Hello guys, While running some performance tests against SMTP protocol, I crossed what I believe being potentially an issue regarding the configuration of SMTP in James through the smtpserver.xml file.
What I observed is that we have two params that, according to the official doc, are supposed to be coupled together: authRequired and verifyIdentity. In our default shipped conf for the port 25 we have: <authRequired>false</authRequired> <verifyIdentity>true</verifyIdentity> In the official doc, regarding verifyIdentity:
"This is an optional tag with a boolean body. This option can only be
used if SMTP authentication is required. If the parameter is set to true then the sender address for the submitted message will be verified against the authenticated subject. Verify sender addresses, ensuring that the sender address matches the user who has authenticated. It will verify that the sender address matches the address of the user or one of its alias (from user or domain aliases). This prevents a user of your mail server from acting as someone else If unspecified, default value is true." The behavior I observed with this was that James was rehecting my SMTP calls because the user was not identified. It seems to force the auth to be able to verify identity, despite saying auth is not required and the doc saying that verifyIdentity should only be used if auth is required. So I believe something is wrong here. I would see 3 ways to resolve that potentially here. 1. If authRequired is set to false, we should reject verifyIdenty=true, as it makes no logical sense. People might need to update their James running installation though (but easy) 2. If authRequired is set to false, we can silently ignore verifyIdentity is set to true. 3. We keep this current behavior, but need to change the documentation accordingly and add a warning log as well during James startup. I personally prefer the first one, as this is the way it's documented for now and I found it more logical. However, it's completely opened to discussion (thus the mail). Depending on the feedback, will create the according JIRA fix ticket. Thank you all, have a good day! Rene. --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
