Sergey B. created JAMES-3017:
--------------------------------
Summary: James server exposes unsecured unmanaged TCP ports
Key: JAMES-3017
URL: https://issues.apache.org/jira/browse/JAMES-3017
Project: James Server
Issue Type: Bug
Reporter: Sergey B.
James server listening some TCP ports, which are neither controlled nor
documented.
Below is the list of ports listening by my instance of the mail server.
{code:java}
root@0dad7fbbb1d7:~/james-server-app-3.3.0/bin# ss -lnt
State Recv-Q Send-Q Local Address:Port
Peer Address:Port
LISTEN 0 128 127.0.0.1:45530
LISTEN 0 1 127.0.0.1:32000
LISTEN 0 128 *:993
LISTEN 0 50 *:9999
LISTEN 0 50 *:45167
LISTEN 0 128 *:465
LISTEN 0 50 *:46771
{code}
There is only one port that is really secured. For port to be secure it must
meet following conditions.
# Port must be documented. Users should know what protocol and for what
purposes are used.
# The protocol used to communicate through this port is secure.
# User should be able to bind it to specific network interface.
# User should be able to change its number.
# User should be able to completely disable it if it is not needed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
