Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 03:58
    quantranhong1999 synchronize #1220
  • 02:09
    chibenwa ready_for_review #1221
  • 01:55
    chibenwa synchronize #1213
  • 01:53
    vttranlina commented #1221
  • 01:37
    chibenwa commented #1221
  • 01:36

    chibenwa on master

    JAMES-3827 Improve indexing of … (compare)

  • 01:36
    chibenwa closed #1212
  • 01:34

    chibenwa on master

    JAMES-3820 implement DNSRBLHand… JAMES-3820 change SenderAuthIde… JAMES-3820 change ResolvableEhl… and 5 more (compare)

  • 01:34
    chibenwa closed #1207
  • 01:33

    chibenwa on master

    JAMES-3825 Cancel tasks upon gr… (compare)

  • 01:33
    chibenwa closed #1214
  • 01:33

    chibenwa on master

    [FIX] Avoid always logging "not… [FIX] DownloadRoutes: reactify … (compare)

  • 01:33
    chibenwa closed #1215
  • 01:33

    chibenwa on master

    JAMES-3604 Fix issue when creat… (compare)

  • 01:33
    chibenwa closed #1216
  • 01:32

    chibenwa on master

    JAMES-3775 Prevent verbose logs… (compare)

  • 01:32
    chibenwa closed #1218
  • 01:21
    vttranlina commented #1208
  • Oct 02 06:32
    chibenwa synchronize #1213
  • Oct 02 06:22
    chibenwa synchronize #1213
sq
@toor:matrix.clandestine.network
[m]
you can give it a shot it might work actually
what I do is just
for each of these do
auget
@auget:matrix.org
[m]
ok
sq
@toor:matrix.clandestine.network
[m]
docker-compose up --no-start
and that will just create the container without starting it and it will create any networks that it owns
you can skip the traefik one
but run docker-compose up --no-start for all the others
then you can docker start the containers each once you have done that
if you try to run docker-compose up without --no-start before creating all of them that way then it will fail eventually because there are network dependencies from one dockerfile to the next and they reference each other as you'll see
it's kind of a weird way of thinking about how to make really large interdependent stuff but it really simplifies things ultimately when you start getting into stuff that has a large number of things that may or may not be desired
I donno I spent a good amount of time thinking about how to make compose work for me and this was all ultimately what it came down to
sq
@toor:matrix.clandestine.network
[m]
ipam is a bit of a bitch if you're not any good at segmenting and I wrote an IPAM driver for docker but it needs a rewrite and so far I haven't really needed it
but if all goes right you'll arrive at something like this
smtp_1  | 20:29:36.733 [INFO ] o.a.j.m.i.JamesMailSpooler - init...
smtp_1  | 20:29:36.733 [INFO ] o.a.j.m.i.JamesMailSpooler - Concurrency level is 20
smtp_1  | 20:29:36.763 [INFO ] o.a.j.m.i.JamesMailSpooler - Spooler started
smtp_1  | 20:29:36.781 [INFO ] o.a.j.m.m.MailboxListenersLoaderImpl - Loading user registered mailbox listeners
smtp_1  | 20:29:36.846 [INFO ] o.a.j.m.m.MailboxListenersLoaderImpl - Loading user registered mailbox listener ClassName{name=org.apache.james.mailbox.spamassassin.SpamAssassinListener}
smtp_1  | 20:29:36.866 [INFO ] o.a.j.CONFIGURATION - Load configuration file /root/conf/spamassassin.properties
smtp_1  | 20:29:36.867 [WARN ] o.a.j.m.s.SpamAssassinListenerModule - Could not find spamassassin configuration file. Disabling this service.
smtp_1  | 20:29:36.930 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - IMAP Service disabled by configuration
smtp_1  | 20:29:36.931 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - IMAP Service disabled by configuration
smtp_1  | 20:29:36.933 [INFO ] o.a.j.s.c.c.FileConfigurationProvider - Unable to locate configuration file lmtpserver.xml, assuming empty configuration
smtp_1  | 20:29:36.950 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - Manage Sieve Service disabled by configuration
smtp_1  | 20:29:36.960 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - POP3 Service disabled by configuration
smtp_1  | 20:29:36.976 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - SMTP Service bound to: 0.0.0.0:25
smtp_1  | 20:29:36.978 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - SMTP Service is running on: smtp
smtp_1  | 20:29:36.978 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - SMTP Service handler hello name is: smtp
smtp_1  | 20:29:36.979 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - SMTP Service handler connection timeout is: 360
smtp_1  | 20:29:36.979 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - SMTP Service connection backlog is: 200
smtp_1  | 20:29:36.985 [INFO ] o.a.j.s.n.SMTPServer - No maximum message size is enforced for this server.
smtp_1  | 20:29:36.985 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - SMTP Service disabled by configuration
smtp_1  | 20:29:36.986 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - SMTP Service disabled by configuration
smtp_1  | 20:29:37.153 [INFO ] o.a.j.s.n.SMTPServer - Authorized addresses: [127.0.0.0/255.0.0.0]
smtp_1  | 20:29:37.252 [INFO ] o.a.j.p.l.n.AbstractConfigurableAsyncServer - Init SMTP Service done
smtp_1  | 20:29:37.357 [INFO ] o.a.j.w.WebAdminServer - Web admin set up to enable CORS from *
smtp_1  | 20:29:37.526 [INFO ] o.a.j.w.WebAdminServer - Web admin server started
smtp_1  | 20:29:37.775 [INFO ] o.a.j.m.s.JMXServer - JMX server started
smtp_1  | 20:29:37.804 [INFO ] o.a.j.GuiceJamesServer - JAMES server started
sq
@toor:matrix.clandestine.network
[m]
auget
@auget:matrix.org
[m]
Hello
It don't work
Cogaidean
@Cogaidean

I am having a bit of trouble sending messages to outside email address. I've been going over the instructions and reading all the documentation and I just can't seem to figure out why the relay is being denied. I am requiring authentication on SMTP, and I am authenticating with the user account and password of the sending address, but I am still getting this:

Apache.james.smtpserver.AuthRequiredToRelayRcptHook: result= (DENY CONNECTED) and I can't understand why -- I am also trying to figure out how to turn on detailed logging and it seems the documentation is out of date regarding that.

20-Jul-2022 21:13:53.611 INFO [smtpserver-executor-11] org.apache.james.protocols.netty.BasicChannelUpstreamHandler.channelConnected:112 - Connection established from 172.1.225.---
20-Jul-2022 21:13:53.756 INFO [smtpserver-executor-17] org.apache.james.protocols.smtp.core.log.HookResultLogger.onHookResult:45 - org.apache.james.smtpserver.AuthRequiredToRelayRcptHook: result= (DENY CONNECTED)
20-Jul-2022 21:13:53.808 INFO [smtpserver-executor-20] org.apache.james.protocols.netty.BasicChannelUpstreamHandler.channelClosed:190 - Connection closed for 172.1.225.---
Cogaidean
@Cogaidean

And the mail client shows this error:

"The message could not be sent. The setting for your outgoing email [SMTP] server might need to be configured.
Subject 'Re: BIG TIME TEST'
Server Error: 550
Server Response: 550 5.7.1 Requested action not taken: relaying denied
Server: 'xxx.xxx.xxx'
Windows Live Mail Error ID: 0x800CCC79
Protocol: SMTP
Port: 587
Secure(SSL): No"

of course when sending to an internal address it works fine.
Cogaidean
@Cogaidean
I did figure this out -- I had to remove a setting block in the mailetcontainer.xml ( <mailet match="RemoteAddrNotInNetwork=127.0.0.1" block), and I also had to add <authRequired>true</authRequired> in the smtpserver.xml which I thought was deprecated but apparently still has some use although the documentation does say something about one or the other this was the only configuration I could get to work but working it is!
Elliott Pope
@elliott-pope-smarsh
Hi, I've been using Apache James JPA in a Docker container for testing out an app that uses SMTP and IMAP and I was wondering if someone could give me any info on why BCC headers are removed when persisting the message to the DB. I've tried removing the RemoveMimeHeader Mailet from the mailetcontainer.xml but this line crashes the server if it is not present. The app I'm testing needs the BCC header for processing so I'm wondering why this behavior is not configurable or even why it is there in the first place.
1 reply
jsbraich
@jsbraich
Hello, one question regarding persistence of user aliases. I am using james-server-jpa-guice with mysql backend, I created an alias on existing user, but I cannot find how and where that alias gets persisted in the DB (or elsewhere). Restarting the service appears to recognize the alias being created, so it must have gotten persisted somewhere. So any hints on this will be helpful.
2 replies
cpv
@cpv:matrix.org
[m]
hi, I'm trying to migrate from Apache James Server 2.3.2 version to 3.7.0 the latest. In the old version, the setup had two mail inboxes under /var/mail. How can I achieve a similar setup in the latest version. I tried looking into various configuration files in the JPA James server 3.7.0 version however I couldn't narrow down. Please help.
6 replies
cpv
@cpv:matrix.org
[m]
how can I configure James to use MailDir as storage for user mailboxes ..esp for the JPA James 3.7.0 version?
1 reply
cpv
@cpv:matrix.org
[m]
Also, in the 2.3.2 version I see that we have a specific tag <inboxRepository></inboxRespository> in the config.xml file wherein I can specify the path. In the latest version I see the configs have been split across multiple files. How do I figure out where this mapping should go? I did not see any specific relevant examples on the site.
3 replies
Additionally is the file storage option still available in the latest version? <repository destinationURL="file//var/mail/inbox/" type="MAIL"/>?
techkatta
@techkatta
Hello all, in Apache James, do we have any feature like IP based rate limiting (throttling the number of attempted recipients per hour separately for each IP address for each domain) ?. i.e Limit the attempted delivery rate for each IP address to the respective domains. Would appreciate any suggestions.
2 replies
krishnababu566
@krishnababu566

Hello all, in Apache James, do we have any feature like IP based rate limiting (throttling the number of attempted recipients per hour separately for each IP address for each domain) ?. i.e Limit the attempted delivery rate for each IP address to the respective domains. Would appreciate any suggestions.

Looking for same, @chibenwa please guide us how can we achieve domain wise rate limiting using james.

5 replies
ouvtam
@ouvtam:matrix.org
[m]
One question about STARTTLS and SMTP. In the provided documentation and in all sample configurations in the codebase (James 3.7.x) is startTLS=true only mentioned for SMTP port 465/587 but never for port 25. Should it not be the default case to enable STARTTLS for port 25 to allow upgrading an unencrypted connection?
ouvtam
@ouvtam:matrix.org
[m]

One question about STARTTLS and SMTP. In the provided documentation and in all sample configurations in the codebase (James 3.7.x) is startTLS=true only mentioned for SMTP port 465/587 but never for port 25. Should it not be the default case to enable STARTTLS for port 25 to allow upgrading an unencrypted connection?

In the security checklist (JAMES-3692) it is mentioned, though: "We recommend keeping STARTTLS activated for SMTP port 25."

Benoit TELLIER
@chibenwa
Yes it is better to enable starttls on port 25 as it allows opportunistic ssl upgrades upon mail relay. We should adapt default conf. Contributions welcomed.
jsbraich
@jsbraich
So for mailets ( for example GenericMatcher) we can implement custom logic based on a given Mail mail object. This mail object doesn't appear to have mail.setFrom or mail.setSender is there a recommended way of re-writing/modifying sender address in this mail object?
2 replies
ouvtam
@ouvtam:matrix.org
[m]
I'm looking to configure James to manage mail queues (spool, outgoing). We are using James 3.7 with Guice and ActiveMQ. I saw JMX support is available but WebAdmin is preferred for managing James. In case of a spam wave where a lot of mails are in the spool queue we would like to pause James, check out the spool mail items through WebAdmin and stash some queued mail items for further inspection. Currently, WebAdmin has no feature to "stash" (like "git stash") queue items. Before implementing such a feature I wanted to know if there is another solution to my use case? Any suggestions?
3 replies
Ilja Weis
@iljaweis
Hello, I'm currently investigating some performance problems around the Mail Queue in RabbitMQ und Cassandra, especially enqueuedmailsv4. From reading https://github.com/apache/james-project/blob/master/src/adr/0031-distributed-mail-queue.md and https://github.com/apache/james-project/blob/master/src/adr/0032-distributed-mail-queue-cleanup.md it is my understanding that the content of the tables "contentstart" and "browsestart" indicate the oldest dates where we should start processing entries from enqueuedmailsv4. However, the content of both contentstart and browsestart for all queues is stuck at "2022-07-12 14:00:00" and does not change. The result is that we're querying lots of "old" data from enqueuedmailsv4, but our queues (judging from RabbitMQ) appear to be basically empty all the time. The value of updateBrowseStartPace is 1000, the default. We're using distributed-pop3-app. Is this behaviour expected, or if not, is there something I could look at? Thanks.
25 replies
matthewhallinan
@matthewhallinan
Hey all 👋 I have a question regarding the auth.oidc tags for James. My understanding is that they require a user to sign in as part of the process. It's basically using the OAuth Auth Code Flow, right?
Is it possible to use the OIDC tags for server-to-server processes, where there will be no user and thus no user login? E.g. if you have a mail client that will automatically send mail through a James server using OAuth. This would presumably need to use Client Credentials flow in OAuth, since there should be no user interaction.
Is it possible with the auth.oidc tags? Or with James in general?
4 replies
Gyeongmin Go
@gkm2164

Hi all, I'm new to setup own mail server & it's first time to use Apache James. First of all, thanks for everyone to improve this projects so far. I'm one of the guys who see the benefit :)

Currently, using 3.7.x, and deployed with docker container(using server/apps/jpa-app). And it's deployed to AWS ECS. I setup most of the necessary things, such as, remove 25 port outbound restriction, setup SPF(with TXT records), DKIM, DMARC, and reverse DNS for exposed SMTP server(listed in MX record).
However... Gmail still classifies my mail to be SPAM. I checked what's happening there, and those 3 requirements(SPF, DKIM, DMARC) are satisfied, but, another reason is suspecting that the message wasn't encrypted(The locker icon is in RED).

So... anyone knows how to setup encrypt outgoing email, so at least gmail shows my message with gray locker icon(green would be great lol)?
For what I'm thinking is,
1) for TLS/SSL encrypted, under mailetcontext.xml > RemoteDelivery section, adding <startTLS/>, <sslEnabled/> tag with value true, would this be encrypt the message while transferring?
2) for S/MIME, I'm thinking as next step once I satisfy 1). Can I use same keystore with domains or DKIM? or should I need to create new one for only S/MIME setting? And
3) would these be enough?, or am I understanding wrongly?

3 replies
Phuong
@huynhphuong10284
Hi all - I want to configure my server for IPv6 rotation when sending email? Could you please help on this?
2 replies
Gyeongmin Go
@gkm2164
Hi here, I have some question regarding to performance. I'm currently running Apache James(jpa guice version) on AWS ECS fargate, and it's running under 2GB of memory. I watched the memory utilization graphs over time to time, and, every 2 days later of uptime, it spiked around 10% suddenly.(from less than 30% when boot up, and spiked to almost 40%, and keep increasing, falling into 0 is deployment time). Is it normal behaviour? If not, can someone guide me how can I investigate the spikes? The usages are quite simple. Only 1 account, and getting emails almost ... around 50 mails a day.
3 replies
image.png
Here's the graph that I have for above situation.
ouvtam
@ouvtam:matrix.org
[m]
hey there! regarding SMTP Blocklisting... why is the org.apache.james.protocols.smtp.core.fastfail.DNSRBLHandler implemented as a RcptHook rather than MailHook (after AUTH stage)? since it's a RcptHook it is run for each RCPT TO command... what is the rationale behind implementing DNSRBLHandler as a RcptHook?
2 replies
Martijn Hoekstra
@martijn.z:matrix.org
[m]
is there a 0.3 release planned for jdkim? The 0.3 branch sheds dependencies on a decade old version of mailet that I'm getting CVE warnings against
1 reply
Martijn Hoekstra
@martijn.z:matrix.org
[m]
I created https://issues.apache.org/jira/browse/JDKIM-48 -- not sure if that's the right way to do things
1 reply
great to hear
saurabh singh
@saurabh09890:matrix.org
[m]
Is there a way of passing certificates/keystore in mailet for initiating client certificate validation mandated by outside smtp server . I am using mailet for remote delivery(james as mail transfer agent ) after setting properties like gateway ,gatewayusername,gateway password . Please advice me .TIA
1 reply
MeghnaThoughtworks
@MeghnaThoughtworks_gitlab

To bypass certain distributed limitations and improve performance in our APIs, we had to make some modifications while using James spring:

Added index on James database tables:
1) JAMES_MAIL table for column MESSAGE_UID and MAIL_DATE.
2) JAMES_MAIL_PROPERTY table

List/Retrieve/Delete a mail from mailbox:

Before: Our API talked to James through IMAP protocol to retrieve emails. The user could retrieve an email with or without deleting it from the mailbox.
Disadvantages
● Deleting an email was expensive in terms of time taken.
● Apache James keeps the Lucene index locally on the disk. List/Retrieve/Delete operations depended on the Lucene indexing. This led to inconsistency issues while retrieving, listing and deleting emails when load balancing across multiple James instances.

After: API no longer dependent on Apache James for retrieve/list/delete operations. Now the API directly read and write from the James database for all the above three operations.
The above approach improved performance significantly.
The delete operation is a two-step process.
First step is to delete an email from the user mailbox.
Once the email is deleted, we must update the total mail count and total mail size from the mail quota table.

List Query
"select overall_count = COUNT() OVER(), MAIL_CONTENT_OCTETS_COUNT,MAIL_DATE,MAIL_UID,HEADER_BYTES," +
 "MAILBOX_UID_VALIDITY from james_mailbox jamesmailbox \n" +
 " inner join james_mail jamesmail on jamesmailbox.MAILBOX_ID = jamesmail.MAILBOX_ID\n" +
 " where jamesmailbox.USER_NAME='" + localPart + "' and MAIL_IS_DELETED=0" + " and" +
 " jamesmailbox.MAILBOX_NAME ='INBOX' and MAIL_DATE>= '" + fromTimestamp +
 "' AND MAIL_DATE < '" + toTimestamp +
 "' ORDER BY MAIL_DATE\n" +
 " OFFSET " + pageSize (page - 1) + " ROWS FETCH NEXT " + pageSize + " ROWS ONLY;";

Retrieve Query
"select HEADER_BYTES, MAIL_BYTES from james_mailbox mailbox " +
 "inner join james_mail mail on mailbox.MAILBOX_ID = mail.MAILBOX_ID " +
 "where mailbox.USER_NAME=? " +
 "and MAIL_IS_DELETED=0 " +
 "and mailbox.MAILBOX_NAME='INBOX' " +
 "and mail.MAIL_UID=? " +
 "and mailbox.MAILBOX_UID_VALIDITY=?";

Delete Query
Delete
"DELETE mail FROM JAMES_MAIL mail INNER JOIN JAMES_MAILBOX mailbox ON " +
 "mailbox.MAILBOX_ID=mail.MAILBOX_ID WHERE mailbox.USER_NAME=? and mail.MAIL_UID=? and mailbox.MAILBOX_UID_VALIDITY=?";

Update Quota
"UPDATE JAMES_QUOTA_CURRENTQUOTA SET CURRENTQUOTA_SIZE = CURRENTQUOTA_SIZE - ? , " +
 "CURRENTQUOTA_MESSAGECOUNT = CURRENTQUOTA_MESSAGECOUNT - ? WHERE CURRENTQUOTA_QUOTAROOT = ?";

0hlov3
@0hlov3:matrix.fedi.tech
[m]

Hi there,

I have a question about the tasks in Apache James, is it possible to increase the logging for the tasks that the mail server runs?

1 reply