Hi Eric, This will provide basic support however doesn't provide a facility to enforce STARTLS for a connecting client.
Here's an example of the desired outcome running under postfix: client: ehlo test.domain.com server: 250-outbound-postfix.one.govt.nzserver: 250-PIPELININGserver: 250-SIZE 2048000000server: 250-VRFYserver: 250-ETRNserver: 250-STARTTLSserver: 250-ENHANCEDSTATUSCODESserver: 250-8BITMIMEserver: 250 DSN client: mail from: <[email protected]> server: 530 5.7.0 Must issue a STARTTLS command first ATTN Phillip: Thanks I will review JIRA and keep you posted. Regards, Johnny Minty > Date: Sun, 28 Jul 2013 17:31:33 +0200 > From: [email protected] > To: [email protected] > Subject: Re: Require TLS > > Why this wouldn't work for you? > > <bind>0.0.0.0:25</bind> > <tls socketTLS="true" startTLS="true"> > > > On 2013-07-26 16:47, Phillip Odam wrote: > > Hi Johnny > > > > I've wanted much the same, seems to require a code change though. > > > > Use cases 14 and 17 in Jira JAMES-886 discuss the issues and approaches > > to solve this. See https://issues.apache.org/jira/browse/JAMES-886 > > > > Thanks > > Phillip > > > > On 7/26/13 8:23 AM, Johnny Minty wrote: > >> Hi Eric, > >> > >> The requirement is for TLS over port 25(starttls) not TLS on port 465. > >> > >> Kind regards, > >> > >> Johnny Minty > >> > >> Sent from my Windows Phone > >> ________________________________ > >> From: Eric Charles<mailto:[email protected]> > >> Sent: 26/07/2013 11:31 p.m. > >> To: James Users List<mailto:[email protected]> > >> Subject: Re: Require TLS > >> > >> Can't you disable the non-secure port in smtp-server.xml? > >> > >> On 25/07/2013 22:29, Johnny Minty wrote: > >>> Hi Guys, > >>> > >>> I have a requirement to require TLS on all incoming and outgoing > >>> connections from specific servers (IP addresses). I managed to > >>> satisfy the outgoing requirement for TLS by leveraging the > >>> SMTPTransport class in the RemoteDelivery Mailet however I'm stuck > >>> on a solution for incoming connections. At the moment it looks like I > >>> will need to write my own SMTP hook to ensure the STARTTLS command is > >>> received during the SMTP transaction, do you think this is the right > >>> approach? > >>> > >>> Thanks for your help, > >>> > >>> Johnny Minty > >>> > >>> > >>> > >>> > >>> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [email protected] > >> For additional commands, e-mail: [email protected] > >> > >> > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] >
