Dear James Community,
Over the last two years, we at Akquinet have developed an email solution
for the medical and healthcare sector. We chose Apache James for this
project because it provides
- a robust clustering solution out of the box,
- a comprehensive WebAdmin REST interface for integration with other
product components,
- a flexible Mailet architecture easily adapting to our specific
requirements,
- an open source solution with an active community and commercial
support where needed.
Our deployment uses the distributed-pop3 app variant, with multiple
James server instances running on top of a Cassandra cluster,
S3-compatible blob storage and RabbitMQ. The choice of POP3 may seem
strange, but our customers typically employ third party systems for
semi-automatic mail processing. For this use case, POP3 enables much
simpler systems integration than the more complex protocols.
Despite Apache James being a very flexible solution, we encountered a
few situations during development where we had to change the original
codebase in order to meet our requirements. We believe these changes
might well be of interest to the James community at large, and in the
spirit of open source we would like to share them with you!
Over the next few weeks we plan to create Jira tickes and pull requests
for the features below. Let us know what you think, and which you would
like to see first!
(The list includes a complexity estimate in T-Shirt size, where S is
just a few / localized changes and L is a lot of code / all over the place.)
SECURITY ENHANCEMENTS
# TLS authentication via client certificate (M)
Add options to network server configurations to set certificate-based
authentication mode (none, want, need), and the associated trust store
to validate these client certificates. Useful to limit server access to
trusted partners/users.
# Separate trust store for S3 (M)
Extend blob store configuration to specify a trust store, which is used
to validate the S3 server certificate. Useful if also using TLS client
cert authentication (see above) to keep the security realms separate.
# Delay on authentication failure (S)
Add an option verifyFailureDelay to usersrepository.xml to delay the
response if someone tries to authenticate with a non-existing user or
wrong password. Basic protection against people using James as a
password oracle for brute-force/dictionary attacks.
# Support password salting (M) *
Add extra hashingMode choices in usersrepository.xml ("salted",
"legacy_salted") to include the user name in the password hash. Basic
protection against rainbow table cracking if someone ever manages to
steal the password database.
# Gradual migration of password hash settings (L) *
Add a hashingMode column to the user table, use it together with the
algorithm column to verify password hashes. But use the configured
algorithm and hashingMode from usersrepository.xml when updating the
password. This way, the user database can gradually migrate to a
different (hopefully stronger) security setting. Useful to get rid of
the legacy hashing mode, and to introduce password salting (see above).
*NOTE: Currently only works with Cassandra/Memory, but should be
possible for JPA as well if someone more experienced with this server
variant would like to tackle it.
POP3 ENHANCEMENTS
# Fix WebAdmin routes for POP3 (S) - already submitted
Include WebAdmin routes and example configuration for managing the
DeletedMessagesVault in the distributed-pop3 server variant.
# Add Glowroot instrumentation for POP3 (S)
Minor refactoring of POP3 command handlers, and matching glowroot
configurations. Better diagnostics on what is going on in POP3 handling.
# Configure restore location for deleted messages (S)
Add an option to specify which mailbox receives any restored messages
from the DeletedMessagesVault, e.g. "INBOX" instead of the default
"Restored-Messages". Required since POP3 cannot access other mailboxes
than INBOX.
GENERAL FEATURES
# Extra system properties (S)
Read a properties file immediately at server startup and set them as
system properties. Useful to keep command line clutter down and manageable.
# Check user credentials via WebAdmin (M)
Provide a WebAdmin route to check a username/password combination.
Reports 204 on success and 401 on failure. Useful for integrating James
with 3rd party services, e.g. a web admin GUI for users.
# Generalized vacation handling, including via WebAdmin (L)
Refactor the vacation handling code out of JMAP space and make it a
general James feature. Add a WebAdmin route to query and change a user's
vacation notice. Useful for integrating James with 3rd party services,
e.g. a web admin GUI.
Regards,
Karsten Otto
--
akquinet tech@spree GmbH
Bülowstraße 66 • D-10783 Berlin
Tel: +49 30 235520-0
Fax: +49 30 217520-12
E-Mail: [email protected]
Web: www.akquinet.de
Geschäftsführung: Martin Weber, Dr. Torsten Fink, Heinz Wilming
Amtsgericht Berlin HRB 86780 • USt.-Id. Nr.: DE 225 964 680
