You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2019/11/06 04:42:00 UTC

[jira] [Created] (JAMES-2969) RemoteDelivery should be tested against startTls/ssl

Benoit Tellier created JAMES-2969:
-------------------------------------

             Summary: RemoteDelivery should be tested against startTls/ssl
                 Key: JAMES-2969
                 URL: https://issues.apache.org/jira/browse/JAMES-2969
             Project: James Server
          Issue Type: Improvement
          Components: Remote Delivery, tests
    Affects Versions: master
            Reporter: Benoit Tellier


Many users reported issue configuring SSL/startTLS for RemoteDelivery (JAMES-2961).

While working on the topic arised the question of being more strict upon RemoteDelivery regarding SSL/startTLS (see https://github.com/linagora/james-project/pull/2823)

Underlying such a choice, I want to bring people attention that we currently have no integration tests on RemoteDelivery SSL / startTls, and lack the dockerized SSL SMTP servers to add this to the James test suite.

We should:
 - Ensure that, when enabled, James uses startTls by default
 - Ensure that, when not strict, and startTls fails, james still sends the mail
 - Ensure that, when strict, and startTls fails, james do not send the mail
 - Ensure that, when enabled, James defaults to SSL
 - Ensure that, when enabled and strict, James refuses to transfer a mail to a mail server not supporting ssl.

Tests regarding cypherSuites and protocols should be considered a bonus.

Also, we need to check what happens when one does mix startTls with ssl options.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org