Support multiple port configurations per protocol
-------------------------------------------------
Key: JAMES-1105
URL: https://issues.apache.org/jira/browse/JAMES-1105
Project: JAMES Server
Issue Type: Improvement
Components: IMAPServer, POP3Server, SMTPServer
Affects Versions: 3.0-M1
Reporter: Patrick Pyette
A single instance of James should be able to accept connections on multiple
ports for each protocol. As an example, I want to have the following SMTP
connections:
port 25: no authorization, no relaying
port 465: STARTTLS, AUTH required, relaying allowed
port 587: SMTP/TLS, AUTH required, relaying allowed.
I can set up the relaying decision with a mailet/matcher, but having multiple
port configurations per protocol allow me to deploy James as a primary
multi-domain mail server.
The config files might look something like:
<!-- The SMTP server is enabled by default -->
<!-- Disabling blocks will stop them from listening, -->
<!-- but does not free as many resources as removing them would -->
<smtpserver enabled="true">
<!--
Port 25 is the well-known/IANA registered port for SMTP.
Port 465 is the well-known/IANA registered port for SMTP over TLS.
-->
<endpoints>
<endpoint port="465">
<!-- Uncomment this if you want to bind this port to a specific
inetaddress -->
<!-- Please NOTE: you should add this IP also to your
RemoteAddrNotInNetwork -->
<!-- in order to avoid relay check for locallly generated bounces -->
<!--
<bind> </bind>
-->
<!-- Set to true to support STARTTLS or TLS for the Socket.
To use this you need to copy sunjce_provider.jar to /path/james/lib
directory.
-->
<tls socketTLS="false" startTLS="true">
<!-- To create a new keystore execute:
keytool -genkey -alias james -keyalg RSA -keystore
/path/to/james/conf/keystore
-->
<keystore>file://conf/keystore</keystore>
<secret>changeit</secret>
<provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
</tls>
<!-- Uncomment this if you want to require SMTP authentication.
supported values:
true: required but announced only to not authorizedAddresses
false: don't use AUTH
announce: like true, but always announce AUTH capability to
clients
The correct behaviour per RFC value would be false or announce
but we still support true for backward compatibility and because
some webmail client fails when AUTH is announced but no
authentication
information has been provided
-->
<authRequired>announce</authRequired>
<!-- Uncomment this if you want to authorize specific
addresses/networks.
If you use SMTP AUTH, addresses that match those specified here
will
be permitted to relay without SMTP AUTH. If you do not use SMTP
AUTH, and you specify addreses here, then only addresses that
match
those specified will be permitted to relay.
Addresses may be specified as a an IP address or domain name,
with an
optional netmask, e.g.,
127.*, 127.0.0.0/8, 127.0.0.0/255.0.0.0, and localhost/8 are all
the same
See also the RemoteAddrNotInNetwork matcher in the transport
processor.
You would generally use one OR the other approach.
-->
<!--
<authorizedAddresses>127.0.0.0/8</authorizedAddresses>
-->
<!-- Uncomment this if you want to verify sender addresses, ensuring
that -->
<!-- the sender address matches the user who has authenticated. -->
<!-- This prevents a user of your mail server from acting as someone
else -->
<!-- If unspecified, default value is true -->
<!--
<verifyIdentity>true</verifyIdentity>
-->
</endpoint>
<endpoint port="587">
...
</endpoint>
</endpoints>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
