[jira] [Closed] (JAMES-4183) SMTP ip whitelist: ability to limit senders

Fri, 06 Mar 2026 12:28:09 -0800 


     [ 
https://issues.apache.org/jira/browse/JAMES-4183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benoit Tellier closed JAMES-4183.
---------------------------------
    Resolution: Fixed

> SMTP ip whitelist: ability to limit senders
> -------------------------------------------
>
>                 Key: JAMES-4183
>                 URL: https://issues.apache.org/jira/browse/JAMES-4183
>             Project: James Server
>          Issue Type: Improvement
>          Components: SMTPServer
>            Reporter: Benoit Tellier
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> h3. Why?
> Customer use case: then use SMTP ip whitelisting for sending emails from 3rd 
> party apps, which do not (easily) support authentication. (ahhhhh printers... 
> )
> The problem is that emails sent from these IP are able to send emails with 
> any sender which is freely accepted by the James server. My customer wishes a 
> way to limit the senders that could be used from those hosts.
> h3. How?
> Have a extra Mail SMTP hooks that allows configuring allowed senders for 
> emails originating from the IP whitelist.
> Current proposal:
> {code:java}
>     <smtpserver enabled="true">
>         <bind>0.0.0.0:25</bind>
>         <!-- ... -->
>         <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
>         <!-- ... -->
>         <handlerchain>
>             <handler 
> class="org.apache.james.smtpserver.fastfail.AllowedUnauthenticatedSender">
>                 <allowedSenders>
>                     <allowedSender>[email protected]</allowedSender> <!-- 
> allowed for all unauthenticated users sending from allowed Ips-->
>                     <allowedSender 
> fromIps="172.34.56.0/24,172.34.53.123/32">[email protected]</allowedSender>
>  <!-- Ability to say which host can be used where -->
>                 </allowedSenders>
>             </handler>
>             <handler 
> class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
>         </handlerchain>
>     </smtpserver>
> {code}
> This hook would trigger if:
>   - Relaying is allowed
>   - No user is set



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to