(camel) branch camel-4.14.x updated: CAMEL-23522: camel-mail - gate JavaMail session properties from headers behind opt-in (#23362) (#23416)

acosentino Thu, 21 May 2026 10:36:44 -0700

This is an automated email from the ASF dual-hosted git repository.

oscerd pushed a commit to branch camel-4.14.x
in repository https://gitbox.apache.org/repos/asf/camel.git



The following commit(s) were added to refs/heads/camel-4.14.x by this push:
     new 2d2815d25606 CAMEL-23522: camel-mail - gate JavaMail session 
properties from headers behind opt-in (#23362) (#23416)
2d2815d25606 is described below

commit 2d2815d256068f15d42da3af27fa86fb5efad2ab
Author: Andrea Cosentino <[email protected]>
AuthorDate: Thu May 21 19:36:27 2026 +0200

    CAMEL-23522: camel-mail - gate JavaMail session properties from headers 
behind opt-in (#23362) (#23416)
    
    MailProducer.getSender extracted mail.smtp.* / mail.smtps. exchange headers 
and applied them as
    JavaMail session properties on a per-message custom sender. The namespace 
is Camel-internal
    (only MailProducer interprets it) and is not filtered by any 
HeaderFilterStrategy, so a route
    chaining an untrusted producer (platform-http, JMS, Kafka, ...) into 
smtp/smtps without an
    explicit removeHeaders between them let an attacker drive 
transport-security settings
    (mail.smtp.ssl.trust, mail.smtp.starttls.enable, mail.smtp.socks.host, ...).
    
    This is the same conceptual pattern as the Camel* header injection family 
(CAMEL-23222 /
    CVE-2025-27636), with a namespace that was missed in that sweep.
    
    Changes:
    
    * New @UriParam useJavaMailSessionPropertiesFromHeaders (default false, 
label
      producer,advanced,security, security=insecure:ssl) on MailConfiguration. 
When false,
      MailProducer.getSender always returns the default sender.
    * MailHeaderFilterStrategy now also filters mail.smtp. / mail.smtps. on the 
inbound path
      (defense in depth, mirroring CAMEL-23222).
    * Doc note in mail-component.adoc with the security warning and the opt-in 
URI.
    * Upgrade-guide entry in camel-4x-upgrade-guide-4_21.adoc.
    * Tests for both flag values and for the header-filter strategy behaviour.
    
    The build's SECURITY-OPTIONS generator picked up the new annotation and 
added the property to
    the policy-enforceable map in core/camel-util SecurityUtils.
    
    Signed-off-by: Andrea Cosentino <[email protected]>
---
 .../org/apache/camel/catalog/components/imap.json  |  8 ++-
 .../org/apache/camel/catalog/components/imaps.json |  8 ++-
 .../org/apache/camel/catalog/components/pop3.json  |  8 ++-
 .../org/apache/camel/catalog/components/pop3s.json |  8 ++-
 .../org/apache/camel/catalog/components/smtp.json  |  8 ++-
 .../org/apache/camel/catalog/components/smtps.json |  8 ++-
 .../component/mail/MailComponentConfigurer.java    |  6 ++
 .../component/mail/MailEndpointConfigurer.java     |  6 ++
 .../component/mail/MailEndpointUriFactory.java     |  3 +-
 .../org/apache/camel/component/mail/imap.json      |  8 ++-
 .../org/apache/camel/component/mail/imaps.json     |  8 ++-
 .../org/apache/camel/component/mail/pop3.json      |  8 ++-
 .../org/apache/camel/component/mail/pop3s.json     |  8 ++-
 .../org/apache/camel/component/mail/smtp.json      |  8 ++-
 .../org/apache/camel/component/mail/smtps.json     |  8 ++-
 .../camel-mail/src/main/docs/mail-component.adoc   | 19 +++--
 .../camel/component/mail/MailConfiguration.java    | 19 +++++
 .../component/mail/MailHeaderFilterStrategy.java   |  9 ++-
 .../apache/camel/component/mail/MailProducer.java  |  8 +++
 .../mail/MailHeaderFilterStrategyTest.java         | 62 +++++++++++++++++
 .../mail/MailSessionPropertiesFromHeadersTest.java | 80 ++++++++++++++++++++++
 .../ROOT/pages/camel-4x-upgrade-guide-4_14.adoc    | 23 +++++++
 .../component/dsl/ImapComponentBuilderFactory.java | 26 +++++++
 .../dsl/ImapsComponentBuilderFactory.java          | 26 +++++++
 .../component/dsl/Pop3ComponentBuilderFactory.java | 26 +++++++
 .../dsl/Pop3sComponentBuilderFactory.java          | 26 +++++++
 .../component/dsl/SmtpComponentBuilderFactory.java | 26 +++++++
 .../dsl/SmtpsComponentBuilderFactory.java          | 26 +++++++
 .../endpoint/dsl/MailEndpointBuilderFactory.java   | 46 +++++++++++++
 29 files changed, 490 insertions(+), 43 deletions(-)

diff --git 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imap.json
 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imap.json
index b2ab89b4dcc3..f026e0019fe5 100644
--- 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imap.json
+++ 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imap.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imaps.json
 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imaps.json
index 6e9f1cdb1504..4b35b6a5ba4e 100644
--- 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imaps.json
+++ 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/imaps.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3.json
 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3.json
index f11578cfe9dd..e24e96338dc5 100644
--- 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3.json
+++ 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3s.json
 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3s.json
index 38a81b20726d..27536b6d99f8 100644
--- 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3s.json
+++ 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/pop3s.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtp.json
 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtp.json
index 60599b031794..96cb8ac0a464 100644
--- 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtp.json
+++ 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtp.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtps.json
 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtps.json
index d3a3ebe8e95a..5dcf9850b61d 100644
--- 
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtps.json
+++ 
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/smtps.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailComponentConfigurer.java
 
b/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailComponentConfigurer.java
index c0169ddd0f5b..17e3bfca899f 100644
--- 
a/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailComponentConfigurer.java
+++ 
b/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailComponentConfigurer.java
@@ -111,6 +111,8 @@ public class MailComponentConfigurer extends 
PropertyConfigurerSupport implement
         case "useGlobalSslContextParameters": 
target.setUseGlobalSslContextParameters(property(camelContext, boolean.class, 
value)); return true;
         case "useinlineattachments":
         case "useInlineAttachments": 
getOrCreateConfiguration(target).setUseInlineAttachments(property(camelContext, 
boolean.class, value)); return true;
+        case "usejavamailsessionpropertiesfromheaders":
+        case "useJavaMailSessionPropertiesFromHeaders": 
getOrCreateConfiguration(target).setUseJavaMailSessionPropertiesFromHeaders(property(camelContext,
 boolean.class, value)); return true;
         case "username": 
getOrCreateConfiguration(target).setUsername(property(camelContext, 
java.lang.String.class, value)); return true;
         default: return false;
         }
@@ -200,6 +202,8 @@ public class MailComponentConfigurer extends 
PropertyConfigurerSupport implement
         case "useGlobalSslContextParameters": return boolean.class;
         case "useinlineattachments":
         case "useInlineAttachments": return boolean.class;
+        case "usejavamailsessionpropertiesfromheaders":
+        case "useJavaMailSessionPropertiesFromHeaders": return boolean.class;
         case "username": return java.lang.String.class;
         default: return null;
         }
@@ -290,6 +294,8 @@ public class MailComponentConfigurer extends 
PropertyConfigurerSupport implement
         case "useGlobalSslContextParameters": return 
target.isUseGlobalSslContextParameters();
         case "useinlineattachments":
         case "useInlineAttachments": return 
getOrCreateConfiguration(target).isUseInlineAttachments();
+        case "usejavamailsessionpropertiesfromheaders":
+        case "useJavaMailSessionPropertiesFromHeaders": return 
getOrCreateConfiguration(target).isUseJavaMailSessionPropertiesFromHeaders();
         case "username": return getOrCreateConfiguration(target).getUsername();
         default: return null;
         }
diff --git 
a/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointConfigurer.java
 
b/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointConfigurer.java
index a2ca579356e3..d2724a50ee0d 100644
--- 
a/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointConfigurer.java
+++ 
b/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointConfigurer.java
@@ -143,6 +143,8 @@ public class MailEndpointConfigurer extends 
PropertyConfigurerSupport implements
         case "useFixedDelay": target.setUseFixedDelay(property(camelContext, 
boolean.class, value)); return true;
         case "useinlineattachments":
         case "useInlineAttachments": 
target.getConfiguration().setUseInlineAttachments(property(camelContext, 
boolean.class, value)); return true;
+        case "usejavamailsessionpropertiesfromheaders":
+        case "useJavaMailSessionPropertiesFromHeaders": 
target.getConfiguration().setUseJavaMailSessionPropertiesFromHeaders(property(camelContext,
 boolean.class, value)); return true;
         case "username": 
target.getConfiguration().setUsername(property(camelContext, 
java.lang.String.class, value)); return true;
         default: return false;
         }
@@ -271,6 +273,8 @@ public class MailEndpointConfigurer extends 
PropertyConfigurerSupport implements
         case "useFixedDelay": return boolean.class;
         case "useinlineattachments":
         case "useInlineAttachments": return boolean.class;
+        case "usejavamailsessionpropertiesfromheaders":
+        case "useJavaMailSessionPropertiesFromHeaders": return boolean.class;
         case "username": return java.lang.String.class;
         default: return null;
         }
@@ -400,6 +404,8 @@ public class MailEndpointConfigurer extends 
PropertyConfigurerSupport implements
         case "useFixedDelay": return target.isUseFixedDelay();
         case "useinlineattachments":
         case "useInlineAttachments": return 
target.getConfiguration().isUseInlineAttachments();
+        case "usejavamailsessionpropertiesfromheaders":
+        case "useJavaMailSessionPropertiesFromHeaders": return 
target.getConfiguration().isUseJavaMailSessionPropertiesFromHeaders();
         case "username": return target.getConfiguration().getUsername();
         default: return null;
         }
diff --git 
a/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointUriFactory.java
 
b/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointUriFactory.java
index 96eac35e38fe..ff9c5332967d 100644
--- 
a/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointUriFactory.java
+++ 
b/components/camel-mail/src/generated/java/org/apache/camel/component/mail/MailEndpointUriFactory.java
@@ -24,7 +24,7 @@ public class MailEndpointUriFactory extends 
org.apache.camel.support.component.E
     private static final Set<String> SECRET_PROPERTY_NAMES;
     private static final Set<String> MULTI_VALUE_PREFIXES;
     static {
-        Set<String> props = new HashSet<>(71);
+        Set<String> props = new HashSet<>(72);
         props.add("additionalJavaMailProperties");
         props.add("alternativeBodyHeader");
         props.add("attachmentsContentTransferEncodingResolver");
@@ -95,6 +95,7 @@ public class MailEndpointUriFactory extends 
org.apache.camel.support.component.E
         props.add("unseen");
         props.add("useFixedDelay");
         props.add("useInlineAttachments");
+        props.add("useJavaMailSessionPropertiesFromHeaders");
         props.add("username");
         PROPERTY_NAMES = Collections.unmodifiableSet(props);
         Set<String> secretProps = new HashSet<>(2);
diff --git 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imap.json
 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imap.json
index b2ab89b4dcc3..f026e0019fe5 100644
--- 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imap.json
+++ 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imap.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imaps.json
 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imaps.json
index 6e9f1cdb1504..4b35b6a5ba4e 100644
--- 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imaps.json
+++ 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/imaps.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3.json
 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3.json
index f11578cfe9dd..e24e96338dc5 100644
--- 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3.json
+++ 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3s.json
 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3s.json
index 38a81b20726d..27536b6d99f8 100644
--- 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3s.json
+++ 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/pop3s.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtp.json
 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtp.json
index 60599b031794..96cb8ac0a464 100644
--- 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtp.json
+++ 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtp.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtps.json
 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtps.json
index d3a3ebe8e95a..5dcf9850b61d 100644
--- 
a/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtps.json
+++ 
b/components/camel-mail/src/generated/resources/META-INF/org/apache/camel/component/mail/smtps.json
@@ -73,7 +73,8 @@
     "password": { "index": 44, "kind": "property", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 45, "kind": "property", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
     "useGlobalSslContextParameters": { "index": 46, "kind": "property", 
"displayName": "Use Global Ssl Context Parameters", "group": "security", 
"label": "security", "required": false, "type": "boolean", "javaType": 
"boolean", "deprecated": false, "autowired": false, "secret": false, 
"defaultValue": false, "description": "Enable usage of global SSL context 
parameters." },
-    "username": { "index": 47, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 47, "kind": 
"property", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to all [...]
+    "username": { "index": 48, "kind": "property", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." }
   },
   "headers": {
     "Subject": { "index": 0, "kind": "header", "displayName": "", "group": 
"common", "label": "", "required": false, "javaType": "String", "deprecated": 
false, "deprecationNote": "", "autowired": false, "secret": false, 
"description": "Subject", "constantName": 
"org.apache.camel.component.mail.MailConstants#MAIL_SUBJECT" },
@@ -158,7 +159,8 @@
     "useFixedDelay": { "index": 66, "kind": "parameter", "displayName": "Use 
Fixed Delay", "group": "scheduler", "label": "consumer,scheduler", "required": 
false, "type": "boolean", "javaType": "boolean", "deprecated": false, 
"autowired": false, "secret": false, "defaultValue": true, "description": 
"Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in 
JDK for details." },
     "password": { "index": 67, "kind": "parameter", "displayName": "Password", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The password for login. See also 
setAuthenticator(MailAuthenticator)." },
     "sslContextParameters": { "index": 68, "kind": "parameter", "displayName": 
"Ssl Context Parameters", "group": "security", "label": "security", "required": 
false, "type": "object", "javaType": 
"org.apache.camel.support.jsse.SSLContextParameters", "deprecated": false, 
"autowired": false, "secret": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "To configure security using 
SSLContextParameters." },
-    "username": { "index": 69, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
-    "sortTerm": { "index": 70, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
+    "useJavaMailSessionPropertiesFromHeaders": { "index": 69, "kind": 
"parameter", "displayName": "Use Java Mail Session Properties From Headers", 
"group": "security", "label": "producer,advanced,security", "required": false, 
"type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": 
false, "secret": false, "defaultValue": false, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "Whether to al [...]
+    "username": { "index": 70, "kind": "parameter", "displayName": "Username", 
"group": "security", "label": "security", "required": false, "type": "string", 
"javaType": "java.lang.String", "deprecated": false, "autowired": false, 
"secret": true, "configurationClass": 
"org.apache.camel.component.mail.MailConfiguration", "configurationField": 
"configuration", "description": "The username for login. See also 
setAuthenticator(MailAuthenticator)." },
+    "sortTerm": { "index": 71, "kind": "parameter", "displayName": "Sort 
Term", "group": "sort", "label": "consumer,sort", "required": false, "type": 
"object", "javaType": "org.eclipse.angus.mail.imap.SortTerm[]", "deprecated": 
false, "autowired": false, "secret": false, "description": "Sorting order for 
messages. Only natively supported for IMAP. Emulated to some degree when using 
POP3 or when IMAP server does not have the SORT capability." }
   }
 }
diff --git a/components/camel-mail/src/main/docs/mail-component.adoc 
b/components/camel-mail/src/main/docs/mail-component.adoc
index 89de49429904..1d48b85741b3 100644
--- a/components/camel-mail/src/main/docs/mail-component.adoc
+++ b/components/camel-mail/src/main/docs/mail-component.adoc
@@ -584,20 +584,29 @@ SearchTerm term = builder.build();
 === Using headers with additional Java Mail Sender properties
 
 When sending mails, then you can provide dynamic java mail properties for the 
`JavaMailSender` from
-the Exchange as message headers with keys starting with `java.smtp.`.
+the Exchange as message headers with keys starting with `mail.smtp.`.
 
-You can set any of the `java.smtp` properties which you can find in the Java 
Mail documentation.
+You can set any of the `mail.smtp` properties which you can find in the Java 
Mail documentation.
 
-For example, to provide a dynamic uuid in `java.smtp.from` (SMTP MAIL command):
+For example, to provide a dynamic uuid in `mail.smtp.from` (SMTP MAIL command):
 
 [source,java]
 ----
     .setHeader("from", constant("[email protected]"));
-    .setHeader("java.smtp.from", method(UUID.class, "randomUUID"));
-    .to("smtp://mymailserver:1234");
+    .setHeader("mail.smtp.from", method(UUID.class, "randomUUID"));
+    
.to("smtp://mymailserver:1234?useJavaMailSessionPropertiesFromHeaders=true");
 ----
 
 NOTE: This is only supported when *not* using a custom `JavaMailSender`.
 
+WARNING: This feature is *disabled by default* and must be explicitly enabled 
with
+`useJavaMailSessionPropertiesFromHeaders=true`. The `mail.smtp.*` keys are a 
Camel-internal namespace
+that is not filtered by any `HeaderFilterStrategy`, so if these headers can 
originate from data
+crossing a trust boundary (for example HTTP query parameters, or JMS/Kafka 
messages from untrusted
+producers) an attacker could weaken transport security (such as 
`mail.smtp.ssl.trust` or
+`mail.smtp.starttls.enable`) or redirect the SMTP connection. Only enable the 
option when these
+headers are set exclusively by trusted route logic, and strip the namespace 
with
+`removeHeaders("mail.smtp.*")` before the producer when bridging an untrusted 
source.
+
 
 include::spring-boot:partial$starter.adoc[]
diff --git 
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailConfiguration.java
 
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailConfiguration.java
index 36fc2f868e7d..acff081608af 100644
--- 
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailConfiguration.java
+++ 
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailConfiguration.java
@@ -112,6 +112,8 @@ public class MailConfiguration implements Cloneable {
     private boolean useInlineAttachments;
     @UriParam(label = "advanced")
     private boolean ignoreUnsupportedCharset;
+    @UriParam(label = "producer,advanced,security")
+    private boolean useJavaMailSessionPropertiesFromHeaders;
     @UriParam
     @Metadata(label = "consumer")
     private boolean disconnect;
@@ -686,6 +688,23 @@ public class MailConfiguration implements Cloneable {
         this.useInlineAttachments = useInlineAttachments;
     }
 
+    public boolean isUseJavaMailSessionPropertiesFromHeaders() {
+        return useJavaMailSessionPropertiesFromHeaders;
+    }
+
+    /**
+     * Whether to allow dynamic JavaMail session properties (message headers 
whose key starts with <tt>mail.smtp.</tt>
+     * or <tt>mail.smtps.</tt>) to override the endpoint configuration on a 
per-message basis.
+     *
+     * This is disabled by default. Only enable it when these headers 
originate exclusively from trusted route logic,
+     * never from data crossing a trust boundary (for example HTTP query 
parameters, or JMS/Kafka messages from
+     * untrusted producers). When enabled, an attacker able to set these 
headers could weaken transport security (such
+     * as <tt>mail.smtp.ssl.trust</tt> or <tt>mail.smtp.starttls.enable</tt>) 
or redirect the SMTP connection.
+     */
+    public void setUseJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+        this.useJavaMailSessionPropertiesFromHeaders = 
useJavaMailSessionPropertiesFromHeaders;
+    }
+
     public boolean isIgnoreUnsupportedCharset() {
         return ignoreUnsupportedCharset;
     }
diff --git 
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailHeaderFilterStrategy.java
 
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailHeaderFilterStrategy.java
index 659cdcfbb039..c92548a6ac5e 100644
--- 
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailHeaderFilterStrategy.java
+++ 
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailHeaderFilterStrategy.java
@@ -16,6 +16,8 @@
  */
 package org.apache.camel.component.mail;
 
+import java.util.Arrays;
+
 import org.apache.camel.support.DefaultHeaderFilterStrategy;
 
 public class MailHeaderFilterStrategy extends DefaultHeaderFilterStrategy {
@@ -28,7 +30,12 @@ public class MailHeaderFilterStrategy extends 
DefaultHeaderFilterStrategy {
         setLowerCase(true);
         // filter headers begin with "Camel" or "org.apache.camel"
         setOutFilterStartsWith(CAMEL_FILTER_STARTS_WITH);
-        setInFilterStartsWith(CAMEL_FILTER_STARTS_WITH);
+        // on the inbound path also filter the Camel-internal mail.smtp.* / 
mail.smtps.* namespace so an
+        // external mail message cannot inject JavaMail session properties 
(CAMEL-23522)
+        String[] inFilter = Arrays.copyOf(CAMEL_FILTER_STARTS_WITH, 
CAMEL_FILTER_STARTS_WITH.length + 2);
+        inFilter[CAMEL_FILTER_STARTS_WITH.length] = "mail.smtp.";
+        inFilter[CAMEL_FILTER_STARTS_WITH.length + 1] = "mail.smtps.";
+        setInFilterStartsWith(inFilter);
     }
 
 }
diff --git 
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailProducer.java
 
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailProducer.java
index 417bf3a09614..92d4027a7b09 100644
--- 
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailProducer.java
+++ 
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailProducer.java
@@ -87,6 +87,14 @@ public class MailProducer extends DefaultAsyncProducer {
     }
 
     protected JavaMailSender getSender(Exchange exchange) {
+        // dynamic JavaMail session properties from message headers is an 
opt-in feature; it is disabled by
+        // default because mail.smtp.* is a Camel-internal namespace that is 
not filtered by any
+        // HeaderFilterStrategy, so an untrusted producer could otherwise 
weaken transport security or
+        // redirect the SMTP connection (CAMEL-23522)
+        if 
(!getEndpoint().getConfiguration().isUseJavaMailSessionPropertiesFromHeaders()) 
{
+            LOG.trace("Using default JavaMailSender 
(useJavaMailSessionPropertiesFromHeaders=false)");
+            return defaultSender;
+        }
         // do we have special headers
         Map<String, Object> additional = 
URISupport.extractProperties(exchange.getMessage().getHeaders(), "mail.smtp.");
         if (additional.isEmpty()) {
diff --git 
a/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailHeaderFilterStrategyTest.java
 
b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailHeaderFilterStrategyTest.java
new file mode 100644
index 000000000000..10670a6afd48
--- /dev/null
+++ 
b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailHeaderFilterStrategyTest.java
@@ -0,0 +1,62 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.mail;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+/**
+ * Verifies that {@link MailHeaderFilterStrategy} blocks the Camel-internal 
{@code mail.smtp.*} / {@code mail.smtps.*}
+ * namespace on the inbound path (CAMEL-23522) while still letting ordinary 
mail headers through, and that the existing
+ * {@code Camel*} filtering (CAMEL-23222) is preserved.
+ */
+public class MailHeaderFilterStrategyTest {
+
+    private final MailHeaderFilterStrategy strategy = new 
MailHeaderFilterStrategy();
+
+    @Test
+    public void testInboundFiltersSmtpPropertyNamespace() {
+        assertTrue(strategy.applyFilterToExternalHeaders("mail.smtp.host", 
"evil", null));
+        
assertTrue(strategy.applyFilterToExternalHeaders("mail.smtp.ssl.trust", "*", 
null));
+        assertTrue(strategy.applyFilterToExternalHeaders("mail.smtps.host", 
"evil", null));
+        // case-insensitive
+        
assertTrue(strategy.applyFilterToExternalHeaders("MAIL.SMTP.STARTTLS.ENABLE", 
"false", null));
+    }
+
+    @Test
+    public void testInboundStillFiltersCamelHeaders() {
+        assertTrue(strategy.applyFilterToExternalHeaders("CamelFileName", "x", 
null));
+        assertTrue(strategy.applyFilterToExternalHeaders("camelfilename", "x", 
null));
+    }
+
+    @Test
+    public void testInboundLetsOrdinaryMailHeadersThrough() {
+        assertFalse(strategy.applyFilterToExternalHeaders("Subject", "Hello", 
null));
+        assertFalse(strategy.applyFilterToExternalHeaders("To", 
"[email protected]", null));
+        // a header that merely contains, but does not start with, the 
namespace must pass
+        assertFalse(strategy.applyFilterToExternalHeaders("X-mail.smtp.host", 
"x", null));
+    }
+
+    @Test
+    public void testOutboundIsUnaffectedBySmtpNamespaceFilter() {
+        // the inbound-only filter must not change the outbound behaviour; 
only Camel* is filtered outbound
+        assertFalse(strategy.applyFilterToCamelHeaders("mail.smtp.host", 
"myhost", null));
+        assertTrue(strategy.applyFilterToCamelHeaders("CamelFileName", "x", 
null));
+    }
+}
diff --git 
a/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailSessionPropertiesFromHeadersTest.java
 
b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailSessionPropertiesFromHeadersTest.java
new file mode 100644
index 000000000000..698e6078ada3
--- /dev/null
+++ 
b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailSessionPropertiesFromHeadersTest.java
@@ -0,0 +1,80 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.mail;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.test.junit5.CamelTestSupport;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertNotSame;
+import static org.junit.jupiter.api.Assertions.assertSame;
+
+/**
+ * Verifies that dynamic JavaMail session properties provided as {@code 
mail.smtp.*} message headers only override the
+ * endpoint configuration when explicitly opted-in via {@code 
useJavaMailSessionPropertiesFromHeaders=true}
+ * (CAMEL-23522).
+ */
+public class MailSessionPropertiesFromHeadersTest extends CamelTestSupport {
+
+    private MailProducer producer(String uri) throws Exception {
+        MailEndpoint endpoint = context.getEndpoint(uri, MailEndpoint.class);
+        return (MailProducer) endpoint.createProducer();
+    }
+
+    private Exchange withSmtpHostHeader(MailProducer producer, String header) {
+        Exchange exchange = producer.getEndpoint().createExchange();
+        exchange.getMessage().setHeader(header, "attacker-smtp.example.com");
+        return exchange;
+    }
+
+    @Test
+    public void testHeadersIgnoredByDefault() throws Exception {
+        MailProducer producer = 
producer("smtp://user@myhost:25?password=secret");
+
+        // no special headers -> default sender
+        Exchange plain = producer.getEndpoint().createExchange();
+        JavaMailSender defaultSender = producer.getSender(plain);
+
+        // mail.smtp.* header present, but feature is disabled by default -> 
still the default sender
+        JavaMailSender withSmtp = 
producer.getSender(withSmtpHostHeader(producer, "mail.smtp.host"));
+        assertSame(defaultSender, withSmtp, "mail.smtp.* header must be 
ignored when feature is disabled (default)");
+    }
+
+    @Test
+    public void testHeadersHonouredWhenOptedIn() throws Exception {
+        MailProducer producer
+                = 
producer("smtp://user@myhost:25?password=secret&useJavaMailSessionPropertiesFromHeaders=true");
+
+        Exchange plain = producer.getEndpoint().createExchange();
+        JavaMailSender defaultSender = producer.getSender(plain);
+
+        // with the opt-in enabled, a mail.smtp.* header creates a per-message 
custom sender
+        JavaMailSender withSmtp = 
producer.getSender(withSmtpHostHeader(producer, "mail.smtp.host"));
+        assertNotSame(defaultSender, withSmtp, "mail.smtp.* header must create 
a custom sender when opted-in");
+    }
+
+    @Test
+    public void testNoHeadersAlwaysUsesDefaultSenderWhenOptedIn() throws 
Exception {
+        MailProducer producer
+                = 
producer("smtp://user@myhost:25?password=secret&useJavaMailSessionPropertiesFromHeaders=true");
+
+        Exchange a = producer.getEndpoint().createExchange();
+        Exchange b = producer.getEndpoint().createExchange();
+        // no mail.smtp.* headers at all -> default sender even when the 
feature is enabled
+        assertSame(producer.getSender(a), producer.getSender(b));
+    }
+}
diff --git 
a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc 
b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
index 954025c9c1dc..a91447cd981e 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
@@ -98,6 +98,29 @@ this pattern now fails fast with an 
`IllegalArgumentException` (wrapped in a
 `Neo4jOperationException`) instead of producing a malformed query. Property 
values continue to be
 passed as bound query parameters and are unaffected.
 
+=== camel-mail
+
+The SMTP producer no longer extracts dynamic JavaMail session properties from 
message headers by
+default. Previously any message header whose key started with `mail.smtp.` was 
applied to a
+per-message `JavaMailSender`, which meant an upstream producer that mapped 
untrusted input into the
+exchange header map (for example `platform-http` query parameters, JMS or 
Kafka messages from
+untrusted producers) could override transport-security settings such as 
`mail.smtp.ssl.trust` or
+`mail.smtp.starttls.enable`, or redirect the SMTP connection.
+
+This behaviour is now disabled by default. Routes that legitimately rely on 
per-message
+`mail.smtp.*` headers must opt back in on the endpoint:
+
+[source,java]
+----
+.to("smtp://mymailserver:1234?useJavaMailSessionPropertiesFromHeaders=true");
+----
+
+Even with the opt-in, route authors should still strip the namespace with
+`removeHeaders("mail.smtp.*")` between any untrusted ingress and the mail 
producer.
+
+In addition, the inbound `MailHeaderFilterStrategy` now blocks the 
`mail.smtp.` / `mail.smtps.`
+prefix as well, so an external mail message can no longer inject these into a 
downstream exchange.
+
 == Upgrading from 4.14.5 to 4.14.6
 
 === camel-platform-http-main
diff --git 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapComponentBuilderFactory.java
 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapComponentBuilderFactory.java
index 1f702e75f067..47da0a73892a 100644
--- 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapComponentBuilderFactory.java
+++ 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapComponentBuilderFactory.java
@@ -926,6 +926,31 @@ public interface ImapComponentBuilderFactory {
             return this;
         }
     
+        
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option is a: &lt;code&gt;boolean&lt;/code&gt; type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default ImapComponentBuilder 
useJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
+    
         /**
          * The username for login. See also 
setAuthenticator(MailAuthenticator).
          * 
@@ -1008,6 +1033,7 @@ public interface ImapComponentBuilderFactory {
             case "password": getOrCreateConfiguration((MailComponent) 
component).setPassword((java.lang.String) value); return true;
             case "sslContextParameters": 
getOrCreateConfiguration((MailComponent) 
component).setSslContextParameters((org.apache.camel.support.jsse.SSLContextParameters)
 value); return true;
             case "useGlobalSslContextParameters": ((MailComponent) 
component).setUseGlobalSslContextParameters((boolean) value); return true;
+            case "useJavaMailSessionPropertiesFromHeaders": 
getOrCreateConfiguration((MailComponent) 
component).setUseJavaMailSessionPropertiesFromHeaders((boolean) value); return 
true;
             case "username": getOrCreateConfiguration((MailComponent) 
component).setUsername((java.lang.String) value); return true;
             default: return false;
             }
diff --git 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapsComponentBuilderFactory.java
 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapsComponentBuilderFactory.java
index b1a81c565155..62d5b5db5ef8 100644
--- 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapsComponentBuilderFactory.java
+++ 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/ImapsComponentBuilderFactory.java
@@ -926,6 +926,31 @@ public interface ImapsComponentBuilderFactory {
             return this;
         }
     
+        
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option is a: &lt;code&gt;boolean&lt;/code&gt; type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default ImapsComponentBuilder 
useJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
+    
         /**
          * The username for login. See also 
setAuthenticator(MailAuthenticator).
          * 
@@ -1008,6 +1033,7 @@ public interface ImapsComponentBuilderFactory {
             case "password": getOrCreateConfiguration((MailComponent) 
component).setPassword((java.lang.String) value); return true;
             case "sslContextParameters": 
getOrCreateConfiguration((MailComponent) 
component).setSslContextParameters((org.apache.camel.support.jsse.SSLContextParameters)
 value); return true;
             case "useGlobalSslContextParameters": ((MailComponent) 
component).setUseGlobalSslContextParameters((boolean) value); return true;
+            case "useJavaMailSessionPropertiesFromHeaders": 
getOrCreateConfiguration((MailComponent) 
component).setUseJavaMailSessionPropertiesFromHeaders((boolean) value); return 
true;
             case "username": getOrCreateConfiguration((MailComponent) 
component).setUsername((java.lang.String) value); return true;
             default: return false;
             }
diff --git 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3ComponentBuilderFactory.java
 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3ComponentBuilderFactory.java
index c9420410c98d..fda38f6de97d 100644
--- 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3ComponentBuilderFactory.java
+++ 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3ComponentBuilderFactory.java
@@ -926,6 +926,31 @@ public interface Pop3ComponentBuilderFactory {
             return this;
         }
     
+        
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option is a: &lt;code&gt;boolean&lt;/code&gt; type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default Pop3ComponentBuilder 
useJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
+    
         /**
          * The username for login. See also 
setAuthenticator(MailAuthenticator).
          * 
@@ -1008,6 +1033,7 @@ public interface Pop3ComponentBuilderFactory {
             case "password": getOrCreateConfiguration((MailComponent) 
component).setPassword((java.lang.String) value); return true;
             case "sslContextParameters": 
getOrCreateConfiguration((MailComponent) 
component).setSslContextParameters((org.apache.camel.support.jsse.SSLContextParameters)
 value); return true;
             case "useGlobalSslContextParameters": ((MailComponent) 
component).setUseGlobalSslContextParameters((boolean) value); return true;
+            case "useJavaMailSessionPropertiesFromHeaders": 
getOrCreateConfiguration((MailComponent) 
component).setUseJavaMailSessionPropertiesFromHeaders((boolean) value); return 
true;
             case "username": getOrCreateConfiguration((MailComponent) 
component).setUsername((java.lang.String) value); return true;
             default: return false;
             }
diff --git 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3sComponentBuilderFactory.java
 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3sComponentBuilderFactory.java
index 9ecd5e251763..1953923c6036 100644
--- 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3sComponentBuilderFactory.java
+++ 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/Pop3sComponentBuilderFactory.java
@@ -926,6 +926,31 @@ public interface Pop3sComponentBuilderFactory {
             return this;
         }
     
+        
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option is a: &lt;code&gt;boolean&lt;/code&gt; type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default Pop3sComponentBuilder 
useJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
+    
         /**
          * The username for login. See also 
setAuthenticator(MailAuthenticator).
          * 
@@ -1008,6 +1033,7 @@ public interface Pop3sComponentBuilderFactory {
             case "password": getOrCreateConfiguration((MailComponent) 
component).setPassword((java.lang.String) value); return true;
             case "sslContextParameters": 
getOrCreateConfiguration((MailComponent) 
component).setSslContextParameters((org.apache.camel.support.jsse.SSLContextParameters)
 value); return true;
             case "useGlobalSslContextParameters": ((MailComponent) 
component).setUseGlobalSslContextParameters((boolean) value); return true;
+            case "useJavaMailSessionPropertiesFromHeaders": 
getOrCreateConfiguration((MailComponent) 
component).setUseJavaMailSessionPropertiesFromHeaders((boolean) value); return 
true;
             case "username": getOrCreateConfiguration((MailComponent) 
component).setUsername((java.lang.String) value); return true;
             default: return false;
             }
diff --git 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpComponentBuilderFactory.java
 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpComponentBuilderFactory.java
index d70368d7cb8b..a2d5f1efa29a 100644
--- 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpComponentBuilderFactory.java
+++ 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpComponentBuilderFactory.java
@@ -926,6 +926,31 @@ public interface SmtpComponentBuilderFactory {
             return this;
         }
     
+        
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option is a: &lt;code&gt;boolean&lt;/code&gt; type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default SmtpComponentBuilder 
useJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
+    
         /**
          * The username for login. See also 
setAuthenticator(MailAuthenticator).
          * 
@@ -1008,6 +1033,7 @@ public interface SmtpComponentBuilderFactory {
             case "password": getOrCreateConfiguration((MailComponent) 
component).setPassword((java.lang.String) value); return true;
             case "sslContextParameters": 
getOrCreateConfiguration((MailComponent) 
component).setSslContextParameters((org.apache.camel.support.jsse.SSLContextParameters)
 value); return true;
             case "useGlobalSslContextParameters": ((MailComponent) 
component).setUseGlobalSslContextParameters((boolean) value); return true;
+            case "useJavaMailSessionPropertiesFromHeaders": 
getOrCreateConfiguration((MailComponent) 
component).setUseJavaMailSessionPropertiesFromHeaders((boolean) value); return 
true;
             case "username": getOrCreateConfiguration((MailComponent) 
component).setUsername((java.lang.String) value); return true;
             default: return false;
             }
diff --git 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpsComponentBuilderFactory.java
 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpsComponentBuilderFactory.java
index 5d21961ac048..ffd4748932fe 100644
--- 
a/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpsComponentBuilderFactory.java
+++ 
b/dsl/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/SmtpsComponentBuilderFactory.java
@@ -926,6 +926,31 @@ public interface SmtpsComponentBuilderFactory {
             return this;
         }
     
+        
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option is a: &lt;code&gt;boolean&lt;/code&gt; type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default SmtpsComponentBuilder 
useJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
+    
         /**
          * The username for login. See also 
setAuthenticator(MailAuthenticator).
          * 
@@ -1008,6 +1033,7 @@ public interface SmtpsComponentBuilderFactory {
             case "password": getOrCreateConfiguration((MailComponent) 
component).setPassword((java.lang.String) value); return true;
             case "sslContextParameters": 
getOrCreateConfiguration((MailComponent) 
component).setSslContextParameters((org.apache.camel.support.jsse.SSLContextParameters)
 value); return true;
             case "useGlobalSslContextParameters": ((MailComponent) 
component).setUseGlobalSslContextParameters((boolean) value); return true;
+            case "useJavaMailSessionPropertiesFromHeaders": 
getOrCreateConfiguration((MailComponent) 
component).setUseJavaMailSessionPropertiesFromHeaders((boolean) value); return 
true;
             case "username": getOrCreateConfiguration((MailComponent) 
component).setUsername((java.lang.String) value); return true;
             default: return false;
             }
diff --git 
a/dsl/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/MailEndpointBuilderFactory.java
 
b/dsl/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/MailEndpointBuilderFactory.java
index 1ce3be3e8f3f..015596795d08 100644
--- 
a/dsl/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/MailEndpointBuilderFactory.java
+++ 
b/dsl/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/MailEndpointBuilderFactory.java
@@ -2718,6 +2718,52 @@ public interface MailEndpointBuilderFactory {
             doSetProperty("useInlineAttachments", useInlineAttachments);
             return this;
         }
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option is a: <code>boolean</code> type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default AdvancedMailEndpointProducerBuilder 
useJavaMailSessionPropertiesFromHeaders(boolean 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
+        /**
+         * Whether to allow dynamic JavaMail session properties (message 
headers
+         * whose key starts with mail.smtp. or mail.smtps.) to override the
+         * endpoint configuration on a per-message basis. This is disabled by
+         * default. Only enable it when these headers originate exclusively 
from
+         * trusted route logic, never from data crossing a trust boundary (for
+         * example HTTP query parameters, or JMS/Kafka messages from untrusted
+         * producers). When enabled, an attacker able to set these headers 
could
+         * weaken transport security (such as mail.smtp.ssl.trust or
+         * mail.smtp.starttls.enable) or redirect the SMTP connection.
+         * 
+         * The option will be converted to a <code>boolean</code> type.
+         * 
+         * Default: false
+         * Group: security
+         * 
+         * @param useJavaMailSessionPropertiesFromHeaders the value to set
+         * @return the dsl builder
+         */
+        default AdvancedMailEndpointProducerBuilder 
useJavaMailSessionPropertiesFromHeaders(String 
useJavaMailSessionPropertiesFromHeaders) {
+            doSetProperty("useJavaMailSessionPropertiesFromHeaders", 
useJavaMailSessionPropertiesFromHeaders);
+            return this;
+        }
     }
 
     /**

(camel) branch camel-4.14.x updated: CAMEL-23522: camel-mail - gate JavaMail session properties from headers behind opt-in (#23362) (#23416)

Reply via email to