This is an automated email from the ASF dual-hosted git repository.
oscerd pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new 936875258bce CAMEL-23522: doc-sync 4.14 upgrade guide for camel-mail
mail.smtp.* gating (#23418)
936875258bce is described below
commit 936875258bcea1fafb9accd0a53c645218ba6b09
Author: Andrea Cosentino <[email protected]>
AuthorDate: Thu May 21 19:36:14 2026 +0200
CAMEL-23522: doc-sync 4.14 upgrade guide for camel-mail mail.smtp.* gating
(#23418)
Mirror the 4.14.x upgrade-guide entry for CAMEL-23522 (camel-mail - gate
JavaMail session
properties from headers behind opt-in) onto main, per the project's
backport upgrade-guide
policy: the camel-4x-upgrade-guide-4_XX.adoc files on main act as the
canonical history
across all releases, so any entry added on a maintenance branch must also
land here.
Companion to the backport PR against camel-4.14.x (#23416), the 4.18.x
backport (#23381), the
4.18 doc-sync (#23383) and the main PR (#23362).
Signed-off-by: Andrea Cosentino <[email protected]>
---
.../ROOT/pages/camel-4x-upgrade-guide-4_14.adoc | 23 ++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git
a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
index ed843ccc9bbd..4c4579f9ebf9 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
@@ -179,6 +179,29 @@ work without changes. Routes that set the header by its
literal string value
(for example `setHeader("SEARCH_QUERY", ...)`) must be updated to use the
new value (`setHeader("CamelElasticsearchSearchQuery", ...)`).
+=== camel-mail
+
+The SMTP producer no longer extracts dynamic JavaMail session properties from
message headers by
+default. Previously any message header whose key started with `mail.smtp.` was
applied to a
+per-message `JavaMailSender`, which meant an upstream producer that mapped
untrusted input into the
+exchange header map (for example `platform-http` query parameters, JMS or
Kafka messages from
+untrusted producers) could override transport-security settings such as
`mail.smtp.ssl.trust` or
+`mail.smtp.starttls.enable`, or redirect the SMTP connection.
+
+This behaviour is now disabled by default. Routes that legitimately rely on
per-message
+`mail.smtp.*` headers must opt back in on the endpoint:
+
+[source,java]
+----
+.to("smtp://mymailserver:1234?useJavaMailSessionPropertiesFromHeaders=true");
+----
+
+Even with the opt-in, route authors should still strip the namespace with
+`removeHeaders("mail.smtp.*")` between any untrusted ingress and the mail
producer.
+
+In addition, the inbound `MailHeaderFilterStrategy` now blocks the
`mail.smtp.` / `mail.smtps.`
+prefix as well, so an external mail message can no longer inject these into a
downstream exchange.
+
== Upgrading from 4.14.2 to 4.14.3
=== camel-tika
