Nope sorry, I’m waiting on the guys to update the InterWorx roundcube for us, however Horde seems to be the only one being updated so we’ve got to cope with a unsecure one.
what kind of workaround? Anything you might be able to share?
But it would be great, if someone from iworx could confirm this is being worked on or at least what their plans are. The webmail software is one of the interfaces towards our customers and as such very important.
And I agree with Michael, that it’s a security risk, seeing that we don’t even use the security update for 0.8.6 from one year ago !!
Yes, here you go but a word of warning, only try this on a test server as it may break the current roundcube and may not work at all.
Choose 1 domain to act for all webmail, install current version of roundcube 0.9.5 I think it is by softaculous or simplescripts
Login to test account
Test IW roundcube still works as expected.
Now, if all’s well, you can either then symlinked to new roundcube, or leave as is, and ask your clients to use your domain used roundcube install.
I cannot stress this is untested, and just a theory, so do not try on production servers, and of course, please understand IW would not surpport the above, so you would break any help from IW in full.
I read a post re roundcube, and that’s where IW said it was on roadmap to make easier to upgrade, but honestly, I would not expect any time frames for commercial reasons
You can stop roundcube from been available to your clients, from nodeworx settings.
Thanks John, but that’s indeed a bit too ass-backwards for my taste
And I don’t want to disable roundcube, on the contrary: It is our preferred webmail client and I would love to make full use of it (incld. better themes, which are only availble for 0.9 and 1.0)
