Re: possible use for james, a question

[Eric Charles <er...@apache.org>]

Hi Timothy,
See answers in line.
Thx, Eric

On 04/29/2012 08:04 PM, Timothy Prepscius wrote:
> Hello,
>
> I've been researching whether an idea I have is technically feasible.
> I think it might be, if the 551 User not local; please try<forward-path>  is implemented generally.
>

Can you give more details on what you are asking?

> But I thought I would ask the experts :-)
>
> -----------
>
> Here is my technical question:
>
>
> I want to set up a mail server that:
>
> 1.  waits for an incoming mail.
> 2.  on RCPT TO:
> 	A. starts a single servlet listening on a specific-ip, which will accept a single message, write it to disk.
> 	B. specifies to the sender to forward to a specific user@specific-ip.my_domain.net.
>

James uses mailets to process mails. It will not start any servlet. 
Rather, you have to implement the logic in your own mailet.

See http://james.apache.org/server/3/dev-extend-mailet.html

> Would this raise problems?  Forwarding all messages?
>
> Another solution I can see, might be if I can tell an ssl connection to "re-verify, re-initiate, re-set" it self somehow.
> I haven't figured out how to do this, or if there is a way.
>

You should not hook in the SSL protocol? Why do you need this?

>
> ------
>
>
> Here is the larger problem I'm trying to solve:
>

Sorry, I'm lost here...

> I would like to set up a gmail type service.
> Except each user would own the "data-store," and as well, own the "receiver" of the their messages.
>
>
> So I would run an email service.
> Each user would give me a receiver java class.  (or just pick the default)
> Each user would give me a data store to write to. (s3.amazon most likely)
>
>
> I would sit waiting for an email, I get a header for John.
>
> I *do not* read the contents of the email.
> Instead I load John's receiver java class and tell the sender to re-initiate the transfer using (I would like a specific port, but I don't see any references to ports in the smtp docs) a specific IP.
>
> John's script will load and bind to that ip, receive the email, encrypt it with a public key.
> I write the encrypted email to the data store specified by john.
>
> John owns all of his data, I am merely the "router."
>
>
> --
>
> The reason I want to re-initiate the connection between the sender and the receiver, is John considers me "untrusted."
>
> Unfortunately, I can't see any way of convincing John that I don't become a MITM in the final SSL exchange.
> (I could accept the entire message, and then synthesize the connection to John's "receiver.")
>
> I sort of wonder whether I should keep the same connection, but have John issue the "DATA" request.
> But then I could observe the connection.  MITM would simple as pie.
>
> Of course, even with a separate connection, if I am using the JVM I can observe anything he does anyway.
> Even if I were to separate the process, I could observe the state of the JVM machine.
> Even if there were no JVM, I could still inspect his process.
>
> Hmm...
>
> I wish there were some way that I could create a "secure JVM process" with an "execution time limit."
>
> Oh well.
>
> -------
>
> Any thoughts?
>
> Even if I am not able to assure no MITM I would like to implement the "pass a ssl connection" to a "user provided receiver class" and have that "receiver class" write to a "pipe" which I then write to s3.
>
> Do able with James?
>
>
> Thanks for your time,
>
>
> -tim
>
>
>
>
>
>
>
>

-- 
eric | http://about.echarles.net | @echarles

---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org

Re: possible use for james, a question

[Timothy Prepscius <ti...@gmail.com>]

Thanks!

I'm reading the Matcher/Mailet documentation.
Does this Matcher process occur before the entire message has been read I wonder?
I wonder if the code which traverses the Matchers asking for matches, could be reworked to ask a generic, "give me the appropriate handler for this recipient."



I'll try to sum up more clearly what I'm thinking:

Instead of having James read an entire message stream, then matcher it, and instantiate a mailet -
James would read just the minimum amount of information to find out who the mail is destined for, and then redirect the stream to an appropriate handler.

So:

1. mail header comes in, James sees "To: John"
2. Mechanism which usually reads rest of stream and instantiates a Mailet, instead immediately requests from the "system" the appropriate handler for all of "John's" mail.
3. System responds with custom user handler "John" has provided previously.
4. John's user handler reads/interprets the stream and encrypts it to an external data store.



The extra about ssl stuff is:

I would like John's handler to be able to re-form the ssl connection.  
This would provide at least minimum protection of MITM.

But I don't see a nice way to do this unless mail can be redirected to a certain port of a certain ip, (not just an ip).
And even if this is the case, there is nothing stopping the original handler (me) from reading the entire message anyway, before redirecting?


-tim

On May 1, 2012, at 6:30 AM, Eric Charles wrote:

> Hi Timothy,
> See answers in line.
> Thx, Eric
> 
> On 04/29/2012 08:04 PM, Timothy Prepscius wrote:
>> Hello,
>> 
>> I've been researching whether an idea I have is technically feasible.
>> I think it might be, if the 551 User not local; please try<forward-path>  is implemented generally.
>> 
> 
> Can you give more details on what you are asking?
> 
>> But I thought I would ask the experts :-)
>> 
>> -----------
>> 
>> Here is my technical question:
>> 
>> 
>> I want to set up a mail server that:
>> 
>> 1.  waits for an incoming mail.
>> 2.  on RCPT TO:
>> 	A. starts a single servlet listening on a specific-ip, which will accept a single message, write it to disk.
>> 	B. specifies to the sender to forward to a specific user@specific-ip.my_domain.net.
>> 
> 
> James uses mailets to process mails. It will not start any servlet. Rather, you have to implement the logic in your own mailet.
> 
> See http://james.apache.org/server/3/dev-extend-mailet.html
> 
>> Would this raise problems?  Forwarding all messages?
>> 
>> Another solution I can see, might be if I can tell an ssl connection to "re-verify, re-initiate, re-set" it self somehow.
>> I haven't figured out how to do this, or if there is a way.
>> 
> 
> You should not hook in the SSL protocol? Why do you need this?
> 
>> 
>> ------
>> 
>> 
>> Here is the larger problem I'm trying to solve:
>> 
> 
> Sorry, I'm lost here...
> 
>> I would like to set up a gmail type service.
>> Except each user would own the "data-store," and as well, own the "receiver" of the their messages.
>> 
>> 
>> So I would run an email service.
>> Each user would give me a receiver java class.  (or just pick the default)
>> Each user would give me a data store to write to. (s3.amazon most likely)
>> 
>> 
>> I would sit waiting for an email, I get a header for John.
>> 
>> I *do not* read the contents of the email.
>> Instead I load John's receiver java class and tell the sender to re-initiate the transfer using (I would like a specific port, but I don't see any references to ports in the smtp docs) a specific IP.
>> 
>> John's script will load and bind to that ip, receive the email, encrypt it with a public key.
>> I write the encrypted email to the data store specified by john.
>> 
>> John owns all of his data, I am merely the "router."
>> 
>> 
>> --
>> 
>> The reason I want to re-initiate the connection between the sender and the receiver, is John considers me "untrusted."
>> 
>> Unfortunately, I can't see any way of convincing John that I don't become a MITM in the final SSL exchange.
>> (I could accept the entire message, and then synthesize the connection to John's "receiver.")
>> 
>> I sort of wonder whether I should keep the same connection, but have John issue the "DATA" request.
>> But then I could observe the connection.  MITM would simple as pie.
>> 
>> Of course, even with a separate connection, if I am using the JVM I can observe anything he does anyway.
>> Even if I were to separate the process, I could observe the state of the JVM machine.
>> Even if there were no JVM, I could still inspect his process.
>> 
>> Hmm...
>> 
>> I wish there were some way that I could create a "secure JVM process" with an "execution time limit."
>> 
>> Oh well.
>> 
>> -------
>> 
>> Any thoughts?
>> 
>> Even if I am not able to assure no MITM I would like to implement the "pass a ssl connection" to a "user provided receiver class" and have that "receiver class" write to a "pipe" which I then write to s3.
>> 
>> Do able with James?
>> 
>> 
>> Thanks for your time,
>> 
>> 
>> -tim
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
> 
> -- 
> eric | http://about.echarles.net | @echarles
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org