Added: james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml?rev=905038&view=auto ============================================================================== --- james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml (added) +++ james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml Sun Jan 31 13:32:33 2010 @@ -0,0 +1,301 @@ +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. + --> + + <!-- The SMTP server is enabled by default --> + <!-- Disabling blocks will stop them from listening, --> + <!-- but does not free as many resources as removing them would --> + <smtpserver enabled="true"> + <!-- + Port 25 is the well-known/IANA registered port for SMTP. + Port 465 is the well-known/IANA registered port for SMTP over TLS. + --> + <port>25</port> + + <!-- Uncomment this if you want to bind to a specific inetaddress --> + <!-- Please NOTE: you should add this IP also to your RemoteAddrNotInNetwork --> + <!-- in order to avoid relay check for locallly generated bounces --> + <!-- + <bind> </bind> + --> + + <!-- Use provider elements to specify additional JCE providers. + The jars should be put into $JAMES_HOME/lib. + For example, Uncomment this if you want to use + BouncyCastle JCE (http://www.bouncycastle.org) + <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider> --> + + <!-- Set to true to support STARTTLS or TLS for the Socket. + To use this you need to copy sunjce_provider.jar to /path/james/lib directory. + --> + <tls socketTLS="false" startTLS="false"> + <!-- To create a new keystore execute: + keytool -genkey -alias james -keyalg RSA -keystore /path/to/james/conf/keystore + --> + <keystore>file://conf/keystore</keystore> + <secret>yoursecret</secret> + <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider> + </tls> + + <handler> + <!-- This is the name used by the server to identify itself in the SMTP --> + <!-- protocol. If autodetect is TRUE, the server will discover its --> + <!-- own host name and use that in the protocol. If discovery fails, --> + <!-- the value of 'localhost' is used. If autodetect is FALSE, James --> + <!-- will use the specified value. --> + <!-- + <helloName autodetect="true">myMailServer</helloName> + --> + + <!-- connection timeout in secconds --> + <connectiontimeout>360</connectiontimeout> + + <!-- Set the maximum simultaneous incoming connections for this service --> + <connectionLimit> 0 </connectionLimit> + + <!-- Set the maximum simultaneous incoming connections per IP for this service --> + <connectionLimitPerIP> 0 </connectionLimitPerIP> + + <!-- Uncomment this if you want to require SMTP authentication. + + supported values: + true: required but announced only to not authorizedAddresses + false: don't use AUTH + announce: like true, but always announce AUTH capability to clients + + The correct behaviour per RFC value would be false or announce + but we still support true for backward compatibility and because + some webmail client fails when AUTH is announced but no authentication + information has been provided + --> + <!-- + <authRequired>true</authRequired> + --> + +<!-- CHECKME! --> + <!-- Uncomment this if you want to authorize specific addresses/networks. + If you use SMTP AUTH, addresses that match those specified here will + be permitted to relay without SMTP AUTH. If you do not use SMTP + AUTH, and you specify addreses here, then only addresses that match + those specified will be permitted to relay. + + Addresses may be specified as a an IP address or domain name, with an + optional netmask, e.g., + + 127.*, 127.0.0.0/8, 127.0.0.0/255.0.0.0, and localhost/8 are all the same + + See also the RemoteAddrNotInNetwork matcher in the transport processor. + You would generally use one OR the other approach. + --> + <authorizedAddresses>127.0.0.0/8</authorizedAddresses> + + <!-- Uncomment this if you want to verify sender addresses, ensuring that --> + <!-- the sender address matches the user who has authenticated. --> + <!-- This prevents a user of your mail server from acting as someone else --> + <!-- + <verifyIdentity>true</verifyIdentity> + --> + + <!-- This sets the maximum allowed message size (in kilobytes) for this --> + <!-- SMTP service. If unspecified, the value defaults to 0, which means no limit. --> + <maxmessagesize>0</maxmessagesize> + + <!-- This sets wether to enforce the use of HELO/EHLO salutation before a --> + <!-- MAIL command is accepted. If unspecified, the value defaults to true --> + <!-- + <heloEhloEnforcement>true</heloEhloEnforcement> + --> + + <!-- WARNING: This is Non-RFC compliant (default value: true) --> + <!-- See: http://wiki.apache.org/james/StandardsComplianceStatement --> + <!-- TODO: CHANGE TO OFFICIAL URL LATER --> + <addressBracketsEnforcement>true</addressBracketsEnforcement> + + <!-- This sets the SMTPGreeting which will be used when connect to the smtpserver --> + <!-- If none is specified a default is generated --> + <!-- + <smtpGreeting> JAMES SMTP Server </smtpGreeting> + --> + + <!-- The configuration handler chain --> + <handlerchain> + + <!-- This connect handler can be used to enable POP3 before SMTP support --> + <!-- Plz note that only the ip get stored to indentify an authenticated client --> + <!-- The expireTime is the time after which an ipAddress is handled as expired --> + <!-- + <handler class="org.apache.james.smtpserver.core.POP3BeforeSMTPHandler"> + <expireTime> 1 hour </expireTime> + </handler> + --> + + <!-- This command handler check against RBL-Lists --> + <!-- If getDetail is set to true it try to retrieve information from TXT Record --> + <!-- why the ip was blocked. Default to false --> + <!-- STOP - before you uncomment out the DNS RBL handler, + please take a moment to review each block list. We + have included some that various JAMES committers use, + but you must decide which, if any, are appropriate + for your environment. The mail servers hosting + @apache.org mailing lists, for example, use a + slightly different list than we have included below. + And it is likely that most JAMES committes also have + slightly different sets of lists. The SpamAssassin + user's list would be one good place to discuss the + measured quality of various block lists. + + NOTA BENE: the domain names, below, are terminated + with '.' to ensure that they are absolute names in + DNS lookups. Under some circumstances, names that + are not explicitly absolute could be treated as + relative names, leading to incorrect results. This + has been observed on *nix and MS-Windows platforms + by users of multiple mail servers, and is not JAMES + specific. If you are unsure what this means for you, + please speak with your local system/network admins. + --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.DNSRBLHandler"> + <getDetail> false </getDetail> + <rblservers> + <whitelist> query.bondedsender.org. </whitelist> + <blacklist> sbl-xbl.spamhaus.org. </blacklist> + <blacklist> dul.dnsbl.sorbs.net. </blacklist> + <blacklist> list.dsbl.org. </blacklist> + </rblservers> + </handler> + --> + + <!-- This command handler can be used to reject emails with not match the SPF record of the sender domain --> + <!-- If checkAuthNetworks is set to true sender domain will be checked also for clients that --> + <!-- are allowed to relay. Default is false. --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.SPFHandler"> + <blockSoftFail> false </blockSoftFail> + <blockPermError> true </blockPermError> + </handler> + --> + + <!-- checks for resolvable HELO/EHLO before accept the HELO/EHLO --> + <!-- If checkAuthNetworks is set to true sender domain will be checked also for clients that --> + <!-- are allowed to relay. Default is false. --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.ResolvableEhloHeloHandler"/> + --> + + <!-- Checks HELO/EHLO is equal the reverse of the connecting client before accept it --> + <!-- If checkAuthNetworks is set to true sender domain will be checked also for clients that --> + <!-- are allowed to relay. Default is false. --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.ReverseEqualsEhloHeloHandler"/> + --> + + <!-- If activated mail is only accepted if the sender contains --> + <!-- a resolvable domain having a valid MX Record or A Record associated! --> + <!-- If checkAuthNetworks is set to true sender domain will be checked also for clients that --> + <!-- are allowed to relay. Default is false. --> + <!-- + <handler class="org.apache.james.smtpserver.protocol.core.fastfail.ValidSenderDomainHandler"/> + --> + + + <!-- If activated all email will get rejected which has no valid user --> + <!-- You need to add the recipient to the validRecipient list if you want --> + <!-- to accept email for a recipient which not exist on the server --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.ValidRcptHandler"/> + --> + + <!-- If activated you can limit the maximal recipients --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.MaxRcptHandler"> + <maxRcpt> 10 </maxRcpt> + </handler> + --> + + <!-- If uncomment this block you can enable greylisting. For more infos--> + <!-- how greylisting work see: http://projects.puremagic.com/greylisting/whitepaper.html --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.JDBCGreylistHandler"> + <repositoryPath> db://maildb </repositoryPath> + <sqlFile>file://conf/sqlResources.xml</sqlFile> + <tempBlockTime> 1 hour </tempBlockTime> + <unseenLifeTime> 4 hours </unseenLifeTime> + <autoWhiteListLifeTime> 36 days </autoWhiteListLifeTime> + <whitelistedNetworks> 127.0.0.0/8 </whitelistedNetworks> + </handler> + --> + + <!-- Tarpitting is a method to insert a small sleep after each rcpt. For more --> + <!-- infos read this: http://www.palomine.net/qmail/tarpit.html . --> + <!-- Default is set to 0 (disabled). --> + <!-- You can also configure the time to sleep in milliseconds --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.TarpitHandler"> + <tarpitRcptCount> 5 </tarpitRcptCount> + <tarpitSleepTime> 5000 </tarpitSleepTime> + </handler> + --> + + <!-- This handler ignore duplicated recipients per session. So the email will get only send on time even --> + <!-- if the recipient is specified more then once --> + <!-- + <handler class="org.apache.james.smtpserver.protocol.core.fastfail.SuppressDuplicateRcptHandler"/> + --> + + <!-- Load the core command handlers --> + <handler class="org.apache.james.smtpserver.integration.CoreCmdHandlerLoader"/> + + <!-- This MessageHandler could be used to check message against spamd before --> + <!-- accept the email. So its possible to reject a message on smtplevel if a --> + <!-- configured hits amount is reached. --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.SpamAssassinHandler"> + <spamdHost> 127.0.0.1 </spamdHost> + <spamdPort> 783 </spamdPort> + <spamdRejectionHits> 10 </spamdRejectionHits> + </handler> + --> + + <!-- This MessageHandler could be used to extract domain out of the message and check --> + <!-- this domains against uriRbllists. See http://www.surbl.org for more informations. --> + <!-- The message get rejected if a domain matched . --> + <!-- + <handler class="org.apache.james.smtpserver.integration.fastfail.URIRBLHandler"> + <action> reject </action> + <getDetail> true </getDetail> + <uriRblServers> + <server> multi.surbl.org</server> + </uriRblServers> + </handler> + --> + <!-- + <handler class="org.apache.james.smtpserver.integration.SetMimeHeaderHandler"> + <headername>SPF-test</headername> + <headervalue>passed</headervalue> + </handler> + --> + + <!-- The default message receiving handler --> + <!-- The default behaviour is to put the message in the root processor of --> + <!-- the spooler --> + <handler class="org.apache.james.smtpserver.integration.SendMailHandler"></handler> + </handlerchain> + </handler> +</smtpserver> +
Added: james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml?rev=905038&view=auto ============================================================================== --- james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml (added) +++ james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml Sun Jan 31 13:32:33 2010 @@ -0,0 +1,627 @@ + <!-- The James Spool Manager block --> + <!-- --> + <!-- This block is responsible for processing messages on the spool. --> + <spoolmanager> + <!-- Number of spool threads --> + <threads> 10 </threads> + + <!-- The root processor is a required processor - James routes all mail on the spool --> + <!-- through this processor first. --> + <!-- --> + <!-- This configuration is a sample configuration for the root processor. --> + <processor name="root"> + + <!-- This mailet redirects mail for the user 'postmaster' at any local domain to --> + <!-- the postmaster address specified for the server. The postmaster address --> + <!-- is required by rfc822. Do not remove this mailet unless you are meeting --> + <!-- this requirement through other means (e.g. a XML/JDBCVirtualUserTable mailet) --> + <mailet match="All" class="PostmasterAlias"/> + + <!-- Checks that the email Sender is associated with a valid domain. --> + <!-- Useful for detecting and eliminating spam. --> + <!-- For this block to function, the spam processor must be configured. --> + <!-- + <mailet match="SenderInFakeDomain=64.55.105.9,64.94.110.11,194.205.62.122,194.205.62.62,195.7.77.20,206.253.214.102,212.181.91.6,219.88.106.80,194.205.62.42,216.35.187.246,203.119.4.6" class="ToProcessor"> + <processor> spam </processor> + </mailet> + --> + + <!-- Important check to avoid looping --> + <mailet match="RelayLimit=30" class="Null"/> + + <!-- Check for viruses --> + <!-- --> + <!-- Does an antivirus scan check using a ClamAV daemon (CLAMD). --> + <!-- --> + <!-- Interacts directly with the daemon using the "stream" method, --> + <!-- which should have the lowest possible overhead. --> + <!-- The CLAMD daemon will typically reside on localhost, but could reside on a --> + <!-- different host. --> + <!-- It may also consist on a set of multiple daemons, each residing on a different --> + <!-- server and on different IP number. --> + <!-- In such case a DNS host name with multiple IP addresses (round-robin load sharing) --> + <!-- is supported by the mailet (but on the same port number). --> + <!-- --> + <!-- Handles the following init parameters: --> + <!-- <debug> --> + <!-- <host>: the host name of the server where CLAMD runs. It can either be --> + <!-- a machine name, such as --> + <!-- "java.sun.com", or a textual representation of its --> + <!-- IP address. If a literal IP address is supplied, only the --> + <!-- validity of the address format is checked. --> + <!-- If the machine name resolves to multiple IP addresses, round-robin load sharing will --> + <!-- be used. --> + <!-- The default is "localhost". --> + <!-- <port>: the port on which CLAMD listens. The default is "3310". --> + <!-- <maxPings>: the maximum number of connection retries during startup. --> + <!-- If the value is "0" no startup test will be done. --> + <!-- The default is "6". --> + <!-- <pingIntervalMilli>: the interval (in milliseconds) --> + <!-- between each connection retry during startup. --> + <!-- The default is "30000" (30 seconds). --> + <!-- <streamBufferSize>: the BufferedOutputStream buffer size to use --> + <!-- writing to the stream connection. The default is "8192". --> + <!-- + <mailet match="All" class="ClamAVScan" onMailetException="ignore"> + <debug> true </debug> + </mailet> + --> + + <!-- If infected go to virus processor --> + <mailet match="HasMailAttributeWithValue=org.apache.james.infected, true" class="ToProcessor"> + <processor> virus </processor> + </mailet> + + <!-- Check attachment extensions for possible viruses --> + <!-- The "-z" option requests the check to be non-recursively applied --> + <!-- to the contents of any attached '*.zip' file. --> + <!-- + <mailet match="AttachmentFileNameIs=-d -z *.exe *.com *.bat *.cmd *.pif *.scr *.vbs *.avi *.mp3 *.mpeg *.shs" class="Bounce" onMatchException="error"> + <inline>heads</inline> + <attachment>none</attachment> + <passThrough>false</passThrough> + <prefix>[REJECTED]</prefix> + <notice> +The Security Policy of XXX does not allow to forward messages containing attachments having any of the extensions .exe, .com, .bat, .cmd, .pif, .scr, .vbs, .avi, .mp3, .mpeg, .shs, therefore your message has been rejected. + +Please don't reply to this e-mail as it has been automatically sent by the antivirus system. + +Regards, Postmaster XXX.YYY +..................................... + </notice> + </mailet> + --> + + <!-- Whitelist Management --> + <!-- Manages for each local user a "white list" of remote addresses whose messages --> + <!-- should never be blocked as spam. --> + <!-- --> + <!-- If <automaticInsert> is true, it will check, for a local sender, if a remote recipient --> + <!-- is already in the list: if not, it will be automatically inserted. --> + <!-- This is under the interpretation that if a local sender X sends a message to a --> + <!-- remote recipient Y, then later on if a message is sent by Y to X it should be --> + <!-- considered always valid and never blocked; hence Y should be in the white list --> + <!-- of X. --> + <!-- --> + <!-- Another mode of operations is when a local sender sends a message to <whitelistManagerAddress> --> + <!-- with one of three specific values in the subject, to --> + <!-- (i) send back a message displaying a list of the addresses in his own list (<displayFlag>); --> + <!-- (ii) insert some new addresses in his own list (<insertFlag>); --> + <!-- (iii) remove some addresses from his own list (<removeFlag>). --> + <!-- In all of the three above cases the message will be ghosted and the postmaster will reply --> + <!-- to the sender. --> + <!-- --> + <!-- The sender name is always converted to its primary name (handling aliases). --> + <!-- + <mailet match="SMTPAuthSuccessful" class="WhiteListManager" onMailetException="ignore"> + <repositoryPath>db://maildb</repositoryPath> + <automaticInsert>true</automaticInsert> + <whitelistManagerAddress>[email protected]</whitelistManagerAddress> + <displayFlag>display</displayFlag> + <insertFlag>insert</insertFlag> + <removeFlag>remove</removeFlag> + </mailet> + --> + + <!-- "not spam" bayesian analysis feeder. --> + <!-- + <mailet match="[email protected]" class="BayesianAnalysisFeeder"> + <repositoryPath> db://maildb </repositoryPath> + <feedType>ham</feedType> + <maxSize>200000</maxSize> + </mailet> + --> + + <!-- "spam" bayesian analysis feeder. --> + <!-- + <mailet match="[email protected]" class="BayesianAnalysisFeeder"> + <repositoryPath> db://maildb </repositoryPath> + <feedType>spam</feedType> + <maxSize>200000</maxSize> + </mailet> + --> + + <!-- sample SMIME mailets configuration --> + <!-- + <mailet match="IsSMIMEEncrypted" class="SMIMEDecrypt"> + <keyStoreType>pkcs12</keyStoreType> + <keyStoreFileName>c:/path.pfx</keyStoreFileName> + <keyStorePassword>myKeyStorePass</keyStorePassword> + <keyAlias>myKeyAlias</keyAlias> + <keyAliasPassword>myKeyPass</keyAliasPassword> + </mailet> + + <mailet match="IsSMIMESigned" class="SMIMECheckSignature"> + <keyStoreType>pkcs12</keyStoreType> + <keyStoreFileName>c:/path.pfx</keyStoreFileName> + <keyStorePassword>myKeyStorePass</keyStorePassword> + <strip>false</strip> + <onlyTrusted>true</onlyTrusted> + </mailet> + --> + + <!-- + <mailet match="All" class="XMLVirtualUserTable"> + <!- 1:1 mapping -> + <mapping>morg...@middle-earth=sauron@mordor</mapping> + <!- 1:n mapping -> + <mapping>ist...@middle-earth=saruman@isengard;radigast;gandalf</mapping> + <!- DSN mapping -> + <mapping>boro...@osgilliath=error:550 Requested action not taken: no such user here</mapping> + <!- regex based mapping -> + <mapping>*...@osgilliath=regex:(.*)@osgilliath:$...@minas-tirith</mapping> + <!- both standard and regex mapping -> + <mapping>r...@*=onering@mordor;regex:ring@(.*):r...@${1}</mapping> + <!- conditional regex mapping example -> + <mapping>*...@listserver=regex:(.*)-...@listserver:${1}-subscr...@listserver; + regex:(.*)-...@listserver:${1}-unsubscr...@listserver + </mapping> + </mailet> + --> + + <!-- Anti-spam processing --> + <!-- The following two entries avoid double anti-spam analysis --> + <!-- for forwarded messages. --> + <!-- Has spam checking already been done? --> + <mailet match="HasMailAttribute=spamChecked" class="ToProcessor"> + <processor> transport </processor> + </mailet> + <!-- Spam checking will not be done twice --> + <mailet match="All" class="SetMailAttribute"> + <spamChecked>true</spamChecked> + </mailet> + + <!-- White List: + If you use block lists, you will probably want to check + for known permitted senders. This is particularly true + if you use more aggressive block lists, such as SPEWS, + that are prone to block entire subnets without regard + for non-spamming senders. + --> + + <!-- Messages from authenticated senders never are spam --> + <mailet match="SMTPAuthSuccessful" class="ToProcessor"> + <processor> transport </processor> + </mailet> + + <!-- Messages signed by trusted users never are spam --> + <!-- Uncommenting the following entry, messages with valid signatures will never be considered spam. --> + <!-- This can be a valid policy *if* SMIMECheckSignature was invoked --> + <!-- with <onlyTrusted>true</onlyTrusted> set --> + <!-- + <mailet match="HasMailAttribute=org.apache.james.SMIMECheckSignature" class="ToProcessor"> + <processor> transport </processor> + </mailet> + --> + + <!-- specific known senders --> + <!-- + <mailet match="senderis=good...@goodhost" + class="ToProcessor"> + <processor> transport </processor> + </mailet> + --> + + <!-- People on this list agree to pay a penalty if they send spam --> + <mailet match="InSpammerBlacklist=query.bondedsender.org." + class="ToProcessor"> + <processor> transport </processor> + </mailet> + + <!-- E-mail legally required not to be spam (see: http://www.habeas.com) --> + <!-- + <mailet match="HasHabeasWarrantMark" class="ToProcessor"> + <processor> transport </processor> + </mailet> + --> + + <!-- If the sender is in a recipient's whitelist, it is a valid sender, --> + <!-- and as such the message should not be considered spam for such recipient. --> + <!-- + <mailet match="IsInWhiteList=db://maildb" class="ToProcessor" onMatchException="noMatch"> + <processor> transport </processor> + </mailet> + --> + + <!-- End of White List --> + + <!-- Check for delivery from a known spam server --> + <!-- This set of matchers/mailets redirect all emails from known --> + <!-- black holes, open relays, and spam servers to the spam processor --> + <!-- For this set to function properly, the spam processor must be configured. --> + <mailet match="InSpammerBlacklist=dnsbl.njabl.org." + class="ToProcessor"> + <processor> spam </processor> + <notice>550 Requested action not taken: rejected - see http://njabl.org/ </notice> + </mailet> + + <!-- Sample matching to kill a message (send to Null) --> + <!-- + <mailet match="recipientis=bad...@badhost" class="Null"/> + --> + + <!-- Anti spam bayesian analysis --> + <!-- + <mailet match="All" class="BayesianAnalysis" onMailetException="ignore"> + <repositoryPath>db://maildb</repositoryPath> + <maxSize>200000</maxSize> + <headerName>X-MessageIsSpamProbability</headerName> + <ignoreLocalSender>true</ignoreLocalSender> + </mailet> + + <mailet match="CompareNumericHeaderValue=X-MessageIsSpamProbability > 0.90" class="SetMailAttribute" onMatchException="noMatch"> + <isSpam>true</isSpam> + </mailet> + + <mailet match="CompareNumericHeaderValue=X-MessageIsSpamProbability > 0.90" class="SetMimeHeader" onMatchException="noMatch"> + <name>X-MessageIsSpam</name> + <value>true</value> + </mailet> + + <mailet match="CompareNumericHeaderValue=X-MessageIsSpamProbability > 0.99" class="ToProcessor" onMatchException="noMatch"> + <processor> spam </processor> + <notice>Spam not accepted</notice> + </mailet> + --> + + <!-- Send remaining mails to the transport processor for either local or remote delivery --> + <mailet match="All" class="ToProcessor"> + <processor> transport </processor> + </mailet> + </processor> + + <!-- The error processor is required. James may internally set emails to the --> + <!-- error state. The error processor is generally invoked when there is an --> + <!-- unexpected error either in the mailet chain or internal to James. --> + <!-- --> + <!-- By default configuration all email that generates an error in placed in --> + <!-- an error repository. --> + <processor name="error"> + <!-- If you want to notify the sender their message generated an error, uncomment this --> + <!-- + <mailet match="All" class="Bounce"/> + --> + <!-- If you want to notify the postmaster that a message generated an error, uncomment this --> + <!-- + <mailet match="All" class="NotifyPostmaster"/> + --> + + <!-- Logs any messages to the repository specified --> + <mailet match="All" class="ToRepository"> + <repositoryPath> file://var/mail/error/</repositoryPath> + <!-- An alternative database repository example follows. --> + <!-- + <repositoryPath> db://maildb/deadletter/error </repositoryPath> + --> + </mailet> + </processor> + + <!-- Processor CONFIGURATION SAMPLE: transport is a sample custom processor for local or --> + <!-- remote delivery --> + <processor name="transport"> + + <!-- This is an example configuration including configuration for a list server. --> + <!-- CHECKME: before uncommenting this, edit the configuration file's contents --> + <!-- + &listserverConfig; + --> + + <mailet match="SMTPAuthSuccessful" class="SetMimeHeader"> + <name>X-UserIsAuth</name> + <value>true</value> + </mailet> + + <mailet match="HasMailAttribute=org.apache.james.SMIMECheckSignature" class="SetMimeHeader"> + <name>X-WasSigned</name> + <value>true</value> + </mailet> + + <!-- Add a server-side signature --> + <!-- + <mailet match="All" class="SMIMESign" onMailetException="ignore"> + <keyStoreType>jks</keyStoreType> + <keyStoreFileName>path.keystore</keyStoreFileName> + <keyStorePassword>myKeyStorePass</keyStorePassword> + <keyAlias>myKeyAlias</keyAlias> + <keyAliasPassword>myKeyPass</keyAliasPassword> + <signerName>XXX Trusted Server</signerName> + <rebuildFrom>true</rebuildFrom> + <postmasterSigns>true</postmasterSigns> + <debug>true</debug> + </mailet> + --> + + <!-- Experimental quota Matcher --> + <!-- This matcher need to calculate the mailbox size everytime it is called. This can slow down things if there are many mails in --> + <!-- the mailbox. Some users also report big problems with the matcher if a JDBC based mailrepository is used. --> + <!-- Check if over quota --> + <!-- + <mailet match="RecipientIsOverFixedQuota=20M" class="Resend"> + <sender>postmaster</sender> + <replyTo>postmaster</replyTo> + <reversePath>null</reversePath> + <inline>none</inline> + <attachment>message</attachment> + <prefix>[OVER QUOTA WARNING]</prefix> + <message> +When receiving the attached message, your mailbox is larger than 20 MB, which is the maximum allowed quota. The mailbox will not be blocked, but we ask you to empty it ASAP. + +It is likely that you have set, in your mail client account, the option "leave a copy of messages on server". For any help ask your administrators. + +Regards, Postmaster XXX.YYY +..................................... + </message> + </mailet> + --> + + + <mailet match="All" class="VirtualUserTable"> + <virtualusertable>DefaultVirtualUserTable</virtualusertable> + </mailet> + + + <!-- Deliver To IMAP mailboxes, applying a Sieve script if the user has one + <mailet match="All" class="SieveMailet"/> + --> + + <!-- Is the recipient is for a local account, deliver it locally --> + <mailet match="RecipientIsLocal" class="LocalDelivery"/> + + <!-- If the host is handled by this server and it did not get --> + <!-- locally delivered, this is an invalid recipient --> + <mailet match="HostIsLocal" class="ToProcessor"> + <processor> local-address-error </processor> + <notice>550 - Requested action not taken: no such user here</notice> + </mailet> + +<!-- CHECKME! --> + <!-- This is an anti-relay matcher/mailet combination --> + <!-- --> + <!-- Emails sent from servers not in the network list are --> + <!-- rejected as spam. This is one method of preventing your --> + <!-- server from being used as an open relay. Make sure you understand --> + <!-- how to prevent your server from becoming an open relay before --> + <!-- changing this configuration. See also <authorizedAddresses> in SMTP Server --> + <!-- --> + <!-- This matcher/mailet combination must come after local delivery has --> + <!-- been performed. Otherwise local users will not be able to receive --> + <!-- email from senders not in this remote address list. --> + <!-- --> + <!-- If you are using this matcher/mailet you will probably want to --> + <!-- update the configuration to include your own network/addresses. The --> + <!-- matcher can be configured with a comma separated list of IP addresses --> + <!-- wildcarded IP subnets, and wildcarded hostname subnets. --> + <!-- e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*, 192.168.0.*" --> + <!-- --> + <!-- If you are using SMTP authentication then you can (and generally --> + <!-- should) disable this matcher/mailet pair. --> + <mailet match="RemoteAddrNotInNetwork=127.0.0.1" class="ToProcessor"> + <processor> relay-denied </processor> + <notice>550 - Requested action not taken: relaying denied</notice> + </mailet> + + <!-- Attempt remote delivery using the specified repository for the spool, --> + <!-- using delay time to retry delivery and the maximum number of retries --> + <mailet match="All" class="RemoteDelivery"> + <outgoing> file://var/mail/outgoing/ </outgoing> + <!-- alternative database repository example below --> + <!-- + <outgoing> db://maildb/spool/outgoing </outgoing> + --> + + <!-- Delivery Schedule based upon RFC 2821, 4.5.4.1 --> + <!-- 5 day retry period, with 4 attempts in the first + hour, two more within the first 6 hours, and then + every 6 hours for the rest of the period. --> + <delayTime> 5 minutes </delayTime> + <delayTime> 10 minutes </delayTime> + <delayTime> 45 minutes </delayTime> + <delayTime> 2 hours </delayTime> + <delayTime> 3 hours </delayTime> + <delayTime> 6 hours </delayTime> + <maxRetries> 25 </maxRetries> + + <!-- The max reties which will used if no A or MX record for the domain was found. --> + <!-- If 0 it will fail on first time --> + <maxDnsProblemRetries> 0 </maxDnsProblemRetries> + + <!-- The number of threads that should be trying to deliver outgoing messages --> + <deliveryThreads> 1 </deliveryThreads> + + <!-- If false the message will not be sent to given server if any recipients fail --> + <sendpartial>true</sendpartial> + + <!-- By default we send bounces to the "bounce" processor --> + <!-- By removing this configuration James will fallback to hardcoded bounce --> + <!-- notifications --> + <bounceProcessor>bounces</bounceProcessor> + + <!-- A single mail server to deliver all outgoing messages. --> + <!-- This is useful if this server is a backup or failover machine, --> + <!-- or if you want all messages to be routed through a particular mail server, --> + <!-- regardless of the email addresses specified in the message --> + <!-- --> + <!-- The gateway element specifies the gateway SMTP server name. --> + <!-- If your gateway mail server is listening on a port other than 25, --> + <!-- you can set James to connect to it on that port using the gatewayPort --> + <!-- element. --> + <!-- Although normally multiple addresses are implemented through proper --> + <!-- DNS configuration, the RemoteDelivery mail does allow specifying --> + <!-- multiple gateway elements, each of which may also have a port --> + <!-- e.g., mygateway:2525 --> + <!-- the gatewayPort element is used as a default --> + <!-- + <gateway> otherserver.mydomain.com </gateway> + <gatewayPort>25</gatewayPort> + --> + <!-- If the gateway requires smtp authentication the following directives --> + <!-- (gatewayUsername/gatewayPassword) can be used. --> + <!-- + <gatewayUsername>login</gatewayUsername> + <gatewayPassword>pass</gatewayPassword> + --> + + <!-- Set the HELO/EHLO name to use when connectiong to remote SMTP-Server --> + <!-- + <mail.smtp.localhost>myMailServer</mail.smtp.localhost> + --> + </mailet> + + </processor> + + <!-- Processor CONFIGURATION SAMPLE: spam is a sample custom processor for handling --> + <!-- spam. --> + <!-- You can either log these, bounce these, or just ignore them. --> + <processor name="spam"> + <!-- To destroy all messages, uncomment this matcher/mailet configuration --> + <!-- + <mailet match="All" class="Null"/> + --> + + <!-- To notify the sender their message was marked as spam, uncomment this matcher/mailet configuration --> + <!-- + <mailet match="All" class="Bounce"/> + --> + + <!-- To notify the postmaster that a message was marked as spam, uncomment this matcher/mailet configuration --> + <!-- + <mailet match="All" class="NotifyPostmaster"/> + --> + + <!-- To log the message to a repository, this matcher/mailet configuration should be uncommented. --> + <!-- This is the default configuration. --> + <mailet match="All" class="ToRepository"> + <repositoryPath>file://var/mail/spam/</repositoryPath> + + <!-- Changing the repositoryPath, as in this commented out example, will --> + <!-- cause the mails to be stored in a database repository. --> + <!-- Please note that only one repositoryPath element can be present for the mailet --> + <!-- configuration. --> + <!-- + <repositoryPath> db://maildb/deadletter/spam </repositoryPath> + --> + </mailet> + </processor> + + <!-- messages containing viruses. --> + <processor name="virus"> + + <!-- To avoid a loop while bouncing --> + <mailet match="All" class="SetMailAttribute"> + <org.apache.james.infected>true, bouncing</org.apache.james.infected> + </mailet> + + <!-- If the sender is authenticated, notify the infection --> + <mailet match="SMTPAuthSuccessful" class="Bounce"> + <inline>heads</inline> + <attachment>none</attachment> + <notice> Warning: We were unable to deliver the message below because it was found infected by virus(es). </notice> + </mailet> + + <!-- In any other situation ghost it, --> + <!-- as viruses almost always spoof the sender's address --> + <mailet match="All" class="Null" /> + </processor> + + <!-- This processor handles messages that are for local domains, where the user is unknown --> + <processor name="local-address-error"> + <!-- To avoid bouncing/archiving spam, uncomment this matcher/mailet configuration --> + <!-- + <mailet match="HasMailAttribute=isSpam" class="Null" onMatchException="noMatch"/> + --> + + <!-- To notify the sender the address was invalid, uncomment this matcher/mailet configuration --> + <!-- The original message is not attached to keep the bounce processor from deliverying spam --> + <!-- + <mailet match="All" class="Bounce"> + <attachment>none</attachment> + </mailet> + --> + + <!-- To notify the postmaster that a message had an invalid address, uncomment this matcher/mailet configuration --> + <!-- + <mailet match="All" class="NotifyPostmaster"/> + --> + + <mailet match="All" class="ToRepository"> + <repositoryPath> file://var/mail/address-error/</repositoryPath> + <!-- An alternative database repository example follows. --> + <!-- + <repositoryPath> db://maildb/deadletter/address-error </repositoryPath> + --> + </mailet> + </processor> + + <!-- This processor handles messages that are for foreign domains, where relaying is denied --> + <!-- As of James v2.2, this processor can be deprecated by using the <authorizedAddresses> tag + in the SMTP Server, and rejecting the message in the protocol transaction. --> + <processor name="relay-denied"> + <!-- To notify the sender the address was invalid, uncomment this matcher/mailet configuration --> + <!-- The original message is not attached to keep the bounce processor from deliverying spam --> + <!-- + <mailet match="All" class="Bounce"> + <attachment>none</attachment> + </mailet> + --> + + <!-- To notify the postmaster that a relay request was denied, uncomment this matcher/mailet configuration --> + <!-- + <mailet match="All" class="NotifyPostmaster"/> + --> + + <mailet match="All" class="ToRepository"> + <repositoryPath>file://var/mail/relay-denied/</repositoryPath> + <!-- An alternative database repository example follows. --> + <!-- + <repositoryPath> db://maildb/deadletter/relay-denied </repositoryPath> + --> + </mailet> + </processor> + + <!-- This processor handle the bounces from RemoteDelivery: As of James v2.3, this is the new --> + <!-- Default. --> + <!-- --> + <!-- DSNBounce properly create a DSN compliant bounce --> + <processor name="bounces"> + <mailet match="All" class="DSNBounce"> + <passThrough>false</passThrough> + + <!-- optional subject prefix prepended to the original message --> + <!-- + <prefix>[bounce]</prefix> + --> + + <!-- message, heads or none, default=message --> + <!-- + <attachment>heads</attachment> + --> + + <!-- the message sent in the bounce, the first occurrence of the pattern [machine] is --> + <!-- replaced with the name of the executing machine --> + <!-- Default: Hi. This is the James mail server at [machine] ... --> + <!-- + <messageString>Here is [machine]. I'm not able to deliver this message.</messageString> + --> + </mailet> + </processor> + </spoolmanager> \ No newline at end of file Added: james/server/trunk/spring-deployment/src/main/config/james/users-store.xml URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/users-store.xml?rev=905038&view=auto ============================================================================== --- james/server/trunk/spring-deployment/src/main/config/james/users-store.xml (added) +++ james/server/trunk/spring-deployment/src/main/config/james/users-store.xml Sun Jan 31 13:32:33 2010 @@ -0,0 +1,57 @@ +<!-- The User Storage block --> +<users-store> + <!-- Configure User Repositories here. --> + <!-- --> + <!-- User repositories are required for the following purposes: --> + <!-- - storing James user information, including forwards, aliases, --> + <!-- and authentication data. --> + <!-- - holding lists of users for the listserv mailet --> + <!-- Currently, two different storage options are available: --> + <!-- - file-based storage using Java serialization --> + <!-- - database-backed storage --> + <!-- (Use of database or file-system is defined on a "per-repository" basis) --> + <!-- --> + <!-- Note: One user repository is required for James: --> + <!-- LocalUsers - the users for whom you are providing POP3, NNTP, or SMTP service --> + <!-- --> + <!-- Other repositories may be used by matchers or mailets. --> + + <!-- Default: File-based user repositories Use these configurations to store user info in the filesystem --> + <!-- The LocalUsers repository, for storing James' User info. --> + <!-- + <repository name="LocalUsers" class="org.apache.james.userrepository.UsersFileRepository"> + <destination URL="file://var/users/"/> + <ignoreCase>true</ignoreCase> + <enableAliases>true</enableAliases> + <enableForwarding>true</enableForwarding> + </repository> + --> + + <!-- Database backed user repositories --> + <!-- --> + <!-- Use these configurations to store user info in a database. --> + <!-- Note: The <data-source> element must refer to a connection configured --> + <!-- in the <database-connections> configuration section. --> + <!-- The LocalUsers repository, for storing James' User info. --> + <repository name="LocalUsers" class="org.apache.james.userrepository.JamesUsersJdbcRepository" destinationURL="db://maildb/users"> + <sqlFile>file://conf/sqlResources.xml</sqlFile> + <!-- Set whether user names are case sensitive or case insensitive --> + <ignoreCase>true</ignoreCase> + <!-- Set whether to enable local aliases --> + <enableAliases>true</enableAliases> + <!-- Set whether to enable forwarding --> + <enableForwarding>true</enableForwarding> + </repository> + + <!-- This is an example configuration including configuration for a list server. --> + <!-- CHECKME: before uncommenting this, edit the configuration file's contents --> + <!-- --> + <!-- Mailing list repositories --> + <!-- Add a user repository for each list --> + <!-- TODO: add more examples --> + <!-- + <repository name="list-test" class="org.apache.james.userrepository.UsersFileRepository"> + <destination URL="file://var/lists/list-test/"/> + </repository> + --> +</users-store> \ No newline at end of file Added: james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml?rev=905038&view=auto ============================================================================== --- james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml (added) +++ james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml Sun Jan 31 13:32:33 2010 @@ -0,0 +1,30 @@ +<!-- The VirtualUserTable Store block --> +<virtualusertable-store> + <!-- Configure VirtualUserTable stores here. --> + <!-- --> + <!-- If set recursiveMapping false only the first mapping will get processed. --> + <!-- Default true. --> + <!-- By setting the mappingLimit you can specify how much mapping will get processed --> + <!-- before a bounce will send. This avoid infinity loops. Default 10. --> + + <!-- The DefaultVirtualUserTable for storing James' VirtualUserTable mappings. --> + <!-- + <table name="DefaultVirtualUserTable" class="org.apache.james.vut.XMLVirtualUserTable"> + <recursiveMapping> true </recursiveMapping> + <mappingLimit> 10 </mappingLimit> + + <mapping> s...@domain=someuser </mapping> + </table> + --> + + <!-- Database backed VirtualUsertable --> + <!-- --> + <!-- Use these configurations to store the VirtualUserTable in a database. --> + + <!-- The DefaultVirtualUserTable for storing James' VirtualUserTable mappings. --> + <table name="DefaultVirtualUserTable" class="org.apache.james.vut.JDBCVirtualUserTable" destinationURL="db://maildb/VirtualUserTable"> + <recursiveMapping> true </recursiveMapping> + <mappingLimit> 10 </mappingLimit> + <sqlFile>file://conf/sqlResources.xml</sqlFile> + </table> +</virtualusertable-store> \ No newline at end of file --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
