Spellchecker URL not answering (spell.roundcube.net)

[hannob]

I noticed some warnings in my PHP log of the form "unable to connect to ssl://spell.roundcube.net:443".

It seems that the spellchecker function of roundcube tries to connect to spell.roundcube.net, however that host is not answering. This seems to expect something called googiespell, which from what I can tell is a service that no longer exists.

FWIW I am also wondering if externalizing spellchecking to an online API service by default is a privacy problem.

[alecpl]

The service is indeed dead right now. Maybe we should change the default to pspell or enchant, or even disable it.
This comment in defaults.inc.php is highly outdated and needs to be updated too:

// For locally installed Nox Spell Server or After the Deadline services,
// please specify the URI to call it.
// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 or
// the After the Deadline package from http://www.afterthedeadline.com.
// Leave empty to use the public API of service.afterthedeadline.com

[hannob]

It seems to me pspell uses a widely available PHP API (that effectively uses aspell, as pspell seems to be deprecated), thus I think this is a good choice. It's also doing checks offline and thus no privacy issue. I think enchant is less common and may more likely not be available on PHP hosts.

[thomascube]

The spell.roundcube.net service was running on a sponsored server which has now gone away. As we don't have a good replacement in sight, we should just set enable_spellcheck=false by default and remove the spell.roundcube.net host as default for spellcheck_uri.

We can eventually provide a Docker image as a self-hosted replacement for spell.roundcube.net.

@hannob Regarding the privacy concerns: spell.roundcube.net was hosted by us (Roundcube) on a dedicated service which was fully under our control. Privacy-wise it was certainly more trustworthy that using a service provided by a commercial company.

[thomascube]

@alecpl what do you think of commit 92757f5? If OK, we should port it to 1.4 and 1.5 branches.

[hannob]

I feel having a spellchecking function by default is useful and would rather set it to pspell (which is offline, no privacy concerns). Only issue might be that some php installations may have the API disabled, so it may be worth trying to make sure that it doesn't break hard when the spell functions in PHP are not available (i.e. simply disable when it's not available).

[alecpl]

@thomascube the commit is fine. I'll probably work on using pspell for our test suite, so we can keep testing this functionality.

[staticvoidmaine]

We can eventually provide a Docker image as a self-hosted replacement for spell.roundcube.net.

inb4: can this please be an "in addition to" not the "primary means" of self-hosting? I am all for projects providing docker as a deployment method, but it shouldn't be the only option IMO.

[fabianbur]

pspell i find it a good option as the default. Is related to this report : #8172

[thomascube]

As of today, the spell checking service is back online and thus we might consider to revert commit 2bd421c. @alecpl what do you think?

[alecpl]

Sure, and this one f1a0262. However, for privacy reasons maybe we should not make that a default anymore, so users are aware that the data goes to our server.

[thomascube]

spell.roundcube.net is back but enable_spellcheck option is now set to false by default.