RE: Setting up of mail certificates on James

Thu, 21 Nov 2024 06:51:49 -0800 

Hi Jean,

Thank you! Please see below. 

Kind regards, Cordialement, 
Guy

-----Original Message-----
From: Jean Helou <jean.he...@gmail.com> 
Sent: November 20, 2024 4:32 PM
To: James Users List <server-user@james.apache.org>
Subject: Re: Setting up of mail certificates on James

Hi guy

> *       Anyone had success or similar issues with certificates?
THANK YOU I HAVE A SIMILAR SETUP. 

I only do SMTP but I do have SSL certificates setup for my SMTP listener on 
port 465 here is the relevant extract of my smtpserver.xml ```
    <smtpserver enabled="true">
        <jmxName>smtpserver-socketTLS</jmxName>
        <bind>0.0.0.0:465</bind>
        <connectionBacklog>200</connectionBacklog>
        <tls socketTLS="true" startTLS="false">
            <privateKey>file://conf/tls/tls.key</privateKey>
            <certificates>file://conf/tls/tls.crt</certificates>
        </tls>
        <helloName autodetect="false">james.xn--gml-cma.com</helloName>
        <connectiontimeout>360</connectiontimeout>
        <connectionLimit>0</connectionLimit>
        <connectionLimitPerIP>0</connectionLimitPerIP>
        <!--
           Authorize only local users
        -->
        <authRequired>true</authRequired>
        <auth>
            <announce>forUnauthorizedAddresses</announce>
            <requireSSL>true</requireSSL>
            <plainAuthEnabled>true</plainAuthEnabled>
        </auth>
        <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
        <!-- Trust authenticated users -->
        <verifyIdentity>false</verifyIdentity>
        <proxyRequired>false</proxyRequired>
        <maxmessagesize>0</maxmessagesize>
        <addressBracketsEnforcement>true</addressBracketsEnforcement>
        <smtpGreeting>James SMTP awesome Server</smtpGreeting>
        <handlerchain>
            <handler
class="org.apache.james.smtpserver.fastfail.ValidRcptHandler"/>
            <handler
class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
            <handler
class="org.apache.james.crowdsec.CrowdsecSMTPConnectHandler"/>
        </handlerchain>
    </smtpserver>
```
I use letsencrypt to generate the certificate so it has a proper certificate 
authority for free :D
DONE! 

it is very hard to answer the other questions without more relvant context.

> *       Can anyone suggest on where and how to configure the mail server
address in James?

I'm not sure what you mean by "mail server address" ... do you mean where to 
configure the domains which the server is expected to handle mail for ?
if so it depends on which variant of the server you are using, could be in 
domain list could be configure through api calls and stored in a database.
Which setup are you running ?

SO, I WAS WONDERING THE MAIL SERVER SUCH AS MAIL.MYWEBPAGE.COM COULD/SHOULD BE 
DEFINED IN THE DOMAINLIST.XML FILE. 

> *       Are self-signed certificates okay?
I guess but not sure how clients are going to react, at best you would get a 
warning at worst it could simply refuse to work.
CLEARLY SELF-SIGNED WERE CAUSING MY ISSUES ON IPHONE AND ELSEWHERE. 

> *       Anyone know how to submit certificates to  certificate authority?
I strongly suggest using letsencrypt
DONE! THANK YOU! 

Jean
On Wed, Nov 20, 2024 at 7:48 PM <guy.tremb...@welnx.com> wrote:

> Hi all,
>
>
>
> I struggle with mail certificates with James, and general setup. I use 
> Apache on Windows.
>
>
>
> I made self signed certificates using keytool:
>
> keytool -genkey -alias xyz -keyalg RSA -keystore conf/keystore
>
>
>
> I setup ports 993 for incoming and 465 for outgoing with login and 
> configured in the imapserver and smtpserver configuration files.
>
>
>
> I can receive or send emails on outlook in Windows. I can receive and 
> send emails on Outlook on iPhone but I don't receive new mail notifications.
>
> When I setup the email on my iphone with Mail or Gmail I struggle to 
> configure the accounts; only works on iPhone in Outlook. I managed to 
> make it working with Mail but somehow stopped working at some point.
>
>
>
> I am not sure if the self signed certificate is the issue or the James 
> configuration, or else. Perhaps I should submit a certificate to the 
> certificate authority, but I have failed so far it is quite complicated.
>
>
>
> *       Can anyone suggest on where and how to configure the mail server
> address in James?
>
> *       I configured in domainlist.xml but unsure if setup correctly
>
> *       Anyone had success or similar issues with certificates?
>
> *       Are self-signed certificates okay?
>
> *       Anyone know how to submit certificates to  certificate authority?
>
>
>
> I followed this for the most part:
>
> https://james.apache.org/server/config-ssl-tls.html
>
>
>
> Kind regards, Cordialement,
>
> Guy
>
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org

Reply via email to