Hi Timothy,
See answers in line.
Thx, Eric
On 04/29/2012 08:04 PM, Timothy Prepscius wrote:
Hello,
I've been researching whether an idea I have is technically feasible.
I think it might be, if the 551 User not local; please try<forward-path> is
implemented generally.
Can you give more details on what you are asking?
But I thought I would ask the experts :-)
-----------
Here is my technical question:
I want to set up a mail server that:
1. waits for an incoming mail.
2. on RCPT TO:
A. starts a single servlet listening on a specific-ip, which will
accept a single message, write it to disk.
B. specifies to the sender to forward to a specific
[email protected]_domain.net.
James uses mailets to process mails. It will not start any servlet.
Rather, you have to implement the logic in your own mailet.
See http://james.apache.org/server/3/dev-extend-mailet.html
Would this raise problems? Forwarding all messages?
Another solution I can see, might be if I can tell an ssl connection to "re-verify,
re-initiate, re-set" it self somehow.
I haven't figured out how to do this, or if there is a way.
You should not hook in the SSL protocol? Why do you need this?
------
Here is the larger problem I'm trying to solve:
Sorry, I'm lost here...
I would like to set up a gmail type service.
Except each user would own the "data-store," and as well, own the "receiver" of
the their messages.
So I would run an email service.
Each user would give me a receiver java class. (or just pick the default)
Each user would give me a data store to write to. (s3.amazon most likely)
I would sit waiting for an email, I get a header for John.
I *do not* read the contents of the email.
Instead I load John's receiver java class and tell the sender to re-initiate
the transfer using (I would like a specific port, but I don't see any
references to ports in the smtp docs) a specific IP.
John's script will load and bind to that ip, receive the email, encrypt it with
a public key.
I write the encrypted email to the data store specified by john.
John owns all of his data, I am merely the "router."
--
The reason I want to re-initiate the connection between the sender and the receiver, is
John considers me "untrusted."
Unfortunately, I can't see any way of convincing John that I don't become a
MITM in the final SSL exchange.
(I could accept the entire message, and then synthesize the connection to John's
"receiver.")
I sort of wonder whether I should keep the same connection, but have John issue the
"DATA" request.
But then I could observe the connection. MITM would simple as pie.
Of course, even with a separate connection, if I am using the JVM I can observe
anything he does anyway.
Even if I were to separate the process, I could observe the state of the JVM
machine.
Even if there were no JVM, I could still inspect his process.
Hmm...
I wish there were some way that I could create a "secure JVM process" with an
"execution time limit."
Oh well.
-------
Any thoughts?
Even if I am not able to assure no MITM I would like to implement the "pass a ssl connection" to a "user
provided receiver class" and have that "receiver class" write to a "pipe" which I then write
to s3.
Do able with James?
Thanks for your time,
-tim
--
eric | http://about.echarles.net | @echarles
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
