Users

users@lists.roundcube.net

6 participants
2896 discussions

[Q] mysql.update.sql Can't DROP 'idx'; check that column/key exist
by Simon Loewenthal 25 Oct '11

25 Oct '11

Hi, After a RC upgrade (.5.4 -> 0.6), can one blindly run the mysql.update.sql, or should I adjust it accordingly to the release I am upgrading from? I ask as I tried and it complained:- root@peon /www/roundcube/SQL # mysql*-p roundcubemail < mysql.update.sql * Enter password: ERROR 1091 (42000) at line 7: Can't DROP 'idx'; check that column/key exist Entry in the mysql.update.sql reads: ALTER TABLE `messages` DROP INDEX `idx`, DROP INDEX `uid`; mysql> describe messages; +------------+------------------+------+-----+---------------------+----------------+ | Field | Type | Null | Key | Default | Extra | +------------+------------------+------+-----+---------------------+----------------+ | message_id | int(11) unsigned | NO | PRI | NULL | auto_increment | | user_id | int(10) unsigned | NO | MUL | 0 | | | del | tinyint(1) | NO | | 0 | | | cache_key | varchar(128) | NO | | NULL | | | created | datetime | NO | MUL | 1000-01-01 00:00:00 | | | *idx* | int(11) unsigned | NO | | 0 | | | *uid* | int(11) unsigned | NO | | 0 | | | subject | varchar(255) | NO | | NULL | | | from | varchar(255) | NO | | NULL | | | to | varchar(255) | NO | | NULL | | | cc | varchar(255) | NO | | NULL | | | date | datetime | NO | | 1000-01-01 00:00:00 | | | size | int(11) unsigned | NO | | 0 | | | headers | text | NO | | NULL | | | structure | text | YES | | NULL | | +------------+------------------+------+-----+---------------------+----------------+ 15 rows in set (0.00 sec) Regards, S -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

3 7

RC 0.6 ModSecurity 2.2.2 CRS optional rules (particularing modsecurity_crs_16_session_hijacking hits)
by Simon Loewenthal 24 Oct '11

24 Oct '11

Hi, I started playing with the modsecurity rules today. I noticed that CRS modsecurity rule modsecurity_crs_16_session_hijacking.conf will hit on Roundcube 0.6 on my test server. I have not used modsec on any other version of RC. Enabling the CRS 2.2.2 options rules breaks this RC set-up. I'm not an expert on these rules, so it is quite likely that I misinterpreted the results. [24/Oct/2011:11:17:39 +0200] [webmail.example.com/sid#7f9bb5d47e08][rid#7f9bc55babd0][/][1] Access denied with code 403 (phase 1). Match of "streq %{SESSION.IP_HASH}" against "TX:ip_hash" required. [file "/etc/apache2/modsec-crs/optional_rules/modsecurity_crs_16_session_hijacking.conf"] [line "35"] [id "981059"] [msg "Warning - Sticky SessionID Data Changed - IP Address Mismatch."] [24/Oct/2011:11:23:16 +0200] [webmail.example.com/sid#7f06a783b698][rid#7f06b58a10e0][/][1] Access denied with code 403 (phase 1). Match of "streq %{SESSION.UA_HASH}" against "TX:ua_hash" required. [file "/etc/apache2/modsec-crs/optional_rules/modsecurity_crs_16_session_hijacking.conf"] [line "38"] [id "981060"] [msg "Warning - Sticky SessionID Data Changed - User-Agent Mismatch."] Some rules in these hit as well: Message: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/etc/apache2/modsec-crs/optional_rules/modsecurity_crs_43_csrf_protection.conf"] [line "31"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] Message: Warning. Match of "rx (?i:\\;? ?httponly;?)" against "TX:sessionid" required. [file "/etc/apache2/modsec-crs/optional_rules/modsecurity_crs_55_application_defects.conf"] [line "71"] [id "981184"] [msg "AppDefect: Missing HttpOnly Cookie Flag."] The other CRS and ASR rules seem fine so far... Its possible that this is a apache misconfiguration by me. Has anyone else used the modsecurity optional rule sets on Roundcube? Best regards, S -- Email simon AT klunky DOT co DOT uk PGP is optional: 4BA78604 I won't accept your confidentiality agreement, and your Emails are kept. ~Ö¿Ö~ -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 2

Aborted session ... no valid session data found
by ben＠electricembers.net 21 Oct '11

21 Oct '11

I know there is this thread: http://lists.roundcube.net/mail-archive/users/2011-09/0000042.html And this ticket: http://trac.roundcube.net/ticket/1488087 But is there news on how we might roll out 0.6 (upgrade from 0.5.1) without being able to have users remove cookies? Perhaps relatedly, we do want to change our 'des_key' but am unsure if that is safe to do. Also 'session_domain' which we seem to have in production as '' (NULL) Should we just wait on 0.7 since 0.7-beta is the "milestone?" We have a great testbench here and would be delighted to help however we may. . . Ben -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 2

[Q] PHP Fatal error: Allowed memory size __ bytes exhausted
by J4K 21 Oct '11

21 Oct '11

Hi there, This message popped up in the logs whilst attempting to send a message with a file attachment of 3.1Mb. Oct 21 16:06:09 xx71 roundcube: PHP Fatal error: Allowed memory size of 50331648 bytes exhausted (tried to allocate 8944333 bytes) in /www/roundcube/program/include/iniset.php on line 107 However, the .htaccess has these settings: php_value upload_max_filesize 4M php_value post_max_size 6M php_value memory_limit 48M php_value max_execution_time 340 php_value max_input_time 320 The /etc/php5/apache2/php.ini heas these values: upload_max_filesize = 7M post_max_size = 25M memory_limit = 48M max_execution_time = 60 max_input_time = 60 Are these values set else where? Best regards. -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

4 6

ENC: PFA Issues
by Luiz Fabiano T.I CTO (Tempo Filmes) 17 Oct '11

17 Oct '11

Hi Folks, -I'm using roundcube 0.6 and PostfixAdmin, I've already set "pfa settings" on main.inc.php and "pfa connection setting" on db.inc.php, anyway it's doesn't work for me, I tried to set manually on $ROUNDCUBE$/plugins/password/password.inc.php the details of connections and chance the query from SELECT to UPDATE, but I'm still no success on it. L Does Anyone know what is going wrong ? -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 1

Read only access?
by - 15 Oct '11

15 Oct '11

Hello! How can i create user, who can only view email messages? (not remove) I doest have access to email server for server-side setup :( sry for bad english. Thx! -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

3 2

Global Address Book
by edux 13 Oct '11

13 Oct '11

Hi, i am looking for something like this plugin: https://github.com/JohnDoh/Roundcube-Plugin-Global-Address-Book/ Is this plugin still valid on release 0.6? because i saw many changes in the addressbook section and i would like to be sure that is still ok to deploy it. Thanks! eduardo. --- 8< --- detachments --- 8< --- The following attachments have been detached and are available for viewing. http://detached.gigo.com/rc/3F/6v7sJCh5/smime.p7s Only click these links if you trust the sender, as well as this message. --- 8< --- detachments --- 8< --- -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 0

cannot send attachments when using "open_basedir"
by Niccolò Belli 12 Oct '11

12 Oct '11

roundcube: PHP Warning: tempnam(): open_basedir restriction in effect. File() is not within the allowed path(s) Even setting the root (/) directory in open_basedir it does not work, the only way is to disable open_basedir. Is it a known issue? Niccolò -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 4

Roundcube 0.5 - Disk Usage
by Javier Romero 11 Oct '11

11 Oct '11

Dear Sirs: Good aftenoon. I have a Mail Server with Postfix, Courier, MySQL and Roundcube as Webmail. I need some help, as I can´t make the Disk Space Bar include the Trash folder in the total percentage, only adds Sent and Cur folders to show the Free Space available. Please, may someone tell me where do I have to configure this, I´ve been trying to find an answer on the Web, but I couldn´t. Thank you very much for your kind attention. Best regards. -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 0

roundcube-0.6 debian (squeeze) packages
by Niccolò Belli 11 Oct '11

11 Oct '11

If someone wants to test it, here are the packages: http://repository.linuxsystems.it/pool/main/r/roundcube/ Vincent Bernat told me it does not work for him, all folders are empty. I still didn't test it. Let me know if it does work for you. Niccolò -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

4 9

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Users