james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sylvain Vieujot (JIRA)" <server-...@james.apache.org>
Subject [jira] Commented: (JAMES-1105) Support multiple port configurations per protocol
Date Fri, 03 Dec 2010 09:31:11 GMT

    [ https://issues.apache.org/jira/browse/JAMES-1105?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12966460#action_12966460
] 

Sylvain Vieujot commented on JAMES-1105:
----------------------------------------

This used to work in 3.0-M2, but I can't make this work with the current 3.0-M3-snapshot.
Spring keeps failing to initialize :-(

> Support multiple port configurations per protocol
> -------------------------------------------------
>
>                 Key: JAMES-1105
>                 URL: https://issues.apache.org/jira/browse/JAMES-1105
>             Project: JAMES Server
>          Issue Type: Improvement
>          Components: IMAPServer, POP3Server, SMTPServer
>    Affects Versions: 3.0-M1
>            Reporter: Patrick Pyette
>
> A single instance of James should be able to accept connections on multiple ports for
each protocol.   As an example, I want to have the following SMTP connections:
> port 25:  no authorization, no relaying
> port 465: STARTTLS, AUTH required, relaying allowed
> port 587:  SMTP/TLS, AUTH required, relaying allowed.
> I can set up the relaying decision with a mailet/matcher, but having multiple port configurations
per protocol allow me to deploy James as a primary multi-domain mail server.
> The config files might look something like:
>     <!-- The SMTP server is enabled by default -->
>     <!-- Disabling blocks will stop them from listening, -->
>     <!-- but does not free as many resources as removing them would -->
>    <smtpserver enabled="true">
>       <!-- 
>             Port 25 is the well-known/IANA registered port for SMTP. 
>             Port 465 is the well-known/IANA registered port for SMTP over TLS.
>          -->
>       <endpoints>
>          <endpoint port="465">
>           <!-- Uncomment this if you want to bind this port to a specific inetaddress
-->
>           <!-- Please NOTE: you should add this IP also to your RemoteAddrNotInNetwork
-->
>           <!-- in order to avoid relay check for locallly generated bounces -->
>           <!--
>           <bind> </bind>
>           -->
>          <!-- Set to true to support STARTTLS or TLS for the Socket.
>            To use this you need to copy sunjce_provider.jar to /path/james/lib directory.
>          -->
>          <tls socketTLS="false" startTLS="true">
>             <!-- To create a new keystore execute:
>             keytool -genkey -alias james -keyalg RSA -keystore /path/to/james/conf/keystore
>             -->
>            <keystore>file://conf/keystore</keystore>
>            <secret>changeit</secret>
>            <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
>          </tls>
>          <!--  Uncomment this if you want to require SMTP authentication.
>                supported values:
>                true: required but announced only to not authorizedAddresses
>                false: don't use AUTH
>                announce: like true, but always announce AUTH capability to clients
>                The correct behaviour per RFC value would be false or announce
>                but we still support true for backward compatibility and because
>                some webmail client fails when AUTH is announced but no authentication
>                information has been provided
>           -->
>          <authRequired>announce</authRequired>
>          
>          <!--  Uncomment this if you want to authorize specific addresses/networks.
>                If you use SMTP AUTH, addresses that match those specified here will
>                be permitted to relay without SMTP AUTH.  If you do not use SMTP
>                AUTH, and you specify addreses here, then only addresses that match
>                those specified will be permitted to relay.
>                Addresses may be specified as a an IP address or domain name, with an
>                optional netmask, e.g.,
>                127.*, 127.0.0.0/8, 127.0.0.0/255.0.0.0, and localhost/8 are all the same
>                See also the RemoteAddrNotInNetwork matcher in the transport processor.
>                You would generally use one OR the other approach.
>          -->
>          <!--
>          <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
>          -->
>          <!--  Uncomment this if you want to verify sender addresses, ensuring that
-->
>          <!--  the sender address matches the user who has authenticated. -->
>          <!--  This prevents a user of your mail server from acting as someone else
-->
>          <!--  If unspecified, default value is true -->
>          <!--
>          <verifyIdentity>true</verifyIdentity>
>          -->
>     </endpoint>
>     <endpoint port="587">
>       ...
>     </endpoint>
> </endpoints>   

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message