Roundcube

Last updated
Roundcube
Developer(s) The Roundcube Team [1]
Initial release2008;16 years ago (2008)
Stable release
1.6.6 [2]   OOjs UI icon edit-ltr-progressive.svg / 20 January 2024
Repository
Written in PHP
Operating system Cross-platform
Type Webmail
License GPL-3.0-or-later with exceptions for skins and plugins [3]
Website roundcube.net   OOjs UI icon edit-ltr-progressive.svg

Roundcube is a web-based IMAP email client. Roundcube's most prominent feature is the pervasive use of Ajax technology. Roundcube is free and open-source software subject to the terms of the GNU General Public License (GPL-3.0-or-later), with exceptions for skins and plugins. [3]

Contents

History

After about two years of development the first stable release of Roundcube was announced in early 2008. [4]

In November 2023, the open-source file hosting software suite Nextcloud announced its partnership with Roundcube. [5] [6]

Security concerns

In 2023, a pro-Russia hacking group Winter Vivern [7] exploited a zero-day vulnerability in RoundCube to attack European government entities and a think tank, as reported by researchers from ESET. [8] This vulnerability was essentially a cross-site scripting error, and it was used to inject JavaScript into the Roundcube server application. Simply viewing a malicious email was sufficient to allow the attackers to run arbitrary JavaScript code in the Roundcube user's browser window, allowing them to access folders and emails in that user's account and send those emails to the attackers' servers. [9]

As of late 2023, the most recent eight releases (1.6.5, 1.5.6, 1.6.4, 1.5.5, 1.4.15, 1.5.4, 1.4.14 and 1.6.3) all contained XSS-related fixes. [10]

Technology

Roundcube is written in PHP and can be employed in conjunction with a LAMP stack, or any other operating systems that support PHP are supported as well. The web server needs access to the IMAP server hosting the email and to an SMTP server to be able to send messages.

Roundcube Webmail is designed to run on standard web servers such as Apache, LiteSpeed, Nginx, Lighttpd, Hiawatha or Cherokee in conjunction with a relational database engine. Supported databases are MySQL, PostgreSQL and SQLite. The user interface is rendered in XHTML and CSS and is fully customizable with skins.

Roundcube incorporates jQuery as part of its distribution, as well as other libraries such as GoogieSpell and TinyMCE.

Roundcube comes included with CPanel as of early 2008.

Plugins

Starting with version 0.3, Roundcube introduced a plug-in API which allows non-standard features to be added without the need to modify the source code. A variety of plug-ins are available from the Plugin Repository.

Project "Roundcube Next"

On 3 May 2015, Roundcube announced, in partnership with Kolab Systems AG, that they planned to completely rewrite Roundcube and create Roundcube Next. A crowdfunding campaign was set up to finance the project. The goal of $80,000 was reached on June 24. [11] The final amount raised was US$103,541. [12]

Roundcube Next was intended to include additional features like calendar, chat and file management. This was to be implemented using WebRTC and connectors from popular services like Dropbox and OwnCloud.

However, Kolab Systems and Roundcube stopped development on the project in 2016, with no information or refunds provided to project backers, leading to a failed crowdfund. [13] A Roundcube developer later claimed Roundcube had no ownership over the Roundcube Next campaign, [14] despite its public engagement and ownership on the crowdfund page.

Current features

Notable installations

Roundcube is used by a number of universities to provide email services to students and staff such as Sanger Institute Tata Institute of Social Sciences, [15] University of Florida, [16] Harvard University, [17] University of Utah, [18] University of Oregon, [19] Stevens Institute of Technology, [20] Norwegian University of Science and Technology, [21] the Technical University of Dortmund, [22] the University of Cambridge, [23] the Indian Institute of Technology, Delhi, [24] Indian Institute of Technology, Bombay, [25] Institute of Physics, Bhubaneswar, Indian Institute of Science Education and Research Kolkata, Indian Institute of Technology, Kanpur, [26] Indian Institute of Technology, Madras, [27] University of Victoria, Bard College at Simon's Rock [28] and Bilkent University. [29]

In a 2009 interview, two of Roundcube's core developers noted that the largest deployment to that date that they were aware of was at the University of Michigan with 70,013 students. [30] Roundcube is also used in the Kolab Now service which supports its further development.

CPanel includes Roundcube, as a result of which many hosting companies around the world such as HostGator, [31] Media Temple, Gandi, OVH [32] and others use RoundCube. Roundcube Webmail IMAP client was also incorporated into epesiBIM (epesi Business Information Manager), a web-based, open source CRM-like application.

Apple's Mac OS X 10.7 Lion Server operating system provided Roundcube as the default webmail client in Mail Server. [33] In prior versions, SquirrelMail had been the default client.

In 2013, Iran's Ministry of ICT launched the national email service at mail.post.ir which used Roundcube. [34] Synology Inc.'s DiskStation Manager (DSM) uses Roundcube for their Mail Station package. [35]

See also

Related Research Articles

<span class="mw-page-title-main">Email</span> Mail sent using electronic means

Electronic mail is a method of transmitting and receiving messages using electronic devices. It was conceived in the late–20th century as the digital version of, or counterpart to, mail. Email is a ubiquitous and very widely used communication medium; in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries.

In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by RFC 9051.

<span class="mw-page-title-main">Email client</span> Computer program used to access and manage a users email

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

<span class="mw-page-title-main">Webmail</span> Email service that can be accessed using a web browser

Webmail is an email service that can be accessed using a standard web browser. It contrasts with email service accessible through a specialised email client software. Additionally, many internet service providers (ISP) provide webmail as part of their internet service package. Similarly, some web hosting providers also provide webmail as a part of their hosting package.

<span class="mw-page-title-main">SquirrelMail</span> Software project

SquirrelMail is a project that aims to provide both a web-based email client and a proxy server for the IMAP protocol.

<span class="mw-page-title-main">Kontact</span> Personal information manager software

Kontact is a personal information manager and groupware software suite developed by KDE. It supports calendars, contacts, notes, to-do lists, news, and email. It offers a number of inter-changeable graphical UIs all built on top of a common core.

Kolab is a free and open source groupware suite. It consists of the Kolab server and a wide variety of Kolab clients, including KDE PIM-Suite Kontact, Roundcube web frontend, Mozilla Thunderbird and Mozilla Lightning with SyncKolab extension and Microsoft Outlook with proprietary Kolab-Connector PlugIns.

The Internet Messaging Program or IMP is a webmail client. It can be used to access e-mail stored on an IMAP server. IMP is written in PHP and a component of the collaborative software suite Horde.

The following tables compare general and technical information for a number of notable webmail providers who offer a web interface in English.

Bynari is a defunct company based in Dallas, developing server and email software, mainly known for its Insight Family, similar to Microsoft Exchange Server with Outlook.

hMailServer Open-source e-mail server

hMailServer was a free email server for Windows created by Martin Knafve. It ran as a Windows service and includes administration tools for management and backup. It had support for IMAP, POP3, and SMTP email protocols. It could use external database engines such as MySQL, MS SQL or PostgreSQL, or an internal MS SQL Compact Edition engine to store configuration and index data. The actual email messages were stored on disk in a raw MIME format. As of January 15th, 2022, active support and development were officially halted, although version 5.6 will continue to receive updates for critical bugs.

Axigen is a Linux, Windows, and Docker mail server with groupware and collaboration functionalities. It supports SMTP, IMAP, POP3, and webmail services, and includes features such as an integrated mailing list server, Antivirus and Antispam integration options, and various mobile capabilities including mobile-friendly webmail and Exchange ActiveSync support. Axigen can be hosted in data centers, on bare-metal or Private or Public Clouds of choice.

<span class="mw-page-title-main">GMX Mail</span> Free, ad-supported email service by GMX

GMX Mail is a free advertising-supported email service provided by GMX. Users may access received GMX Mail via webmail, or using POP3 or IMAP4 protocols. Mail is sent using SMTP. Founded in 1997, GMX is a subsidiary of Ionos AG, a stock-listed company in Germany, and a sister company to Ionos and Fasthosts Internet. In addition to an email address, each GMX account includes a Mail Collector, Address Book, Organizer, and File Storage. Every user can register up to 10 individual GMX email addresses. Popup ads are displayed to all users, including premium, at GMX login; as of 2021 GMX was the only large email provider using popup ads.

<span class="mw-page-title-main">Fastmail</span> Australian email service provider

Fastmail is an email hosting company based in Melbourne, Australia. In addition to its Fastmail-branded services, the company also operates Topicbox, a mailing list service, and Pobox, an email service it acquired in 2015.

A mailbox provider, mail service provider or, somewhat improperly, email service provider is a provider of email hosting. It implements email servers to send, receive, accept, and store email for other organizations or end users, on their behalf.

<span class="mw-page-title-main">Kolab Now</span>

Kolab Now is a web-based email and groupware service, based completely on free and open-source software. It is owned and operated by Kolab Systems AG and was formerly known as MyKolab.

MailEnable is a Windows-based, commercial email server distributed by MailEnable Pty. Ltd, an Australian-based software company which was established in 2002.

<span class="mw-page-title-main">Mailfence</span> Encrypted email service

Mailfence is secure encrypted email service that offers OpenPGP based end-to-end encryption and digital signatures. It was launched in November 2013 by Belgium-based company ContactOffice Group that has been operating an online collaboration suite since 1999.

The JSON Meta Application Protocol (JMAP) is a set of related open Internet Standard protocols for handling email. JMAP is implemented using JSON APIs over HTTP and has been developed as an alternative to IMAP/SMTP and proprietary email APIs such as Google's Gmail and Microsoft's MAPI . Additional protocols and data models being built on top of the core of JMAP for handling contacts and calendar synchronization are meant to be potential replacements for CardDAV and CalDAV, and other support is currently in the works.

References

  1. "Dev_Members - Roundcube Webmail - Trac". Trac.roundcube.net. Archived from the original on 2011-10-02. Retrieved 2011-09-19.
  2. "Update 1.6.6 released". 20 January 2024. Retrieved 30 January 2024.
  3. 1 2 "Changeset 5787 - Roundcube Webmail". Archived from the original on 2012-04-26.
  4. "RoundCube Webmail 0.1-stable released". roundcube.net. 2008-03-04. Retrieved 2024-03-08.{{cite web}}: CS1 maint: date and year (link)
  5. Korotaev, Mikhail (2023-11-29). "Open source email pioneer Roundcube joins the Nextcloud family". Nextcloud Blog. Retrieved 2023-12-02.
  6. Rudra, Sourav (2023-12-01). "Open-Source Webmail Roundcube Joins Nextcloud". ItsFOSS.com. Retrieved 2023-12-02.
  7. https://www.sentinelone.com/labs/winter-vivern-uncovering-a-wave-of-global-espionage
  8. https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-winter-vivern-attacks-roundcube-webmail-servers-of-governments-in-europe-through-zero
  9. https://arstechnica.com/security/2023/10/pro-russia-hackers-target-inboxes-with-0-day-in-webmail-app-used-by-millions
  10. "Releases · roundcube/roundcubemail · GitHub" . Retrieved 2023-12-26.
  11. "Tweet from @roundcubenext".
  12. "RoundCube-Next is Woefully Behind Schedule - Phoronix". Archived from the original on 2021-10-19. Retrieved 2021-10-19.
  13. "In 2018, RoundCube Next Remains Dead In The Water - Phoronix". www.phoronix.com. Archived from the original on 2021-10-19. Retrieved 2019-08-09.
  14. "What about Roundcube Next? · Issue #6030 · roundcube/roundcubemail". GitHub. Archived from the original on 2021-10-19. Retrieved 2019-08-09.
  15. "RoundCube Webmail". tiss.edu/. Archived from the original on 2021-10-19. Retrieved 2013-06-13.
  16. "Development - University of Florida now hosting a RoundCube implementation". Archived from the original on 2020-11-29. Retrieved 2013-10-16.
  17. "Welcome to RoundCube Webmail". Spl.harvard.edu. Archived from the original on 2011-10-02. Retrieved 2011-09-19.
  18. "University of Utah, College of Engineering Webmail". Archived from the original on 2021-07-11. Retrieved 2021-10-19.
  19. "University of Oregon Webmail". Archived from the original on 2021-10-19. Retrieved 2021-10-19.
  20. "MyMail - ITwiki". Stevens.edu. 2011-09-13. Archived from the original on 2012-02-03. Retrieved 2011-09-19.
  21. "Alternative NTNU Student Webmail :: Welcome to Alternative NTNU Student Webmail". Archived from the original on 2021-10-19. Retrieved 2013-07-31.
  22. "Roundcube Webmail :: Willkommen bei Roundcube Webmail". webmail.tu-dortmund.de. Retrieved 2022-05-06.
  23. "Computing Service News: New Hermes Webmail". Computing Service, University of Cambridge. 2013-07-03. Archived from the original on July 6, 2013. Retrieved 2013-07-06.
  24. "IITD Webmail :: Welcome to IITD Webmail". webmail.iitd.ac.in. Archived from the original on 2021-10-19. Retrieved 2020-03-16.
  25. "WebMail IITB :: Welcome to WebMail IITB". webmail.iitb.ac.in. Archived from the original on 2021-10-19. Retrieved 2020-03-16.
  26. "Roundcube Webmail". linux.cc.iitk.ac.in. Retrieved 2024-04-28.
  27. Subhashis Banerjee (2011-09-04). "Roundcube webmail". www.cc.iitd.ernet.in/CSC/. Computer Services Centre, IIT Delhi. Archived from the original on 2021-03-05. Retrieved 2014-02-05.
  28. "Bard College at Simon's Rock Webmail :: Welcome to Bard College at Simon's Rock Webmail". warlock.simons-rock.edu. Retrieved 2021-11-25.
  29. "Bilkent University Webmail :: Welcome to Bilkent University Webmail". 2022-06-08. Archived from the original on 2022-06-08. Retrieved 2022-08-19.
  30. "Roundcube: the world's coolest Open Source webmail project? - Open For Business - Blogs - Technology Blog and Community from IT Experts - Techworld.com". Blogs.techworld.com. 2009-11-20. Archived from the original on 2011-07-23. Retrieved 2011-09-19.
  31. "Host Gator Adds RoundCube | WHTop News". WHTop.com. Archived from the original on 2021-10-19. Retrieved 2020-03-22.
  32. OVH. "Webmail: RoundCube Guide - OVH". www.ovh.com. Archived from the original on 2021-10-19. Retrieved 2017-02-07.
  33. "OS X Lion Server - Technical Specifications". Apple. Archived from the original on October 6, 2011. Retrieved 2011-09-19.
  34. "هشدار نویسنده نرم‌افزار ای‌میل ملی ایران درباره ضعف‌های امنیتی آن". 10 July 2013. Archived from the original on 2021-07-15. Retrieved 2021-10-19.
  35. "Mail Station - Add-on Packages | Synology Inc". Archived from the original on 2020-11-11. Retrieved 2021-10-19.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.