Tutorials > How to manage Mailboxes with RoundCube on CentOS 7

How to manage Mailboxes with RoundCube on CentOS 7

Published on: 16 January 2020

CentOS Mail Server RoundCube

Roundcube is one of the best known open source solutions to manage a reliable and customizable email service through a web service.

In this tutorial there are all the information to install and manage a webmail service with Roundcube on CentOS 7. As it is based on PHP, Roundcube requires the installation of a web server such as NGINX or Apache and relies on a MySQL-like database such as MariaDB.

First, connect to your server via an SSH connection. If you haven’t done so yet, following our guide it is recommended to connect securely with SSH. In case of a local server, go to the next step and open the terminal of your server.

Installation of NGINX and PHP

Proceed by installing an instance of NGINX with support for PHP and MySQL:

$ sudo yum install nginx php php-fpm php-mcrypt php-cli php-gd php-curl php-xml php-mysql php-mbstring php-pspell php-imagick 

At the end of the installation of all the packages, start NGINX and enable its automatic start-up on the system:

$ sudo systemctl start nginx$ sudo systemctl enable nginx

The use of Roundcube requires the variation of two parameters within the PHP configuration file present in /etc/php.ini:

# Impostazione della nostra timezone

date.timezone = "Europe/Rome"

Save the file just modified, start and enable the PHP-FPM service:

$ sudo systemctl start php-fpm$ sudo systemctl enable php-fpm 

Installation of MariaDB

In order to function properly Roundcube needs MariaDB database, that can be installed with the following command:

$ sudo yum install mariadb-server

Once the installation is completed, start the service:

$ sudo systemctl start mariadb

$ sudo systemctl enable mariadb

Proceed with the security of MariaDB by running a script included in MariaDB to increase security and limit access to your databases:

Start the utility script provided by MariaDb "mysql_secure_installation" and answer all the questions:

$ sudo mysql_secure_installation

First, you will be asked whether you want to enable the password validation system. If you enable this system, when you set a password for a user it will be evaluated. If the password does not respect the minimum security requirements, it is rejected with an error message.

Then, you will be asked if you want to change the root password to one of your preference. If you enable the password validation system, you will have to enter a password that respects the security criteria.

Following some best practices for creating a secure password is recommended. This includes:

  • The use of both upper and lower case

  • The use of both letters and numbers

  • The use of non-alphanumeric characters like @ # $% ˆ &!

  • The use of passwords other than those previously used

Finally, choose whether to remove anonymous users, test databases and whether to disable remote login with the root user. For an adequate level of security, confirming all these changes is recommended.

At this point, confirm the update of the displayed table to apply the new security criteria.

Enter current password for root (enter for none):

OK, successfully used password, moving on...
                Setting the root password ensures that nobody can log into MariaDB

root user without the proper authorisation.
                Set root password? [Y/n] Y

New password:

Re-enter new password:

Password updated successfully!

Reloading privilege tables..

 ... Success!
                Remove anonymous users? [Y/n] Y

 ... Success!
                Normally, root should only be allowed to connect from 'localhost'.  This

ensures that someone cannot guess at the root password from the network.
                Disallow root login remotely? [Y/n] Y

 ... Success!
                Remove test database and access to it? [Y/n] Y

 - Dropping test database...

 ... Success!

 - Removing privileges on test database...

 ... Success!
                Reload privilege tables now? [Y/n] Y

 ... Success!
                Cleaning up...
                All done!  If you've completed all of the above steps, your MariaDB

installation should now be secure.
                Thanks for using MariaDB!

After restarting the service, a database for Roundcube and a new user for it (by changing the password) can be created:

$ mysql -u root -p

MariaDB [(none)]> CREATE DATABASE roundcubemail /*!40101 CHARACTER SET utf8 COLLATE utf8_general_ci */;

MariaDB [(none)]> CREATE USER 'roundcube'@'localhost' IDENTIFIED BY 'mf0c3mhx';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON roundcubemail.* TO 'roundcube'@'localhost';


MariaDB [(none)]> exit

Roundcube installation

In order to download the latest version of Roundcube you will need wget. If not installed on your system, do it with the following command:

$ sudo yum install wget

Otherwise, continue by downloading and extracting the package from github:

Then move everything to the NGINX directory: 

$ sudo mv roundcubemail-1.3.7 /var/www/html/roundcubemail

$ sudo cd /var/www/html/roundcubemail/

The Roundcube package contains an sql file that has to be imported into the newly created database with the required structure:

$ mysql -u root -p roundcubemail < SQL/mysql.initial.sql

During the import process, you will be asked for the database root password entered during the installation of MariaDB.

Once the database configuration is completed, ìprepare the NGINX virtual server for the domain mail.domain.com. First, make sure that the owner of the html folder is NGINX:

$ sudo chown -R nginx:nginx /var/www/html/roundcubemail

Now create and edit the virtual host file/etc/nginx/conf.d/mail.example.com.conf as follows:

server {

        listen 80;

        server_name mail.domain.com;

        root /var/www/html/roundcubemail;

        index  index.php index.html;

        #i# Logging

        access_log /var/log/nginx/mail.domain.com_access_log;

        error_log   /var/log/nginx/mail.domain.com_error_log;

        location / {

                try_files $uri $uri/ /index.php?q=$uri&$args;



                deny all;


        location ~ ^/(config|temp|logs)/ {

                deny all;


        location ~ /\. {

                deny all;

                access_log off;

                log_not_found off;


        location ~ \.php$ {

                include /etc/nginx/fastcgi_params;


                fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;

                fastcgi_index index.php;

                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;



Before saving all the changes, remember to change the ‘domain.com’ domain to your domain.

In case of permission errors, modify the PHP-FPM configuration present in /etc/php-fpm.d/www.conf by changing these parameters:

user = nginx

group = nginx

listen = /var/run/php-fpm/php-fpm.sock

listen.owner = nginx

listen.group = nginx

listen.mode = 0660

Also, make sure that the owner of the PHP "session" directory is NGINX:

$ sudo chown -R nginx:nginx /var/lib/php/session/

At this point, Roundcube is ready to be configured from the web interface.

Roundcube configuration via web interface

To continue the installation, through a web browser go to : http://mail.domain.com/installer/ 

RoundCube Installer

RoundCube Installer

In this first phase, the Roundcube installer shows a summary of the requirements for operating the system correctly. Click on the "NEXT" button to continue.


RoundCube Installer

In this second phase, a series of operating parameters have to be entered. Leave everything unchanged except the product_name where o enter your domain name or a nickname of your choice.

RoundCube Database Configuration

Changing the access data to the sql server with those entered during the installation phase is important. When completed, click "NEXT" to continue.

RoundCube IMAP and SMTP test

Once the second phase is completed, test the IMAP / SMTP parameters of your server to verify that Roundcube is able to send/receive mail. 

Once finished, delete all the necessary files for the installation present in the /var/www/html/roundcubemail/installer folder by running the command:

$ sudo rm -rf /var/www/html/roundcubemail/installer

If you want to modify or change the parameters entered during the configuration phase, modifying the file in the /var/www/html/roundcubemail/config/config.inc.php directory is always possible.

Access Webmail

Our Roudcube instance is ready to use at the URL  http://mail.domain.com/ . Then, log in using the login details of a mailbox configured with Dovecot.

RoundCube Login

RoundCube Mailbox View