[PR] [ENHANCEMENT] Smtp technical accounts [james-project]

Wed, 17 Sep 2025 22:58:16 -0700 


chibenwa opened a new pull request, #2810:
URL: https://github.com/apache/james-project/pull/2810

   My need:
   
   Port 25: authentication is disabled
   Port 465: submission, user auth, strict sender validation
   Port 26: opened locally with k8s cluster. I want to add auth for it not to 
be opened. 
   
   I do not want to create user for port 26 because:
    - I do not want to have a mailbox assiciated to it
    - I want the set up to be declarative to limit to the maximum manual actions
    
   The idea is to deploy to port 26 a specific auth mechanism matching 
configuration. 
    
   ```
       <handlerchain 
coreHandlersPackage="org.apache.james.smtpserver.NoAuthCmdHandlerLoader" 
enableJmx="false">
           <handler 
class="org.apache.james.protocols.smtp.core.esmtp.AuthCmdHandler" />
           <handler 
class="org.apache.james.smtpserver.SetMailAttributeMessageHook" >
               <name>technicaluser</name>
               <value>true</value>
           </handler>
           <handler class="org.apache.james.smtpserver.ConfigurationAuthHook" >
               <accounts>
                   <account>
                       <username>[email protected]</username>
                       <passwords>
                           <password>secret123456</password>
                           <password>here_to_ease_secret_rotation</password>
                           
<password>here_to_give_different_creds_to_each_app</password>
                       </passwords>
                   </account>
                   <account>
                       <username>[email protected]</username>
                       <passwords>
                           <password>secret234567</password>
                       </passwords>
                   </account>
               </accounts>
           </handler>
       </handlerchain>
   ```
   
   Env variables (and so secrets!) might be used for passwords...
   
   I also add a way to position mail attributes. This would enable in my use 
case to for instance bypass rate limiting.
   
   I decided to contribute this to ASF James as :
    - it is a fairly common use case
    - it can enable writing a James server without dependency on user 
repistories and potentially event without a DB, just a mail queue...
   
   If non consensual I can move the code to LINAGORA repos.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to