From email address Validation
Dear All, In apache james we are able to send the emails within same domain (ex. from us...@example.com to us...@example.com) wherein user1@example doesn't exist. Is there any configuration setting within apache james to validate for from address or has to be done manually within our application? Thanks&Regards Pratap Kumar Kale
Merge Mailet JIRA projects (was: Re: work on mailets)
On 13/12/2012 10:56, Ioan Eugen Stan wrote: Hello, After the response on INFRA it looks like move + delete is an option. I am going move issues this week-end + ticket on infra to delete obsolete projects. Eric, is that ok with you? OK for me. Just ensure that all tickets (close/open/...) are moved to their new home. Thx, Eric - To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
Merge Mailet JIRA projects (was: Re: work on mailets)
On 13/12/2012 10:56, Ioan Eugen Stan wrote: Hello, After the response on INFRA it looks like move + delete is an option. I am going move issues this week-end + ticket on infra to delete obsolete projects. Eric, is that ok with you? Ok for me. Just ensure that all (closed/open/...) tickets are moved to their new home. Thx, Eric - To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
Re: supportedCipherSuites not working for startTLS
On 12/12/2012 16:46, Phillip Odam wrote: Hi Eric Thanks for detailing the procedure for providing a patch, I've created the task - PROTOCOLS-99 and attached the patch. Great! Let me know if I need to explicitly grant the apache license somewhere in particular. When uploading the patch, you should have be prompted for that. No? On a side note is the detail regarding providing patches on http://james.apache.org/contribute.html still up to date? This page needs to be updated indeed (we don't use bugzilla anymore). Thanks Phillip On 12/12/12 7:04 AM, Eric Charles wrote: Great. The procedure to sumit a code change is to open a JIRA (in your case on https://issues.apache.org/jira/browse/PROTOCOLS) and upload the patch granting Apache for the license. I know this is a tiny change, but it allows to track down the history... Would you mind opening that JIRA? Thx, Eric - To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org - To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org - To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
svn commit: r1422194 - /james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/Encryption.java
Author: eric
Date: Sat Dec 15 06:42:33 2012
New Revision: 1422194
URL: http://svn.apache.org/viewvc?rev=1422194&view=rev
Log:
Fix supportedCipherSuites not working for startTLS, patch provded by Phillip
Odam (PROTOCOLS-99)
Modified:
james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/Encryption.java
Modified:
james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/Encryption.java
URL:
http://svn.apache.org/viewvc/james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/Encryption.java?rev=1422194&r1=1422193&r2=1422194&view=diff
==
---
james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/Encryption.java
(original)
+++
james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/Encryption.java
Sat Dec 15 06:42:33 2012
@@ -23,21 +23,20 @@ import javax.net.ssl.SSLContext;
/**
* This class should be used to setup encrypted protocol handling
- *
+ *
*/
public final class Encryption {
private final SSLContext context;
private final boolean starttls;
private final String[] enabledCipherSuites;
-
+
private Encryption(SSLContext context, boolean starttls, String[]
enabledCipherSuites) {
this.context = context;
this.starttls = starttls;
this.enabledCipherSuites = enabledCipherSuites;
}
-
/**
*
* @see #createStartTls(SSLContext, String[])
@@ -45,12 +44,14 @@ public final class Encryption {
public static Encryption createTls(SSLContext context) {
return createTls(context, null);
}
-
+
/**
- * Create a new {@link Encryption} which is TLS based and only allows the
given Ciphersuites
+ * Create a new {@link Encryption} which is TLS based and only allows the
+ * given Ciphersuites
*
* @param context
- * @param enabledCipherSuites or null if all Ciphersuites
should be allowed
+ * @param enabledCipherSuites
+ *or null if all Ciphersuites should be allowed
* @return enc
*/
public static Encryption createTls(SSLContext context, String[]
enabledCipherSuites) {
@@ -64,18 +65,20 @@ public final class Encryption {
public static Encryption createStartTls(SSLContext context) {
return createStartTls(context, null);
}
-
+
/**
- * Create a new {@link Encryption} which uses STARTTLS and only allows the
given Ciphersuites
+ * Create a new {@link Encryption} which uses STARTTLS and only allows the
+ * given Ciphersuites
*
* @param context
- * @param enabledCipherSuites or null if all Ciphersuites
should be allowed
+ * @param enabledCipherSuites
+ *or null if all Ciphersuites should be allowed
* @return enc
*/
public static Encryption createStartTls(SSLContext context, String[]
enabledCipherSuites) {
-return new Encryption(context, true, null);
+return new Encryption(context, true, enabledCipherSuites);
}
-
+
/**
* Return the {@link SSLContext} to use
*
@@ -84,18 +87,20 @@ public final class Encryption {
public SSLContext getContext() {
return context;
}
-
+
/**
- * Return true if this {@link Encryption} should be used for
STARTTLS
+ * Return true if this {@link Encryption} should be used for
+ * STARTTLS
*
* @return starttls
*/
public boolean isStartTLS() {
return starttls;
}
-
+
/**
- * Return the Ciphersuites that are allowed for the {@link Encryption} or
null if all should be allowed
+ * Return the Ciphersuites that are allowed for the {@link Encryption} or
+ * null if all should be allowed
*
* @return ciphersuites
*/
-
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
[jira] [Resolved] (PROTOCOLS-99) supportedCipherSuites not working for startTLS
[ https://issues.apache.org/jira/browse/PROTOCOLS-99?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Eric Charles resolved PROTOCOLS-99. --- Resolution: Fixed Fix Version/s: 1.6.3 Patch committed in trunk. Thx Phillip. > supportedCipherSuites not working for startTLS > -- > > Key: PROTOCOLS-99 > URL: https://issues.apache.org/jira/browse/PROTOCOLS-99 > Project: James Protocols > Issue Type: Bug > Components: api >Affects Versions: 2.0.0, 1.6.2, 1.6.3 >Reporter: Phillip Odam >Assignee: Eric Charles > Fix For: 1.6.3 > > Attachments: starttls and supported cipher suite config.patch > > Original Estimate: 1h > Remaining Estimate: 1h > > Setting the supported cipher suites when startTLS is enabled is not limiting > the available ciphers since the instantiation of the Encryption object always > sets the member enabledCipherSuites to null. > Demonstrate issue: > Add the following to the tls tag in conf/smtpserver.conf > >TLS_DHE_DSS_WITH_AES_256_CBC_SHA > > With the change active, attempting to connect to the server with the > following command will succeed (with a weaker cipher) > openssl s_client -connect mail.server.tld:25 -crlf -starttls smtp -cipher LOW -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira - To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
Re: From email address Validation
Hi Pratap, In smtpserver.conf, set the verifyIdentity tag to true. Thx, Eric On 14/12/2012 14:03, Pratap Kale wrote: Dear All, In apache james we are able to send the emails within same domain (ex. from us...@example.com to us...@example.com) wherein user1@example doesn't exist. Is there any configuration setting within apache james to validate for from address or has to be done manually within our application? Thanks&Regards Pratap Kumar Kale - To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
