You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Timothy Prepscius <ti...@gmail.com> on 2012/06/20 22:53:03 UTC
anonymizing james a bit
Few notes:
http://james.apache.org/server/3/config-tls.html
off of: http://james.apache.org/server/3/config.html
says: Not Found
I am planning on making a few changes in James.
I thought I would check to make sure these have not been done and I just need to modify a configuration file.
1. I want to remove all plain-text e-mail addresses.
Basically, an e-mail arrives, James hashes the xxx@mydomain.xxx for all recipients of valid domains, and then uses the hash from then on.
I want to make james so that it is not possible to view the user list. You can still modify user lists, but you must do it through hashes.
2. I want to modify the message queue to pre-encrypt with a RSA Public Key of the intended recipient. After encryption, I should have the hash of the recipient, and an encrypted byte stream.
3. I want to force ClientServer SSL handshakes. I want to remove the ability to SSL Proxy. I want to create a special log for all refusals written to network stream to another computer. (I figure log4j has the logging functionality)
Have any of these been done before? I will do them next week. Do you want the code changes?
Thanks,
-tim
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: anonymizing james a bit
Posted by Eric Charles <er...@apache.org>.
On 06/20/2012 10:53 PM, Timothy Prepscius wrote:
> Few notes:
>
> http://james.apache.org/server/3/config-tls.html
> off of: http://james.apache.org/server/3/config.html
> says: Not Found
Broken link is fixed.
Thx for the report.
>
>
>
> I am planning on making a few changes in James.
> I thought I would check to make sure these have not been done and I just need to modify a configuration file.
>
>
> 1. I want to remove all plain-text e-mail addresses.
>
> Basically, an e-mail arrives, James hashes the xxx@mydomain.xxx for all recipients of valid domains, and then uses the hash from then on.
> I want to make james so that it is not possible to view the user list. You can still modify user lists, but you must do it through hashes.
>
You could achieve this with a mailet.
>
> 2. I want to modify the message queue to pre-encrypt with a RSA Public Key of the intended recipient. After encryption, I should have the hash of the recipient, and an encrypted byte stream.
>
Also possible via mailet, but you the server will need to have at its
disposal the public key of the recipient.
>
> 3. I want to force ClientServer SSL handshakes. I want to remove the ability to SSL Proxy. I want to create a special log for all refusals written to network stream to another computer. (I figure log4j has the logging functionality)
>
SSL is available (see http://james.apache.org/server/3/config-ssl-tls.html).
To log to another computer, you will need to define an ad-hoc log4j
appender that fulfills your needs, and also check in the source code
that the needed information is logged in case of SSL failure.
>
> Have any of these been done before? I will do them next week. Do you want the code changes?
>
Sure, we love contributions.
>
> Thanks,
>
> -tim
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
--
eric | http://about.echarles.net | @echarles
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org