[
https://issues.apache.org/jira/browse/JAMES-3215?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17135505#comment-17135505
]
Matthieu Baechler commented on JAMES-3215:
------------------------------------------
I don't like the idea of having to setup another component to handle what
should be mandatory for any service in 2020: having encryption over TCP session.
I may be wrong but I suspect all others mail servers handle TLS by themselves.
(and having encryption termination is not enough because you need to support
STARTTLS)
Also, I don't agree with this claim.
> It causes the inclusion of various libraries, and Java suuuuuucks for SSL
> support.
We depend on Java integrated support for encryption that is far from sucking
AFAIK and bouncycastle that is also quite good. Not really a lot of dependencies
I would rather open a ticket about support certificates without keystores
and/or implement letsencrypt protocol
> Remove SSL support in James
> ---------------------------
>
> Key: JAMES-3215
> URL: https://issues.apache.org/jira/browse/JAMES-3215
> Project: James Server
> Issue Type: Improvement
> Reporter: David Leangen
> Priority: Major
>
> SSL support is not working [1], and it complicates the installation process.
> It causes the inclusion of various libraries, and Java suuuuuucks for SSL
> support.
> It would make James a lot simpler to remove SSL support and make SSL
> termination somebody else's problem. These days it should be easy to use a
> proxy (like nginx) or an ingress (for example in Kubernetes) to perform SSL
> termination.
> It would be one less thing to maintain in James, one less thing that can go
> wrong, one less step to take just to get a James server working, and a step
> closer to providing good user support.
> {quote}[1] I define "working" by meaning that as a user, I follow the
> instructions but it still does not work as intended.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
