Docker images update for Afterlogic products

September 8, 2022 ~ auroramail ~ Leave a comment

A few years ago, we have created Docker images for our WebMail Pro, Aurora Files and Aurora Corporate products. Sources were made available on GitHub. We’ve received really useful feedback about them, and have adopted some of the changes offered by the community.

Those images, however, were rather heavy as they used Ubuntu Linux, and all the components required for the product to work were bundled in, including MySQL. We have researched moving over to lightweight Alpine Linux, with Nginx used instead of Apache, and a few days ago we’ve released new versions of the images:

The biggest change is that we’re now using official MySQL image, and thus, docker compose needs to be used to make things work – that’s not complicated at all, just a couple of commands, see Readme file for the image. And it’s best to build images from GitHub, to ensure you’re using the latest version of the product.

But if, for whatever reason, you still require legacy images which use Apache and Ubuntu, we’ve just published those separately, with -legacy appended to the image names (example for Aurora Files / GitHub source).

Installing CentOS 8 Linux for running MailSuite Pro or Aurora Corporate

April 20, 2022 ~ auroramail ~ Leave a comment

Currently, we provide installer packages for MailSuite Pro for Linux as well as all-in-one edition of Aurora Corporate. We support Ubuntu Linux 20.04 and CentOS Linux 8.

If you’re going to install a new instance of CentOS 8, that will most likely result in an error setting up base repository. That’s because CentOS 8 has reached end-of-life on January 31, 2022, CentOS team has disabled the official repositories for this version and moved them into a separate vault repository.

So you can still install this version, if you enable network in the installer, and specify https://vault.centos.org/8.5.2111/BaseOS/x86_64/os/ as a repository URL.

To use yum package manager, you’ll need to point the system to vault repository as well, that can be done by running the following commands:

sudo sed -i -e "s|mirrorlist=|#mirrorlist=|g" /etc/yum.repos.d/CentOS-*
sudo sed -i -e "s|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*

This solution is originally posted by Sergei in his blog. Please note that the system installed this way will not receive any updates. We’re now researching a better solution – either moving to CentOS Linux 7 or using some community repository of CentOS 8.

Message sorting in Afterlogic WebMail and Aurora Corporate

March 3, 2022 ~ auroramail ~ Leave a comment

By default, Afterlogic WebMail and Aurora Corporate show newest mails first – however, it’s possible to sort mail messages differently, which includes reverse sort order.

Basic instructions for that can be found here. All you need to do is modify data/settings/modules/Mail.config.json file and set "MessagesSortBy" value as follows:

    "MessagesSortBy": [
        {
            "Allow": true,
            "List": [
                {
                    "SortBy": "arrival",
                    "LangConst": "LABEL_SORT_BY_DATE"
                },
                {
                    "SortBy": "from",
                    "LangConst": "LABEL_SORT_BY_FROM"
                },
                {
                    "SortBy": "to",
                    "LangConst": "LABEL_SORT_BY_TO"
                }
            ],
            "DefaultSortBy": "size",
            "DefaultSortOrder": "desc"
        },
        "array"
    ],

Once you do that, you’ll see a toolbar item added:

And now you can sort mail messages by those parameters, in ascending or descending order, "DefaultSortBy" and "DefaultSortOrder" define how the messages will be sorted by default.

Another popular request is sorting mail messages by their size. Assuming your IMAP server can do that, change "MessagesSortBy" value to:

    "MessagesSortBy": [
        {
            "Allow": true,
            "List": [
                {
                    "SortBy": "arrival",
                    "LangConst": "LABEL_SORT_BY_DATE"
                },
                {
                    "SortBy": "from",
                    "LangConst": "LABEL_SORT_BY_FROM"
                },
                {
                    "SortBy": "to",
                    "LangConst": "LABEL_SORT_BY_TO"
                },
                {
                    "SortBy": "size",
                    "LangConst": "LABEL_SORT_BY_SIZE"
                }
            ],
            "DefaultSortBy": "size",
            "DefaultSortOrder": "desc"
        },
        "array"
    ],

The button will now look like this:

OK, apparently we don’t have a text constant defined yet. Let’s change it. We need to edit language file under modules/MailWebclient/i18n directory, English.ini in this case. It should already have these lines:

LABEL_SORT_BY_DATE = "Date" LABEL_SORT_BY_FROM = "Sender" LABEL_SORT_BY_TO = "Receiver"

and we add one more:

LABEL_SORT_BY_SIZE = "Size"

To apply changes, purge data/cache/ directory content. Alternately, set "CacheLangs" to false in data/settings/config.json file so the translation files aren’t cached. If you followed the above steps, the button will now look like this:

Mailing lists issue in MailSuite Pro / Aurora MTA

July 29, 2021 ~ auroramail ~ Leave a comment

We’ve found an issue with mailing lists in MailSuite Pro and MTA version of Aurora Corporate. Sometimes, mailing lists appeared as email accounts there.

To address the issue, locate Dovecot SQL configuration file. In current version 8, that’s /etc/dovecot/dovecot-sql.conf while in previous version that’s /opt/afterlogic/etc/dovecot/dovecot-sql.conf

In that file, locate the line that starts with:

user_query =

And add AND awm_accounts.mailing_list = 0 before the final “;” character. For example:

user_query = SELECT DISTINCT LOWER(awm_accounts.email) as login, CONCAT('*:storage=', awm_accounts.mail_quota_kb) as quota_rule FROM (awm_accounts INNER JOIN awm_domains ON awm_accounts.id_domain = awm_domains.id_domain) WHERE (awm_accounts.email = CONCAT('%n', '@', '%d') OR awm_accounts.email = '%n') AND awm_domains.name = '%d' AND awm_accounts.deleted = 0 AND awm_accounts.mailing_list = 0;

In exactly the same way, adjust the line that starts with:

password_query =

For example:

password_query = SELECT DISTINCT CONCAT('{SSHA256.hex}', awm_accounts.password) as password FROM awm_accounts INNER JOIN awm_domains ON awm_accounts.id_domain = awm_domains.id_domain WHERE (awm_accounts.email = CONCAT('%n', '@', '%d') OR awm_accounts.email = '%n') AND awm_domains.name = '%d' AND awm_accounts.deleted = 0 AND awm_accounts.mailing_list = 0;

Restart Dovecot to apply changes:

service dovecot restart
for current version 8;

/opt/afterlogic/etc/init.d/dovecot.rc restart
for previous version 7.

Please don’t hesitate to contact us if you require any assistance.

Nextcloud integration revised

April 15, 2021 ~ auroramail ~ Leave a comment

For a while now, we’ve been offering Nextcloud integration app that lets you have Afterlogic WebMail used as a solid part of Nextcloud environment. You can specify WebMail installation URL, users supply their email/password in settings, and upon clicking “Afterlogic” icon they’re automatically logged into WebMail.

This worked like a charm, but all of a sudden, with Nextcloud update to v21.0.1, attempts to log into WebMail resulted in rather scary “Internal Server Error”. We were honestly puzzled by this error, and as far as we could tell, the error only occurred when trying to include PHP API library of WebMail.

Upon researching this further, we have decided that the best way to circumvent the problem is get rid of using PHP API altogether and switch to using Web API instead – WebMail itself uses it internally for pretty much all the requests.

We have just released v2.0.1 of Nextcloud connector. The bonus part is, those upgrading from previous versions will not have to reconfigure anything, it’ll work for them as expected – assuming they have Nextcloud and WebMail in the same domain. If you have them in different domains or even on different servers, POST authentication option is available for you.

The source code is available on GitHub, and we welcome your feedback there!

Office files viewer in Afterlogic WebMail and Aurora

April 1, 2021 ~ auroramail ~ Leave a comment

To view files of office document formats such as .DOC or .XLSX, WebMail Pro and Aurora Corporate use an online viewer from Microsoft.

If you experience issues with viewing those files, you can try switching to a viewer from Google.

In data/settings/modules/OfficeDocumentViewer.config.json file, set ViewerUrl value as follows:

"ViewerUrl": [
    "https:\/\/docs.google.com\/gview?url=",
    "string"
]

Please note that in either case, your WebMail/Aurora installation needs to be accessible over the web, so that online viewer can have access to it.

We’re currently working on version 8.8 of WebMail Pro and Aurora Corporate. The new version will feature editing and viewing office documents with OnlyOffice Docs, so it will no longer be needed to rely on external document viewer. Stay tuned!

ClamAV antivirus update for v7 of MailSuite/Aurora

March 12, 2021March 25, 2021 ~ auroramail ~ Leave a comment

If you’re using version 7 of MailSuite Pro or Aurora (MTA package), you may run into an issue when updating ClamAV databases with freshclam tool. In such case, ClamAV needs to be updated.

The process should take about 5 minutes. ClamAV needs to be stopped first (and while it’s stopped mails cannot be delivered):
/opt/afterlogic/etc/init.d/clamav.rc stop

Upgrading instructions are as follows:
cd /tmp mkdir clamav-update && cd clamav-update wget https://afterlogic.com/download/afterlogic-clamav-update.tar.bz2 wget https://afterlogic.com/download/afterlogic-clamav-backup.sh
chmod +x afterlogic-clamav-backup.sh ./afterlogic-clamav-backup.sh tar jxvf afterlogic-clamav-update.tar.bz2 -C /opt/afterlogic/ /opt/afterlogic/bin/freshclam

If you’re getting a following error message:
/opt/afterlogic/bin/freshclam: error while loading shared libraries: libpcre2-8.so.0: cannot open shared object file: No such file or directory

run the following commands:
yum install pcre2 -y /opt/afterlogic/bin/freshclam

Start ClamAV:
/opt/afterlogic/etc/init.d/clamav.rc start

If you run into an issues while performing an upgrade, feel free to request assistance at https://s.afterlogic.com/helpdesk/

Addressing DAV-related vulnerability in WebMail and Aurora

February 3, 2021March 25, 2021 ~ auroramail ~ Leave a comment

One of our valued customers reported a vulnerability in our products, that potentially allows uploading and executing arbitrary files via built-in DAV server used in WebMail Pro and Aurora Corporate. We’re now releasing updates for our products closing this vulnerability, and strongly recommend to upgrade your installations to the latest version.

Below, you’ll find recommendations on how to address the issue on your existing installation of WebMail Pro or Aurora. Please note that while these changes were only tested with version 8.5.3, they should work for previous versions as well.

Before we proceed, we’d like to point out that disabling DAV access on the installation effectively closes the vulnerability, too. That’s done by setting Disabled to true in data/settings/modules/Dav.config.json file. Note that this will not affect the use of web interface or Aurora Mail / Aurora Files mobile apps as they work via API, not DAV. If you’d rather keep DAV enabled, please follow the below guidelines.

In vendor/afterlogic/dav/lib/DAVServer.php file, locate function exec() and replace its code with:

public function exec()
{
    $sRequestUri = empty($_SERVER['REQUEST_URI']) ? '' : \trim($_SERVER['REQUEST_URI']);

    if ($this->isModuleEnabled('Dav') && !strpos(urldecode($sRequestUri), '../'))
    {
        parent::exec();
    }
    else
    {
        echo 'Access denied';
    }
}

2. In vendor/afterlogic/dav/lib/DAV/Auth/Backend/Basic.php file, locate validateUserPass function and replace the line:

if (class_exists('\\Aurora\\System\\Api') && \Aurora\System\Api::IsValid())

with:

if (class_exists('\\Aurora\\System\\Api') && \Aurora\System\Api::IsValid() && $sUserName !== \Afterlogic\DAV\Constants::DAV_PUBLIC_PRINCIPAL && $sUserName !== \Afterlogic\DAV\Constants::DAV_TENANT_PRINCIPAL)

3. Similarly, in vendor/afterlogic/dav/lib/DAV/Auth/Backend/Digest.php file, locate getDigestHash function and replace the line:

if (class_exists('\\Aurora\\System\\Api') && \Aurora\System\Api::IsValid())

with:

if (class_exists('\\Aurora\\System\\Api') && \Aurora\System\Api::IsValid() && $sUserName !== \Afterlogic\DAV\Constants::DAV_PUBLIC_PRINCIPAL && $sUserName !== \Afterlogic\DAV\Constants::DAV_TENANT_PRINCIPAL)

Since some of our clients still use previous v7 of WebMail and Aurora, we chose to issue a security update for those as well. Note that if you don’t use DAV, you can simply disable it by setting EnableMobileSync to Off in data/settings/settings.xml file.

In libraries/afterlogic/DAV/Server.php file, before the closing “}” add the following function:

public function exec()
{
    $sRequestUri = empty($_SERVER['REQUEST_URI']) ? '' : \trim($_SERVER['REQUEST_URI']);
    if (!strpos(urldecode($sRequestUri), '../'))
    {
        parent::exec();
    }
    else
    {
        echo 'Access denied';
    }
}

2. In libraries/afterlogic/DAV/Auth/Backend/Basic.php file, locate validateUserPass function and replace the line:

if (class_exists('CApi') && \CApi::IsValid())

with:

if (class_exists('CApi') && \CApi::IsValid() && $sUserName !== \afterlogic\DAV\Constants::DAV_PUBLIC_PRINCIPAL && $sUserName !== \afterlogic\DAV\Constants::DAV_TENANT_PRINCIPAL)

3. Similarly, in libraries/afterlogic/DAV/Auth/Backend/Digest.php file, locate getDigestHash function and replace the line:

if (class_exists('CApi') && \CApi::IsValid())

with:

if (class_exists('CApi') && \CApi::IsValid() && $sUserName !== \afterlogic\DAV\Constants::DAV_PUBLIC_PRINCIPAL && $sUserName !== \afterlogic\DAV\Constants::DAV_TENANT_PRINCIPAL)

Should you require any assistance, please don’t hesitate to contact us.

Using DAV sync on cPanel

November 11, 2020 ~ auroramail ~ Leave a comment

One of the most attractive features of Afterlogic WebMail Pro and Aurora Corporate is mobile sync, it lets you access your contacts and calendars using a variety of mobile and desktop applications. For instance, you can use emClient on Windows – and on iOS, DAV sync is supported natively.

To make DAV sync work, webserver reconfiguration may be needed. Note that for WebMail Pro, the product has to be installed from ZIP package – using cPanel installer won’t allow for using advanced features like DAV access.

It’s quite common for our webmail products to be installed on hosting servers powered by cPanel. Even though reconfiguring webserver directly isn’t exactly an option, it’s still possible to make use of DAV there. As a part of WebMail Pro and Aurora Corporate packages, .htaccess file is shipped, and the following section of that file should make it possible to use DAV access.

RewriteEngine on RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

By default, DAV access is performed via URL that’s obtained by appending /dav.php/ to the product installation URL. For some DAV clients, however, that’s not going to work, including CalDAV client on iOS devices – it needs a dedicated subdomain or port used for DAV access.

Fortunately, it’s fairly easy to do that, even without being able to play with web server configuration files.

Create dav directory in WebMail/Aurora installation root.
Using cPanel web interface, create a subdomain pointing to dav/ directory of WebMail Pro, you can name it dav.yourdomain.com or something like that.
Copy dav.php file into dav/ directory, rename it into index.php, and modify its include_once line as follows:

include_once '../system/autoload.php';
Copy .htaccess file from WebMail Pro root to dav/ directory.
Specify new URL in Mobile Sync area of admin interface, or directly in data/settings/modules/Dav.config.json file, ExternalHostNameOfDAVServer parameter.

Sample app for Nextcloud

August 14, 2020 ~ auroramail ~ Leave a comment

When working on Nextcloud connector for Afterlogic WebMail to make it compatible with Nextcloud version 19, we considered a complete rewrite of the application. What we couldn’t find was a really basic “Hello world” kind of application we could start from. And to make things work, we had to create such an application ourselves.

Now that the application is released, we thought it may be worth sharing such a sample with the community, for those interested in making their apps for Nextcloud.

We’ve published a sample application on Github, and README.md file there provides the guidelines on the application structure, minimum requirements for an application, and tips on using IFrame integration approach.

Hope you find this sample useful for your needs. If you have any comments or suggestions, please feel free to post them at the issue tracker.