You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by ie...@apache.org on 2012/05/07 23:51:24 UTC
svn commit: r1335278 [3/6] - in /james/site-cms/trunk/content: ./ hupa/
jdkim/ jdkim/mailets/ jsieve/ jsieve/core/ jsieve/mailet/ jsieve/util/
jspf/ mailbox/ mailet/ mailet/ai/ mailet/api/ mailet/base/ mailet/crypto/
mailet/maven-mailetdocs-plugin/ mai...
Added: james/site-cms/trunk/content/server/config-fetchmail.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-fetchmail.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-fetchmail.mdtext (added)
+++ james/site-cms/trunk/content/server/config-fetchmail.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,625 @@
+
+Consult [fetchmail-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/fetchmail-template.conf) in SVN to get some examples and hints.
+
+Fetchmail acts as a gateway between an external message store such as an IMAP or POP3 server and James. Mail is fetched from the external message store and injected into the James input spool.
+
+Fetchmail is useful when delivery via standard SMTP is not an option, as a means of consolidating mail delivered to several external accounts into a single James account, or to apply the mail processing capabilities of James to mail stored in an external message store.
+
+Fetchmail has several configuration options that control the fetching and filtering of mail injected into the James input spool. Once there, James' flexible mail processing engine can be used to further process the mail, just as if it had been delivered via standard SMTP.
+
+ [How Fetchmail Works](#How_Fetchmail_Works) <br></br> [Fetchmail Configuration Parameters](#Fetchmail_Configuration_Parameters) <br></br> [Fetchmail Examples](#Fetchmail_Examples) <br></br> [Fetchmail Caveats](#Fetchmail_Caveats) <br></br> [Fetchmail Gmail](#Fetchmail_Gmail)
+
+Mail is delivered by periodically running fetch tasks that read messages from an external message store and injects them into the James input spool. Fetch tasks run concurrently.
+
+A set of filters applies to each fetch task. Each filter provides the ability to reject a message that matches the filter criteria. Rejected messages are not injected into the James input spool; they are either marked as seen or deleted. When a filter is configured to accept a message that matches its criteria, messages are marked with a MailAttribute. This MailAttribute can be detected within the James matcher/mailet chain, allowing further processing as required.
+
+Each fetch task is associated with a single host server. Accounts are defined to the fetch task for each mailbox on the server from which mail is to be fetched. Accounts run consecutively.
+
+Optionally, the fetch task can be configured with an <alllocal> Account that generates an Account entry for each user defined in the James user repository. This removes the requirement to manually add or remove Account entries to the Fetchmail configuration each time a James user is added or removed. Currently this is only useful if the server supports virtual mailboxes that allow the same password to apply to all users within a domain.
+
+Accounts can be configured to deliver all mail for an Account to a specified recipient or to deduce the intended recipient from the mail headers.
+
+Accounts are normally configured to deliver all mail for an Account to a specified recipient, ignoring the recipient in the mail headers. This works well in the majority of cases where a mailbox is guaranteed to contain mail for a sole mailbox recipient.
+
+Accounts are configured to deduce the intended recipient from the mail headers when a mailbox contains mail for several users, typically all users in a domain. Used alone, this is not foolproof as there are circumstances when a single unique recipient cannot be deduced from the mail headers alone. Used in conjunction with an appropriately configured <alllocal> account, it is always possible to deduce the intended recipient when the recipient is a James user.
+
+The Fetchmail configuration parameters are part of the James configuration, whose base file is `fetchmail.xml` . For clarity and flexibility, the Fetchmail configuration parameters are stored in the file `james-Fetchmail.xml` , which is referenced within `fetchmail.xml` .
+
+The configuration parameters are described below.
+<subsection name="Fetchmail">
+The configuration block delimited by the **Fetchmail** tag controls Fetchmail.
+
+The tag has these attributes:
+
+
+ **enabled**
+: A boolean. If "true", the fetch tasks will be run periodically. If "false", no fetch tasks will be run. The default is "false".
+
+The tag has these child tags (minimum cardinality, maximum cardinality):
+
+- ** [fetch](#fetch) ** (0, *)
+
+
+<pre>
+ <Fetchmail enabled="true">
+ ...
+ </Fetchmail>
+ </pre>
+</subsection><subsection name="fetch">
+The **fetch** tag defines a fetch task to be run periodically. Fetch tasks run concurrently.
+
+The tag has these attributes:
+
+
+ **name**
+: A string uniquely identifying the fetch task.
+
+The tag has these child tags (minimum cardinality, maximum cardinality):
+
+- ** [accounts](#accounts) ** (1, 1)
+
+- ** [blacklist](#blacklist) ** (1, 1)
+
+- ** [defaultdomain](#defaultdomain) ** (0, 1)
+
+- ** [fetchall](#fetchall) ** (1, 1)
+
+- ** [fetched](#fetched) ** (1, 1)
+
+- ** [host](#host) ** (1, 1)
+
+- ** [interval](#interval) ** (1, 1)
+
+- ** [javaMailFolderName](#javaMailFolderName) ** (1, 1)
+
+- ** [javaMailProperties](#javaMailProperties) ** (0, 1)
+
+- ** [javaMailProviderName](#javaMailProviderName) ** (1, 1)
+
+- ** [maxmessagesize](#maxmessagesize) ** (0, 1)
+
+- ** [recipientnotfound](#recipientnotfound) ** (1, 1)
+
+- ** [recursesubfolders](#recursesubfolders) ** (1, 1)
+
+- ** [remoteReceivedHeader](#remoteReceivedHeader) ** (0, 1)
+
+- ** [remoterecipient](#remoterecipient) ** (1, 1)
+
+- ** [undeliverable](#undeliverable) ** (1, 1)
+
+- ** [userundefined](#userundefined) ** (1, 1)
+
+
+<pre>
+ <fetch name="mydomain.com">
+ ...
+ </fetch>
+ </pre>
+</subsection><subsection name="accounts">
+The **accounts** tag declares the accounts from which mail will be fetched by the fetch task. Accounts run concurrently.
+
+The tag has these child tags (minimum cardinality, maximum cardinality):
+
+- ** [account](#account) ** (0, *)
+
+- ** [alllocal](#alllocal) ** (0, 1)
+
+
+<pre>
+ <accounts>
+ ...
+ </accounts>
+ </pre>
+</subsection><subsection name="blacklist">
+The **blacklist** tag declares a list of recipient addresses for whom mail will be rejected and what happens to the rejected mail.
+
+The tag value is a tab, comma or space delimited list of recipient addresses, eg: `wibble@mydomain.com, flobble@mydomain.com` .
+
+The tag has these attributes:
+
+
+ **reject**
+: A boolean. If "true", mail for recipients in the blacklist will not be injected into the James input spool. If "false", mail for recipients in the blacklist will be injected into the James input spool with the Mail Attribute `org.apache.james.Fetchmail.isBlacklistedRecipient` added to the mail.
+
+ **leaveonserver**
+: A boolean. If "true", mail for recipients in the blacklist will be left on the server. If "false", mail for recipients in the blacklist will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail for recipients in the blacklist will be marked as seen on the server. If "false", mail for recipients in the blacklist will not be marked as seen.
+
+<pre>
+ <blacklist
+ reject="true"
+ leaveonserver="true"
+ markseen="true">
+ wibble@mydomain.com, flobble@mydomain.com
+ </blacklist>
+ </pre>
+</subsection><subsection name="defaultdomain">
+The **defaultdomain** tag declares the domain name to be appended to the `From:` header of a mail that has a valid user part but is missing the domain part.
+
+If not specified, the default behaviour is to append the canonical host name of the James server.
+
+The tag value is the name of the server to append. The name must be a server declared in the **servernames** tag of the **James** block in the configuration or the name `localhost` .
+
+<pre>
+ <defaultdomain>
+ mydomain.com
+ </defaultdomain>
+ </pre>
+</subsection><subsection name="fetchall">
+The **fetchall** tag declares if all mail should be fetched from the server, or just unseen mail.
+
+The tag value is a boolean. If true, all mail is fetched. If false, only unseen mail is fetched.
+
+<pre>
+ <fetchall>false</fetchall>
+ </pre>
+</subsection><subsection name="fetched">
+The **fetched** tag declares what will happen to mail on the external server that is successfully injected into the James input spool.
+
+The tag has these attributes:
+
+
+ **leaveonserver**
+: A boolean. If "true", mail injected into the James input spool will be left on the server. If "false", mail injected into the James input spool will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail injected into the James input spool will be marked as seen on the server. If "false", mail injected into the James input spool will not be marked as seen.
+
+<pre>
+ <fetched leaveonserver="true" markseen="true"/>
+ </pre>
+</subsection><subsection name="host">
+The **host** tag declares the IP address of the external server from which mail is fetched.
+
+The tag value is the DNS name or IP address literal of the external server.
+
+<pre>
+ <host>pop3.server.com</host>
+ </pre>
+</subsection><subsection name="interval">
+The **interval** tag declares the period between invocations of the fetch tasks. If a fetch task is still active from a previous invocation when the period expires, the new invocation is skipped over.
+
+The tag value is an integer representing the number of milliseconds to elapse between invocations of the fetch tasks.
+
+<pre>
+ <interval>60000</interval>
+ </pre>
+</subsection><subsection name="javaMailFolderName">
+The **javaMailFolderName** tag declares the name of the root folder on the external server from which mail is fetched.
+
+The tag value is the cAsE-sEnSiTiVe name of the root folder on the external server from which mail is fetched. For POP3 servers this is always `INBOX` .
+
+<pre>
+ <javaMailFolderName>INBOX</javaMailFolderName>
+ </pre>
+</subsection><subsection name="javaMailProperties">
+The **javaMailProperties** tag declares the properties to be applied to the JavaMail Session used by the fetch task. These override the properties answered by `System.getProperties()` . Many JavaMail properties are specific to the JavaMail Provider selected by the [javaMailProviderName](#javaMailProviderName) tag.
+
+ **Relying on the default values selected by the Provider can be inappropriate.** For instance, the default connection and I/O timeout values of infinite for the default IMAP and POP3 Providers is rarely what is required. Consult the documentation of the Provider for details and options.
+
+Documentation for the default Provider for IMAP is located [here](http://java.sun.com/products/javamail/javadocs/com/sun/mail/imap/package-summary.html) .
+
+Documentation for the default Provider for POP3 is located [here](http://java.sun.com/products/javamail/javadocs/com/sun/mail/pop3/package-summary.html) .
+
+Details of how to change a Provider are located [here](http://java.sun.com/products/javamail/javadocs/javax/mail/Session.html) .
+
+The tag has these child tags (minimum cardinality, maximum cardinality):
+
+- ** [property](#property) ** (0, *)
+
+
+<pre>
+ <javaMailProperties>
+ ...
+ </javaMailProperties>
+ </pre>
+</subsection><subsection name="javaMailProviderName">
+The **javaMailProviderName** tag selects the JavaMail protocol Provider used to interact with the external server.
+
+The tag value is the name of a JavaMail supported protocol, such as `pop3` or `imap` . The name is used to select the default Provider for the protocol.
+
+<pre>
+ <javaMailProviderName>pop3</javaMailProviderName>
+ </pre>
+</subsection><subsection name="maxmessagesize">
+The **maxmessagesize** tag declares the maximum permitted message size for messages injected into the James input spool and what happens to fetched messages that exceed this size.
+
+The tag has these attributes:
+
+
+ **limit**
+: An integer. The maximum message size expressed in Kilobytes. If 0, there is no limit.
+
+ **reject**
+: A boolean. If "true", mail whose message size exceeds the maximum permitted size will not be injected into the James input spool. If "false", mail whose message size exceeds the maximum permitted size will have its contents removed, an explanatory error message and the Mail Attribute `org.apache.james.Fetchmail.isMaxMessageSizeExceeded` added prior to injection into the James input spool, (see below for the location of an example).
+
+ **leaveonserver**
+: A boolean. If "true", mail whose message size exceeds the maximum permitted size will be left on the server. If "false", mail whose message size exceeds the maximum permitted size will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail whose message size exceeds the maximum permitted size will be marked as seen on the server. If "false", mail whose message size exceeds the maximum permitted size will not be marked as seen.
+
+<pre>
+ <maxmessagesize
+ limit="4096"
+ reject="false"
+ leaveonserver="false"
+ markseen="false"/>
+ </pre>
+
+An example configuration using James mailet processing to bounce fetched messages that exceed the maximum permitted size can be found in the file `$PHOENIX_HOME/apps/james/conf/samples/Fetchmail/maxMessageSize.xml` .
+</subsection><subsection name="recipientnotfound">
+The **recipientnotfound** tag declares what happens to mail for which a sole intended recipient cannot be found when attempting to determine the recipient from the mail headers.
+
+In configurations with more than one account per fetch task, processing of matched mail can be deferred to the next run of the fetch task. This gives other accounts that may be able to determine a sole intended recipient an opportunity to do so before recipientnotfound processing is invoked.
+
+The tag has these attributes:
+
+
+ **defer**
+: A boolean. If "true", mail for which a sole intended recipient cannot be determined is left unprocessed until the next run of the fetch task. If "false", mail for which a sole intended recipient cannot be determined is processed immediately.
+
+ **reject**
+: A boolean. If "true", mail for which a sole intended recipient cannot be determined will not be injected into the James input spool. If "false", mail for which a sole intended recipient cannot be determined will be injected into the James input spool using the recipient attribute of the current account and with the Mail Attribute `org.apache.james.Fetchmail.isRecipientNotFound` added to the mail.
+
+ **leaveonserver**
+: A boolean. If "true", mail for which a sole intended recipient cannot be determined will be left on the server. If "false", mail for which a sole intended recipient cannot be determined will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail for which a sole intended recipient cannot be determined will be marked as seen on the server. If "false", mail for which a sole intended recipient cannot be determined will not be marked as seen.
+
+<pre>
+ <recipientnotfound
+ defer="true"
+ reject="true"
+ leaveonserver="true"
+ markseen="true"/>
+ </pre>
+</subsection><subsection name="recursesubfolders">
+The **recursesubfolders** tag declares if mail should be fetched from sub-folders of the root folder, or just the root folder.
+
+The tag value is a boolean. If true, mail is fetched from the root folder and its subfolders. If false, mail is fetched from just the root folder.
+
+<pre>
+ <recursesubfolders>false</recursesubfolders>
+ </pre>
+</subsection><subsection name="remoteReceivedHeader">
+The **remoteReceivedHeader** tag declares the zero based index of the RFC2822 compliant RECEIVED header used to determine the address and host name of the remote MTA that sent a fetched message and what happens to messages when the specified header is invalid.
+
+Typically, the first (index = 0) RECEIVED header is for the local MTA that delivered the message to the message store and the second (index = 1) RECEIVED header is for the remote MTA that delivered the message to the local MTA. When this configuration applies, the **remoteReceivedHeaderIndex** should be set to **1** .
+
+To verify the correct setting, examine the RECEIVED headers for messages delivered to the configured message store and locate the first one containing a remote domain in the'from' field. Remembering that zero based indexing is used, if this the second header, use an index of 1, if this is the third header, use an index of 2, and so forth.
+
+Matchers such as InSpammerBlacklist use the remote address and/or remote host name to identify illegitimate remote MTAs. If you do not use such matchers, the **remoteReceivedHeaderIndex** tag may be omitted or the default index value of -1 can be specified. This causes the remote address to be set to `127.0.0.1` and the remote host name to be set to `localhost` . Matchers almost always considered these values to be legitimate.
+
+The tag has these attributes:
+
+
+ **index**
+: An integer whose meaning is described above.
+
+ **reject**
+: A boolean. If "true", mail whose specified recieved header is invalid will not be injected into the James input spool. If "false", mail whose specified recieved header is invalid will be injected into the James input spool with the Mail Attribute `org.apache.james.Fetchmail.isInvalidReceivedHeader` added to the mail, the remote address set to `127.0.0.1` and the remote host name set to `localhost` .
+
+ **leaveonserver**
+: A boolean. If "true", mail whose specified recieved header is invalid will be left on the server. If "false", mail whose specified recieved header is invalid will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail whose specified recieved header is invalid will be marked as seen on the server. If "false", mail whose specified recieved header is invalid will not be marked as seen.
+
+<pre>
+ <remoteReceivedHeader
+ index="1"
+ reject="true"
+ leaveonserver="true"
+ markseen="true"/>
+ </pre>
+
+An example configuration using James mailet processing to notify the postmaster of fetched messages that contain an invalid Received header can be found in the file `$PHOENIX_HOME/apps/james/conf/samples/Fetchmail/remoteReceivedHeader.xml` .
+</subsection><subsection name="remoterecipient">
+The **remoterecipient** tag declares what happens to mail for which the domain part of the recipient is remote. A domain is remote if it is not a server declared in the **servernames** tag of the **James** block in the configuration.
+
+The tag has these attributes:
+
+
+ **reject**
+: A boolean. If "true", mail for remote recipients will not be injected into the James input spool. If "false", mail for remote recipients will be injected into the James input spool with the Mail Attribute `org.apache.james.Fetchmail.isRemoteRecipient` added to the mail.
+
+ **leaveonserver**
+: A boolean. If "true", mail for remote recipients will be left on the server. If "false", mail for remote recipients will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail for remote recipients will be marked as seen on the server. If "false", mail for remote recipients will not be marked as seen.
+
+<pre>
+ <remoterecipient
+ reject="true"
+ leaveonserver="true"
+ markseen="true"/>
+ </pre>
+</subsection><subsection name="undeliverable">
+The **undeliverable** tag declares what happens to mail that cannot be delivered.
+
+The tag has these attributes:
+
+
+ **leaveonserver**
+: A boolean. If "true", mail that cannot be delivered will be left on the server. If "false", mail that cannot be delivered will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail for that cannot be delivered will be marked as seen on the server. If "false", mail that cannot be delivered will not be marked as seen.
+
+<pre>
+ <undeliverable
+ leaveonserver="true"
+ markseen="true"/>
+ </pre>
+</subsection><subsection name="userundefined">
+The **userundefined** tag declares what happens to mail for which the recipient is not defined as a James user.
+
+The tag has these attributes:
+
+
+ **reject**
+: A boolean. If "true", mail for recipients who are not defined as James users will not be injected into the James input spool. If "false", mail for recipients who are not defined as James users will be injected into the James input spool with the Mail Attribute `org.apache.james.Fetchmail.isUserUndefined` added to the mail.
+
+ **leaveonserver**
+: A boolean. If "true", mail for recipients who are not defined as James users will be left on the server. If "false", mail for recipients who are not defined as James users will be marked for deletion.
+
+ **markseen**
+: A boolean. If "true", mail for recipients who are not defined as James users will be marked as seen on the server. If "false", mail for recipients who are not defined as James users will not be marked as seen.
+
+<pre>
+ <userundefined
+ reject="true"
+ leaveonserver="true"
+ markseen="true"/>
+ </pre>
+</subsection><subsection name="account">
+The **account** tag declares an account on the external server from which mail should be fetched.
+
+The tag has these attributes:
+
+
+ **user**
+: The string to be passed as the user when connecting to the external server.
+
+ **password**
+: The string to be passed as the password when connecting to the external server.
+
+ **recipient**
+: The recipient to whom messages will be delivered when the intended recipient cannot be determined or when the intended recipient is to be ignored.
+
+ **ignorercpt-header**
+: A boolean. If "true", mail is always delivered to the recipient declared in the **recipient** attribute above. If "false", the intended recipient is determined from the mail headers or the process declared by the **recipientnotfound** tag.
+
+<pre>
+ <account
+ user="myaccount"
+ password="mypassword"
+ recipient="user@localhost"
+ ignorercpt-header="true"/>
+ </pre>
+</subsection><subsection name="alllocal">
+The **alllocal** tag declares the parameters to be applied to dynamic accounts. The set of dynamic accounts is refreshed each time the fetch task runs by combining the **alllocal** tag attributes with each of the currently defined James users to create an account for every James user.
+
+The tag has these attributes:
+
+
+ **userprefix**
+: The string to be added before the James user when constructing the string passed as the user when connecting to the external server.
+
+ **usersuffix**
+: The string to be added after the James user when constructing the string passed as the user when connecting to the external server.
+
+ **password**
+: The string to be passed as the password when connecting to the external server.
+
+ **recipientprefix**
+: The string to be added before the James user when constructing the recipient to whom messages will be delivered when the intended recipient cannot be determined or when the intended recipient is to be ignored.
+
+ **recipientsuffix**
+: The string to be added after the James user when constructing the recipient to whom messages will be delivered when the intended recipient cannot be determined or when the intended recipient is to be ignored.
+
+ **ignorercpt-header**
+: A boolean. If "true", mail is always delivered to the recipient constructed from the **recipientprefix** and **recipientsuffix** attributes above and the James user. If "false", the intended recipient is determined from the mail headers or the process declared by the **recipientnotfound** tag.
+
+<pre>
+ <alllocal
+ userprefix=""
+ usersuffix="@external.domain.com"
+ password="mypassword"
+ recipientprefix=""
+ recipientsuffix="@mydomain.com"
+ ignorercpt-header="true"/>
+ </pre>
+</subsection><subsection name="property">
+The **property** tag declares a name/value pair.
+
+The tag has these attributes:
+
+
+ **name**
+: The name of the property.
+
+ **value**
+: The value of the property.
+
+<pre>
+ <property
+ name="mail.pop3.connectiontimeout"
+ value="180000"/>
+ </pre>
+</subsection>
+Full sources to the examples discussed below can be found in the directory `$PHOENIX_HOME/apps/james/conf/samples/Fetchmail` .
+<subsection name="One Account, One User">
+When all mail for an account is to be delivered to a single user, configure each account to ignore the recipient in the mail headers and deliver to the specified recipient. The **accounts** block looks like this:
+
+<pre>
+ <accounts>
+ <account
+ user="user1@external.domain.com"
+ password="password1"
+ recipient="user1@localhost"
+ ignorercpt-header="true"/>
+
+ <account
+ user="user2@external.domain.com"
+ password="password2"
+ recipient="user2@localhost"
+ ignorercpt-header="true"/>
+
+ <account
+ user="user3@external.domain.com"
+ password="password3"
+ recipient="user3@localhost"
+ ignorercpt-header="true"/>
+ </accounts>
+ </pre>
+</subsection><subsection name="One Account, Many Users">
+When an account contains mail to be delivered to many users, configure each account to determine the recipient from the mail headers and deliver to that user. The **accounts** block looks like this:
+
+<pre>
+ <accounts>
+ <account
+ user="global@external.domain.com"
+ password="password"
+ recipient="Fetchmail@localhost"
+ ignorercpt-header="false"/>
+ </accounts>
+ </pre>
+
+The **recipientnotfound** tag is used to declare what happens when the recipient cannot be determined from the mail headers. In the example below, mail is injected into the spool using the recipient declared in the **account** tag:
+
+<pre>
+ <recipientnotfound
+ defer="false"
+ reject="false"
+ leaveonserver="false"
+ markseen="false"/>
+ </pre>
+</subsection><subsection name="One Account, One User - Dynamic">
+When an external server supports virtual mailboxes, Fetchmail's dynamic account facility can be used. This greatly simplifies user configuration as the Fetchmail accounts for users are automatically synchronized with those defined in the James user repository. This guarantees that mail for all local users will be fetched and delivered.
+
+Currently, there is a limitation that all virtual accounts and the global account must share the same password.
+
+The **alllocal** tag declares the parameters for the dynamic accounts. The **accounts** block below will deliver mail for `user1@external.domain.com` to `user1@localhost` , `user2@external.domain.com` to `user2@localhost` , `userZ@external.domain.com` to `userZ@localhost` etc.:
+
+<pre>
+ <accounts>
+ <alllocal
+ userprefix=""
+ usersuffix="@external.domain.com"
+ password="mypassword"
+ recipientprefix=""
+ recipientsuffix="@localhost"
+ ignorercpt-header="true"/>
+ </accounts>
+ </pre>
+</subsection><subsection name="One Account, Many Users - Dynamic">
+The [One Account, One User - Dynamic](#One Account, One User - Dynamic) example guarantees delivery of mail for all local users, but leaves other mail on the external server unprocessed. The [One Account, Many Users](#One Account, Many Users) example processes all mail on the external server, but cannot guarantee delivery to the intended recipient. By combining the two, it is possible to guarantee the delivery of mail for all local users and process all mail.
+
+In the snippet below, the **alllocal** tag declares dynamic accounts for all local users and the **account** tag configures an account to fetch all mail.
+
+The **recipientnotfound** tag rejects mail for which a recipient cannot be determined. By the time this processing is activated, the dynamic accounts will have processed mail for all local users, so the mail can only be mail for non-local users or newly arrived mail for local users. It is not possible to know which, but we want to leave mail for local users to be dealt with by the dynamic accounts. The next time the dynamic accounts run any newly arrived mail for local users will be processed. The remainder will be for non-local users and can now be safely dealt with.
+
+The `<recipientnotfound defer="true"` attribute enables deferal of the processing of messages for which the recipient cannot be determined to the next iteration of the fetch task, and is used here. The relevant tags are:
+
+<pre>
+ <accounts>
+ <alllocal
+ userprefix=""
+ usersuffix="@external.domain.com"
+ password="mypassword"
+ recipientprefix=""
+ recipientsuffix="@localhost"
+ ignorercpt-header="true"/>
+
+ <account
+ user="global@external.domain.com"
+ password="password"
+ recipient="Fetchmail@localhost"
+ ignorercpt-header="false"/>
+ </accounts>
+
+ <recipientnotfound
+ defer="true"
+ reject="true"
+ leaveonserver="true"
+ markseen="true"/>
+ </pre>
+</subsection>
+These are some things to be aware of when using Fetchmail:
+
+- As noted in the [One Account, One User - Dynamic](#One Account, One User - Dynamic) example, all virtual accounts and the global account must share the same password. A future version might associate each James user to a set of account credentials.
+
+- When using dynamic accounts, an account is generated and an attempt made to fetch mail for all James users defined to James even if there is no such mailbox on the server. This is inefficient but not fatal. The solution is the same as described above.
+
+- When using dynamic accounts, as described in the [One Account, Many Users - Dynamic](#One Account, Many Users - Dynamic) example, the user name used to fetch the mail for all accounts must not be defined as a James user. If it is, a dynamic account will be generated for it and fetch all the mail before the account declared to process mail for all users has an opportunity to run!
+
+- The now deprecated fetchPOP interacted with the `FetchedFrom` matcher to detect mail injected by fetchPOP. This will not work with Fetchmail. Compared to fetchPOP, there are far fewer occasions when mail injected by Fetchmail requires special processing. When it does, use the HasMailAttribute matcher to match the attribute named `org.apache.james.Fetchmail.taskName` to detect all mail injected by Fetchmail. To detect mail injected by a specific fetch task, use one of the HasMailAttributeWithValue matchers to match on the attribute name and the attribute value. The attribute value is the name of the fetch task that injected the mail.
+
+- The POP3 protocol does not enforce support of any of the Flags associated with messages other than DELETED. This means that `markseen="true"` will most likely have no effect and therefore, the **fetchall** tag will be inoperative. In this situation, the only way to avoid repeatedly fetching the same mail is to delete it from the server using `leaveonserver="false"/>` .
+
+- If using a Exchange 2000 or Exchange 2003 server get sure you fix the CLRF bug. See [Bug description and fix](http://support.microsoft.com/kb/816896/en-us)
+
+
+Use this configuration to fetch Gmail via POP3. Please don't forget to enable POP3 in Gmail ( [read how-to](http://mail.google.com/support/bin/answer.py?answer=13273) ).
+<pre>
+<fetchmail enabled="true">
+<fetch name="gmail.com">
+<accounts>
+<account user="YOUR_USER@gmail.com" password="YOUR_PASSWORD" recipient="YOUR_EMAIL_ADDRESS_IN_JAMES" ignorercpt-header="true"/>
+</accounts>
+<host>pop.gmail.com</host>
+<interval>600000</interval>
+<javaMailProviderName>pop3</javaMailProviderName>
+<javaMailFolderName>INBOX</javaMailFolderName>
+<javaMailProperties>
+<property name="mail.pop3.ssl.enable" value="true"/>
+</javaMailProperties>
+<fetchall>false</fetchall>
+<recursesubfolders>false</recursesubfolders>
+<defaultdomain>localhost</defaultdomain>
+<fetched leaveonserver="true" markseen="true"/>
+<remotereceivedheader index="1" reject="true" leaveonserver="true" markseen="false"/>
+<maxmessagesize limit="0" reject="false" leaveonserver="true" markseen="false"/>
+<undeliverable leaveonserver="true" markseen="false"/>
+<recipientnotfound defer="true" reject="true" leaveonserver="true" markseen="false"/>
+<blacklist reject="true" leaveonserver="true" markseen="false"> wibble@localhost, flobble@localhost</blacklist>
+<userundefined reject="true" leaveonserver="true" markseen="false" />
+<remoterecipient reject="true" leaveonserver="true" markseen="false" />
+</fetch>
+</fetchmail>
+ </pre>
+Use this configuration to fetch Gmail via IMAP4. Please don't forget to enable IMAP4 in Gmail ( [read how-to](http://mail.google.com/support/bin/answer.py?answer=77695) ).
+<pre>
+<fetchmail enabled="true">
+<fetch name="gmail.com">
+<accounts>
+<account user="YOUR_USER@gmail.com" password="YOUR_PASSWORD" recipient="YOUR_EMAIL_ADDRESS_IN_JAMES" ignorercpt-header="true"/>
+</accounts>
+<host>imap.gmail.com</host>
+<interval>600000</interval>
+<javaMailProviderName>imap</javaMailProviderName>
+<javaMailFolderName>INBOX</javaMailFolderName>
+<javaMailProperties>
+<property name="mail.imap.ssl.enable" value="true"/>
+</javaMailProperties>
+<fetchall>false</fetchall>
+<recursesubfolders>false</recursesubfolders>
+<defaultdomain>localhost</defaultdomain>
+<fetched leaveonserver="true" markseen="true"/>
+<remotereceivedheader index="1" reject="true" leaveonserver="true" markseen="false"/>
+<maxmessagesize limit="0" reject="false" leaveonserver="true" markseen="false"/>
+<undeliverable leaveonserver="true" markseen="false"/>
+<recipientnotfound defer="true" reject="true" leaveonserver="true" markseen="false"/>
+<blacklist reject="true" leaveonserver="true" markseen="false"> wibble@localhost, flobble@localhost</blacklist>
+<userundefined reject="true" leaveonserver="true" markseen="false" />
+<remoterecipient reject="true" leaveonserver="true" markseen="false" />
+</fetch>
+</fetchmail>
+ </pre>
Added: james/site-cms/trunk/content/server/config-imap4.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-imap4.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-imap4.mdtext (added)
+++ james/site-cms/trunk/content/server/config-imap4.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,43 @@
+
+Consult [imapserver-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/imapserver-template.conf) in SVN to get some examples and hints.
+
+The IMAP4 service is controlled by a configuration block in the imap4server.xml. The imap4server tag defines the boundaries of the configuration block. It encloses all the relevant configuration for the IMAP4 server. The behavior of the IMAP4 service is controlled by the attributes and children of this tag.
+
+This tag has an optional boolean attribute - **enabled** - that defines whether the service is active or not. The value defaults to "true" if not present.
+
+The standard children of the imapserver tag are:
+
+
+
+ **bind**
+: Configure this to bind to a specific inetaddress. This is an optional integer value. This value is the port on which this IMAP4 server is configured to listen. If the tag or value is absent then the service will bind to all network interfaces for the machine If the tag or value is omitted, the value will default to the standard IMAP4 port port 143 is the well-known/IANA registered port for IMAP port 993 is the well-known/IANA registered port for IMAPS ie over SSL/TLS
+
+ **connectionBacklog**
+:
+
+ **compress**
+: true or false - Use or don't use COMPRESS extension.
+
+ **maxLineLength**
+: Maximal allowed line-length before a BAD response will get returned to the client This should be set with caution as a to high value can make the server a target for DOS (Denial of Service)!
+
+ **inMemorySizeLimit**
+: 10MB size limit before we will start to stream to a temporary file
+
+ **tls**
+: Set to true to support STARTTLS or SSL for the Socket. To use this you need to copy sunjce_provider.jar to /path/james/lib directory. To create a new keystore execute: keytool -genkey -alias james -keyalg RSA -keystore /path/to/james/conf/keystore
+
+ **handler.helloName**
+: This is the name used by the server to identify itself in the IMAP4 protocol. If autodetect is TRUE, the server will discover its own host name and use that in the protocol. If discovery fails, the value of 'localhost' is used. If autodetect is FALSE, James will use the specified value.
+
+ **handler.connectiontimeout**
+: Connection timeout in secconds
+
+ **handler.connectionLimit**
+: Set the maximum simultaneous incoming connections for this service
+
+ **handler.connectionLimitPerIP**
+: Set the maximum simultaneous incoming connections per IP for this service
+
+ **handler.handlerchain**
+: This loads the core CommandHandlers. Only remove this if you really know what you are doing
Added: james/site-cms/trunk/content/server/config-listmanager.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-listmanager.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-listmanager.mdtext (added)
+++ james/site-cms/trunk/content/server/config-listmanager.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,83 @@
+
+<div class="ui-widget"><div class="ui-state-error ui-corner-all" style="padding: 0 .7em;">
+<span class="ui-icon ui-icon-alert" style="float: left; margin-right: .3em;"></span> **This page still contains text related to James 2.3 and needs to be updated for James 3.0**
+</div></div>
+<subsection>
+Consult [james-listmanager.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/james-listmanager-template.conf) in SVN to get some examples and hints.
+
+One of the frequent questions on the James-User Mailing List is how to create a mailing list. This document explains one way of using the currently supplied Matchers and Mailets in James v3.0.
+
+Basically, the process requires creating two <mailet> entries and a repository. The first mailet handles list commands (currently only *list-name* -on and *list-name* -off). The second mailet handles list messages. The repository will hold the e-mail addresses of list subscribers.
+
+The mailets go into the processor chain (e.g., at the top of the *transport* processor), the repository goes into the <users-store> block.
+</subsection><subsection name="Setting up the Repository">
+The mailing list mailets need a repository within which to store the subscriber list. There is a separate repository for each mailing list, and is completely independent of the user repository used by James to manage e-mail accounts. This is configured in the <users-store> block of james-listmanager.xml.
+
+The following illustrates a database-backed repository using JDBC with the ListUsersJdbcRepository class. Notice that there will be a single table, *lists* , created in the db://maildb resource defined elsewhere. There are currently two columns: the list name and the list subscriber.
+<pre>
+<repository name="list-name"
+ class="org.apache.james.userrepository.ListUsersJdbcRepository"
+ destinationURL="db://maildb/lists/list-name">
+ <sqlFile>file://conf/sqlResources.xml</sqlFile>
+</repository>
+ </pre>
+The following illustrates a file-system repository using the UsersFileRepository class. [Note: the destination URL is a child element when configuring a file-system repository, and an attribute when configuring a database-backed repository. This inconsistency will be addressed in a future version of James.]
+<pre>
+<repository name="list-name"
+ class="org.apache.james.userrepository.UsersFileRepository">
+ <destination URL="file://var/lists/list-name/" />
+</repository>
+ </pre></subsection><subsection name="Alternate Explanation">
+James currently includes only the most basic list functionality, users can subscribe and unsubscribe, but there is no moderation of messages or subscriptions
+
+To enable a list you need the following in config.xml in the root processor block and above the final mailet block -
+<pre>
+<mailet match="CommandForListserv=james@localhost"
+ class="AvalonListservManager">
+ <repositoryName>list-james</repositoryName>
+</mailet>
+</pre>
+that will intercept the command emails sent to
+
+- james-on@localhost to subscribe the sender
+
+- james-off@localhost to unsubscribe the sender
+
+
+and-
+<pre>
+<mailet match="RecipientIs=james@localhost" class="AvalonListserv">
+ <membersonly> false </membersonly>
+ <attachmentsallowed> true </attachmentsallowed>
+ <replytolist> true </replytolist>
+ <repositoryName>list-james</repositoryName>
+ <subjectprefix>JamesList</subjectprefix>
+</mailet>
+</pre>
+Which will distribute the mail to the current subscribers
+
+in addition to the above you need to have a repository configured in the users-store block(usually near the bottom of config.xml) like so (database)-
+<pre>
+<repository name="list-james"
+ class="org.apache.james.userrepository.ListUsersJdbcRepository"
+ destinationURL="db://maildb/lists/list-james">
+ <sqlFile>file://conf/sqlResources.xml</sqlFile>
+</repository>
+</pre>
+Database users will also need to ensure that they have [configured a data-source](2.3.1/using_database.html) named to match the destination URL
+
+Using the filesystem:-
+<pre>
+<repository name="list-james"
+ class="org.apache.james.userrepository.UsersFileRepository">
+ <destination URL="file://var/lists/list-james/"/>
+</repository>
+</pre>
+Restart James, send a mail to james-on@localhost and you should be subscribed.
+
+The repository, be it a database table or directory in the filesystem will be created automatically.
+
+Database users can manipulate the users repository using SQL, and hence any application capable of running SQL queries against it.
+</subsection>
+Consult [miResources.xml](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/miResources.xml) in SVN to get some examples and hints.
+
Added: james/site-cms/trunk/content/server/config-mailbox.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-mailbox.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-mailbox.mdtext (added)
+++ james/site-cms/trunk/content/server/config-mailbox.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,11 @@
+
+Consult [mailbox-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/mailbox-template.conf) in SVN to get some examples and hints.
+
+Use this configuration to define the type of mailbox storage used to persist the user's mails.
+
+Under maibox tag, define the provider.
+
+
+
+ **provider**
+: Supported providers are: jpa (default), jcr, maildir, memory. Be aware that maildir will only work on unix like operation systems!
Added: james/site-cms/trunk/content/server/config-mailetcontainer.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-mailetcontainer.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-mailetcontainer.mdtext (added)
+++ james/site-cms/trunk/content/server/config-mailetcontainer.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,41 @@
+
+Consult [mailetcontainer-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/mailetcontainer-template.conf) in SVN to get some examples and hints.
+
+Changes between 3.0-M2 and 3.0-beta3:
+
+
+- No more mailetpackage specification in mailetcontainer.xml
+
+- Exactly one standard package, hard-coded in source code
+
+- Standard package applied to mailet classnames without package prefix
+
+- All custom mailets must be specified with full package prefix
+
+- Package prefixed custom mailet names will be searched across the entire applicable class path
+
+- Composite matchers
+
+This configuration block is defined by the **mailserver** tag. All administrators need to adjust the **mailserver** block upon installation.
+
+
+
+ **context.postmaster**
+: The body of this element is the address that the server will consider its postmaster address. This address will be listed as the sender address of all error messages that originate from James. Also, all messages addressed to postmaster@<servername>, where <servername> is one of the domain names whose mail is being handled by James, will be redirected to this email address. Set this to the appropriate email address for error reports If this is set to a non-local email address, the mail server will still function, but will generate a warning on startup.
+
+ **spooler.threads**
+: Number of simultaneous threads used to spool the mails.<subsection name="The Mailet Tag">
+Consider the following simple **mailet** tag:
+<mailet match="RemoteAddrNotInNetwork=127.0.0.1" class="ToProcessor"><br></br><processor>spam</processor><br></br></mailet><br></br>
+The mailet tag has two required attributes, **match** and **class** .
+
+The **match** attribute is set to the value of the specific Matcher class to be instantiated with a an optional argument. If present, the argument is separated from the Matcher class name by an '='. Semantic interpretation of the argument is left to the particular mailet.
+
+The **class** attribute is set to the value of the Mailet class that is to be instantiated.
+
+Finally, the children of the **mailet** tag define the configuration that is passed to the Mailet. The tags used in this section should have no attributes or children. The names and bodies of the elements will be passed to the mailet as (name, value) pairs.
+
+So in the example above, a Matcher instance of RemoteAddrNotInNetwork would be instantiated, and the value "127.0.0.1" would be passed to the matcher. The Mailet of the pair will be an instance of ToProcessor, and it will be passed the (name, value) pair of ("processor", "spam").
+
+Apache James Server includes a number of pre-packaged Mailets and Matchers. A list of provided Mailets may be found [here](dev-provided-mailets.html) . A list of provided Matchers may be found [here](dev-provided-matchers.html) .
+</subsection>
Added: james/site-cms/trunk/content/server/config-mailrepositorystore.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-mailrepositorystore.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-mailrepositorystore.mdtext (added)
+++ james/site-cms/trunk/content/server/config-mailrepositorystore.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,31 @@
+<subsection name="Introduction">
+Read [documentation about persistence](feature-persistence.html) for a description of the Mail Repository Store functionality.
+
+Consult [mailrepositorystore-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/mailrepositorystore-template.conf) in SVN to get some examples and hints.
+
+Mail Repository Stores are distinguished by where they store data. There are five types of storage: File, Database, DBFile, MBox and JCR.
+</subsection><subsection name="File Repositories">
+File-based repositories store all data in the file system. In general, these repositories are extremely simple to configure, but may compare poorly in terms of performance when compared to other repository types. File repositories are not recommended for large or performance-critical configurations. In the default configuration, all repositories are file repositories.
+
+File repository paths typically begin with the prefix "file". Paths are relative to the application base directory, unless the path begins with a slash. As an example, assume that James is running in /usr/james/phoenix/apps/james. Then "file://var/mail/spool/" would refer to the directory /usr/james/phoenix/apps/james/var/mail/spool. And "file:///var/mail/spool/" (note the extra '/') would refer to the directory /var/mail/spool.
+
+All repository types (mail, spool, user, and news) have file-based implementations. No special configuration is required to enable file-based repositories
+</subsection><subsection name="Database (JDBC) Repositories">
+These repositories store all message data in the database.
+
+Database repositories store all data in an administrator-supplied database. Configuration is somewhat more complex, requiring that the administrator adjust the data-connections section. Detailed directions are included in the sample configuration file. The administrator will need to know the JDBC driver class, the appropriate URL for use with his database, and a valid username/password for the database.
+
+If the administrator wants to configure a database other than MySQL, it will be necessary to add the jar or zip file containing the JDBC driver classes to the lib subdirectory of the installation directory. This will allow Apache James Server to properly load the driver when it is initializing the database repository.
+
+Database repository paths typically begin with the prefix "db". The format is "db://<data-source>/<table>" where <data-source> is the name of the data-source defined in the data-connections section. And <table> is the particular table associated with the repository.
+</subsection><subsection name="DBFile Repositories">
+These repositories store message delivery and headers in the DB, and the body to the filesystem.
+
+This is a special repository type used only for mail repositories. DBFile repositories store the body of a mail message in the file system, while headers are stored in the database. This allows the administrator to minimize the size of data stored in the database, while conserving most of the performance of the database repository.
+</subsection><subsection name="MBox Repositories">
+The MBox file format repository.
+</subsection><subsection name="JCR Repositories">
+Store mails in a JCR (Java Content Repository) based implementation.
+
+If you enable this you need to make sure that embedded Jackrabbit instance is started as well. Check the container configuration
+</subsection>
Added: james/site-cms/trunk/content/server/config-nntp.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-nntp.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-nntp.mdtext (added)
+++ james/site-cms/trunk/content/server/config-nntp.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,47 @@
+
+The NNTP service is controlled by a two configuration blocks in the config.xml. These are the nntpserver block and the nntp-repository block.
+<subsection name="The nntpserver block">
+The nntpserver tag defines the boundaries of the configuration block. It encloses much of the relevant configuration for the NNTP server.
+
+This tag has an optional boolean attribute - **enabled** - that defines whether the service is active or not. The value defaults to "true" if not present.
+
+The standard children of the nntpserver tag are:
+
+
+- **port** - This is an optional integer value. This value is the port on which this NNTP server is configured to listen.If the tag or value is omitted, the value will default to the standard NNTP port, 119.
+
+- **bind** - This is an optional value. If present, this value is a string describing the IP address to which this service should be bound. If the tag or value is absent then the service will bind to all network interfaces for the machine.
+
+- **useTLS** - This is an optional boolean value. If this value is true, then the "ssl" server socket factory is used to generate the server socket for this service. If it is false, the "plain" server socket factory is used. In either case this behavior is overridden by the serverSocketType tag which is described under the expert configuration options.
+
+- **handler** - This is an artifact preserved for backwards compatibility. This tag was used to group related parameters. It should disappear in future versions.
+
+
+- **helloName** - This is a required tag with an optional body that defines the server name used in the initial service greeting. The tag may have an optional attribute - **autodetect** . If the autodetect attribute is present and true, the service will use the local hostname returned by the Java libraries. If autodetect is absent or false, the body of the tag will be used. In this case, if no body is present, the value "localhost" will be used.
+
+- **connectionTimeout** - This is an optional tag with a non-negative integer body.
+
+- **authRequired** - This is an optional tag with a boolean body. If true, then the server will require authentication before allowing the client to view news articles. If this tag is absent, or the value is false then the client will not be prompted for authentication. Only simple user/password authentication is supported at this time.
+
+There are a few additional children of the nntpserver tag that are appropriate for advanced configurations. These should only be used by expert administrators. All tags in this group are optional.
+
+
+- **serverSocketFactory** - This is an optional tag with a string body. If the tag is present, the body must be the name of one of the server socket factories specified in the socket manager block. Any other value will result in an error. If present, this tag overrides the useTLS tag.
+
+- **threadGroup** - This is an optional tag with a string body. If the tag is present, the body must be the name of one of the thread groups specified in the thread manager block. Any other value will result in an error. This tag is best used to fine tune thread allocation between the services.
+
+- **connectionLimit** - The connectionLimit parameter specifies the maximum number of client connections that this service will allow. If no value is specified, the value defaults to that specified in the connectionmanager block. A value of 0 means that there is no limit imposed by the service, although resource limitations imposed by other components (i.e. max # of threads) may serve to limit the number of open connections.
+</subsection><subsection name="The nntp-repository block">The remainder of the NNTP service configuration is controlled by the nntp-repository configuration block. This section of configuration data relates to the server-side NNTP article repository.
+
+- **readOnly** - This is a required boolean tag. If the value is true, posting will not be permitted by the NNTP server.
+
+- **rootPath** - This is a required string tag. It must be in the form of a URL with a "file:" prefix. This specifies the root directory for the NNTP repository. Groups hosted on the NNTP server will be represented as folders under this root, and articles will be stored in the appropriate folders.
+
+- **tempPath** - This is a required string tag. It must be in the form of a URL with a "file:" prefix. This specifies the directory where the NNTP server will store posted articles before they are added to the spool.
+
+- **articleIDPath** - This is a required string tag. It must be in the form of a URL with a "file:" prefix. This specifies the directory where the NNTP server will store the mappings between article ID and the groups containing that article.
+
+- **articleIDDomainSuffix** - This is a required string tag. It is the suffix appended to all article IDs generated by this NNTP server.
+
+- **newsgroups** - This is a required container tag. It has a single **newsgroup** child for each newsgroup hosted on the server. The body of each of those **newsgroup** tags is the name of the newsgroup.
+</subsection>
Added: james/site-cms/trunk/content/server/config-pop3.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-pop3.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-pop3.mdtext (added)
+++ james/site-cms/trunk/content/server/config-pop3.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,34 @@
+
+Consult [pop3server-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/pop3server-template.conf) in SVN to get some examples and hints.
+
+The POP3 service is controlled by a configuration block in the pop3server.xml. The pop3server tag defines the boundaries of the configuration block. It encloses all the relevant configuration for the POP3 server. The behavior of the POP service is controlled by the attributes and children of this tag.
+
+This tag has an optional boolean attribute - **enabled** - that defines whether the service is active or not. The value defaults to "true" if not present.
+
+The standard children of the pop3server tag are:
+
+
+
+ **bind**
+: Configure this to bind to a specific inetaddress. This is an optional integer value. This value is the port on which this POP3 server is configured to listen. If the tag or value is absent then the service will bind to all network interfaces for the machine If the tag or value is omitted, the value will default to the standard POP3 port, 11 port 995 is the well-known/IANA registered port for POP3S ie over SSL/TLS port 110 is the well-known/IANA registered port for Standard POP3
+
+ **connectionBacklog**
+:
+
+ **tls**
+: Set to true to support STARTTLS or SSL for the Socket. To use this you need to copy sunjce_provider.jar to /path/james/lib directory. To create a new keystore execute: keytool -genkey -alias james -keyalg RSA -keystore /path/to/james/conf/keystore
+
+ **handler.helloName**
+: This is the name used by the server to identify itself in the POP3 protocol. If autodetect is TRUE, the server will discover its own host name and use that in the protocol. If discovery fails, the value of 'localhost' is used. If autodetect is FALSE, James will use the specified value.
+
+ **handler.connectiontimeout**
+: Connection timeout in secconds
+
+ **handler.connectionLimit**
+: Set the maximum simultaneous incoming connections for this service
+
+ **handler.connectionLimitPerIP**
+: Set the maximum simultaneous incoming connections per IP for this service
+
+ **handler.handlerchain**
+: This loads the core CommandHandlers. Only remove this if you really know what you are doing
Added: james/site-cms/trunk/content/server/config-recipientrewritetable.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-recipientrewritetable.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-recipientrewritetable.mdtext (added)
+++ james/site-cms/trunk/content/server/config-recipientrewritetable.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,42 @@
+
+Consult [recipientrewritetable-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/recipientrewritetable-template.conf) in SVN to get some examples and hints.
+<subsection name="JPA Recipient Rewrite Table">
+The default table for storing James' Recipient Rewrite mappings.
+
+Add a class attribute to recipientrewritetable tag (class="org.apache.james.rrt.jpa.JPARecipientRewriteTable).
+
+
+
+ **recursiveMapping**
+: If set recursiveMapping false only the first mapping will get processed - Default true.
+
+ **mappingLimit**
+: By setting the mappingLimit you can specify how much mapping will get processed before a bounce will send. This avoid infinity loops. Default 10.</subsection><subsection name="XML Recipient Rewrite Table">
+Add a class attribute to recipientrewritetable tag (class="org.apache.james.rrt.xml.XMLRecipientRewriteTable).
+
+
+
+ **recursiveMapping**
+: If set recursiveMapping false only the first mapping will get processed - Default true.
+
+ **mappingLimit**
+: By setting the mappingLimit you can specify how much mapping will get processed before a bounce will send. This avoid infinity loops. Default 10.
+
+ **mapping**
+: Example: some@domain=someuser</subsection><subsection name="JDBC Recipient Rewrite Table">
+Database backed RecipientRewrite table
+
+Add a class attribute and a destinationURL attributed to recipientrewritetable tag (class="org.apache.james.rrt.jdbc.JDBCRecipientRewriteTable" destinationURL="db://maildb/RecipientRewriteTable").
+
+Use these configurations to store the RecipientRewriteTable in a database.
+
+
+
+ **recursiveMapping**
+: If set recursiveMapping false only the first mapping will get processed - Default true.
+
+ **mappingLimit**
+: By setting the mappingLimit you can specify how much mapping will get processed before a bounce will send. This avoid infinity loops. Default 10.
+
+ **sqlFile**
+: file://conf/sqlResources.xml</subsection>
Added: james/site-cms/trunk/content/server/config-smtp-lmtp.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-smtp-lmtp.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-smtp-lmtp.mdtext (added)
+++ james/site-cms/trunk/content/server/config-smtp-lmtp.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,93 @@
+
+This page details the configuration for Incoming SMTP
+
+The outgoing (remote delivery) is implemented in the RemoteDelivery mailets. The configuration details for outgoing SMTP traffic can be read on [this page](dev-provided-mailets.html) (section RemoteDelivery) and shoud be update in the [mailetcontainer](config-mailetcontainer.html) .
+
+Consult [smtpserver-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/smtpserver-template.conf) in SVN to get some examples and hints.
+
+The SMTP service is controlled by a configuration block in the smptserver.xml. The smtpserver tag defines the boundaries of the configuration block. It encloses all the relevant configuration for the SMTP server. The behavior of the SMTP service is controlled by the attributes and children of this tag.
+
+This tag has an optional boolean attribute - **enabled** - that defines whether the service is active or not. The value defaults to "true" if not present.
+
+The standard children of the smtpserver tag are:
+
+
+
+ **bind**
+: A list of address:port - This is an optional value. If present, this value is a string describing the IP address to which this service should be bound. If the tag or value is absent then the service will bind to all network interfaces for the machine on port 25. Port 25 is the well-known/IANA registered port for SMTP. Port 465 is the well-known/IANA registered port for SMTP over TLS.
+
+ **connectBacklog**
+:
+
+ **tls**
+: Set to true to support STARTTLS or SSL for the Socket. To use this you need to copy sunjce_provider.jar to /path/james/lib directory. To create a new keystore execute: keytool -genkey -alias james -keyalg RSA -keystore /path/to/james/conf/keystore. The algorithm is optional and only needs to be specified when using something other than the Sun JCE provider - You could use IbmX509 with IBM Java runtime.
+
+ **handler.helloName**
+: This is a required tag with an optional body that defines the server name used in the initial service greeting. The tag may have an optional attribute - **autodetect** . If the autodetect attribute is present and true, the service will use the local hostname returned by the Java libraries. If autodetect is absent or false, the body of the tag will be used. In this case, if no body is present, the value "localhost" will be used.
+
+ **handler.connectionTimeout**
+: This is an optional tag with a non-negative integer body. Connection timeout in secconds.
+
+ **handler.connectionLimit**
+: Set the maximum simultaneous incoming connections for this service.
+
+ **handler.connectionLimitPerIP**
+: Set the maximum simultaneous incoming connections per IP for this service.
+
+ **handler.authRequired**
+: This is an optional tag with a boolean body. If true, then the server will require authentication before delivering mail to non-local email addresses. If this tag is absent, or the value is false then the client will not be prompted for authentication. Only simple user/password authentication is supported at this time. supported values: true: required but announced only to not authorizedAddresses false: don't use AUTH announce: like true, but always announce AUTH capability to clients The correct behaviour per RFC value would be false or announce but we still support true for backward compatibility and because some webmail client fails when AUTH is announced but no authentication information has been provided
+
+ **handler.authorizedAddresses**
+: Authorize specific addresses/networks. If you use SMTP AUTH, addresses that match those specified here will be permitted to relay without SMTP AUTH. If you do not use SMTP AUTH, and you specify addreses here, then only addresses that match those specified will be permitted to relay. Addresses may be specified as a an IP address or domain name, with an optional netmask, e.g., 127.*, 127.0.0.0/8, 127.0.0.0/255.0.0.0, and localhost/8 are all the same See also the RemoteAddrNotInNetwork matcher in the transport processor. You would generally use one OR the other approach.
+
+ **handler.verifyIdentity**
+: This is an optional tag with a boolean body. This option can only be used if SMTP authentication is required. If the parameter is set to true then the sender address for the submitted message will be verified against the authenticated subject. Verify sender addresses, ensuring that the sender address matches the user who has authenticated. This prevents a user of your mail server from acting as someone else If unspecified, default value is true.
+
+ **handler.maxmessagesize**
+: This is an optional tag with a non-negative integer body. It specifies the maximum size, in kbytes, of any message that will be transmitted by this SMTP server. It is a service-wide, as opposed to a per user, limit. If the value is zero then there is no limit. If the tag isn't specified, the service will default to an unlimited message size.
+
+ **handler.heloEhloEnforcement**
+: This sets wether to enforce the use of HELO/EHLO salutation before a MAIL command is accepted. If unspecified, the value defaults to true.
+
+ **handler.addressBracketsEnforcement**
+: WARNING: This is Non-RFC compliant (default value: true) See: http://wiki.apache.org/james/StandardsComplianceStatement
+
+ **handler.smtpGreeting**
+: This sets the SMTPGreeting which will be used when connect to the smtpserver If none is specified a default is generated
+
+ **handler.handlerchain**
+:
+
+ **handler.handlerchain**
+: The configuration handler chain<subsection name="Configure Authenticated SMTP (SMTP AUTH)">
+Authenticated SMTP is a method of securing your SMTP server. With SMTP AUTH enabled senders who wish to relay mail through the SMTP server (that is, send mail that is eventually to be delivered to another SMTP server) must authenticate themselves to Apache James Server before sending their message. Mail that is to be delivered locally does not require authentication. This method ensures that spammers cannot use your SMTP server to send unauthorized mail, while still enabling users who may not have fixed IP addresses to send their messages.
+
+Mail servers that allow spammers to send unauthorized email are known as open relays. So SMTP AUTH is a mechanism for ensuring that your server is not an open relay .
+
+At this time Apache James Server only supports simple user name / password authentication.
+
+Configuring Apache James Server for Authentication SMTP is a multi-step process. It requires several adjustments of the smtpserver.xml. To enable SMTP AUTH, do the following:
+
+
+1. As mentioned above, SMTP AUTH requires that Apache James Server be able to distinguish between mail intended for local delivery and mail intended for remote delivery. Apache James Server makes this determination by matching the domain to which the mail was sent against the <servernames> element of the Apache James Server configuration block. Any local domains should be explicitly listed as <servername> elements in this section.
+
+1. set the authRequired element of the smtpserver configuration block to "true".
+
+1. if you wish to ensure that authenticated users can only send email from their own account, you may optionally set the verifyIdentity element of the smtpserver configuration block to "true".
+
+1. Restart Apache James Server. This will pull in all of your configuration changes.
+
+Finally, you need to verify that your configuration was done correctly. This step is **important** and should not be skipped.
+
+Verify that you have not inadvertantly configured your server as an open relay. This is most easily accomplished by using the service provided at [abuse.net](http://www.abuse.net/relay.html) . abuse.net will check your mail server and inform you if it is an open relay.
+
+It is extremely important that your server not be configured as an open relay. Aside from potential costs associated with usage by spammers, connections from servers that are determined to be open relays are routinely rejected by SMTP servers. This can severely impede the ability of your mail server to send mail.
+
+Of course it is also necessary to confirm that users and log in and send mail through your server. This can be accomplished using any standard mail client (i.e. Thunderbird, Outlook, Eudora, Evolution).
+</subsection><subsection name="Configure multiple SMTP servers"></subsection>
+Consult [lmtpserver-template.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/lmtpserver-template.conf) in SVN to get some examples and hints.
+
+The configuration is the same of for SMTP.
+
+By default, it is desactivated. You can activate it with SMTP and bind for example on port 24.
+
Added: james/site-cms/trunk/content/server/config-ssl-tls.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-ssl-tls.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-ssl-tls.mdtext (added)
+++ james/site-cms/trunk/content/server/config-ssl-tls.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,133 @@
+
+This document explains how to enable James 3.0 servers to use Transport Layer Security (TLS) for encrypted client-server communication.
+<subsection name="Configure a Server to Use SSL/TLS">
+Each of the servers [SMTP](config-smtp-lmtp.html) , [POP3](config-pop3.html) and [IMAP](config-imap.html) supports use of SSL/TLS.
+
+TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are protocols that provide data encryption and authentication between applications in scenarios where that data is being sent across an insecure network, such as checking your email (How does the Secure Socket Layer work?). The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is in fact the predecessor of the other â SSL 3.0 served as the basis for TLS 1.0 which, as a result, is sometimes referred to as SSL 3.1.
+
+You need to add a block in the corresponding configuration file (smtpserver.xml, pop3server.xml, imapserver.xml,..)
+<pre>
+<tls socketTLS="false" startTLS="false">
+ <keystore>file://conf/keystore</keystore>
+ <secret>yoursecret</secret>
+ <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
+</tls>
+</pre>
+Each of these block has an optional boolean configuration element **socketTLS** and **startTLS** which is used to toggle use of SSL or TLS for the service.
+
+With socketTLS (SSL/TLS in Thunderbird), all the communication is encrypted.
+
+With startTLS (STARTTLS in Thunderbird), the preamble is readable, but the rest is encrypted.
+ `
+* OK JAMES IMAP4rev1 Server Server 192.168.1.4 is ready.
+* CAPABILITY IMAP4rev1 LITERAL+ CHILDREN WITHIN STARTTLS IDLE NAMESPACE UIDPLUS UNSELECT AUTH=PLAIN
+1 OK CAPABILITY completed.
+2 OK STARTTLS Begin TLS negotiation now.
+... rest is encrypted...
+`
+You can only enable one of the both at the same time for a service.
+
+It is also recommended to change the port number on which the service will listen:
+
+
+- POP3 - port 110, Secure POP3 - port 995
+
+- IMAP - port 143, Secure IMAP4 - port 993
+
+- SMTP - port 25, Secure SMTP - port 465
+
+You will now need to create your certificate store and place it in the james/conf/ folder with the name you defined in the keystore tag.
+</subsection><subsection name="Certificate Keystores">
+To use TLS/SSL inside James you will need a certificate keystore.
+
+
+
+ **Creating your own Certificate Keystore**
+
+(Adapted from the Tomcat 4.1 documentation)
+
+James currently operates only on JKS format keystores. This is Java's standard "Java KeyStore" format, and is the format created by the keytool command-line utility. This tool is included in the JDK.
+
+To import an existing certificate into a JKS keystore, please read the documentation (in your JDK documentation package) about keytool.
+
+To create a new keystore from scratch, containing a single self-signed Certificate, execute the following from a terminal command line:
+
+ `keytool -genkey -alias james -keyalg RSA -keystore your_keystore_filename`
+
+(The RSA algorithm should be preferred as a secure algorithm, and this also ensures general compatibility with other servers and components.)
+
+As a suggested standard, create the keystore in the james/conf directory, with a name like james.keystore.
+
+After executing this command, you will first be prompted for the keystore password.
+
+Next, you will be prompted for general information about this Certificate, such as company, contact name, and so on. This information may be displayed to users when importing into the certificate store of the client, so make sure that the information provided here matches what they will expect.
+
+Important: in the "distinguished name", set the "common name" (CN) to the DNS name of your James server, the one you will use to access it from your mail client (like "mail.xyz.com").
+
+Finally, you will be prompted for the key password, which is the password specifically for this Certificate (as opposed to any other Certificates stored in the same keystore file).
+
+If everything was successful, you now have a keystore file with a Certificate that can be used by your server.
+
+You MUST have only one certificate in the keystore file used by James.
+
+
+
+ **Installing a Certificate provided by a Certificate Authority**
+
+(Adapted from the Tomcat 4.1 documentation
+
+To obtain and install a Certificate from a Certificate Authority (like verisign.com, thawte.com or trustcenter.de) you should have read the previous section and then follow these instructions:
+
+Create a local Certificate Signing Request (CSR)
+
+In order to obtain a Certificate from the Certificate Authority of your choice you have to create a so called Certificate Signing Request (CSR). That CSR will be used by the Certificate Authority to create a Certificate that will identify your James server as "secure". To create a CSR follow these steps:
+
+Create a local Certificate as described in the previous section.
+
+The CSR is then created with:
+
+keytool -certreq -keyalg RSA -alias james -file certreq.csr -keystore your_keystore_filename
+
+Now you have a file called certreq.csr. The file is encoded in PEM format. You can submit it to the Certificate Authority (look at the documentation of the Certificate Authority website on how to do this). In return you get a Certificate.
+
+
+
+Now that you have your Certificate you can import it into you local keystore. First of all you may have to import a so called Chain Certificate or Root Certificate into your keystore (the major Certificate Authorities are already in place, so it's unlikely that you will need to perform this step). After that you can procede with importing your Certificate.
+
+Optionally Importing a so called Chain Certificate or Root Certificate
+
+Download a Chain Certificate from the Certificate Authority you obtained the Certificate from.
+
+For Verisign.com go to: http://www.verisign.com/support/install/intermediate.html
+
+For Trustcenter.de go to: http://www.trustcenter.de/certservices/cacerts/en/en.htm#server
+
+For Thawte.com go to: http://www.thawte.com/certs/trustmap.html (seems no longer valid)
+
+Import the Chain Certificate into you keystore
+
+keytool -import -alias root -keystore your_keystore_filename -trustcacerts -file filename_of_the_chain_certificate
+
+
+
+And finally import your new Certificate (It must be in X509 format):
+
+keytool -import -alias james -keystore your_keystore_filename -trustcacerts -file your_certificate_filename
+
+
+
+See also: http://www.agentbob.info/agentbob/79.html
+</subsection><subsection name="Verifying a SSL/TLS-enabled James Server">
+After you've configured a particular server to use TLS/SSL connections, the server port should no longer accept unencrypted TCP/IP connections. This can be tested by using a telnet client to directly connect to the server port. The telnet connection should simply hang until the client times out.
+
+To validate that the port is properly accepting SSL connections an SSL client can be used to open a connection to the server port. One such client is OpenSSL, available from the [OpenSSL web site](http://www.openssl.org) . Follow the instructions provided with the SSL client to create a connection to the server port. Upon connection, the usual server greeting should appear.
+<pre>
+/usr/bin/openssl s_client -quiet -connect localhost:465
+depth=0 /C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=Unknown
+verify error:num=18:self signed certificate
+verify return:1
+depth=0 /C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=Unknown
+verify return:1
+220 192.168.0.208 SMTP Server (JAMES SMTP Server) ready Thu, 9 Jun
+2011 20:31:07 +0200 (CEST)
+</pre></subsection>
Added: james/site-cms/trunk/content/server/config-system.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-system.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-system.mdtext (added)
+++ james/site-cms/trunk/content/server/config-system.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,78 @@
+<subsection name="Introduction">
+There are a number of global configuration files that do not fall into any one component. They have effects that are global in scope across the server.
+
+Some of these files are crucial, while others can be ignored by any but the most sophisticated server administrators.
+</subsection><subsection name="spring-server.xml">
+In James distribution, the spring files are located under conf/context folder and splitted into a main file (james-server-context.xml) which imports 4 other files (1 per mailbox type): james-mailbox-jcr-context.xml, james-mailbox-jpa-context.xml, james-mailbox-maildir-context.xml, james-mailbox-memory-context.xml.
+
+Consult [spring-server.xml](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/META-INF/org/apache/james/spring-server.xml) in SVN to get some examples and hints.
+
+spring beans files are the place where the Apache James Server wiring is done. It should be modified only by expert-users.
+</subsection><subsection name="james-database.properties">
+Consult [james-database.properties](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/james-database-template.properties) in SVN to get some examples and hints.
+
+The database connection in database.properties
+
+James has the capacity to use a JDBC-compatible database for storage of both message and user data. This section explains how to configure James to utilize a database for storage.
+
+To avoid vendor-specific issues, the JPA (Java Persistence Architecture) is used (using the Apache OpenJPA implementation).
+
+There must be a database instance accessible from the James server. An account with appropriate privileges (select, insert, delete into tables, and on initial startup creation of tables) and with sufficient quota for the data to be inserted into the database must be available.
+
+Also, since James will use JDBC to access the database, an appropriate JDBC driver must be available for installation. You can place the JDBC driver jar in the conf/lib folder, it will be automatically loaded.
+
+
+
+ **database.driverClassName**
+: he class name of the database driver to be used.
+
+ **database.url**
+: The JDBC connection URL for your database/driver.
+
+ **database.username**
+: The user id of the database account to be used by this connection.
+
+ **database.password**
+: The password of the database account to be used by this connection.
+
+ **vendorAdapter.database**
+: Supported adapters are: DB2, DERBY, H2, HSQL, INFORMIX, MYSQL, ORACLE, POSTGRESQL, SQL_SERVER, SYBASE .
+
+ **openjpa.streaming**
+: true or false - Use streaming for Blobs. This is only supported on a limited set of databases atm. You should check if its supported by your DB before enable it. See [http://openjpa.apache.org/builds/latest/docs/manual/ref_guide_mapping_jpa.html](http://openjpa.apache.org/builds/latest/docs/manual/ref_guide_mapping_jpa.html) (#7.11. LOB Streaming).
+Note for postgresql databases: Add standard_conforming_strings=off to your postgresql.conf, otherwise you will get ""Invalid escape string Hint: Escape string must be empty or one character. {prepstmnt 174928937 SELECT t0.mailbox_id, t0.mailbox_highest_modseq, t0.mailbox_last_uid, t0.mailbox_name, t0.mailbox_namespace, t0.mailbox_uid_validity, t0.user_name FROM public.james_mailbox t0 WHERE (t0.mailbox_name LIKE ? ESCAPE '\\' AND t0.user_name = ? AND t0.mailbox_namespace = ?) [params=?, ?, ?]} [code=0, state=22025]"
+</subsection><subsection name="META-INF/persistence.xml">
+Consult [META-INF/persistence.xml](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/META-INF/persistence.xml) in SVN to get some examples and hints.
+
+The JPA mapping and properties are defined in the in META-INF/persistence.xml.
+
+You can override the definition in external file and importing the external file in the persistence.xml (see jpa-mappings.xml provided example in SVN)
+<pre>
+<mapping-file>META-INF/jpa-mappings.xml</mapping-file></pre></subsection><subsection name="jmx.properties">
+Consult [jmx.properties](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/jmx-template.properties) in SVN to get some examples and hints.
+
+This is used to configure the JMX MBean server via which all management is achieved (also used by via the james-cli).
+
+
+
+ **jmx.address**
+: The IP address (host name) the MBean Server will bind/listen to.
+
+ **jmx.port**
+: The port number the MBean Server will bind/listen to.
+To access from a remote location, it has been reported that -Dcom.sun.management.jmxremote.ssl=false is needed in the startup script.
+</subsection><subsection name="sqlResources.xml">
+Consult [sqlResources.xml](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/sqlResources.xml) in SVN to get some examples and hints.
+
+This file is deprecated but some mailets... still need it. The standard way to access database is JPA, but some functionalities are not yet migrated and still need the sqlResources.xml resources.
+
+The precise SQL statements used by Apache James Server to modify and view data stored in the database are specified in sqlResources.xml file.
+
+If you are using a SQL database with unusual SQL commands or data types, you may need to add special entries to this file. The James team does try to keep sqlResources.xml updated, so if you do run into a special case, please let us know.
+
+Also, if the database tables are not created a priori, but rather are to be created by James upon startup, special attention should be paid to the "create table" statements in this file. Such statements tend to be both very database and very database instance specific.
+</subsection><subsection name="JCR Repository Configuration">
+Consult [jcr-repository.xml](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/jcr-repository-template.xml) in SVN to get some examples and hints.
+
+Used to configure the JCR mailbox (if configure in mailbox.xml).
+</subsection>
Added: james/site-cms/trunk/content/server/config-users.mdtext
URL: http://svn.apache.org/viewvc/james/site-cms/trunk/content/server/config-users.mdtext?rev=1335278&view=auto
==============================================================================
--- james/site-cms/trunk/content/server/config-users.mdtext (added)
+++ james/site-cms/trunk/content/server/config-users.mdtext Mon May 7 21:51:19 2012
@@ -0,0 +1,50 @@
+<subsection name="Introduction">
+User repositories are required to store James user information and authentication data
+
+Consult [usersrepository.conf](https://svn.apache.org/repos/asf/james/app/tags/apache-james-3.0-beta4/src/main/resources/usersrepository-template.conf) in SVN to get some examples and hints.
+</subsection><subsection name="JPA Users Repository">
+JPA (database via OpenJPA) based user repository. This is the default implementation.
+
+The usersrepository tag as 2 attributes: name="LocalUsers" and class="org.apache.james.user.file.UsersFileRepository">
+
+
+
+ **algorithm**
+: Algorithm to has passwords. Supported password algorithm are: MD5, SHA-256, SHA-512, NONE
+
+ **enableVirtualHosting**
+: true (default) or false. Defines if the usernames must (true) or may not contain (false) a domain part (user@domain.tld).</subsection><subsection name="File Users Repository">
+The File UsersRepository implementations below are DEPRECATED and will get removed in the next release
+
+It just listed here for backward-compatibility
+
+File-based user repositories Use these configurations to store user info in the filesystem.
+
+The usersrepository tag as 2 attributes:name="LocalUsers" class="org.apache.james.user.file.UsersFileRepository">
+
+
+
+ **destination**
+: Example: file://var/users/.
+
+ **ignoreCase**
+: true or false.
+
+ **enableAliases**
+: true or false.
+
+ **enableForwarding**
+: true or false.
+
+ **enableVirtualHosting**
+: true (default) or false. Defines if the usernames must (true) or may not contain (false) a domain part (user@domain.tld).</subsection><subsection name="JDBC Users Repository">
+The JDBC UsersRepository implementations below are DEPRECATED and will get removed in the next release.
+
+It just listed here for backward-compatibility.
+</subsection><subsection name="LDAP Users Repository">
+Read-Only LDAP based UsersRepository
+
+Example:
+<pre>
+<repository name="LocalUsers" class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository" ldapHost="ldap://myldapserver:389"
+ principal="uid=ldapUser,ou=system" credentials="password" userBase="ou=People,o=myorg.com,ou=system" userIdAttribute="uid"/></pre></subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org