DKIM with multi-hosting
Hello, I'm not sure how to configure the DKIM mailet in a multi hosting scenario. The documentation at https://james.apache.org/howTo/dkim.html offers the following snippet v=1; s=james3; d=domain.example.com ; h=from : reply-to : subject : date : to : cc : resent-date : resent-from : resent-sender : resent-to : resent-cc : in-reply-to : references : list-id : list-help : list-unsubscribe : list-subscribe : list-post : list-owner : list-archive; a=rsa-sha256; bh=; b=; -BEGIN RSA PRIVATE KEY- [Your Private Key] -END RSA PRIVATE KEY- However this means that the domain is hard coded and works only in a single domain hosting scenario. Am I supposed to configure a dkim processor for each domain I'm hosting even if the rest of the configuration is the same ? This doesn't seem to align well with configuring the hosted domains through the REST API and even when using the domainlist.xml file it means duplicate declarations ... (maybe I misunderstand the use of the api for administering domains in https://james.apache.org/server/manage-webadmin.html#Administrating_domains) Shouldn't dkim information be configured/provided in the same place as the domains are configured ? Thanks ! jean
Develocity
Hello fellow james devs, I'm not sure how much context to provide in the email you can read more in https://issues.apache.org/jira/projects/JAMES/issues/JAMES-3978?filter=allopenissues TLDR; A few months ago the apache foundation announced a sponsorship of the "gradle" company for a tool to diagnose, monitor and optimize builds ( called gradle enterprise at the time and renamed develocity since) I posted a first PR to plug james build in that tool https://github.com/apache/james-project/pull/1972 This first integration brings only build scans and local caching - build scans can help us understand what slows our build - local caching allows local build perf improvements (I posted a small benchmark which shows a divide by 3 the time spent building james-server-core in a repeat build with no changes) The build scans also show that many tasks in the build are not actually cached so there is room for more improvement. The local cache does apply to surefire tasks,unfortunately the benefits for CI are very small : In the first stage we cache the compilation result itself but that represents a very small part of the test stages (even if we had to compile everything from scratch that's barely 20 minutes out of the 3h30 of the build so caching only marginally improves the build time at the moment the next stage would be to : - make more tasks cacheable - enable the remote build cache The remote build cache allows to share caching accross builds which means that if a change affects only a small portion of the build, only that change would effectively be recompiled and retested, so the closer to the "leafs" of the reactor a change would be the shorter its CI pipelines would be. I pinged INFRA in https://issues.apache.org/jira/browse/INFRA-25461 to know what the process is for enabling the remote build cache and it seems it starts with a mailing list thread :D note that - only the CI would be allowed to write to the remote build cache - build caches both local and remote can be disabled with properties (IIRC there are pretty strict constraints on release processes in the apache foundation) - I think it is possible to have the remote build cache be activated in readonly mode for everyone so that anyone pulling the repo would experience a very fast first build (but that remains to be confirmed as I have never experienced it) what do you think ? jean
Re: Upgrade James to JDK17?
Hi Rene I would be delighted as a developer,and it's not really an issue for my run as I use the docker images One thing to keep in mind is the enforcement of jigsaw modules this could be great in the long run (reduced jre.size with excluded modules) But it can also be a pain requiring passing command line arguments to enable opens required by libs. I'm not sure how bad it will be for James but at work we ended up using allopens which kinda defeats the purpose But still go, staying on an EOLed jre is bad for dev exp and operational security Jean Le lun. 6 nov. 2023 à 04:48, Rene Cordier a écrit : > Hello guys, > > Well currently James is based on JDK 11. Should we think about upgrading > to at least the next LTS, JDK 17? (or why even not the current LTS, > which is the JDK 21?) I saw it being asked by a community member on a PR > a while ago (Antoine Duprat) and in our company, we would be glad for > such an upgrade as well. > > Might need a bit of work but the project could definitely benefit from > it: records (finish the long verbose POJOs), pattern matching, better GC > handling, etc. > > Would other people be interested about it too? Is it a problem for some > others in the community? > > Rene. > > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > >
Re: Unable to send messages, relay denied. IMAP does work ok.
Hi marc, I took a look at the logs, I never encountered this issue so I'm not entirely sure what's going on but the failure seems to be in this part : > 2023-07-10 09:51:54,390 ERROR | > org.apache.james.domainlist.lib.AbstractDomainList | Cannot get IP > address(es) for Domain : localhost > 2023-07-10 09:51:54,394 WARN | > org.apache.james.dnsservice.dnsjava.DNSJavaService | Error determining > result > java.lang.IllegalStateException: Lookup of localhost A isn't done > 2023-07-10 09:51:54,394 ERROR | > org.apache.james.domainlist.lib.AbstractDomainList | Cannot get IP > address(es) for Domain : localhost > 2023-07-10 09:51:54,394 INFO | > org.apache.james.protocols.smtp.core.log.HookResultLogger | > org.apache.james.smtpserver.AuthRequiredToRelayRcptHook: result= (DENY > Connected) > If I interpret this correctly james is unable to figure out an IP address for localhost which is quite surprising... if you are running linux I suggest running either dig localhost or nslookup localhost and ping localhost to see if its a systemwide issue or something specific to james dns config. if you are running on macos, you might want to check your hostfile /etc/hosts which could be empty if none of this helps and the link to a dns issue doesn't help, you may want to enable debug logging for org.xbill.DNS which would give more insight into why the resolution of localhost fails Jean On Mon, Jul 10, 2023 at 7:59 PM Marc Chamberlin wrote: > Jean Helou - Thanks for your help and suggestions, much appreciated! OK, > I stopped the James server, deleted all log files for James, restarted the > server, and then tried to send an email. Attached you will find the > james-server-sample.log file that captured what happened. HTHs... > > On Sat, Jul 8, 2023 at 12:14 AM Jean Helou wrote: > >> Hello marc >> >> You wouldn't happen to have a session output and/or logs. >> It makes diagnosing the problem much easier and would help pinpoint the >> configuration setting that's incorrect. >> >> Have you changed the mailet container config by any chance ? >> > > Yes, there has been some changes made, but nothing out of the ordinary, as > far as I can remember, such as setting the postmaster email address etc., > Tell you what, I will attach the mailetcontainer as well, with some > sensitive information removed or obscured. > > Again, HTHs, and thanks for your thoughts and taking the time to > reply..Marc... > >> >> >> > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org
Re: Unable to send messages, relay denied. IMAP does work ok.
Hello marc You wouldn't happen to have a session output and/or logs. It makes diagnosing the problem much easier and would help pinpoint the configuration setting that's incorrect. Have you changed the mailet container config by any chance ? Jean Le sam. 8 juil. 2023 à 08:30, David Matthews a écrit : > hi Marc > > I'm not a james expert, but as a generic observation, since any mail > exchanger should allow local users to send mail (but indeed prevent > relaying from other sources unless explicitly deciding to allow them), I > suggest reverting to standard config and starting from there. > > There is a write up of an even more ancient James version here (using > maildir) > > https://dmatthews.org/java_email.html > > where I did have configs with everything working. > > If you don't get more specific help from someone else, that may be worth a > look. > > -- > David Matthews > m...@dmatthews.org > > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > >
Re: Attack on the James Server
hello Gunter, recent james 3.x code (it may be available for older versions I haven't checked) includes several useful pieces of information in a mapped diagnostic context (MDC ) which is accessible by the logging system. By default james will try to include values for all the following keys in the MDC when the information is contextually available public static final String HOST = "host"; public static final String IP = "ip"; public static final String PROTOCOL = "protocol"; public static final String USER = "user"; public static final String ACTION = "action"; public static final String SESSION_ID = "sessionId"; public static final String CHARSET = "charset"; you can change you logging configuration to include these fields for each log lines. this should be done in the logback.xml file it should have an "encoder" section under the "appender" blocks Here is what my console appender encoder looks like %d{HH:mm:ss.SSS} [%-5level] - %t - [p=%X{protocol},a=%X{action},s=%X{sessionId},u=%X{user}] - %logger{15} - %msg%n%rEx false you can see that I include the protocol, action, sessionId and user in all my log lines when they are available. you can make it output the ip by adding %X{ip} to your pattern best regards, jean On Thu, Jun 8, 2023 at 11:58 AM Günter Paul wrote: > Hi David, > > I'm afraid fail2ban can't help. > > The tool evaluates the log file, right? > > The problem is as follows: First, the attacker's IP address is written in > one line to the log file. And a second request could come almost at the > same time, the IP address is also written to the log file. Then a > non-existent user is written to the log file, unfortunately without > specifying the IP address. > > An assignment to the attacker is no longer possible. I'm afraid the > problem can only be solved within James himself. > > Example: > INFO | jvm 1| 2023/06/07 16:49:55 | 07-Jun-2023 16:49:55.869 INFO > [smtpserver-io-1] > org.apache.james.protocols.netty.BasicChannelInboundHandler.channelActive:103 > - Connection established from 59.2.248.84 > INFO | jvm 1| 2023/06/07 16:49:55 | 07-Jun-2023 16:49:55.901 INFO > [smtpserver-io-1] > org.apache.james.protocols.netty.BasicChannelInboundHandler.channelActive:103 > - Connection established from 58.12.250.90 > INFO | jvm 1| 2023/06/07 16:49:59 | 07-Jun-2023 16:49:59.761 INFO > [smtpserver-io-1] > org.apache.james.protocols.smtp.core.fastfail.AbstractValidRcptHandler.reject:61 > - Rejected message. Unknown user: b...@domaine.de > INFO | jvm 1| 2023/06/07 16:49:59 | 07-Jun-2023 16:49:59.761 INFO > [smtpserver-io-1] > org.apache.james.protocols.smtp.core.log.HookResultLogger.onHookResult:45 - > org.apache.james.smtpserver.fastfail.ValidRcptHandler: result= (DENY > CONNECTED) > > > > Günter Paul hat am 07.06.2023 17:24 CEST > geschrieben: > > > > > > Thanks David. You're probably right, I'll check fail2ban. At the oter > sinde: regex is not my friend though. > > > > BW Günter > > > > > David Matthews hat am 07.06.2023 16:40 > CEST geschrieben: > > > > > > > > > >Hello David, > > > > > > > >thanks for your information. Maybe fail2ban is a solution. I would > prefer to solve the problem with board funds from James. > > > > > > > With fail2ban, once you come up with a working regex, you're solving > the problem at a pre James level - in affect you would be operating an > automatic and dynamic firewall block. > > > > > > I think that's a deal more efficient than anything James or any other > mail exchanger can do. > > > > > > -- > > > David Matthews > > > m...@dmatthews.org > > > > > > > > > - > > > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > > > For additional commands, e-mail: server-user-h...@james.apache.org > > > > - > > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > > For additional commands, e-mail: server-user-h...@james.apache.org > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > >
Re: [ANNOUNCE] Apache James 3.7.0 released
Hello enrico, You can see all the improvements planned for the pulsar mailqueue component in https://issues.apache.org/jira/browse/JAMES-3695 Cheers, Jean On Fri, Mar 11, 2022 at 5:09 PM Enrico Olivelli wrote: > (forwarding to Pulsar ML from James) > > This is great ! > Apache James now have support for Apache Pulsar > > Cheers > Enrico > > Il giorno ven 11 mar 2022 alle ore 15:46 Tellier Benoit > ha scritto: > > > > The Apache James (https://james.apache.org) community is pleased to > > announce the availability of Apache James 3.7.0. > > > > Apache James is a modular email server written in Java. > > > > This release delivers many performance enhancements, bug fixes, > > additional features and new components. We recommend 3.6.x user to > > upgrade to it. > > > > As of Apache James version 3.7.0 we removed support for maildir storage > > format. Users relying on maildir are encouraged to switch to other > > backends. Maildir can still be used as part of the 3.6.x release train. > > > > The release is available now from our website: > > https://james.apache.org/download.html > > > > Release notes can be found at: > > > > > https://github.com/apache/james-project/blob/master/CHANGELOG.md#370---2022-03-01 > > > > Read more about this release: > > > > https://james.apache.org/james/update/2022/03/09/james-3.7.0.html > > > > Thanks to all involved, > > > > Benoit TELLIER in the name of the Apache James PMC > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > >
Re: Web Administration for James
I had not realized that 3.6 still used the old layout sorry Youu should be able to adapt the instructions at https://github.com/apache/james-project/tree/3.6.x#generating-a-package-for-james to build your assembly Le ven. 24 déc. 2021 à 14:14, Bs Serge a écrit : > ok. I see you may be referring to the master branch of the James project > which has the `server/apps` directory > but I'm building the 3.6.1 source codes which have a `server/app` directory > and it does not contain folders representing different assemblies as you > can see here on Github > https://github.com/apache/james-project/tree/3.6.x/server/app > > this is my 3.6.1 server/app directory structure after successful build : > > https://paste.0xfc.de/?e6f26d4c0790b002#5VdYUUvaJsDR2kzBTt34fMJyoLFBJGx4HtAnjWetH71q > > Kindly let me know how to achieve the guice+jpa assembly with the 3.6.1 > version > > Best regards, > > On Fri, Dec 24, 2021 at 2:05 PM Jean Helou wrote: > > > Sorry I wasn't clear > > > > Each of the folders in server/app represents a different runnable > > assembly. This is to demonstrate James modularity and how to create an > > assembly of your own with the specific modules you are looking for. > > You probably want to check the jpa-app assembly. > > > > Le ven. 24 déc. 2021 à 12:47, Bs Serge a écrit : > > > >> Great to know, > >> Tho it seems like my build didn't generate Guice+JPA artifacts inside > the > >> server/app folder, > >> to build I run `mvn clean install -DskipTests` > >> and there is no guice jar inside server/app > >> > >> Kindly let me know how to achive the guice+jpa setup > >> > >> Cheers > >> > >> > >> > >> > >> On Fri, Dec 24, 2021 at 12:57 PM Jean Helou > wrote: > >> > >> > Hello, > >> > > >> > Runnable assemblies are in server/apps/ > >> > > >> > Server/containers only contains the core libs > >> > > >> > Cheers > >> > > >> > > >> > Le ven. 24 déc. 2021 à 11:17, Bs Serge a écrit > : > >> > > >> > > My build was successful after some time, I want the Guice JPA setup, > >> > > So I went in server/container/guice/jpa-guice/target/ and I found > the > >> > > james-server-jpa-guice.zip file (93 MB), > >> > > I extracted the zip and it contains : > >> > > - conf (will all the configuration files) > >> > > - james-server-jpa-guice.lib (contains a bunch of jars) > >> > > > >> > > Though It does not contain the bin directory with the command line > >> tools > >> > to > >> > > run James > >> > > Seems like everything is in place except for the missing bin > directory > >> > and > >> > > there is no james-cli.jar or james-server-cli.jar in the zip file > >> > > > >> > > First, Let me know if this is the zip file I should be using > >> > > and Second, how do I go on and start James without the CLI tools? > >> > > > >> > > Best regards, > >> > > > >> > > > >> > > > >> > > On Fri, Dec 24, 2021 at 3:21 AM Garry Hurley < > >> garry.hurley...@gmail.com> > >> > > wrote: > >> > > > >> > > > Piggybacking on Jean’s response, you may be able to do a > skip-tests > >> on > >> > > the > >> > > > maven build, which will skip the Cassandra and Docker stuff. > >> > > > > >> > > > On Thu, Dec 23, 2021 at 4:50 PM Bs Serge > >> wrote: > >> > > > > >> > > > > Wow, it's amazing how you just spotted it. > >> > > > > > >> > > > > cheers > >> > > > > > >> > > > > On Thu, Dec 23, 2021 at 9:50 PM Jean Helou < > jean.he...@gmail.com> > >> > > wrote: > >> > > > > > >> > > > > > Hello, > >> > > > > > > >> > > > > > Even if you don't intend to use cassandra if you are building > >> the > >> > > whole > >> > > > > > repo from source it is going to build the cassandra packages. > >> The > >> > > > actual > >> > > > > > error is > >> > > > > > > >> > > > > > - 21:14:07.434 [ER
Re: Web Administration for James
Sorry I wasn't clear Each of the folders in server/app represents a different runnable assembly. This is to demonstrate James modularity and how to create an assembly of your own with the specific modules you are looking for. You probably want to check the jpa-app assembly. Le ven. 24 déc. 2021 à 12:47, Bs Serge a écrit : > Great to know, > Tho it seems like my build didn't generate Guice+JPA artifacts inside the > server/app folder, > to build I run `mvn clean install -DskipTests` > and there is no guice jar inside server/app > > Kindly let me know how to achive the guice+jpa setup > > Cheers > > > > > On Fri, Dec 24, 2021 at 12:57 PM Jean Helou wrote: > > > Hello, > > > > Runnable assemblies are in server/apps/ > > > > Server/containers only contains the core libs > > > > Cheers > > > > > > Le ven. 24 déc. 2021 à 11:17, Bs Serge a écrit : > > > > > My build was successful after some time, I want the Guice JPA setup, > > > So I went in server/container/guice/jpa-guice/target/ and I found the > > > james-server-jpa-guice.zip file (93 MB), > > > I extracted the zip and it contains : > > > - conf (will all the configuration files) > > > - james-server-jpa-guice.lib (contains a bunch of jars) > > > > > > Though It does not contain the bin directory with the command line > tools > > to > > > run James > > > Seems like everything is in place except for the missing bin directory > > and > > > there is no james-cli.jar or james-server-cli.jar in the zip file > > > > > > First, Let me know if this is the zip file I should be using > > > and Second, how do I go on and start James without the CLI tools? > > > > > > Best regards, > > > > > > > > > > > > On Fri, Dec 24, 2021 at 3:21 AM Garry Hurley < > garry.hurley...@gmail.com> > > > wrote: > > > > > > > Piggybacking on Jean’s response, you may be able to do a skip-tests > on > > > the > > > > maven build, which will skip the Cassandra and Docker stuff. > > > > > > > > On Thu, Dec 23, 2021 at 4:50 PM Bs Serge > wrote: > > > > > > > > > Wow, it's amazing how you just spotted it. > > > > > > > > > > cheers > > > > > > > > > > On Thu, Dec 23, 2021 at 9:50 PM Jean Helou > > > wrote: > > > > > > > > > > > Hello, > > > > > > > > > > > > Even if you don't intend to use cassandra if you are building the > > > whole > > > > > > repo from source it is going to build the cassandra packages. The > > > > actual > > > > > > error is > > > > > > > > > > > > - 21:14:07.434 [ERROR] o.t.d.DockerClientProviderStrategy - Could > > not > > > > > > find a valid Docker environment. Please check configuration. > > > Attempted > > > > > > configurations were: > > > > > > - 21:14:07.435 [ERROR] o.t.d.DockerClientProviderStrategy - > > > > > > UnixSocketClientProviderStrategy: failed with exception > > > > > > InvalidConfigurationException (Could not find unix domain > socket). > > > > > > Root cause NoSuchFileException (/var/run/docker.sock) > > > > > > > > > > > > > > > > > > All the tests for storage engine use testcontainers to spin up > > > > containers > > > > > > for the corresponding external tool (cassanda, postgresql, > > > > elasticsearch, > > > > > > rabbitmq, ...) many modules will fail to build if you don't have > > > docker > > > > > > available. > > > > > > > > > > > > cheers > > > > > > jean > > > > > > > > > > > > > > > > > > On Thu, Dec 23, 2021 at 8:39 PM Bs Serge > > > wrote: > > > > > > > > > > > > > I figured I'm using the wrong version of Java, I switched to > Java > > > 11 > > > > > > > > > > > > > > The next error is Cassandra related [1], and I don't want to > use > > > > > > Cassandra, > > > > > > > I want to use JPA instead > > > &g
Re: Web Administration for James
Hello, Runnable assemblies are in server/apps/ Server/containers only contains the core libs Cheers Le ven. 24 déc. 2021 à 11:17, Bs Serge a écrit : > My build was successful after some time, I want the Guice JPA setup, > So I went in server/container/guice/jpa-guice/target/ and I found the > james-server-jpa-guice.zip file (93 MB), > I extracted the zip and it contains : > - conf (will all the configuration files) > - james-server-jpa-guice.lib (contains a bunch of jars) > > Though It does not contain the bin directory with the command line tools to > run James > Seems like everything is in place except for the missing bin directory and > there is no james-cli.jar or james-server-cli.jar in the zip file > > First, Let me know if this is the zip file I should be using > and Second, how do I go on and start James without the CLI tools? > > Best regards, > > > > On Fri, Dec 24, 2021 at 3:21 AM Garry Hurley > wrote: > > > Piggybacking on Jean’s response, you may be able to do a skip-tests on > the > > maven build, which will skip the Cassandra and Docker stuff. > > > > On Thu, Dec 23, 2021 at 4:50 PM Bs Serge wrote: > > > > > Wow, it's amazing how you just spotted it. > > > > > > cheers > > > > > > On Thu, Dec 23, 2021 at 9:50 PM Jean Helou > wrote: > > > > > > > Hello, > > > > > > > > Even if you don't intend to use cassandra if you are building the > whole > > > > repo from source it is going to build the cassandra packages. The > > actual > > > > error is > > > > > > > > - 21:14:07.434 [ERROR] o.t.d.DockerClientProviderStrategy - Could not > > > > find a valid Docker environment. Please check configuration. > Attempted > > > > configurations were: > > > > - 21:14:07.435 [ERROR] o.t.d.DockerClientProviderStrategy - > > > > UnixSocketClientProviderStrategy: failed with exception > > > > InvalidConfigurationException (Could not find unix domain socket). > > > > Root cause NoSuchFileException (/var/run/docker.sock) > > > > > > > > > > > > All the tests for storage engine use testcontainers to spin up > > containers > > > > for the corresponding external tool (cassanda, postgresql, > > elasticsearch, > > > > rabbitmq, ...) many modules will fail to build if you don't have > docker > > > > available. > > > > > > > > cheers > > > > jean > > > > > > > > > > > > On Thu, Dec 23, 2021 at 8:39 PM Bs Serge > wrote: > > > > > > > > > I figured I'm using the wrong version of Java, I switched to Java > 11 > > > > > > > > > > The next error is Cassandra related [1], and I don't want to use > > > > Cassandra, > > > > > I want to use JPA instead > > > > > > > > > > [INFO] Apache James Cassandra backend . FAILURE > > > > [01:05 > > > > > min] > > > > > > > > > > [1] > > > > > > > > > > > > > > > > > > > > https://paste.0xfc.de/?df21131d3962c67c#Cfhsu8StrovVt9j2qHjZa4UXdEwx4FiFsf979Nkaixvx > > > > > > > > > > Any comments or thoughts would be appreciated! > > > > > > > > > > Best regards, > > > > > > > > > > On Thu, Dec 23, 2021 at 8:52 PM Bs Serge > > wrote: > > > > > > > > > > > Hi, > > > > > > > > > > > > I'm trying to compile the james-project 3.6.1 with maven and I'm > > > > > > experiencing this error [1] when I run `mvn clean install` > > > > > > > > > > > > "Fatal error compiling: invalid flag: --release" > > > > > > > > > > > > Apache Maven 3.8.4 > > > > > > Java version: 1.8.0_311 > > > > > > > > > > > > [1] > > > > > > > > > > > > > > > > > > > > > https://paste.0xfc.de/?a8332c3f91e8ff48#1PwvpmSCZq6L4z32BqarWCQBbhxPz35uSbnwcesd7QS > > > > > > > > > > > > Any comments or thoughts would be appreciated! > > > > > > > > > > > > Best regards, > > > > > > > > > > > > > > > > > > > > >
Re: Web Administration for James
Hello, Even if you don't intend to use cassandra if you are building the whole repo from source it is going to build the cassandra packages. The actual error is - 21:14:07.434 [ERROR] o.t.d.DockerClientProviderStrategy - Could not find a valid Docker environment. Please check configuration. Attempted configurations were: - 21:14:07.435 [ERROR] o.t.d.DockerClientProviderStrategy - UnixSocketClientProviderStrategy: failed with exception InvalidConfigurationException (Could not find unix domain socket). Root cause NoSuchFileException (/var/run/docker.sock) All the tests for storage engine use testcontainers to spin up containers for the corresponding external tool (cassanda, postgresql, elasticsearch, rabbitmq, ...) many modules will fail to build if you don't have docker available. cheers jean On Thu, Dec 23, 2021 at 8:39 PM Bs Serge wrote: > I figured I'm using the wrong version of Java, I switched to Java 11 > > The next error is Cassandra related [1], and I don't want to use Cassandra, > I want to use JPA instead > > [INFO] Apache James Cassandra backend . FAILURE [01:05 > min] > > [1] > > https://paste.0xfc.de/?df21131d3962c67c#Cfhsu8StrovVt9j2qHjZa4UXdEwx4FiFsf979Nkaixvx > > Any comments or thoughts would be appreciated! > > Best regards, > > On Thu, Dec 23, 2021 at 8:52 PM Bs Serge wrote: > > > Hi, > > > > I'm trying to compile the james-project 3.6.1 with maven and I'm > > experiencing this error [1] when I run `mvn clean install` > > > > "Fatal error compiling: invalid flag: --release" > > > > Apache Maven 3.8.4 > > Java version: 1.8.0_311 > > > > [1] > > > https://paste.0xfc.de/?a8332c3f91e8ff48#1PwvpmSCZq6L4z32BqarWCQBbhxPz35uSbnwcesd7QS > > > > Any comments or thoughts would be appreciated! > > > > Best regards, > > >
Re: SSL/TLS with Let's Encrypt
Hi james > "Installing a Certificate provided by a Certificate Authority" but Let's > Encrypt seems like a different beast than the other CAs mentioned on that > page, > Discalimer I have used lentsencrypt before but not for James yet. It gives you a classic keypair but as usual with TLS/ssl no two systems expect the certificates in the same format. You should be able to import it fairly easily, provided you do a bit of conversion through the openssl cli Can you check the section called "Creating a separate .keystore file" in this blog post : https://ordina-jworks.github.io/security/2019/08/14/Using-Lets-Encrypt-Certificates-In-Java.html This should let you import the produced certificate. If it still complains about the CA signed certificate, you can find these on the lentsencrypt website Jean >
Re: [Vote] migration to java 11
+1 On Fri, Oct 25, 2019 at 6:00 PM Matthieu Baechler wrote: > Hi dear users, > > This decision could interest you: in short, I propose a migration to > Java 11 as a runtime. > > Feel free to give your feedback. > > On Thu, 2019-10-24 at 16:43 +0200, Matthieu Baechler wrote: > > Hi, > > > > I would like to propose the migration to Java 11 as a runtime. > > > > I opened an ADR here: > > https://github.com/apache/james-project/pull/174 > > > > Here is the content of this ADR: > > > > --- > > # 9. Migration to Java Runtime Environment 11 > > > > Date: 2019-10-24 > > > > ## Status > > > > Proposed > > > > ## Context > > > > Java 11 is the only "Long Term Support" java release right now so > > more > > and more people will use it exclusively. > > > > James is known to build with Java Compiler 11 for some weeks. > > > > ## Decision > > > > We adopt Java Runtime Environment 11 for James as a runtime to > > benefits > > from a supported runtime and new features > > of the languages and the platform. > > > > ## Consequences > > > > * It requires the upgrade of Spring to 4.3.x. > > * All docker images should be updated to adoptopenjdk 11. > > * The documentation should be updated accordingly. > > > > --- > > > > Voting rules: > > > > I do propose a vote to ensure consensus on it: > > - Answer this mail with "+1" to support this decision > > - Answer this mail with "-1" if you reject this decision > > > > Negative votes should be motivated. Voting ends on 31th October 2019 > > 8am UTC. > > Cheers, > > -- > Matthieu Baechler > > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > >
Re: Change hashing algorthim for existing users
> Please first note that users' passwords are stored hashed in James thus > you would need anyway to change all passwords if you want to change > hashing algorithm. > How about making this technical transition transparent for the end user? For a period support both hashing : the new one as the primary the old one as a fallback. Each time a password uses the fallback the hash of the same string is computed and replaced the old hash in the database... This way you get seamless migration. This is what play framework did when they switched crypto cypher for session signing > > However, when using ADMIN API / CLI API, the algorithm is not change to > the latest one. I believe it should be the case (thus allowing rolling > hash algorithm upgrades). > > I created this ticket, summing up the issue: > https://issues.apache.org/jira/browse/JAMES-2471 > > Do you want to give it a try? Contributions would be very welcome on > this topic, and I can offer you help if need be. > > Cheers, > > Benoit Tellier > > Le 16/07/2018 à 23:20, Ashton Holmes a écrit : > > I recently changed my passwords to be hashed with SHA-512 however this > > change seems to only apply to new users and not when an existing user > > changes their password. Is there any way to make it apply when an > > existing user changes their password? > > > > > > - > > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > > For additional commands, e-mail: server-user-h...@james.apache.org > > > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > >