Benoit Tellier created JAMES-3823:
-------------------------------------
Summary: Implement RFC-8689 RequireTLS
Key: JAMES-3823
URL: https://issues.apache.org/jira/browse/JAMES-3823
Project: James Server
Issue Type: New Feature
Components: SMTPServer
Reporter: Benoit Tellier
Implement https://datatracker.ietf.org/doc/rfc8689/
Abstract:
{code:java}
The SMTP STARTTLS option, used in negotiating transport-level
encryption of SMTP connections, is not as useful from a security
standpoint as it might be because of its opportunistic nature;
message delivery is, by default, prioritized over security. This
document describes an SMTP service extension, REQUIRETLS, and a
message header field, TLS-Required. If the REQUIRETLS option or TLS-
Required message header field is used when sending a message, it
asserts a request on the part of the message sender to override the
default negotiation of TLS, [..] by requiring that TLS be
negotiated when the message is relayed [..].
{code}
Use it on the `smtpserver.xml` `requireSSL` option...
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
