[SOLVED] After upgrading to 0.24, roundcubemail appears to be broken

I upgraded to 0.24 today and the roundcube interface is no longer working. The login page loads fine but upon clicking the login button, in Chromium I get:

This page isn’t working

example.com is currently unable to handle this request.
HTTP ERROR 500

and in Firefox, I get a blank page. Rebooting did not fix it. Any ideas? The rest of the MIAB seems to work – I can send and receive email using Thunderbird. Thanks in advance!

Note: Changed title because in addition, emails that used to go to gmail without problems seem to have some problem now. See post further down the chain. Never mind, it appears to have been a temporary problem as subsequent emails went through fine.

You can check the php7.0-fpm.log file in /var/log/ and the access.log and error.log files in /var/log/nginx to hopefully get more info about what’s going on. On my systems they are called access.log.1 and error.log.1 for some reason.

So /var/log/php7.0-fpm.log is empty. The tail of /var/log/nginx/access.log for 2 login attempts:

xx.xx.xx.xx - - [08/Oct/2017:09:45:26 -0400] “GET /mail HTTP/1.1” 302 154 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”
xx.xx.xx.xx - - [08/Oct/2017:09:45:26 -0400] “GET /mail/ HTTP/1.1” 200 2525 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”
xx.xx.xx.xx - - [08/Oct/2017:09:45:27 -0400] “GET /mail/plugins/persistent_login/persistent_login_larry.css?s=1507389968 HTTP/1.1” 304 0 “https://example.com/mail/” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”
xx.xx.xx.xx - - [08/Oct/2017:09:45:27 -0400] “GET /mail/plugins/persistent_login/persistent_login.css?s=1507389968 HTTP/1.1” 304 0 “https://example.com/mail/” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”
xx.xx.xx.xx - - [08/Oct/2017:09:45:27 -0400] “GET /mail/plugins/persistent_login/persistent_login.js?s=1507389968 HTTP/1.1” 304 0 “https://example.com/mail/” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”
xx.xx.xx.xx - - [08/Oct/2017:09:45:38 -0400] “POST /mail/?_task=login HTTP/1.1” 500 5 “https://example.com/mail/” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”
73.213.106.63 - - [08/Oct/2017:09:47:32 -0400] “GET /mail/ HTTP/1.1” 200 2525 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”
73.213.106.63 - - [08/Oct/2017:09:47:46 -0400] “POST /mail/?_task=login HTTP/1.1” 500 5 “https://example.com/mail/” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36”

and /var/log/nginx/error.log shows no activity.

Now that MIAB is using php7, can I safely uninstall php5*? Could that be the problem?

It’s strange because the access.log shows a http 500 response, which is an error. The error.log should have more information on it. The php log is empty for me as well, it seems like we’d have to enable logging first. Most likely in /etc/php/7.0/fpm/php.ini.

Can the affected user log in successfully at https://example.com/cloud ?

Still having php5 installed shouldn’t be a problem. It’s the same on my system. I don’t know if it can be uninstalled safely.

It looks to me like logging is already on.

error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
log_errors = On

Own/Nextcloud broke a while ago and in order to get upgrades to work, I modify the setup program to skip installation (I don’t use Own/Nextcloud anyway).

Other than that, everything is out-of-the-box.

And apparently, something about 0.24’s security has changed and email is automatically flagged as spam or rejected outright. From an email sent to a Gmail account:

Why is this message in Spam? It’s from an address in the example.com domain but has failed example.com’s required tests for authentication.

The status page also shows that everything appears to be fine although it does warn that the domain’s DNSSEC DS record has not been set (it is not a TLD where DNSSEC is available).

Is there any way to revert to 0.23?

If you’ve disabled Own/Nextcloud, it is very likely that the RoundCube addressbook integration is failing and that’s what causes the 500.

Try disabling the plugin by editing /usr/local/lib/roundcubemail/config/config.inc.php and removing the 'carddav' entry from the plugins line.

To find out what’s going on with your mails getting rejected, I recommend using https://www.mail-tester.com/

Downgrading to 0.23 is not a simple process.

Disabling carddav does not fix it. So I went in to check the roundcubemail/error logs and found this:

[08-Oct-2017 13:44:50 America/New_York] PHP Fatal error: Uncaught Error: Call to undefined function mb_strtolower() in /usr/local/lib/roundcubemail/program/include/rcmail.php:593
Stack trace:
#0 /usr/local/lib/roundcubemail/index.php(121): rcmail->login(‘user@example.com’, ‘mypassword’, ‘localhost’, true)
#1 {main}
thrown in /usr/local/lib/roundcubemail/program/include/rcmail.php on line 593

Not sure what it means though.

It suggests that php7.0-mbstring hasn’t been installed. Try this:

apt-get update
apt-get dist-upgrade

If this doesn’t pull it in, install it manually:

apt-get install php7.0-mbstring

That did the trick! Many thanks!

You’re welcome! Was apt-get dist-upgrade enough?

No, I’m pretty sure I did that yesterday right after upgrading so I went straight to apt-get install php7.0-mbstring.