Re: [PR] POC Make all queues on Rabbitmq quorum queue when quorum option is en… [james-project]
quantranhong1999 commented on code in PR #2065: URL: https://github.com/apache/james-project/pull/2065#discussion_r1555219520 ## event-bus/distributed/src/main/java/org/apache/james/events/KeyRegistrationHandler.java: ## @@ -128,7 +128,7 @@ private void declareQueue(Sender sender) { QueueSpecification.queue(registrationQueue.asString()) .durable(configuration.isEventBusNotificationDurabilityEnabled()) .exclusive(!EXCLUSIVE) -.autoDelete(AUTO_DELETE) +.autoDelete(!AUTO_DELETE) Review Comment: Hmm normally key queues should be cleaned up by James upon James shutdown: https://github.com/apache/james-project/blob/master/event-bus/distributed/src/main/java/org/apache/james/events/KeyRegistrationHandler.java#L140 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] POC Make all queues on Rabbitmq quorum queue when quorum option is en… [james-project]
quantranhong1999 commented on code in PR #2065: URL: https://github.com/apache/james-project/pull/2065#discussion_r1555214281 ## event-bus/distributed/src/main/java/org/apache/james/events/KeyRegistrationHandler.java: ## @@ -128,7 +128,7 @@ private void declareQueue(Sender sender) { QueueSpecification.queue(registrationQueue.asString()) .durable(configuration.isEventBusNotificationDurabilityEnabled()) .exclusive(!EXCLUSIVE) -.autoDelete(AUTO_DELETE) +.autoDelete(!AUTO_DELETE) Review Comment: Likely we can write a task to clean up inactive RabbitMQ queues (no consumers) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] POC Make all queues on Rabbitmq quorum queue when quorum option is en… [james-project]
quantranhong1999 commented on code in PR #2065: URL: https://github.com/apache/james-project/pull/2065#discussion_r1555201412 ## event-bus/distributed/src/main/java/org/apache/james/events/KeyRegistrationHandler.java: ## @@ -128,7 +128,7 @@ private void declareQueue(Sender sender) { QueueSpecification.queue(registrationQueue.asString()) .durable(configuration.isEventBusNotificationDurabilityEnabled()) .exclusive(!EXCLUSIVE) -.autoDelete(AUTO_DELETE) +.autoDelete(!AUTO_DELETE) Review Comment: But thinking more about that, not applying quorum queue to the key queues could again break James if a RabbitMQ node is down... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] Added ingressClassName support and adminIngress for k8s [james-project]
baikjy0215 commented on PR #2188: URL: https://github.com/apache/james-project/pull/2188#issuecomment-2041819851 Sorry, I added separate commit that adds support for adminIngress. Although it is not related to ingressClassName, it is useful for the operator as the Admin and Jamp Ingress can be enabled or disabled separately. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] POC Make all queues on Rabbitmq quorum queue when quorum option is en… [james-project]
quantranhong1999 commented on code in PR #2065: URL: https://github.com/apache/james-project/pull/2065#discussion_r1555194095 ## event-bus/distributed/src/main/java/org/apache/james/events/KeyRegistrationHandler.java: ## @@ -128,7 +128,7 @@ private void declareQueue(Sender sender) { QueueSpecification.queue(registrationQueue.asString()) .durable(configuration.isEventBusNotificationDurabilityEnabled()) .exclusive(!EXCLUSIVE) -.autoDelete(AUTO_DELETE) +.autoDelete(!AUTO_DELETE) Review Comment: the key queue seems volatile and can accept message lost to me -> Maybe we do not need to apply quorum queue on key queues? After James restarts, a key queue would not be consumed anymore. So I think we should keep autoDelete if possible to avoid flushing RabbitMQ with unused key queues. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] JAMES-4025 Drop JMAP draft [james-project]
vttranlina commented on PR #2187: URL: https://github.com/apache/james-project/pull/2187#issuecomment-2041771241 A lot of Webadmin integration tests use Jmap Draft for testing We need to rewrite it to jmap rfc -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] [FIX] JWT should not attempt to unzip data by default [james-project]
quantranhong1999 commented on PR #2189: URL: https://github.com/apache/james-project/pull/2189#issuecomment-2041756088 Nothing to add -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] Added ingressClassName support for k8s ingress [james-project]
baikjy0215 commented on PR #2188: URL: https://github.com/apache/james-project/pull/2188#issuecomment-2041619242 Sure, it would be better to remove it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] [FIX] JWT should not attempt to unzip data by default [james-project]
ottoka commented on code in PR #2189: URL: https://github.com/apache/james-project/pull/2189#discussion_r1555083407 ## server/protocols/jwt/src/main/java/org/apache/james/jwt/JwtTokenVerifier.java: ## @@ -25,16 +25,36 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import com.google.common.annotations.VisibleForTesting; import com.google.common.collect.ImmutableList; import io.jsonwebtoken.Claims; +import io.jsonwebtoken.CompressionCodecResolver; import io.jsonwebtoken.Jws; import io.jsonwebtoken.JwtException; import io.jsonwebtoken.JwtParser; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.impl.compression.DefaultCompressionCodecResolver; public class JwtTokenVerifier { +private static final CompressionCodecResolver DEFAULT_COMPRESSION_CODEC_RESOLVER = new DefaultCompressionCodecResolver(); +private static final CompressionCodecResolver SECURE_COMPRESSION_CODEC_RESOLVER = header -> { +if (Optional.ofNullable(header.getCompressionAlgorithm()).isPresent()) { +throw new RuntimeException("Rejecting a ZIP JWT. Usage of ZIPPED JWT can result in " + +"excessive memory usage with malicious JWT tokens. To activate support for ZIPPed" + +"JWT please run James with the -Djames.jwt.zip.allow=true system property."); Review Comment: I suggest you put this in jvm.properties with the other tweakable odds and ends. Gives users a chance to find this later without checking the source code. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
Re: [PR] Added ingressClassName support for k8s ingress [james-project]
chibenwa commented on PR #2188: URL: https://github.com/apache/james-project/pull/2188#issuecomment-2041501887 Shall we remove ``` kubernetes.io/ingress.class: nginx ``` By default? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
[PR] [FIX] JWT should not attempt to unzip data by default [james-project]
chibenwa opened a new pull request, #2189: URL: https://github.com/apache/james-project/pull/2189 jjwt support zip by default yet uncompression of untrusted data can result in excessive memory/cpu usage for special crafted malicious payload. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
[PR] Added ingressClassName support for k8s ingress [james-project]
baikjy0215 opened a new pull request, #2188: URL: https://github.com/apache/james-project/pull/2188 For James Helm Chart, the current version uses kubernetes.io/ingress.class annotation that has been deprecated. It is encouraged to use ingressClassName instead for Kubernetes v1.18+. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
(james-project) branch master updated: [DOCUMENTATION] Refresh server/features.xml (#2178)
This is an automated email from the ASF dual-hosted git repository. btellier pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/james-project.git The following commit(s) were added to refs/heads/master by this push: new 6a316e53a7 [DOCUMENTATION] Refresh server/features.xml (#2178) 6a316e53a7 is described below commit 6a316e53a7c0a2070fd376cbbcb1bf469119441e Author: Benoit TELLIER AuthorDate: Sun Apr 7 13:24:30 2024 +0700 [DOCUMENTATION] Refresh server/features.xml (#2178) --- src/site/xdoc/server/features.xml | 78 +-- 1 file changed, 18 insertions(+), 60 deletions(-) diff --git a/src/site/xdoc/server/features.xml b/src/site/xdoc/server/features.xml index e0e383229e..1e09ae2f56 100644 --- a/src/site/xdoc/server/features.xml +++ b/src/site/xdoc/server/features.xml @@ -45,7 +45,7 @@ POP3 -Experimental +Stable yes yes 1.1 @@ -53,7 +53,7 @@ IMAP -Supported +Stable yes no 3.0 @@ -69,7 +69,7 @@ LMTP -Experimental +Stable yes no @@ -85,15 +85,15 @@ NNTP -Experimental +Dropped (3.x) no yes 1.2 1.2 -TLS POP3/SMTP -Experimental +TLS POP3/SMTP/IMAP +Stable yes yes 1.2 @@ -101,7 +101,7 @@ Mailing List -Experimental +Dropped (3.x) no yes @@ -109,7 +109,7 @@ FetchMail -Stable +Experimental yes yes 2.2 @@ -141,7 +141,7 @@ TLS Remote Manager -Stable +Dropped (3.x) yes yes 1.2 @@ -149,7 +149,7 @@ JPA Mailbox -Stable +Legacy yes no @@ -157,7 +157,7 @@ Cassandra Mailbox -Beta +Stable yes no 3.0.0 @@ -165,7 +165,7 @@ Lucene search -Stable +Legacy yes no @@ -181,7 +181,7 @@ Simple search -Stable +Stable but not advised yes no 3.0.0 @@ -195,14 +195,6 @@ 1.2 1.0 - -JDBC Database Mail Store -Experimental -yes -yes -1.2 -1.2 - JPA Database Mail Store Experimental @@ -211,22 +203,6 @@ - -Alternate Mail stores -Experimental -yes -yes - - - - -JDBC Users -Stable -yes -yes -1.2.1 -1.2.1 - JPA Users Stable @@ -237,7 +213,7 @@ Cassandra Users -Beta +Stable yes no 3.0.0 @@ -245,20 +221,12 @@ LDAP Users -Experimental +Stable yes yes
Re: [PR] [DOCUMENTATION] Refresh server/features.xml [james-project]
chibenwa merged PR #2178: URL: https://github.com/apache/james-project/pull/2178 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org