Hey Marc,
ah, I can see a lot of myself in you back when I used james first back
in 2015 or so ... maybe I can help you out on some questions as I also
learned a bit since then. But, if I fell, Benoit is one kind of a crack
on james and, as far as I remember for my questions, always has some
neat trick handy. I think he is glad to help another new user to join
this awesome project.
First, let me get on this "sent messages shows up twice in sent
folder"-thing, as it took me ages to figure it out:
To keep it short: it some wired issue when using thunderbird with james
A bit more explain: IMAP is not only capable of downloading messages
from the server but also to manage and even store messages from client
onto the server. Thunderbird is set to save a copy of the message you
sent in the users sent folder. But also: the same is true for james =P.
This is easy to fix: in thunderbird - go into account settings - select
your james mail account - navigate to "copy & folders" on the left side
- and just untick the two checkboxes labled "save copy into sent" and
"save archive" - fixed. James will do the rest for you as it always
copies a sent message - wich I personally find a neat option (but this
can be disabled in config).
Next thing you should address is a very important security thing: enable
smtp auth enforcement in smtpserver.xml by un-comment this line:
<authRequired>true</authRequired>
Why is this important? In order to receive mails from the outside world
- you have open TCP/25 to be reachable from the outside world - as this
is how SMTP works. The main catch here: Any MTA (mail transfer agent)
should only handle mails for domains it is authorized for - otherwise
you will become a realy for mails of domains wich don't belong to you.
In it's default configuration, james' SMTP server will accept any mail
from any source and realy it to any target found in "To:" address. This
is what's kown as an "open relay" and is a major security issue. By
un-comment the above mentioned line you enforce a rule, that mails to
any other target than your own domain can be send only when a connected
user has correctly authenticated (logged in for that matter). Other
client's trying to drop mails for other domains simply get an error
message denying un-authorized relay.
The last thing I set on my james is in domainlist.xml: change the
autodetect from true to false and setting my domain "cryptearth.de" as
the defaultDomain. Any thing else is ready to go by default and should
need no further touch (or, if you someone like me, using MySQL/MariaDB -
set james-database.properties to needed values).
Next step: sudo /path/to/james/bin/james start - and you should be ready
to go. After open TCP/25 for SMTP to receive mails and maybe TCP/143 for
IMAP you should be able to send and receive mails.
Oh, one more important thing: you should check domain and user by these
commands:
/path/to/james/bin/james-cli.sh -h localhost listdomains
/path/to/james/bin/james-cli.sh -h localhost listusers
The first should at least reply the domain you set in domainlist.xml as
default domain, and the latter one the user you set. When you first
start james, no users are set, so you need to add at least one:
/path/to/james/bin/james-cli.sh -h localhost adduser user@domain password
It's important, that you use the full user-name with domain-part, like
this: webmas...@cryptearth.de
Passwords are stored as MD5 hashed, but this can be changed in
usersrepository.xml to some more secure like SHA-256, wich should be
done when you use a real full-blown database server like me instead of
file-based H2 wich is stored somewhere in james' directory tree.
To add a bit more security, you can set a JavaKeyStore with a let's
encrypt certificate (I do it this way) to activate encryption on
client-to-server and server-to-server communication - but this should be
for another mail as you need some more to get this working. Unless, you
should not send sensitive data and should use a very unique password -
as with encryption also your login-data transfered un-encrypted. - But
we will come back to this in another e-mail if you like.
That's it - now you should be up and running.
Possible reasons, why you can't sent e-mails to others:
1) You're not a legitimate admin for the domain you want to use (you
have to set some specific DNS-settings to make your domain fully working
- like SPF).
2) You're tryin to use a host on your personal connection - wich should
be blocked by almost any major system
- for example: I have a root hosted at OVH in Roubaix - and a small
backup here at home right next to me
I can send mails only from my root - but not from my backup here at home
as it flagged as spam as my personal ip is well known in a "dial-up
range" used for personal internet connections ISPs offer to private
customers - although I have special contract offering my a static
assigned IP with personal reverse-entry.
3) The IP doesn't have correct reverse-PTR matching domain, it's A and
MX record - wich is also considered as spam.
wrapper.log can give you hints if it's sending correctly or if something
is wrong while trying to sent out the mail to the host. For example: If
you try to sent some mail to me, for example to
cryptea...@cryptearth.de, your log should show something like this (just
an example done on my local backup - wich actually get's delievered to
gmail):
INFO | jvm 1 | 2019/02/19 19:02:11 | INFO 19:02:11,632 |
org.apache.james.smtpserver.SendMailHandler | Successfully spooled mail
Mail1550599331039-1848bd42-356b-4fe6-959c-33c89e0f3640 from
h...@cryptearth.de on localhost/127.0.0.1 for [cryptea...@googlemail.com]
In Google, this mail looks like this:
Delivered-To: cryptea...@gmail.com
Received: by 2002:a4f:4d89:0:0:0:0:0 with SMTP id a131csp3259841ivb;
Tue, 19 Feb 2019 10:02:15 -0800 (PST)
X-Google-Smtp-Source:
AHgI3Ia9mVf1zqhOXrqseW+K24FVYgYWRLDICEo1/5pydarEFonG16/wkqk7GrAg5559aXQLVe28
X-Received: by 2002:a17:906:1611:: with SMTP id
m17mr21353835ejd.237.1550599335000;
Tue, 19 Feb 2019 10:02:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1550599334; cv=none;
d=google.com; s=arc-20160816;
b=Jr7FnAhVUYDKWmb2SU2FG+1HwJjInZ1zxedaT5O4FuG4DlzUSYRJ6karbBugSGXXZQ
Gkzw5HA5kwUOpt+qxsckfPps6/+myjPkjK8PhIDl5IZ6/Soxupvse2GujFCqLrGHuCAA
m/ZbEHwTohjtrYlS4UpHytehRX5O19e8WNxziYI5OzmNzYjYiwv5NdVBAofMZvRgyo3X
LgOWW8zxZzDcENy/qLO1LBNwAAHxs6Q13Z2or/QK+c2MFpRQ14QWqUmaFjtLZmAtJ0vk
BuZrK3Ae6p6+91Nf9e8vjaAVJ5S2IY+lCBz5+9GhcFjWOtgPWRnA6OuPC74LKhgqedJa
MhBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=subject:to:from:message-id:date;
bh=fdkeB/A0FkbVP2k4J4pNPoeWH6vqBm9+b0C3OY87Cw8=;
b=LBrinwlcWwi5I9grr2K/8Ku9QQwTH+ox7PS+J3SKAwb9lAFAeIab2MNPiAqOpPxzl5
GC7potmHn0jiemuvDGiDruDkfuSEBHIikzO6+slCevxvTAbvkj3PYSPTXsunShLPPy7N
UCMw+sgSd7ZLczvsd0Tv2zRkth0xMUr0Qc9psXyOr1TaRtULwIo2pLykgi2EABalZiqo
Lh7aDp8zJFhZjDZuHQ7i2WOXw5AE2g06BknsD8VKjjocfiaYSGJh6G8p0DdrFBOqnqiP
AQt3yhpxgkf/OZQ556BL2og5xV962SfS8hSjakcv2bwGzF/11TV+QuhKCHsfH1XgfqoK
jVNA==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of h...@cryptearth.de designates
213.211.219.9 as permitted sender) smtp.mailfrom=h...@cryptearth.de
Return-Path: <h...@cryptearth.de>
Received: from home.cryptearth.de (home.cryptearth.de. [213.211.219.9])
by mx.google.com with ESMTPS id l24si2214636edc.223.2019.02.19.10.02.14
for <cryptea...@gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Tue, 19 Feb 2019 10:02:14 -0800 (PST)
Received-SPF: pass (google.com: domain of h...@cryptearth.de designates
213.211.219.9 as permitted sender) client-ip=213.211.219.9;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of h...@cryptearth.de designates
213.211.219.9 as permitted sender) smtp.mailfrom=h...@cryptearth.de
Date: Tue, 19 Feb 2019 10:02:14 -0800 (PST)
Message-Id: <5c6c44a6.1c69fb81.c8c8b.a93dsmtpin_added_miss...@mx.google.com>
Received: from localhost (EHLO localhost) ([127.0.0.1])
by home.cryptearth.de (JAMES SMTP Server ) with ESMTP ID -1791581771
for <cryptea...@googlemail.com>;
Tue, 19 Feb 2019 19:01:58 +0100 (CET)
From: h...@cryptearth.de
To: cryptea...@googlemail.com
Subject: Test
Test
As you can see - google checks my SPF domain records wich contains my
personal IP 213.211.219.9 wich is assigned to me by my local ISP and
matches one of my MX records - also my IP is only in just one
black-list-service wich matches my range 213.211.219.0/24 as assigned
from RIPE NCC to my local uplink-service MD-Link - as I regular check
for such entries and request de-listings to keep my domain and it's
mail-servers as available as possible.
Also worth to note: google says: "by ESMTPS with cipher ..." wich means
that not only the connection between my local client to my local
james-server was encrypted (well, in this case it wasn't as I used
telnet on localhost), but also the way from my local server to gmail -
more security can only be served by encrypting the mail itself.
Just try to sent me a mail from your james and show us the logs - then
we can try to figure out what went wrong while your james tried to
deliver your mail to my server.
Sorry for this way to long mail - I know it's most likely against
list-rules as it spams everyone subscribed - but I'm used to boards like
coderanch where you can split up long posts into smaller ones - but I
didn't want to spam with multiple messages - I still have to learn how
to use this sort of communication.
Matt
Am 19.02.2019 um 07:39 schrieb Marc Chamberlin:
I should have mentioned I am working with the imap server on James, not
pop3... Marc..
On 02/18/2019 05:26 PM, Marc Chamberlin wrote:
Thanks Matt, you were correct, I needed to install the java-devel
packages. Maven then ran fine, kinda scary actually watching it run!
That is a LOT of code being downloaded and processed! I will table the
systemd issue for now and just concentrate on getting James running. I
like your idea of using crontab to work around it for now...
Any wise, I installed the new version of James 3.4 and got closer to
getting it up and running. I set it up with one domain and one user
(myself) and I can now send and receive email to/from myself on it. But
I cannot send an outgoing email to anywhere else! I am using Thunderbird
to test it with and when I try to send an outgoing email to some other
domain, something weird is happening. It acts as if it sent it OK, but
it is showing up in the sent folder, in Thunderbird, twice! I tried to
send an email from my account on James to a GMail account I have and it
never showed up, so something is failing still.
Going in the other direction, if I send an email from an outside server
to my account on James, I do receive it OK.
BTW this latest version of James did not fix the log file problems I
reported earlier. Marc..
On 02/18/2019 11:12 AM, cryptearth wrote:
Well, for me, I just added "@reboot /path/to/james/bin/james start" to
my root crontab - no need for init.d/systemd.
As the issue arised after you let systemctl create files - seems
something went wrong there.
As for your maven issue: do you have java-devel installed?
Matt
Am 18.02.2019 um 03:40 schrieb Benoit Tellier:
I am not sure you can use "james script" directly like this as a initd
script.
What we do use in docker (and thus is maintained) is
./bin/wrapper-linux-x86-64 conf/wrapper.conf wrapper.syslog.ident=james
wrapper.pidfile=var/james.pid wrapper.daemonize=FALSE
Cheers,
Benoit
On 2/18/19 7:39 a ²M, Marc Chamberlin wrote:
Hi Matt, thanks for responding! It appears to me that "classpath" is
actually defined in the startup scripts. There are two different
scripts
used to start the james server, either "james" or "run.sh". I do not
believe "classpath" is defined in any of the config files themselves. I
am not using "run.sh" to start the james server, instead I noted that
the james script is configured with the classic init.d entry points -
start, stop, restart, etc. I modified the "james" script slightly so
that I could run james as a systemd service instead (see below). At
this
point I strongly suspect that the definition of environment variables,
using the james startup script, is failing, so I am pursuing this to
see what is going on. However, running james as a systemd service does
not seem to be the problem, even if I just run the james startup script
by itself, not as a service, I am still getting the same failure with
the "classpath" variable.
If anyone has ported james to run as a systemd service I would much
appreciate knowing how you did it. What I have done was to add the
init.d initialization comments to the beginning of the james shell
script then let systemd take it from there to create the actual
.service
files -
added to beginning of the james startup script to define init.d
runlevels -
### BEGIN INIT INFO
# Provides: james
# Required-Start: $network $syslog $time
# Required-Stop: $network $syslog $time
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: Initscript for Apache James Mail Server
### END INIT INFO
and FYI these are the steps I then took to set up the init.d services
and then convert them to systemd services on OpenSuSE Leap 15.0 -
First I created a soft link from /etc/init.d to the james startup
script -
ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
/etc/init.d/james
Next install in james script into the various init.d runlevels
cd /etc/init.d
insserv james
Next set up the systemd files from the new init.d configuration files
and start the service.
systemctl daemon-reload
systemctl start james.service
The james service does start up OK and will report that it is running
when checking on it's status. It is just not working properly in
accepting connections or doing the various tasks that the service
should
be doing and my goal at this point is to resolve any and all exceptions
that are occurring such as this one.
Marc...
On 02/17/2019 06:01 AM, cryptearth wrote:
Hey Marc, Matt here.
The provided stack only says that you given "classpath" to some
parameter wich expectes a url in some config file. So I guess it could
help if you also show the config where you set "classpath" so one can
figure out, if "classpath" is a legal input for the setting you set
it.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
