[ 
https://issues.apache.org/jira/browse/JAMES-3823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benoit Tellier updated JAMES-3823:
----------------------------------
        Parent: JAMES-3819
    Issue Type: Sub-task  (was: New Feature)

> Implement RFC-8689 RequireTLS
> -----------------------------
>
>                 Key: JAMES-3823
>                 URL: https://issues.apache.org/jira/browse/JAMES-3823
>             Project: James Server
>          Issue Type: Sub-task
>          Components: SMTPServer
>            Reporter: Benoit Tellier
>            Priority: Major
>
> Implement https://datatracker.ietf.org/doc/rfc8689/
> Abstract:
> {code:java}
>    The SMTP STARTTLS option, used in negotiating transport-level
>    encryption of SMTP connections, is not as useful from a security
>    standpoint as it might be because of its opportunistic nature;
>    message delivery is, by default, prioritized over security.  This
>    document describes an SMTP service extension, REQUIRETLS, and a
>    message header field, TLS-Required.  If the REQUIRETLS option or TLS-
>    Required message header field is used when sending a message, it
>    asserts a request on the part of the message sender to override the
>    default negotiation of TLS, [..] by requiring that TLS be
>    negotiated when the message is relayed [..].
> {code}
> Use it on the `smtpserver.xml` `requireSSL` option...



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org

Reply via email to