Free and open source webmail software for the masses, written in PHP

Roundcube Webmail
Report    Share

Browse by Company

Adobe, Apowersoft, Ashampoo, Autodesk, Avast, Corel, Cyberlink, Google, iMyFone, iTop, Movavi, PassFab, Passper, Stardock, Tenorshare, Wargaming, Wondershare

Roundcube Webmail

  -  6 MB  -  Open Source
Free Download

Safe & Secure

  • Latest Version

    Roundcube Webmail 1.7.1 LATEST

  • Review by

    Juan Garcia

  • Operating System

    Windows 7 / Windows 8 / Windows 10 / Windows 11

  • User Rating

    Click to vote

  • Author / Product

    Roundcube Team / External Link

  • Filename

    roundcubemail-1.7.1-complete.tar.gz

Roundcube Webmail is a free browser-based multilingual IMAP client with an application-like user interface.

It provides full functionality you expect from an email client, including MIME support, address book, folder manipulation, message searching, and spell checking.

This project is a free and open-source webmail solution with a desktop-like user interface that is easy to install/configure and that runs on a standard LAMPP server.

The skins use the latest web standards to render a functional and customizable UI.

Roundcube Webmail includes other sophisticated open-source libraries such as PEAR, an IMAP library derived from IlohaMail the TinyMCE rich text editor, Googiespell library for spell checking, or the WasHTML sanitizer by Frederic Motte.

Features and Highlights
  • Intuitive drag-and-drop message organization
  • Full support for MIME and HTML email formats
  • Manage multiple sender identities with ease
  • Comprehensive address book with group support and LDAP integration
  • Instant address lookup with find-as-you-type functionality
  • Organized, threaded message view
  • Support for IDNA and SMTPUTF8 internationalized email standards
  • Built-in spell checker
  • Responsive design for seamless use across devices
  • Shared and global IMAP folder support
  • Access control list (ACL) support for folder permissions
  • Smart caching system for fast mailbox access
  • Scales effortlessly to handle unlimited users and messages
  • Import and export tools for data portability
  • Plug-in API for easy customization and extension
  • Robust protection against cross-site scripting (XSS) attacks
  • PGP encryption support for secure communication
How to Use
  • Install a local web server (e.g., XAMPP or WAMP)
  • Extract Roundcube into the web server's root directory
  • Create a MySQL database for Roundcube
  • Run the Roundcube installer via browser
  • Configure IMAP/SMTP settings
  • Log in using your email credentials
System Requirements

Windows 7, 8, 10, or 11

PHP 7.3 or higher

MySQL or PostgreSQL database

Apache or compatible web server

200MB free disk space

1GB RAM minimum

PROS
  • User-friendly webmail interface
  • Supports IMAP email access
  • Open-source and customizable
  • Extensive plugin support
  • Multi-language support
CONS
  • No native desktop installer
  • Requires manual server setup
  • Limited support for POP3
  • No built-in calendar or tasks
  • Can be complex for beginners


Download Roundcube Webmail Latest Version
Why is this app published on FileHorse? (More info)

  • Roundcube Webmail 1.7.1 Screenshots

    The images below have been resized. Click on them to view the screenshots in full size.

    Roundcube Webmail 1.7.1 Screenshot 1
  • Roundcube Webmail 1.7.1 Screenshot 2
  • Roundcube Webmail 1.7.1 Screenshot 3
  • Roundcube Webmail 1.7.1 Screenshot 4
  • Roundcube Webmail 1.7.1 Screenshot 5

What's new in this version:

Fixed:
- Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog, reported by zazy
- Fix CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">, reported by wooseokdotkim
- Fix pre-auth SQL injection in virtuser_query plugin via preg_replace backslash escape bypass, reported by skull
- Fix SSRF bypass via specific local address URLs
- Fix local/private URL fetch bypass when remote resources were not allowed, reported by Orange Cyberdefense Vulnerability Disclosure Team
- Fix bypass of remote image blocking via CSS var(), reported by Geame
- Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass, reported by valent1
- Fix code injection vulnerability - remove support for code evaluation in LDAP autovalues option, reported by Glendaenri

Changed:
Enigma: Support automatic public key lookup (import) using HKP v1 protocol (#5314)
Managesieve: Fix error when a mail message contains duplicate List-Id header (#10186)
Clarified Elastic installation instructions (#10163)
Added HTMLFormElement.requestSubmit() polyfill for older browsers (#10179)
Fix so "has:attachment" search uses $HasAttachment/$HasNoAttachment keywords (#10168)
Fix potential too long value in IMAP ID command (#10136)
Fix redis/memcache disconnection in rcube::sleep() (#10127)
Fix so static resources, e.g. skin_logo can be put inside the public_html directory (#10160)
Fix so REQUEST_URI is used as a fallback if PATH_INFO is not set in static.php (#10181)
Fix assets_path feature and remove dependency on PATH_INFO (#10185)
Fix MySQL upgrade on MySQL < 8.0 and MariaDB < 10.5.3 (#10188)
Security: Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog
Security: Fix CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">
Security: Fix pre-auth SQL injection in virtuser_query plugin via preg_replace backslash escape bypass
Security: Fix SSRF bypass via specific local address URLs
Security: Fix bypass of remote image blocking via CSS var()
Security: Fix local/private URL fetch bypass when remote resources were not allowed
Security: Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass
Security: Fix code injection vulnerability - remove support for code evaluation in LDAP autovalues option

Top Downloads

More Popular Software »