submission
#Aliases / Recipients
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#SSL/TLS
smtpd_tls_cert_file=/etc/ssl/certs/mail.yourdomain.com.pem
smtpd_tls_key_file=/etc/ssl/private/mail.yourdomain.com.key
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtp_tls_security_level=may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_wrappermode=no
smtpd_sasl_type=dovecot
smtpd_sasl_path=private/auth
smtpd_sasl_auth_enable=yes
milter_macro_daemon_name=ORIGINATING
#Security and Anti-Spam cinfig
policy-spf_time_limit = 3600s
smtpd_helo_required = yes

smtpd_recipient_restrictions =
 reject_non_fqdn_recipient
 reject_unknown_recipient_domain
 permit_mynetworks
 permit_sasl_authenticated
 reject_unauth_destination
 check_policy_service unix:private/policy-spf
 check_policy_service inet:127.0.0.1:10023

smtpd_helo_restrictions =
 permit_mynetworks
# reject_non_fqdn_helo_hostname
# reject_invalid_helo_hostname

smtpd_client_restrictions=
 permit_mynetworks
 permit_sasl_authenticated
 reject_unknown_client_hostname

smtpd_data_restrictions =
 reject_unauth_pipelining

#DKIM
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

#Base config

myhostname = mail.yourdomain.com

myorigin = /etc/mailname

mydestination = $myhostname, $mydomain, localhost, localhost.$mydomain

relayhost =

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

mailbox_size_limit = 0

recipient_delimiter = +

inet_interfaces = all

relay_domains = $mydestination

syslog_name=postfix/submission

#Aliases / Recipients

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases

local_recipient_maps = proxy:unix:passwd.byname $alias_maps

#SSL/TLS

smtpd_tls_cert_file=/etc/ssl/certs/mail.yourdomain.com.pem

smtpd_tls_key_file=/etc/ssl/private/mail.yourdomain.com.key

smtpd_use_tls=yes

smtpd_tls_auth_only = yes

smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_tls_security_level=may

smtp_tls_security_level=may

smtpd_tls_protocols = !SSLv2, !SSLv3

smtpd_tls_wrappermode=no

smtpd_sasl_type=dovecot

smtpd_sasl_path=private/auth

smtpd_sasl_auth_enable=yes

milter_macro_daemon_name=ORIGINATING

#Security and Anti-Spam cinfig

policy-spf_time_limit = 3600s

smtpd_helo_required = yes

smtpd_recipient_restrictions =

reject_non_fqdn_recipient

reject_unknown_recipient_domain

permit_mynetworks

permit_sasl_authenticated

reject_unauth_destination

check_policy_service unix:private/policy-spf

check_policy_service inet:127.0.0.1:10023

smtpd_helo_restrictions =

permit_mynetworks

# reject_non_fqdn_helo_hostname

# reject_invalid_helo_hostname

smtpd_client_restrictions=

permit_mynetworks

permit_sasl_authenticated

reject_unknown_client_hostname

smtpd_data_restrictions =

reject_unauth_pipelining

#DKIM

milter_default_action = accept

milter_protocol = 6

smtpd_milters = inet:localhost:8891

non_smtpd_milters = inet:localhost:8891

nano /etc/postfix/master.cf

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#smtp      inet  n       -       -       -       1       postscreen
#smtpd     pass  -       -       -       -       -       smtpd
#dnsblog   unix  -       -       -       -       0       dnsblog
#tlsproxy  unix  -       -       -       -       0       tlsproxy
submission inet n       -       -       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    unix  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

policy-spf unix - n n - - spawn
  user=nobody argv=/usr/sbin/postfix-policyd-spf-perl

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

# Postfix master process configuration file. For details on the format

# of the file, see the master(5) manual page (command: "man 5 master" or

# on-line: http://www.postfix.org/master.5.html).

# Do not forget to execute "postfix reload" after editing this file.

# ==========================================================================

# service type private unpriv chroot wakeup maxproc command + args

# (yes) (yes) (yes) (never) (100)

# ==========================================================================

smtp inet n - - - - smtpd

#smtp inet n - - - 1 postscreen

#smtpd pass - - - - - smtpd

#dnsblog unix - - - - 0 dnsblog

#tlsproxy unix - - - - 0 tlsproxy

submission inet n - - - - smtpd

# -o syslog_name=postfix/submission

# -o smtpd_tls_security_level=encrypt

# -o smtpd_sasl_auth_enable=yes

# -o smtpd_reject_unlisted_recipient=no

# -o smtpd_client_restrictions=$mua_client_restrictions

# -o smtpd_helo_restrictions=$mua_helo_restrictions

# -o smtpd_sender_restrictions=$mua_sender_restrictions

# -o smtpd_recipient_restrictions=

# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject

# -o milter_macro_daemon_name=ORIGINATING

smtps inet n - - - - smtpd

# -o syslog_name=postfix/smtps

# -o smtpd_tls_wrappermode=yes

# -o smtpd_sasl_auth_enable=yes

# -o smtpd_reject_unlisted_recipient=no

# -o smtpd_client_restrictions=$mua_client_restrictions

# -o smtpd_helo_restrictions=$mua_helo_restrictions

# -o smtpd_sender_restrictions=$mua_sender_restrictions

# -o smtpd_recipient_restrictions=

# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject

# -o milter_macro_daemon_name=ORIGINATING

#628 inet n - - - - qmqpd

pickup unix n - - 60 1 pickup

cleanup unix n - - - 0 cleanup

qmgr unix n - n 300 1 qmgr

#qmgr unix n - n 300 1 oqmgr

tlsmgr unix - - - 1000? 1 tlsmgr

rewrite unix - - - - - trivial-rewrite

bounce unix - - - - 0 bounce

defer unix - - - - 0 bounce

trace unix - - - - 0 bounce

verify unix - - - - 1 verify

flush unix n - - 1000? 0 flush

proxymap unix - - n - - proxymap

proxywrite unix - - n - 1 proxymap

smtp unix - - - - - smtp

relay unix - - - - - smtp

# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

showq unix n - - - - showq

error unix - - - - - error

retry unix - - - - - error

discard unix - - - - - discard

local unix - n n - - local

virtual unix - n n - - virtual

lmtp unix - - - - - lmtp

anvil unix - - - - 1 anvil

scache unix - - - - 1 scache

# ====================================================================

# Interfaces to non-Postfix software. Be sure to examine the manual

# pages of the non-Postfix software to find out what options it wants.

# Many of the following services use the Postfix pipe(8) delivery

# agent. See the pipe(8) man page for information about ${recipient}

# and other message envelope options.

# ====================================================================

# maildrop. See the Postfix MAILDROP_README file for details.

# Also specify in main.cf: maildrop_destination_recipient_limit=1

maildrop unix - n n - - pipe

flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}

# ====================================================================

# Recent Cyrus versions can use the existing "lmtp" master.cf entry.

# Specify in cyrus.conf:

# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4

# Specify in main.cf one or more of the following:

# mailbox_transport = lmtp:inet:localhost

# virtual_transport = lmtp:inet:localhost

# ====================================================================

# Cyrus 2.1.5 (Amos Gouaux)

# Also specify in main.cf: cyrus_destination_recipient_limit=1

#cyrus unix - n n - - pipe

# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}

# ====================================================================

# Old example of delivery via Cyrus.

#old-cyrus unix - n n - - pipe

# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}

# ====================================================================

# See the Postfix UUCP_README file for configuration details.

uucp unix - n n - - pipe

flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

# Other external delivery methods.

ifmail unix - n n - - pipe

flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)

bsmtp unix - n n - - pipe

flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient

scalemail-backend unix - n n - 2 pipe

flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}

mailman unix - n n - - pipe

flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py

${nexthop} ${user}

policy-spf unix - n n - - spawn

user=nobody argv=/usr/sbin/postfix-policyd-spf-perl

Dovecot:

nano /etc/dovecot/dovecot.conf

disable_plaintext_auth = no
mail_privileged_group = mail
mail_location = mbox:~/mail:INBOX=/var/mail/%u
userdb {
driver = passwd
}

passdb {
args = %s
driver = pam
}
protocols = " imap"

protocol imap {
mail_plugins = " autocreate"
}
plugin {
autocreate = Trash
autocreate2 = Sent
autosubscribe = Trash
autosubscribe2 = Sent
}

service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
ssl=required
ssl_cert = </etc/ssl/certs/mail.yourdomain.com.pem
ssl_key = </etc/ssl/private/mail.yourdomain.com.key

disable_plaintext_auth = no

mail_privileged_group = mail

mail_location = mbox:~/mail:INBOX=/var/mail/%u

userdb {

driver = passwd

}

passdb {

args = %s

driver = pam

}

protocols = " imap"

protocol imap {

mail_plugins = " autocreate"

}

plugin {

autocreate = Trash

autocreate2 = Sent

autosubscribe = Trash

autosubscribe2 = Sent

}

service auth {

unix_listener /var/spool/postfix/private/auth {

group = postfix

mode = 0660

user = postfix

}

ssl=required

ssl_cert = </etc/ssl/certs/mail.yourdomain.com.pem

ssl_key = </etc/ssl/private/mail.yourdomain.com.key

Roundcube:

nano /roundcube installationsverzeichnis/config/config.inc.php

<?php

/*
+-----------------------------------------------------------------------+
| Local configuration for the Roundcube Webmail installation. |
| |
| This is a sample configuration file only containing the minimum |
| setup required for a functional installation. Copy more options |
| from defaults.inc.php to this file to override the defaults. |
| |
| This file is part of the Roundcube Webmail client |
| Copyright (C) 2005-2013, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
+-----------------------------------------------------------------------+
*/

$config = array();

// Database connection string (DSN) for read+write operations
// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
// NOTE: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'
// or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'
$config['db_dsnw'] = 'mysql://roundcube:yourpassword@localhost/roundcubemail';

// The mail host chosen to perform the log-in.
// Leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
// Supported replacement variables:
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %s - domain name after the '@' from e-mail address provided at login screen
// For example %n = mail.domain.tld, %t = domain.tld
$config['default_host'] = 'tls://yourdomain.com';

// SMTP server host (for sending mails).
// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
// If left blank, the PHP mail() function is used
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
$config['smtp_server'] = 'tls://localhost';

// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
// deprecated SSL over SMTP (aka SMTPS))
$config['smtp_port'] = 587;

// SMTP username (if required) if you use %u as the username Roundcube
// will use the current username for login
$config['smtp_user'] = '%u';

// SMTP password (if required) if you use %p as the password Roundcube
// will use the current user's password for login
$config['smtp_pass'] = '%p';

// provide an URL where a user can get support for this Roundcube installation
// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
$config['support_url'] = '';

// Name your service. This is displayed on the login screen and in the window title
$config['product_name'] = 'Roundcoube Webmail';

// this key is used to encrypt the users imap password which is stored
// in the session record (and the client cookie if remember password is enabled).
// please provide a string of exactly 24 chars.
// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
$config['des_key'] = 'rcmail-!24ByteDESkey*Str';

// List of active plugins (in plugins/ directory)
$config['plugins'] = array(
'archive',
'zipdownload',
);

// The PHP Mailser has some issues with selfsigned TLS Certificates for this we add:
// skin name: folder from skins/
$config['skin'] = 'larry';

// Enabled for testing if the installation works. DISABLE AFTER TESTING!
$config['enable_installer'] = true;
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);

// IMAP wouldnt workt with this up here so i add this
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => true,
'allow_self_signed' => true,
'peer_name' => 'mail.yourdomain.com',
'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
'cafile' => '/etc/ssl/certs/mail.yourdomain.com.pem',
),
);

100

101

102

103

104

105

106

107

<?php

+-----------------------------------------------------------------------+

| Local configuration for the Roundcube Webmail installation. |

| |

| This is a sample configuration file only containing the minimum |

| setup required for a functional installation. Copy more options |

| from defaults.inc.php to this file to override the defaults. |

| |

| This file is part of the Roundcube Webmail client |

| |

| Licensed under the GNU General Public License version 3 or |

| any later version with exceptions for skins & plugins. |

| See the README file for a full license statement. |

+-----------------------------------------------------------------------+

$config = array();

// Database connection string (DSN) for read+write operations

// Format (compatible with PEAR MDB2): db_provider://user:password@host/database

// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle

// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php

// NOTE: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'

// or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'

$config['db_dsnw'] = 'mysql://roundcube:yourpassword@localhost/roundcubemail';

// The mail host chosen to perform the log-in.

// Leave blank to show a textbox at login, give a list of hosts

// to display a pulldown menu or set one host as string.

// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://

// Supported replacement variables:

// %n - hostname ($_SERVER['SERVER_NAME'])

// %t - hostname without the first part

// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)

// %s - domain name after the '@' from e-mail address provided at login screen

// For example %n = mail.domain.tld, %t = domain.tld

$config['default_host'] = 'tls://yourdomain.com';

// SMTP server host (for sending mails).

// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://

// If left blank, the PHP mail() function is used

// Supported replacement variables:

// %h - user's IMAP hostname

// %n - hostname ($_SERVER['SERVER_NAME'])

// %t - hostname without the first part

// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)

// %z - IMAP domain (IMAP hostname without the first part)

// For example %n = mail.domain.tld, %t = domain.tld

$config['smtp_server'] = 'tls://localhost';

// SMTP port (default is 25; use 587 for STARTTLS or 465 for the

// deprecated SSL over SMTP (aka SMTPS))

$config['smtp_port'] = 587;

// SMTP username (if required) if you use %u as the username Roundcube

// will use the current username for login

$config['smtp_user'] = '%u';

// SMTP password (if required) if you use %p as the password Roundcube

// will use the current user's password for login

$config['smtp_pass'] = '%p';

// provide an URL where a user can get support for this Roundcube installation

// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!

$config['support_url'] = '';

// Name your service. This is displayed on the login screen and in the window title

$config['product_name'] = 'Roundcoube Webmail';

// this key is used to encrypt the users imap password which is stored

// in the session record (and the client cookie if remember password is enabled).

// please provide a string of exactly 24 chars.

// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS

$config['des_key'] = 'rcmail-!24ByteDESkey*Str';

// List of active plugins (in plugins/ directory)

$config['plugins'] = array(

'archive',

'zipdownload',

);

// The PHP Mailser has some issues with selfsigned TLS Certificates for this we add:

// skin name: folder from skins/

$config['skin'] = 'larry';

// Enabled for testing if the installation works. DISABLE AFTER TESTING!

$config['enable_installer'] = true;

$config['smtp_conn_options'] = array(

'ssl' => array(

'verify_peer' => false,

'verify_peer_name' => false,

);

// IMAP wouldnt workt with this up here so i add this

$config['imap_conn_options'] = array(

'ssl' => array(

'verify_peer' => true,

'allow_self_signed' => true,

'peer_name' => 'mail.yourdomain.com',

'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',

'cafile' => '/etc/ssl/certs/mail.yourdomain.com.pem',

);

Apache:

Apache habe ich nicht speziel konfigurert. Hier einfach einen für die Domain passenden V-Host erstellen und das Roundcube-Installatinsverzeichnis als Alias oder Hauptverzeichnis hinzufügen.