Enigma plugin (PGP encryption)

In this article I described how we implemented client-side encryption in Roundcube using Mailvelope. There’s another approach for encryption, it is the Enigma plugin. It implements all the functionality using server-side GNUPG software. So, the big difference in these is that: Mailvelope keeps your keys in the browser, Enigma stores them on the server. In the current state Enigma however, has a lot more features.

Installation and settings

To use Enigma just enable it as any other plugin. Then in Preferences > Settings > Encryption you’ll see a set of options that will give you possibility to enable/disable encryption-related features.

NOTE: As keys are stored on the server, make sure the directory used as a storage has proper permissions, and it’s good to move it somewhere out of the location accessible from the web (even if secured by .htaccess rules).

Figure 1. Encryption preferences section.

Keys management

To manage your keys goto Settings > PGP Keys. There you can generate a new key pair or import keys. See the following screenshots for more details.

Figure 2. Key generation form.

Figure 3. Key information frame.

Mailvelope integration (PGP encryption)

The most valuable feature of incoming Roundcube 1.2 release is PGP encryption support. There are two independent solutions for this, Enigma plugin and Mailvelope. In this article I’ll describe what we achived with Mailvelope. The integration code was mostly written by Thomas Brüderli and only slightly improved/fixed by me.

It looks like Mailvelope is the best (if not only) solution for encryption in a web browser. It’s based on OpenPGP.js that is an implementation of PGP encryption in JavaScript. Mailvelope is distributed as Chrome and Firefox extensions. It supports some email services like GMail, it also provides an API for programmers. And this is the way we decided to integrate it with Roundcube.

Mailvelope installation

For more info goto Mailvelope documentation. To have it working with Roundcube you have to install the extension in your browser, then goto your Roundcube webmail and using Mailvelope “Add” button add your page to list of mail providers. One last required step is to enable API use on the provider edit page.

Compose an encrypted message

If Roundcube detects enabled Mailvelope, new button will appear in compose toolbar. It may be disabled in HTML mode, so switch to plain text. If you click it Mailvelope frame will appear. There you can write your message and add attachments. As you notice on the screenshot some features are disabled. Unfortunately, at the moment we can do much more with the Mailvelope textarea. Note: to send an encrypted message you first have to import/generate a private key in Mailvelope settings.

Figure 1. Message compose screen with enabled encryption frame.

When you try to send a mail to an address for which no public key was found in the Mailvelope database (keyring), you will be provided with possibility to search public key servers and import the keys.

Drag’n’drop in Roundcube

This is a nice feature on desktop, so it is in desktop-like web applications. Average user likes this feature and uses it. That said, we have in Roundcube some drag’n’drop capabilities, it is:

  1. Dragging messages to folders (in messages list view) – copy/move action.
  2. Dragging folders to folders (in Preferences > Folders) – move action.
  3. Dragging contacts to groups/sources (in Addressbook) – copy/move/assign to group action.
  4. Dropping files from desktop to compose attachments.
  5. As of yesterday it is also possible to drag’n’drop attachments from mail preview to compose window.
  6. If you use Kolab, you can actually also drop files from desktop into Calendar, Tasks and Files.
  7. You can also re-arange messages list columns using drag’n’drop technique.

These should work in most of web browsers (their recent versions). The question is: can we have more of this? E.g. wouldn’t be nice to drag attachments or messages from browser to desktop? Or messages to compose attachments? Well, it would, but it’s not so simple…

I recently investigated what recent web standards and browsers provide in this regard. This does not look good. Standard way of drag’n’drop is DataTransfer and some events defined events, plus HTML attribute ‘draggable’. Unfortunately there’s no standard way of dropping a file to the desktop. So, what options do we have:

Mail searching with pre-defined date interval

I just committed a small Roundcube feature that adds date interval selector to the search options popup. IMAP search query using BEFORE and SINCE keywords will be generated from the selected interval option.

See it on the screenshot.


On the screenshot you can also notice another small feature that will be part of Roundcube 1.2. It is a messages list page selector, you can use it to directly jump to the specified page.

Searching folders and folder subscriptions in Files

The Kolab’s file storage component, named Chwala, from the beginning listed all folders of type ‘file’ available to the user. The subscription state of a folder was ignored. This changed today. From now on Chwala API returns only subscribed folders, the same as other components.

Of course, user is able to subscribe or unsubscribe a folder. Together with this folder filtering and searching has been implemented. So, you can now quickly filter displayed folders (which is useful when you have many of them). You can also search for unsubscribed folders and subscribe them (i.e. add to the permanent folders list). The search is smart enough to search by folder name and user name, so searching in other users namespace also works.

Key-press filtering is implemented “in the browser” so it works fast. To search unsubscribed folders (server-side) you have to press Enter key. Exactly the same as folder search in other components.

Figure 1. Folders list with the new header and search icon.
search folders - step 1
Figure 2. Searching for unsubscribed folders.
search folders - step 2
Figure 3. Subscribed folder added to the list.
search folders - step 3

For the moment it only works with Kolab storage. Other storage drivers supported by Chwala, i.e. WebDAV and SeaFile do not support subscriptions. In the future we may implement this as well.

This week in Kolab-Tech

It's always fun when your remote colleagues are coming to visit the office. It helps communication putting a face to the name in the chat client - and the voice on the phone.

Giles, our creative director, was visiting from London the first days of the week, which made a lot of the work switch context to be about design and usability. As Giles is fairly new in the company we also spent some time discussing a few of our internal processes and procedures with him. It is great to have him onboard to fill in a previously not so investigated space with his large experience.

The server development team kept themselves busy with a few Roundcube issues, and with a few issues that we had in the new KolabNow dashboard. Additionally work was being done on the Roundcube-Next POC. We hope soon to have something to show on that front.

On the desktop side, we finalized the sprint 201539 and delivered a new version of Kontact on Windows and on Linux. The Windows installer is named Kontact-E14-2015-10-02-12-35.exe, and as always it is available on our mirror.

This Sunday our datacenter is doing some maintenance. They do not expect any interruption, but be prepared for a bit of connection troubles on Sunday night.

On to the future..

Last week in Kolab-Tech

As we started the week already the previous Friday night (by shutting off the KolabNow cockpit and starting the big migration) it turned out to be a week all about (the bass) KolabNow.

Over the weekend we made a series of improvements to KolabNow that will improve the over all user experience with

  • Better performance
  • More stable environment
  • Less downtime
  • Our ability to update the environment with a minimum of interruption for endusers.

After the update, there were of course a few issues that needed to be tweeked, but details aside, the weekend was a big success. Thanks to the OPS staff for doing the hard work.

One thing we changed with this update was the way users get notified when their accounts are suspended. Before this weekend, users with suspended accounts would still be able to login and receive mail on KolabNow. After this update, users with suspended accounts will not be able to login. This was of course leading to a small breeze of users with suspended accounts contacting support with requests for re-enabeling of their accounts.

On the development side we were making progress on two fronts:

  • We are getting close to the end of the list of urgent Kontact defects. The second week of this sprint should get rid of that list. Our Desktop people will then get time to look forward again, and look at the next generation of Kolab Desktop Client.
  • We started experimenting with one (- of perhaps more to come) POCs for Roundcube-Next. We now need to start talking about the technologies and ideas behind that new product. More to follow about that.

Thank you for your interest - if you are still reading. :-)

This week in Kolab Tech

Another week passed by; super fast, as we know that: Time is running fast when you have fun.

The client developers are on a roll. They have been hacking away on a defined bundle of issues in Korganizer and Zanshin, which has been annoying for users, and has prevented some organizations from adapting the desktop client. This work will proceed during the next sprint - and most probably the sprint after that.

One of our collaborative editing developers took part in the ODF plugfest. According to his report, a lot of good experiences were had, a lot of contacts were made, and there was good feedback for the plans of the deep Kolab/Manticore integration.

Our OPS people was busy most of the week with preparations for this weekends big KolabNow update. This is a needed overhaul of our background systems and software. As we now have the new hardware in place, and it has been running it's test circles around itself, we can finally start applying many of the improvements that we have prepared for some time. This weekend is very much a backend update; but an important one, which will make it easier for us to apply more changes in the future with a minimal amount of interruptions.

All y'all have a nice weekend now..

roundcube's picture

Updates 1.1.3 and 1.0.7 released

We just published updates to both stable versions 1.0 and 1.1
after fixing many minor bugs and ensuring compatibility with upstream
versions of 3rd party libraries used in Roundcube. Version 1.0.7 comes
with cherry-picked fixes from the more recent version to ensure proper
long term support.

See the full changelog here.

Both versions are considered stable and we recommend to update all
productive installations of Roundcube with either of these versions.
Download them from

As usual, don’t forget to backup your data before updating!

This week in Kolab tech..

The week in development:

  • Our desktop people were spending time in Randa, a small town in the Swiss mountains, where they were discussing KDE related issues and hacking away together with similar minded people. Most probably they also got a chance or two for some social interaction.
  • Work was continued on the Copenhagen (MAPI integration) project. Where as it was easy to spot progress in the beginning, the details around folder permissions and configuration objects that are being worked out now are not as visible.
  • The Guam project (the scalable IMAP session and payload filter) is moving along as planned. The filter handling engine is in place. It is now being implanted into the main body of the system, and then work on the actual filter formulation can be started.
  • A few defects in Kolab on UCS was discovered in the beginning of the week. Those were investigated and are getting fixed as I am writing this. Hopefully we will be able to push a new package for this product early next week.

In other news: The engineering people are working hard to prepare the backend systems for some interesting upcoming KolabNow changes. There will be more information about those changes in other more appropriate places.

Only thing left is, to wish everyone a very nice weekend.