You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Sergey B. (Jira)" <se...@james.apache.org> on 2020/01/04 23:53:00 UTC

[jira] [Created] (JAMES-3017) James server exposes unsecured unmanaged TCP ports

Sergey B. created JAMES-3017:
--------------------------------

Summary: James server exposes unsecured unmanaged TCP ports
Key: JAMES-3017
URL: https://issues.apache.org/jira/browse/JAMES-3017
Project: James Server
Issue Type: Bug
Reporter: Sergey B.

James server listening some TCP ports, which are neither controlled nor documented.

Below is the list of ports listening by my instance of the mail server.
{code:java}
root@0dad7fbbb1d7:~/james-server-app-3.3.0/bin# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:45530
LISTEN 0 1 127.0.0.1:32000
LISTEN 0 128 *:993
LISTEN 0 50 *:9999
LISTEN 0 50 *:45167
LISTEN 0 128 *:465
LISTEN 0 50 *:46771
{code}
There is only one port that is really secured. For port to be secure it must meet following conditions.
# Port must be documented. Users should know what protocol and for what purposes are used.
# The protocol used to communicate through this port is secure.
# User should be able to bind it to specific network interface.
# User should be able to change its number.
# User should be able to completely disable it if it is not needed.

--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org