[
https://issues.apache.org/jira/browse/JAMES-3823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benoit Tellier updated JAMES-3823:
----------------------------------
Parent: JAMES-3819
Issue Type: Sub-task (was: New Feature)
> Implement RFC-8689 RequireTLS
> -----------------------------
>
> Key: JAMES-3823
> URL: https://issues.apache.org/jira/browse/JAMES-3823
> Project: James Server
> Issue Type: Sub-task
> Components: SMTPServer
> Reporter: Benoit Tellier
> Priority: Major
>
> Implement https://datatracker.ietf.org/doc/rfc8689/
> Abstract:
> {code:java}
> The SMTP STARTTLS option, used in negotiating transport-level
> encryption of SMTP connections, is not as useful from a security
> standpoint as it might be because of its opportunistic nature;
> message delivery is, by default, prioritized over security. This
> document describes an SMTP service extension, REQUIRETLS, and a
> message header field, TLS-Required. If the REQUIRETLS option or TLS-
> Required message header field is used when sending a message, it
> asserts a request on the part of the message sender to override the
> default negotiation of TLS, [..] by requiring that TLS be
> negotiated when the message is relayed [..].
> {code}
> Use it on the `smtpserver.xml` `requireSSL` option...
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
