[ https://issues.apache.org/jira/browse/JAMES-3823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benoit Tellier updated JAMES-3823: ---------------------------------- Parent: JAMES-3819 Issue Type: Sub-task (was: New Feature) > Implement RFC-8689 RequireTLS > ----------------------------- > > Key: JAMES-3823 > URL: https://issues.apache.org/jira/browse/JAMES-3823 > Project: James Server > Issue Type: Sub-task > Components: SMTPServer > Reporter: Benoit Tellier > Priority: Major > > Implement https://datatracker.ietf.org/doc/rfc8689/ > Abstract: > {code:java} > The SMTP STARTTLS option, used in negotiating transport-level > encryption of SMTP connections, is not as useful from a security > standpoint as it might be because of its opportunistic nature; > message delivery is, by default, prioritized over security. This > document describes an SMTP service extension, REQUIRETLS, and a > message header field, TLS-Required. If the REQUIRETLS option or TLS- > Required message header field is used when sending a message, it > asserts a request on the part of the message sender to override the > default negotiation of TLS, [..] by requiring that TLS be > negotiated when the message is relayed [..]. > {code} > Use it on the `smtpserver.xml` `requireSSL` option... -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org