Hello there,
big thanks goes to Benoit Tellier for pushing me into the right
direction where to look.
As I currently have some applications running for a new assignment (as
IT systems integrator) I simply can't risk to miss the replies - so I
activated outgoing StartTLS only for now, but I will get back to set-up
SPF after I got my new job. I also activated the already built-in
handlers for ClamD/Amavis and Spam-Assassin.
Maybe this should be its own topic - but may let me ask another
side-question wich somehow is related: As the current build doesn't
offer some config to enforce StartTLS but only hooks and mailets - is it
possible to simply hook the current code with some addition lines of
code to check if TLS was already done or do I need to re-write some of
the codes and also adjust the tests to implement an enforcement to use
StartTLS?
yours,
Matt
Am 15.12.2016 um 02:56 schrieb Benoit Tellier:
Hi Matt,
My company is actively contributing to James and I would be glad to help
you on these topics.
# SSL / StartTLS between Mail servers
It is configurable. These configuration options are passed to the javax
Transport, wich takes care of delivery.
Look at the RemoteDelivery mailet, in transport processor, in
mailetcontainer.xml configuration file. You can add parameters to it to
enforce SSL or StartTLS.
Adding :
```
<startTLS>true</startTLS>
or
<sslEnable></sslEnable>
```
# SPF and Dkim
For this, the project provides two types of integration :
- mailets, applied after the mail queue
- SMTP hooks, applied before
Converning SPF :
server/mailets provides it. You can add it to mailetcontainer.xml. See
the java class for explaination about configuration (javadoc). You
should know that this mailet only attach informations about SPF to the
mail, you should then add your rules.
org.apache.james.smtpserver.fastfail.SPFHandler might also interest you.
Converning DKIM, there is a mailet in https://github.com/apache/james-jdkim
I never tried those. So I'm interested by your returns.
# Keystore password and Keypassword.
I've already seen this issue. However I don't think it is a high
priority problem, as Keystore holds one key, and both passwords will
appear in configuration. If you don't want to use the same key
everywhere in James, and want to use different passwords, you can have
several keystore.
You are more than welcome ! Welcome on board !
Yours,
Benoit
Le 15/12/2016 à 03:41, cryptearth a écrit :
Hello there everyone, my name is Matt from Germany.
As I struggeled a bit to get the current james build up and running (compiled
from source), I was finally able to set it up so I can send and receive mails
over my root server. Also I got STARTTLS running (some hint: you need to set
keystore-password and key-password the same - this could be a security issue
and maybe schould advanced to support different keystore and key passwords) so
the connection between my mail client and the server is encrypted, but sadly
this isn't true for connections to and from other mail servers. But this should
be another topic.
My current problem is: How do I use the add-ons like jSPF or jDKIM as
spam-protection?
Sadly I couldn't find any information neither in the docs (or I missed them)
nor by asking Google (wich mostly led me to the repos or the main site).
Any help is appreciated, but don't need to be asap as my domain and mail-system
is used by myself for private personal use only.
side note: As this is my first time using a mail-list I'm sorry for violating
any rules. I've read your guidelines and googled on how about to use
mail-lists, but I'm more into standard forums.
Thanks in advance to anyone who spares some minutes.
yours Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
