This was the answer I was waiting :)
You can read "James is a secured mail server by default"
(http://james.apache.org/server/3/ on second tab).
This can be argued thanks to the java platforms and netty,... frameworks.
But, I would say at least:
- change password of the remote administration.
- enable username/password for jmx.
- up to the context, disable plain protocols and activate ssl protocols.
Tks,
Eric
On 23/11/2010 10:52, Raju Bitter wrote:
Thanks, I'll take test both approaches out of interest, using Spam Assasin.
Security: The minimal setup needed to make sure James is secure enough
to have it running on a live server. And I mean the bare minimum of
security. People testing James should feel save to have the software
running on a dev/testing server.
- Raju
On Tue, Nov 23, 2010 at 9:14 AM, Eric Charles<[email protected]> wrote:
"james security" is a wide subject. Which area would you like to cover?
Tks,
Eric
On 23/11/2010 00:54, Raju Bitter wrote:
Is there an up-to-date document describing what should be done for
that? I've started work on the quickstart V3 wiki page, which I'll
finish later this week
(http://wiki.apache.org/james/V3ConfigTutorial#preview), and would
like to add at least basic information to that page.
- Raju
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
