james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Arnau Rebassa (JIRA)" <server-...@james.apache.org>
Subject [jira] [Commented] (JAMES-2631) TLS 1.2 problems with Certificate Request
Date Sat, 22 Dec 2018 07:42:00 GMT

    [ https://issues.apache.org/jira/browse/JAMES-2631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16727279#comment-16727279
] 

Arnau Rebassa commented on JAMES-2631:
--------------------------------------

I don't have that option in the RemoteDelivery mailet. I paste below the configuration
{code:java}
<mailet match="All" class="RemoteDelivery">
  <outgoingQueue>outgoing</outgoingQueue>
  <delayTime>10 minutes</delayTime>
  <maxRetries>1</maxRetries>
  <startTLS>true</startTLS>
  <connectiontimeout>10000</connectiontimeout>
  <maxDnsProblemRetries>0</maxDnsProblemRetries>
  <deliveryThreads>100</deliveryThreads>
  <sendpartial>false</sendpartial>
  <bounceProcessor>bounces</bounceProcessor>
 </mailet>{code}
 

Also I paste the log:

 
{code:java}
DEBUG 07:28:44,703 | james.mailspooler | ==== Begin processing mail Mail1545463723888-ab28561e-6b3c-4b72-87cc-7ed2cd2bb529====
DEBUG 07:28:44,703 | james.mailprocessor | Call MailProcessor root
INFO 07:28:44,723 | james.smtpserver | Id='-412939643' User='' Successfully spooled mail Mail1545463723888-ab28561e-6b3c-4b72-87cc-7ed2cd2bb529
from test@gmail.com on localhost/127.0.0.1 for [xxxxxxxxxxxl@xxxxxxxxxxx.com]
INFO 07:28:44,750 | james.smtpserver | Id='-412939643' User='' Connection closed for 127.0.0.1
INFO 07:28:44,755 | james.smtpserver | Id='-412939643' User='' Connection closed for 127.0.0.1
DEBUG 07:28:44,844 | james.mailetcontext | Entering mailet: Postmaster aliasing mailet
 mail state root
DEBUG 07:28:44,845 | james.mailetcontext | End of mailet: Postmaster aliasing mailet
 mail state root
DEBUG 07:28:44,874 | james.mailetcontext | Entering mailet: Set Mail Attribute Mailet
 mail state root
DEBUG 07:28:44,910 | james.mailetcontext | End of mailet: Set Mail Attribute Mailet
 mail state root
DEBUG 07:28:44,932 | james.mailetcontext | Entering mailet: ToProcessor Mailet
 mail state root
DEBUG 07:28:44,936 | james.mailetcontext | End of mailet: ToProcessor Mailet
 mail state transport
DEBUG 07:28:44,936 | james.mailprocessor | Call MailProcessor transport
DEBUG 07:28:44,940 | james.mailetcontext | Entering mailet: RecipientRewriteTable Mailet
 mail state transport
73474 James INFO [spooler-1] openjpa.Runtime - The Entity "org.apache.james.mailbox.jpa.mail.model.openjpa.JPAMailboxMessage"
was enhanced at level "2", but the current level of enhancement is "1,300,381".
73481 James INFO [spooler-1] openjpa.Runtime - A down level Entity was detected and logged.
Please enable RUNTIME trace to see all down level Entities.
DEBUG 07:28:46,413 | james.mailetcontext | End of mailet: RecipientRewriteTable Mailet
 mail state transport
DEBUG 07:28:46,438 | james.mailetcontext | Entering mailet: RemoteDelivery Mailet
 mail state transport
DEBUG 07:28:46,508 | james.mailetcontext | End of mailet: RemoteDelivery Mailet
 mail state ghost
DEBUG 07:28:46,509 | james.mailprocessor | End of mailetprocessor for state root reached
DEBUG 07:28:46,753 | james.mailetcontext | Attempting delivery of Mail1545463723888-ab28561e-6b3c-4b72-87cc-7ed2cd2bb529-to-xxxxxxxxx.com
to host mail.xxxxxxxx.com. at 62.6.234.206 from test@gmail.com
DEBUG 07:28:46,978 | james.mailetcontext | Exception delivering message (Mail1545463723888-ab28561e-6b3c-4b72-87cc-7ed2cd2bb529-to-xxxxxxxxx.com)
- Could not convert socket to TLS
INFO 07:28:46,978 | james.mailetcontext | Could not convert socket to TLS
DEBUG 07:28:46,984 | james.mailetcontext | Temporary exception delivering mail (Mail1545463723888-ab28561e-6b3c-4b72-87cc-7ed2cd2bb529-to-xxxxxxxxxx.com):
DEBUG 07:28:46,987 | james.mailetcontext | Storing message Mail1545463723888-ab28561e-6b3c-4b72-87cc-7ed2cd2bb529-to-xxxxxxxx.com
into outgoing after 0 retries{code}
 

I have been searching information if I could use a "mail.smtp." property in the RemoteDelivery
mailet configuration but I didn't find anything. 

Also I have tried to add the javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword properties
to the run.sh script but haven't work either.

I don't know what else I can try.

Thank you very much for your help.

 

 

> TLS 1.2 problems with Certificate Request
> -----------------------------------------
>
>                 Key: JAMES-2631
>                 URL: https://issues.apache.org/jira/browse/JAMES-2631
>             Project: James Server
>          Issue Type: Bug
>    Affects Versions: 3.0.1
>            Reporter: Arnau Rebassa
>            Priority: Major
>         Attachments: james_response.png, server_request.png
>
>
> We are using james 3.0.1 configured to use TLS in remote deliveries. The sending of emails
over TLS is working fine but we have problems sending emails to a particular server which
performs a "Certificate Request". When this happens, in a tcpdump capture I can see that, James
returns an error Alert (Level: Fatal, Description: Certificate Unknown).
>  
> The certificate used by the remote server is issued by a well know CA. In the picture
server_request.png you can see as the remote server requests a "Certificate request" to the
client (in this case to James).
>  
> In the file james_reponse.png you can see how James sends a Fatal alert.
>  
> I have been looking into the documentation but I haven't found the way to specify a keystore
in the mailetcontainer.xml. Is this possible? Anyone knows how to fix this?
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message