You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Marc Chamberlin <ma...@marcchamberlin.com> on 2019/02/17 07:29:14 UTC
MalformedURLException: unknown protocol: classpath
I am still trying to configure and set up a new Apache James 3.2.0 with
Spring wiring
and am running into a new snag. I suspect I am overlooking something in
the config files. So can a kind guru decipher this stack
walkback, shown in the wrapper.log file, and give me a clue on how to
fix and make James a happy camper?
I won't show the entire stack walkback just what I think are the
highlights, but if anyone wants the whole thing I certainly can provide it.
(Benoit - I have not figured out how to acquire the source code, with
the fixes you mentioned in my previous threads, and build/test the new
version of James. Perhaps you could send me instructions? Just send me a
link to the source code and a Makefile preferably, I have never used
Docker and don't understand how that works.. )
Thanks in advance... Marc
INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.843
[WrapperSimpleAppMain] DEBUG
org.springframework.beans.factory.xml.XmlBeanDefinitionReader - Loaded
13 bean definitions from location pattern
[classpath:META-INF/spring/loaders-context.xml]
INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.843
[WrapperSimpleAppMain] DEBUG
org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader
- Imported 13 bean definitions from URL location
[classpath:META-INF/spring/loaders-context.xml]
INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.843
[WrapperSimpleAppMain] INFO
org.springframework.beans.factory.xml.XmlBeanDefinitionReader - Loading
XML bean definitions from class path resource
[META-INF/org/apache/james/spring-mailbox-authenticator.xml]
INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.844
[WrapperSimpleAppMain] DEBUG
org.springframework.beans.factory.xml.DefaultDocumentLoader - Using JAXP
provider
[com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl]
INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.846
[WrapperSimpleAppMain] DEBUG
org.springframework.beans.factory.xml.ResourceEntityResolver - Could not
resolve XML entity
[classpath:org/springframework/beans/factory/xml/spring-beans-3.0.xsd]
against system root URL
INFO | jvm 1 | 2019/02/16 22:51:04 |
java.net.MalformedURLException: unknown protocol: classpath
INFO | jvm 1 | 2019/02/16 22:51:04 | at
java.net.URL.<init>(URL.java:600)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
java.net.URL.<init>(URL.java:490)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
java.net.URL.<init>(URL.java:439)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
org.springframework.beans.factory.xml.ResourceEntityResolver.resolveEntity(ResourceEntityResolver.java:79)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.util.EntityResolverWrapper.resolveEntity(EntityResolverWrapper.java:110)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.resolveEntity(XMLEntityManager.java:1081)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.resolveDocument(XMLSchemaLoader.java:654)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.findSchemaGrammar(XMLSchemaValidator.java:2431)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1768)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:741)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:374)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl$NSContentDriver.scanRootElementHook(XMLNSDocumentScannerImpl.java:613)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:3132)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:852)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:602)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:112)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:505)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:842)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:771)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
INFO | jvm 1 | 2019/02/16 22:51:04 | at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:243)
yada yada yada...
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
On 02/17/2019 06:01 AM, cryptearth wrote:
> git clone -b master https://github.com/apache/james-project <your
> james folder>
>
> branch 3.2.0 is completed and isn't worked on anymore, branch 3.2.x
> got last update in Dec 10, 2018 - so you have to use master branch to
> get current fixes
> to compile james from source - cd into your james directory and type:
> mvn clean package
> I would recommend to also add: -DskipTests
> to save time - and, well, if you haven't set up docker, the tests fail
> at this point wich fails the whole project. With skipping tests depend
> on power takes about 15min to compile. Completed pack is then found in
> <james folder>/server/app/target/james-server-[version]-app.tar.gz
> (and .zip). Simple extract it to where you want - check config in
> <james-root>/conf (check domainlist.xml is most important - all other
> shouldn't need not touch at all) - and james should be able to start
> up with <james-root>/bin/james start
>
> Matt
Hi Matt, I took a shot at downloading and building james, and it didn't
seem to go well... A lot of stuff got downloaded and then this resulted.
Got any ideas? (lots of hits on Google about "Could not find artifact
com.sun:tools:jar:1.8.0" but none of the solutions seem applicable...)
Marc..
Downloaded from central:
https://repo.maven.apache.org/maven2/net/sf/saxon/Saxon-HE/9.8.0-5/Saxon-HE-9.8.0-5.jar
(5.0 MB at 2.2 MB/s)
[INFO]
------------------------------------------------------------------------
[INFO] Reactor Summary for Apache James Project 3.4.0-SNAPSHOT:
[INFO]
[INFO] Apache James Project ............................... FAILURE [
13.817 s]
[INFO] Apache James :: Server ............................. SKIPPED
[INFO] Apache James :: Server :: Common Utilities ......... SKIPPED
[INFO] Apache James :: Java Mail Extension ................ SKIPPED
[INFO] Apache James :: Core Domain Objects ................ SKIPPED
[INFO] Apache James :: Server :: Lifecycle API ............ SKIPPED
[INFO] Apache James :: Server :: Task ..................... SKIPPED
[INFO] Apache JAMES backends common ....................... SKIPPED
[INFO] Apache James Cassandra backend ..................... SKIPPED
[INFO] Apache James :: Mailbox ............................ SKIPPED
[INFO] Apache James :: Mailbox :: API ..................... SKIPPED
[INFO] Apache James :: Mailets parent and aggregator ...... SKIPPED
[INFO] Apache James :: Mailet API ......................... SKIPPED
[INFO] Apache James :: Test helpers for Mailet ............ SKIPPED
[INFO] Apache James :: Server :: Testing .................. SKIPPED
[INFO] apache-james-backends-es ........................... SKIPPED
[INFO] apache-james-backends-jpa .......................... SKIPPED
[INFO] Apache James RabbitMQ backend ...................... SKIPPED
[INFO] Apache James :: Event Sourcing ..................... SKIPPED
[INFO] Apache James :: Event sourcing :: pojo ............. SKIPPED
[INFO] Apache James :: Event Sourcing :: Event Store :: API SKIPPED
[INFO] Apache James :: Event sourcing :: core ............. SKIPPED
[INFO] Apache James :: Event sourcing :: Event Store :: Cassandra SKIPPED
[INFO] Apache James :: Event sourcing :: Event Store :: Memory SKIPPED
[INFO] Apache James :: Basic Mailet Toolkit ............... SKIPPED
[INFO] Apache James :: Examples ........................... SKIPPED
[INFO] custom-mailets ..................................... SKIPPED
[INFO] Apache James :: Metrics ............................ SKIPPED
[INFO] Apache James :: Metrics :: API ..................... SKIPPED
[INFO] Apache James :: Mailbox :: Event :: In VM implementation SKIPPED
[INFO] Apache James :: MDN ................................ SKIPPED
[INFO] Apache James :: Mailbox :: Store Framework ......... SKIPPED
[INFO] Apache James :: Mailbox :: Backup .................. SKIPPED
[INFO] Apache James :: Mailbox :: Caching ................. SKIPPED
[INFO] Apache James :: Server :: Blob ..................... SKIPPED
[INFO] Apache James :: Server :: Blob :: API .............. SKIPPED
[INFO] Apache James :: Server :: Blob :: Cassandra ........ SKIPPED
[INFO] Apache James :: Server :: Filesystem API ........... SKIPPED
[INFO] Apache James :: Server :: Core ..................... SKIPPED
[INFO] Apache James :: Server :: MailRepository :: API .... SKIPPED
[INFO] Apache James :: Server :: Data :: API ............. SKIPPED
[INFO] Apache James :: Mailbox :: Cassandra ............... SKIPPED
[INFO] Apache James :: Mailbox :: In Memory ............... SKIPPED
[INFO] Apache James :: Mailbox :: Tika .................... SKIPPED
[INFO] Apache James :: Mailbox :: ElasticSearch ........... SKIPPED
[INFO] Apache James :: Mailbox :: Event :: JSON ........... SKIPPED
[INFO] Apache James :: Mailbox :: Event :: RabbitMQ implementation SKIPPED
[INFO] Apache James :: Mailbox :: JPA ..................... SKIPPED
[INFO] Apache James :: Mailbox :: Lucene Index ............ SKIPPED
[INFO] Apache James :: Mailbox :: Maildir ................. SKIPPED
[INFO] Apache James :: Server :: DNS Service :: API ....... SKIPPED
[INFO] Apache James :: Server :: DNS Service :: Test ...... SKIPPED
[INFO] Apache James :: Server :: Data :: Library .......... SKIPPED
[INFO] Apache James :: Server :: MailRepository :: Memory . SKIPPED
[INFO] Apache James :: Server :: Data :: MEMORY .......... SKIPPED
[INFO] Apache James :: Mailbox :: Plugin :: Quota Mailing . SKIPPED
[INFO] Apache James :: Mailbox :: Plugin :: Quota Mailing :: Cassandra
SKIPPED
[INFO] Apache James :: Mailbox :: Plugin :: Quota Mailing :: Memory SKIPPED
[INFO] Apache James :: Mailbox :: Plugin :: Quota Search :: API SKIPPED
[INFO] Apache James :: Mailbox :: Plugin :: Quota Search ::
ElasticSearch SKIPPED
[INFO] Apache James :: Mailbox :: Plugin :: Quota Search :: Scanning SKIPPED
[INFO] Apache JAMES third party ........................... SKIPPED
[INFO] apache-james-spamassassin .......................... SKIPPED
[INFO] Apache James :: Mailbox :: Plugin :: SpamAssassin .. SKIPPED
[INFO] Apache James :: Mailbox :: Scanning ................ SKIPPED
[INFO] Apache James :: Mailbox :: Tools :: Copier ......... SKIPPED
[INFO] Apache James :: Mailbox :: Tools :: Indexer ........ SKIPPED
[INFO] Apache James :: Mailbox :: Spring .................. SKIPPED
[INFO] Apache James :: Mailbox :: Tools :: JPA migrator ... SKIPPED
[INFO] Apache James :: Mailbox :: Tools :: Maildir utils .. SKIPPED
[INFO] Apache James :: Mailbox :: Zookeeper Sequence Provider SKIPPED
[INFO] Apache James :: AI Mailets ......................... SKIPPED
[INFO] Apache James :: Crypto Mailets ..................... SKIPPED
[INFO] Apache James :: ICalendar Mailets .................. SKIPPED
[INFO] Apache James :: Mailetdocs Maven Plugin ............ SKIPPED
[INFO] Apache James :: Standard Mailets ................... SKIPPED
[INFO] Apache James :: Metrics :: Dropwizard .............. SKIPPED
[INFO] Apache James :: Metrics :: Logger .................. SKIPPED
[INFO] Apache James MPT ................................... SKIPPED
[INFO] Apache James MPT All ............................... SKIPPED
[INFO] Apache James MPT Core .............................. SKIPPED
[INFO] Apache James MPT AntLib ............................ SKIPPED
[INFO] Apache James MPT Application ....................... SKIPPED
[INFO] Apache James :: Server :: Mailbox Adapter .......... SKIPPED
[INFO] Apache James :: Protocols .......................... SKIPPED
[INFO] Apache James :: Protocols :: API ................... SKIPPED
[INFO] Apache James :: Protocols :: IMAP .................. SKIPPED
[INFO] Apache James MPT Imap Mailbox ...................... SKIPPED
[INFO] Apache James MPT Imap Mailbox Core ................. SKIPPED
[INFO] Apache James MPT Imap Mailbox - Cassandra .......... SKIPPED
[INFO] Apache James MPT Imap Mailbox - Cyrus .............. SKIPPED
[INFO] Apache James MPT Imap Mailbox - ElasticSearch ...... SKIPPED
[INFO] Apache James MPT Imap Mailbox - External James ..... SKIPPED
[INFO] Apache James MPT Imap Mailbox - InMemory ........... SKIPPED
[INFO] Apache James MPT Imap Mailbox - JPA ................ SKIPPED
[INFO] Apache James MPT Imap Mailbox - LuceneSearch ....... SKIPPED
[INFO] Apache James MPT Imap Mailbox - Maildir ............ SKIPPED
[INFO] Apache James MPT Imap Mailbox - RabbitMQ EventBus .. SKIPPED
[INFO] Apache James :: Protocols :: ManageSieve ........... SKIPPED
[INFO] Apache James MPT ManageSieve ....................... SKIPPED
[INFO] Apache James MPT ManageSieve Core .................. SKIPPED
[INFO] Apache James :: Server :: Data :: Cassandra Persistence SKIPPED
[INFO] Apache James MPT ManageSieve Cassandra ............. SKIPPED
[INFO] Apache James :: Server :: Data :: File Persistence . SKIPPED
[INFO] Apache James MPT ManageSieve File .................. SKIPPED
[INFO] Apache James MPT SMTP .............................. SKIPPED
[INFO] Apache James MPT SMTP Core ......................... SKIPPED
[INFO] Apache James :: Server :: Data :: JPA Persistence .. SKIPPED
[INFO] Apache James :: Server :: DNS Service :: Implementation SKIPPED
[INFO] Apache James :: Server :: DNS Service :: Library ... SKIPPED
[INFO] Apache James :: Server :: Guice .................... SKIPPED
[INFO] Apache James :: Server :: Guice :: Configuration ... SKIPPED
[INFO] james-server-guice-utils ........................... SKIPPED
[INFO] Apache James :: Server :: Guice :: Mailbox ......... SKIPPED
[INFO] Apache James :: Protocols :: Netty Implementation .. SKIPPED
[INFO] Apache James :: Server :: Protocols Library ........ SKIPPED
[INFO] Apache James :: Server :: IMAP ..................... SKIPPED
[INFO] Apache James :: Server :: Guice :: Imap ............ SKIPPED
[INFO] Apache James :: Server :: Mail Queue :: API ........ SKIPPED
[INFO] Apache James :: Server :: Mail Queue :: Memory ..... SKIPPED
[INFO] Apache James :: Protocols :: SMTP .................. SKIPPED
[INFO] Apache James :: Server :: SMTP ..................... SKIPPED
[INFO] Apache James :: Protocols :: LMTP .................. SKIPPED
[INFO] Apache James :: Server :: LMTP ..................... SKIPPED
[INFO] Apache James :: Server :: Guice :: Lmtp ............ SKIPPED
[INFO] Apache James :: Server :: Mailetcontainer API ...... SKIPPED
[INFO] Apache James :: Server :: Mailetcontainer Camel .... SKIPPED
[INFO] Apache James :: Server :: Guice :: Mailet .......... SKIPPED
[INFO] Apache James :: Server :: Guice :: Netty ........... SKIPPED
[INFO] Apache James :: Protocols :: POP3 .................. SKIPPED
[INFO] Apache James :: Server :: POP3 ..................... SKIPPED
[INFO] Apache James :: Server :: Guice :: Pop ............. SKIPPED
[INFO] Apache James :: Server :: Guice :: Smtp ............ SKIPPED
[INFO] Apache James :: Server :: JWT ...................... SKIPPED
[INFO] Apache James :: Server :: Web Admin :: Core ........ SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin ........ SKIPPED
[INFO] Apache James :: Server :: Mailets .................. SKIPPED
[INFO] Apache James :: Server :: Onami .................... SKIPPED
[INFO] Apache James :: Server :: Guice Common ............. SKIPPED
[INFO] Apache James :: Server :: Blob Store API - guice injection SKIPPED
[INFO] Apache James :: Server :: Data :: JMAP ............. SKIPPED
[INFO] Apache James :: Server :: Data :: JMAP :: Cassandra persistance
SKIPPED
[INFO] Apache James :: Server :: Mail Queue :: JMS ........ SKIPPED
[INFO] Apache James :: Server :: Mail Queue :: ActiveMQ ... SKIPPED
[INFO] Apache James :: Server :: Guice :: ActiveMQ ........ SKIPPED
[INFO] metrics-es-reporter ................................ SKIPPED
[INFO] Apache James :: Server :: Guice :: ES metric reporter SKIPPED
[INFO] Apache James :: Server :: Jetty .................... SKIPPED
[INFO] Apache James :: Server :: JMAP ..................... SKIPPED
[INFO] Apache James :: Server :: Guice :: Jmap ............ SKIPPED
[INFO] Apache James :: Server :: Mailbox :: JMX ........... SKIPPED
[INFO] Apache James :: Server :: Guice :: JMX ............. SKIPPED
[INFO] Apache James :: Server :: Guice :: Mailbox :: Plugin ::
SpamAssassin SKIPPED
[INFO] Apache James :: Server :: ManageSieve .............. SKIPPED
[INFO] Apache James :: Server :: Guice :: Managedsieve .... SKIPPED
[INFO] Apache James :: Server :: Blob :: Memory ........... SKIPPED
[INFO] Apache James :: Server :: Blob :: Mail store ....... SKIPPED
[INFO] Apache James :: Server :: Mail Queue :: RabbitMQ ... SKIPPED
[INFO] Apache James :: Server :: Guice :: RabbitMQ ........ SKIPPED
[INFO] Apache James :: Server :: Web Admin :: Cassandra ... SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin :: Cassandra SKIPPED
[INFO] Apache James :: Server :: Web Admin :: Cassandra :: Data SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin :: Cassandra :: Data
SKIPPED
[INFO] Apache James :: Server :: Web Admin :: data ........ SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin :: Data SKIPPED
[INFO] Apache James :: Server :: Web Admin :: mailbox ..... SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin :: Mailbox SKIPPED
[INFO] Apache James :: Server :: Web Admin :: MailQueue ... SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin :: MailQueue SKIPPED
[INFO] Apache James :: Server :: Web Admin :: MailRepository SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin :: MailRepository SKIPPED
[INFO] Apache James :: Server :: Web Admin :: Swagger ..... SKIPPED
[INFO] Apache James :: Server :: Guice :: Webadmin :: Swagger SKIPPED
[INFO] Apache James :: Server :: JMAP :: Integration testing SKIPPED
[INFO] Apache James :: Server :: JMAP :: Integration testing Common SKIPPED
[INFO] Apache James :: Server :: MailRepository :: Cassandra SKIPPED
[INFO] Apache James :: Server :: Cassandra - guice injection SKIPPED
[INFO] Apache James MPT SMTP Cassandra .................... SKIPPED
[INFO] Apache James :: Server :: Blob :: Object storage ... SKIPPED
[INFO] Apache James :: Server :: Blob Store in object storage - guice
injection SKIPPED
[INFO] Apache James :: Server :: Blob :: Union Blob Storage SKIPPED
[INFO] Apache James :: Server :: Cassandra with RabbitMQ - guice
injection SKIPPED
[INFO] Apache James MPT SMTP Cassandra RabbitMQ Swift ..... SKIPPED
[INFO] Apache James MPT Maven2 Plugin ..................... SKIPPED
[INFO] Apache James :: Server :: Client ................... SKIPPED
[INFO] Apache James :: Server :: Data :: JDBC Persistence . SKIPPED
[INFO] Apache James :: Server :: Data :: LDAP Implementation SKIPPED
[INFO] Apache James :: Server :: FetchMail ................ SKIPPED
[INFO] Apache James :: Server :: Mail Queue :: File ....... SKIPPED
[INFO] Apache James :: Server :: Container Spring ......... SKIPPED
[INFO] Apache James :: Server :: App ...................... SKIPPED
[INFO] Apache James :: Server :: Memory - guice injection . SKIPPED
[INFO] Apache James :: Server :: Cli :: Integration ....... SKIPPED
[INFO] Apache James :: Server :: Cassandra/Ldap - guice injection SKIPPED
[INFO] Apache James :: Server :: Cassandra/Ldap with RabbitMQ - guice
injection SKIPPED
[INFO] Apache James :: Server :: Guice :: Mailet :: Custom testing
mailets SKIPPED
[INFO] Apache James :: Server :: JPA - guice common ....... SKIPPED
[INFO] Apache James :: Server :: JPA - guice injection .... SKIPPED
[INFO] Apache James :: Server :: JPA + SMTP - common guice injection SKIPPED
[INFO] Apache James :: Server :: JPA + SMTP - guice injection SKIPPED
[INFO] Apache James :: Server :: JPA + SMTP + mariaDB client - guice
injection SKIPPED
[INFO] Apache James :: Server :: Mailets Integration Testing SKIPPED
[INFO] Apache James :: Server :: JMAP :: Cassandra Integration testing
SKIPPED
[INFO] Apache James :: Server :: JMAP :: Memory Integration testing SKIPPED
[INFO] Apache James :: Server :: JMAP :: RabbitMQ + Swift + Cassandra
Integration testing SKIPPED
[INFO] Apache James :: Server :: Web Admin server integration tests SKIPPED
[INFO] Apache James :: Server :: Web Admin ................ SKIPPED
[INFO]
------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO]
------------------------------------------------------------------------
[INFO] Total time: 22.790 s
[INFO] Finished at: 2019-02-17T18:12:31-08:00
[INFO]
------------------------------------------------------------------------
[ERROR] Failed to execute goal
org.apache.maven.plugins:maven-checkstyle-plugin:2.17:check (default) on
project james-project: Execution default of goal
org.apache.maven.plugins:maven-checkstyle-plugin:2.17:check failed:
Plugin org.apache.maven.plugins:maven-checkstyle-plugin:2.17 or one of
its dependencies could not be resolved: Could not find artifact
com.sun:tools:jar:1.8.0 at specified path
/usr/lib64/jvm/java-1.8.0-openjdk-1.8.0/jre/../lib/tools.jar -> [Help 1]
[ERROR]
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by cryptearth <cr...@cryptearth.de>.
Hello Marc,
glad I could help.
Yea, even James is good documented in it's source files, it takes time
to dig around through the repo to discover what James is capable of.
For example: composite matcher found in
org.apache.james.mailetcontainer.impl.matchers in
james-project/server/mailet/mailetcontainer-camel/src/main/java/org/apache/james/mailetcontainer/impl/matchers
- found it just by accident. May it will help me for my issue - but
could had been easier if it would been mentoined somewhere.
Also: I didn't yet found a way to use maven to generate docs (maybe
there is?) so one could get a better around to learn the structure james
is build. Maybe I'll figure some out with doc-tool.
So long for now,
Matt
Am 22.02.2019 um 05:21 schrieb Marc Chamberlin:
> Matt - We have GOT to get these great answers of yours included as part
> of the documentation on the website! You put a lot of time, thought, and
> effort in composing them and is would be a shame to lose it!
>
> I actually am running the Apache HTTP webserver on my server also, so I
> use it to handle the verification/validation of LetsEncrypt
> certificates, along with a cron job to periodically renew them. Seems to
> be working OK for James as well..
>
> Marc....
>
>
> On 02/20/2019 01:23 PM, cryptearth wrote:
>> Hey Marc,
>>
>> glad to hear to great news.
>>
>> After your explanation I know can understand your hassle. As said, for
>> me james is just running fully external on my root-server at OVH - and
>> my backup is really just for receiving when I bring down my root for
>> maintanance (weekly security updates). That's why I never encountered
>> the very issues you speaking about. Guess that's what you have to deal
>> with when you use james in an office / corporate network where james
>> is running on the main server (or maybe even on another machine just
>> communicating over the main-router/-server).
>>
>> I've started using Citadel/UX - but they dropped support for SuSE at
>> some point so I just needed an easy to use replacement as I still
>> can't get other main MTAs like postfix, sendmail, exim, others - to
>> work properly. Most promising was once a try with a tutorial specific
>> written for then-up-to-date versions for I think it was back for 13.1
>> or so with postfix and postfix-admin - but I also failed with this
>> step-by-step guide. Also, what no-other MTA than james could offer me
>> is one thing: not only using database for user management - but also
>> for mail storage. This way I can easy backup by a database dump.
>>
>> I fully aggree with you on the mentioned matcher/mailet vs smtp-auth -
>> espacially as it is mentioned in the doc itsefl. Also the
>> "master-override" might be useful - for what ever odd reason.
>>
>> So, let's get started with let's encrypt then:
>>
>> This is what I use the get a new certificate:
>>
>> import org.shredzone.acme4j.Session;
>> import java.security.KeyPair;
>> import org.shredzone.acme4j.util.KeyPairUtils;
>> import java.io.FileReader;
>> import org.shredzone.acme4j.Account;
>> import org.shredzone.acme4j.AccountBuilder;
>> import java.net.URL;
>> import org.shredzone.acme4j.Login;
>> import org.shredzone.acme4j.Account;
>> import org.shredzone.acme4j.Order;
>> import org.shredzone.acme4j.Authorization;
>> import org.shredzone.acme4j.challenge.Dns01Challenge;
>> import org.shredzone.acme4j.Status;
>> import org.shredzone.acme4j.util.CSRBuilder;
>> import org.shredzone.acme4j.Certificate;
>> import java.io.FileWriter;
>> public final class Acme
>> {
>> public final static void main(final String... args) throws
>> Exception
>> {
>> Session session=new Session("acme://letsencrypt.org");
>> KeyPair accountKeyPair=KeyPairUtils.readKeyPair(new
>> FileReader("account-openssl.key"));
>> Account account=(new
>> AccountBuilder()).onlyExisting().useKeyPair(accountKeyPair).create(session);
>> URL accountLocationUrl=account.getLocation();
>> Login login=session.login(accountLocationUrl,
>> accountKeyPair);
>> Order
>> order=account.newOrder().domains("cryptearth.de",
>> "*.cryptearth.de").create();
>> for(Authorization auth : order.getAuthorizations())
>> processAuth(auth);
>> KeyPair domainKeyPair=KeyPairUtils.readKeyPair(new
>> FileReader("server-openssl.key"));
>> CSRBuilder csrBuilder=new CSRBuilder();
>> csrBuilder.addDomain("cryptearth.de");
>> csrBuilder.addDomain("*.cryptearth.de");
>> csrBuilder.sign(domainKeyPair);
>> order.execute(csrBuilder.getEncoded());
>> while(order.getStatus()!=Status.VALID)
>> {
>> System.out.println(order.getStatus());
>> if(order.getStatus()==Status.INVALID)
>> throw new RuntimeException("invalid");
>> Thread.sleep(3000L);
>> order.update();
>> }
>> System.out.println(order.getStatus());
>> Certificate certificate=order.getCertificate();
>> System.out.println(certificate.getLocation());
>> FileWriter fileWriter=new FileWriter("chain.crt");
>> certificate.writeCertificate(fileWriter);
>> fileWriter.flush();
>> fileWriter.close();
>> }
>> private final static void processAuth(Authorization auth)
>> throws Exception
>> {
>> Dns01Challenge
>> challenge=auth.findChallenge(Dns01Challenge.TYPE);
>> System.out.println(auth.getDomain());
>> System.out.println(challenge.getDigest());
>> System.in.read();
>> challenge.trigger();
>> while(challenge.getStatus()!=Status.VALID)
>> {
>> System.out.println(challenge.getStatus());
>> if(challenge.getStatus()==Status.INVALID)
>> throw new RuntimeException("invalid");
>> Thread.sleep(3000L);
>> challenge.update();
>> }
>> System.out.println(challenge.getStatus());
>> }
>> }
>>
>> This requires the acme4j, bouncycastle, jose4j and slf4j libs -
>> instructions can be found following from let's encrypt site to acme4j
>> github-repo. The two key-files are just two RSA4096 keypairs in
>> openssl-style pem. This is very important, as acme4j uses
>> bouncy-castles openssl-pem-reader.
>>
>> There is a wired quirk in how different keys can be represented:
>>
>> openssl only adds the numbers really used and a OID in front
>> java internal always uses a full RSA-private-CRT-key - even for public
>> keys - but all private values just set to 0 - and when exporting there
>> is no leading OID
>>
>> So you have to supply the right type of keys - if you don't you get an
>> exception about wrong key type.
>> These lines uses the DNS-type of acme challenge - you can read up in
>> let's encrypt wiki where and how to set the data returned by this
>> code. For example, when runnig this code, I get one line I have to set
>> as _acme-challenge.cryptearth.de TXT - the wait a bit for my dns
>> provider to refresh the zone file - then just hit enter to pass the
>> first challenge for main domain cryptearth.de. The second is the same
>> but for wildcard *.cryptearth.de. It's easier to just setup you
>> certificate that way since it's supported by let's encrypt.
>>
>> Then, chain.crt contains both, my server certificate and the let's
>> encrypt intermediate certificate. For step two, you first have to
>> split them into thier own files. Then you can run this code to create
>> the keystore:
>>
>> import java.math.BigInteger;
>> import java.security.*;
>> import java.security.spec.*;
>> import java.security.cert.*;
>> import java.io.*;
>> public final class James
>> {
>> public final static void main(final String... args) throws Exception
>> {
>> KeyStore keyStore=KeyStore.getInstance("JKS");
>> keyStore.load(null, null);
>> DataInputStream din=new DataInputStream(new
>> FileInputStream(new File("tls.key")));
>> BigInteger p=new BigInteger(din.readUTF(), 16), q=new
>> BigInteger(din.readUTF(), 16);
>> din.close();
>> BigInteger N=p.multiply(q),
>> phi=p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE)),
>> e=BigInteger.valueOf(65537L), d=e.modInverse(phi),
>> dmp1=d.mod(p.subtract(BigInteger.ONE)),
>> dmq1=d.mod(q.subtract(BigInteger.ONE)), iqmp=q.modInverse(p);
>> PrivateKey
>> privateKey=KeyFactory.getInstance("RSA").generatePrivate(new
>> RSAPrivateCrtKeySpec(N, e, d, p, q, dmp1, dmq1, iqmp));
>> java.security.cert.Certificate
>> main=CertificateFactory.getInstance("X509").generateCertificate(new
>> FileInputStream(new File("server.crt")));
>> java.security.cert.Certificate
>> inter=CertificateFactory.getInstance("X509").generateCertificate(new
>> FileInputStream(new File("le-inter.crt")));
>> keyStore.setKeyEntry("james", privateKey,
>> "secret".toCharArray(), new java.security.cert.Certificate[] { main,
>> inter });
>> keyStore.store(new FileOutputStream(new File("james.jks")),
>> "secret".toCharArray());
>> }
>> }
>>
>> You should replace the key-load bit - as this only fits my special
>> type of private key file - wich just contains of the two primes P and
>> Q - and is calculated on the fly - another way would be to use
>> java.security.spec.PKCS8EncodedKeySpec - I have to re-work this code
>> as it's over 4 years old now.
>> Important: Although java keystore supports different keys for keystore
>> itself and for each key - you have to use same for both - as the
>> config only allows to set one passphrase. This all comes down to
>> Microsoft - wich, as once leader of marketshare, enforced all others
>> to use same phrase for keystore and key itself - damn you Microsoft ...
>>
>> After you created the keystore - head to the config files
>> smtpserver.xml, imapserver.xml and maybe pop3server.xml if you use
>> pop3 (wich I have disabled) and set "startTLS" to true and the secret
>> for your keystore. This way, you have enabled your smtp and imap to
>> accept STARTTLS from client and upgrade insecure connection up to
>> secured one.
>>
>> One last step: to enable outgoing StartTLS when you sent a mail to
>> others, go into mailetcontainer.xml - to remotedelivery section - and
>> then right after the "outgoing" line - put
>>
>> <startTLS>true</startTLS>
>>
>> just right in there. This way, your james will try to StartTLS when
>> connected outgoin to other MX-servers. For example: gmail will tell
>> you if mail was received over encrypted connection or not.
>>
>> Yes, this is also antoher long mail - but sadly these topics not or
>> only barely covert in current docs - so it took me long time to figure
>> all this out. I'm glad I'm now be able to share this knowledge to
>> others so they can get it done right fast without much hassel.
>>
>>
>> So long,
>>
>> Matt
>>
>> Am 20.02.2019 um 21:20 schrieb Marc Chamberlin:
>>> Hi Matt - We need you to put all your wonderful replies and commentary
>>> up on the James website as part of the documentation. Some of the stuff
>>> there is pretty sparse and you are doing a great job of explaining
>>> things! ;-) I will intersperse a few comments below -
>>>
>>> On 02/20/2019 09:50 AM, cryptearth wrote:
>>>> Evening all, Matt here.
>>>>
>>>> Marc, let's look at the doc:
>>>>
>>>> "This is an anti-relay matcher/mailet combination
>>>>
>>>> Emails sent from servers not in the network list are rejected as spam.
>>>> This is one method of preventing your server from being used as an
>>>> open relay. Make sure you understand how to prevent your server from
>>>> becoming an open relay before changing this configuration. See
>>>> also<authorizedAddresses>in SMTP Server
>>>>
>>>> This matcher/mailet combination must come after local delivery has
>>>> been performed. Otherwise local users will not be able to receive
>>>> email from senders not in this remote address list.
>>>>
>>>> If you are using this matcher/mailet you will probably want to update
>>>> the configuration to include your own network/addresses. The matcher
>>>> can be configured with a comma separated list of IP addresses
>>>> wildcarded IP subnets, and wildcarded hostname subnets.
>>>> e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*, 192.168.0.*"
>>> Understood. This is a perfectly valid approach to cutting down on spam
>>> being sent through a James server.. It would be interesting to know if
>>> this is the most commonly used approach, or whether most servers are
>>> using SMTP authentication instead, or whether most servers are using
>>> both methods. My argument is not against using this particular
>>> matcher/mailet, but that the default configuration files should come
>>> supplied and set up in a way that reflects the most common usage. To
>>> restrict emails to only come from users on the local host, by default in
>>> the supplied config file, seems to be awfully restrictive and uncommon
>>> usage, but I am only guessing. My suspicion is that most folks using
>>> James are going to use SMTP authentication, at least that is my own
>>> personal experience, and for users to be on a LAN/WLAN.
>>>
>>> So I am wondering if this matcher/mailet should not be enabled by
>>> default and SMTP authentication should be enabled instead, by default. I
>>> understand the need for James to start up safely, from the default
>>> configurations, so as not to be an open relay by default.
>>>
>>>> If you are using SMTP authentication then you can (and generally
>>>> should) disable this matcher/mailet pair."
>>> I think this relationship between using SMTP authentication and this
>>> matcher/mailet should be automated. In other words, if SMTP
>>> authentication is turned on then this matcher/mailet should be disabled
>>> by default automatically. And vice/versa. I also think that the
>>> administrator should be able to override this automated relationship,
>>> with an explicitly set option, if for some reason both or neither
>>> approaches are wanted.
>>>
>>> Again, the real question is, what is the most common way James is being
>>> configured, and how can mistakes, such as I made, be minimized. The goal
>>> being to keep James robust and easy to manage.
>>>> So, as far as I understand it: "Don't touch it if you don't understand
>>>> it - but you should remove it anyway when smtp auth is used.". Guess
>>>> that's it for you.
>>> I took the "Don't touch it" approach as much as I could. Trouble is I
>>> didn't catch this somewhat hidden matcher/mailet nor did I expect that
>>> the James server would come up with a very restrictive policy that was
>>> preventing me from testing/using it from somewhere else on my LAN.
>>> Especially after I had enabled SMTP authentication, which kinda implied,
>>> at least to me, that I would be able to use James from across my LAN.
>>> This is re-enforce by the observation the IMAP and POP3 were working
>>> from across my LAN and made it difficult to understand why SMTP
>>> wouldn't.
>>>
>>>> I've never encountered that as I only have my domain cryptearth.de in
>>>> domainlist - neither localhost nor other local entries. I've never
>>>> tried to send a mail to localhost - allthough, that's one part of my
>>>> own current thread about overwrite local service mails from
>>>> sendmail-nullclient used by apache and cron - but that's its own
>>>> topic. So still have this matcher/mailet in my config, allthough I
>>>> have smtp auth enabled.
>>>>
>>>> So, as far as I understood your reply, you now finally got james up
>>>> and running so you can also send mails to others?
>>> Yep! :-) And don't get me wrong, I am NOT complaining about Apache James
>>> really, just throwing out some thoughts to think about, which might make
>>> it easier for others following in my footsteps, in installing and
>>> bringing up James. I am very impressed with the amount of work that has
>>> obviously gone into developing James, and totally appreciate the amount
>>> of support you and Benoit have given me!
>>>
>>> I am going to work on getting SSL/TLS working with LetsEncrypt
>>> certificates next... Marc..
>>>
>>>> Matt
>>>>
>>>>
>>>> Am 20.02.2019 um 16:59 schrieb Marc Chamberlin:
>>>>> Morning Benoit ;-) This could get into being a philosophical
>>>>> discussion
>>>>> for certain! I have mixed feelings about customization of error
>>>>> messages, and you are correct in saying I could change this particular
>>>>> one. I have always approached software design with the attitude that
>>>>> error handling and error messages should be carefully crafted so as to
>>>>> guide users to a solution, not just tell them that something went
>>>>> wrong.
>>>>> Which is what this particular error message is doing when left in it's
>>>>> current default state. We could change/customize it for our own users,
>>>>> (actually I will just remove this mailet) but doing so leads to a
>>>>> different issue. If everyone who installs James servers (or any other
>>>>> application for that matter) is allowed to customize error messages
>>>>> then
>>>>> it leads to a non-standard environment. Often, when users encounter an
>>>>> error message, that doesn't provide an understandable solution, they
>>>>> will then Google it looking for a solution, hoping to find a guru or a
>>>>> collective mind to provide one. Even in cases such as this, where the
>>>>> solution will require the assistance of the James administrators to
>>>>> solve this problem, the user needs to be told that he/she must contact
>>>>> them AND what exactly they need to tell the administrators. I would
>>>>> craft this message to say, "Your email server is rejecting your
>>>>> request
>>>>> to send your email messages. Please contact your Internet Service
>>>>> Provider and/or IT administrator and tell them that your email
>>>>> server is
>>>>> rejecting your request to relay email because it is not configured to
>>>>> accept email from your IP address. They need to check the
>>>>> configuration
>>>>> of the anti-relay matcher/mailet or remove this matcher/mailet from
>>>>> the
>>>>> server." In this way, both the user and the administrators have been
>>>>> guided to a solution making it easier to resolve this problem. I am
>>>>> not
>>>>> sure that I would design this matcher/mailet to allow easy
>>>>> customization
>>>>> of the error message however, I think that should be only done
>>>>> internally within the code itself. But you could convince me otherwise
>>>>> if you can provide me with some compelling reasons to allow
>>>>> customization.
>>>>>
>>>>> Marc....
>>>>>
>>>>> On 02/20/2019 12:15 AM, Benoit Tellier wrote:
>>>>>> Hi.
>>>>>>
>>>>>> This is very true. But the technical knowledge limitation is not the
>>>>>> only one... There is also internationalization + text/plain
>>>>>> messages...
>>>>>>
>>>>>> Note that "Bounce" mailet family allows a '<message>' field allowing
>>>>>> you
>>>>>> to maybe further explain this to non techie users you might have to
>>>>>> handle - and in the language of your choice, which is a big +.
>>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>> Benoit
>>>>>>
>>>>>> On 2/20/19 12:02 PM, Marc Chamberlin wrote:
>>>>>>> Funny that I wasn't getting the notice "550 - Requested action not
>>>>>>> taken: relaying denied" in a bounce email... (but even that is a
>>>>>>> really
>>>>>>> bad error message that most users will not understand nor know
>>>>>>> what to
>>>>>>> do about it.)
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Matt - We have GOT to get these great answers of yours included as part
of the documentation on the website! You put a lot of time, thought, and
effort in composing them and is would be a shame to lose it!
I actually am running the Apache HTTP webserver on my server also, so I
use it to handle the verification/validation of LetsEncrypt
certificates, along with a cron job to periodically renew them. Seems to
be working OK for James as well..
Marc....
On 02/20/2019 01:23 PM, cryptearth wrote:
> Hey Marc,
>
> glad to hear to great news.
>
> After your explanation I know can understand your hassle. As said, for
> me james is just running fully external on my root-server at OVH - and
> my backup is really just for receiving when I bring down my root for
> maintanance (weekly security updates). That's why I never encountered
> the very issues you speaking about. Guess that's what you have to deal
> with when you use james in an office / corporate network where james
> is running on the main server (or maybe even on another machine just
> communicating over the main-router/-server).
>
> I've started using Citadel/UX - but they dropped support for SuSE at
> some point so I just needed an easy to use replacement as I still
> can't get other main MTAs like postfix, sendmail, exim, others - to
> work properly. Most promising was once a try with a tutorial specific
> written for then-up-to-date versions for I think it was back for 13.1
> or so with postfix and postfix-admin - but I also failed with this
> step-by-step guide. Also, what no-other MTA than james could offer me
> is one thing: not only using database for user management - but also
> for mail storage. This way I can easy backup by a database dump.
>
> I fully aggree with you on the mentioned matcher/mailet vs smtp-auth -
> espacially as it is mentioned in the doc itsefl. Also the
> "master-override" might be useful - for what ever odd reason.
>
> So, let's get started with let's encrypt then:
>
> This is what I use the get a new certificate:
>
> import org.shredzone.acme4j.Session;
> import java.security.KeyPair;
> import org.shredzone.acme4j.util.KeyPairUtils;
> import java.io.FileReader;
> import org.shredzone.acme4j.Account;
> import org.shredzone.acme4j.AccountBuilder;
> import java.net.URL;
> import org.shredzone.acme4j.Login;
> import org.shredzone.acme4j.Account;
> import org.shredzone.acme4j.Order;
> import org.shredzone.acme4j.Authorization;
> import org.shredzone.acme4j.challenge.Dns01Challenge;
> import org.shredzone.acme4j.Status;
> import org.shredzone.acme4j.util.CSRBuilder;
> import org.shredzone.acme4j.Certificate;
> import java.io.FileWriter;
> public final class Acme
> {
> public final static void main(final String... args) throws
> Exception
> {
> Session session=new Session("acme://letsencrypt.org");
> KeyPair accountKeyPair=KeyPairUtils.readKeyPair(new
> FileReader("account-openssl.key"));
> Account account=(new
> AccountBuilder()).onlyExisting().useKeyPair(accountKeyPair).create(session);
> URL accountLocationUrl=account.getLocation();
> Login login=session.login(accountLocationUrl,
> accountKeyPair);
> Order
> order=account.newOrder().domains("cryptearth.de",
> "*.cryptearth.de").create();
> for(Authorization auth : order.getAuthorizations())
> processAuth(auth);
> KeyPair domainKeyPair=KeyPairUtils.readKeyPair(new
> FileReader("server-openssl.key"));
> CSRBuilder csrBuilder=new CSRBuilder();
> csrBuilder.addDomain("cryptearth.de");
> csrBuilder.addDomain("*.cryptearth.de");
> csrBuilder.sign(domainKeyPair);
> order.execute(csrBuilder.getEncoded());
> while(order.getStatus()!=Status.VALID)
> {
> System.out.println(order.getStatus());
> if(order.getStatus()==Status.INVALID)
> throw new RuntimeException("invalid");
> Thread.sleep(3000L);
> order.update();
> }
> System.out.println(order.getStatus());
> Certificate certificate=order.getCertificate();
> System.out.println(certificate.getLocation());
> FileWriter fileWriter=new FileWriter("chain.crt");
> certificate.writeCertificate(fileWriter);
> fileWriter.flush();
> fileWriter.close();
> }
> private final static void processAuth(Authorization auth)
> throws Exception
> {
> Dns01Challenge
> challenge=auth.findChallenge(Dns01Challenge.TYPE);
> System.out.println(auth.getDomain());
> System.out.println(challenge.getDigest());
> System.in.read();
> challenge.trigger();
> while(challenge.getStatus()!=Status.VALID)
> {
> System.out.println(challenge.getStatus());
> if(challenge.getStatus()==Status.INVALID)
> throw new RuntimeException("invalid");
> Thread.sleep(3000L);
> challenge.update();
> }
> System.out.println(challenge.getStatus());
> }
> }
>
> This requires the acme4j, bouncycastle, jose4j and slf4j libs -
> instructions can be found following from let's encrypt site to acme4j
> github-repo. The two key-files are just two RSA4096 keypairs in
> openssl-style pem. This is very important, as acme4j uses
> bouncy-castles openssl-pem-reader.
>
> There is a wired quirk in how different keys can be represented:
>
> openssl only adds the numbers really used and a OID in front
> java internal always uses a full RSA-private-CRT-key - even for public
> keys - but all private values just set to 0 - and when exporting there
> is no leading OID
>
> So you have to supply the right type of keys - if you don't you get an
> exception about wrong key type.
> These lines uses the DNS-type of acme challenge - you can read up in
> let's encrypt wiki where and how to set the data returned by this
> code. For example, when runnig this code, I get one line I have to set
> as _acme-challenge.cryptearth.de TXT - the wait a bit for my dns
> provider to refresh the zone file - then just hit enter to pass the
> first challenge for main domain cryptearth.de. The second is the same
> but for wildcard *.cryptearth.de. It's easier to just setup you
> certificate that way since it's supported by let's encrypt.
>
> Then, chain.crt contains both, my server certificate and the let's
> encrypt intermediate certificate. For step two, you first have to
> split them into thier own files. Then you can run this code to create
> the keystore:
>
> import java.math.BigInteger;
> import java.security.*;
> import java.security.spec.*;
> import java.security.cert.*;
> import java.io.*;
> public final class James
> {
> public final static void main(final String... args) throws Exception
> {
> KeyStore keyStore=KeyStore.getInstance("JKS");
> keyStore.load(null, null);
> DataInputStream din=new DataInputStream(new
> FileInputStream(new File("tls.key")));
> BigInteger p=new BigInteger(din.readUTF(), 16), q=new
> BigInteger(din.readUTF(), 16);
> din.close();
> BigInteger N=p.multiply(q),
> phi=p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE)),
> e=BigInteger.valueOf(65537L), d=e.modInverse(phi),
> dmp1=d.mod(p.subtract(BigInteger.ONE)),
> dmq1=d.mod(q.subtract(BigInteger.ONE)), iqmp=q.modInverse(p);
> PrivateKey
> privateKey=KeyFactory.getInstance("RSA").generatePrivate(new
> RSAPrivateCrtKeySpec(N, e, d, p, q, dmp1, dmq1, iqmp));
> java.security.cert.Certificate
> main=CertificateFactory.getInstance("X509").generateCertificate(new
> FileInputStream(new File("server.crt")));
> java.security.cert.Certificate
> inter=CertificateFactory.getInstance("X509").generateCertificate(new
> FileInputStream(new File("le-inter.crt")));
> keyStore.setKeyEntry("james", privateKey,
> "secret".toCharArray(), new java.security.cert.Certificate[] { main,
> inter });
> keyStore.store(new FileOutputStream(new File("james.jks")),
> "secret".toCharArray());
> }
> }
>
> You should replace the key-load bit - as this only fits my special
> type of private key file - wich just contains of the two primes P and
> Q - and is calculated on the fly - another way would be to use
> java.security.spec.PKCS8EncodedKeySpec - I have to re-work this code
> as it's over 4 years old now.
> Important: Although java keystore supports different keys for keystore
> itself and for each key - you have to use same for both - as the
> config only allows to set one passphrase. This all comes down to
> Microsoft - wich, as once leader of marketshare, enforced all others
> to use same phrase for keystore and key itself - damn you Microsoft ...
>
> After you created the keystore - head to the config files
> smtpserver.xml, imapserver.xml and maybe pop3server.xml if you use
> pop3 (wich I have disabled) and set "startTLS" to true and the secret
> for your keystore. This way, you have enabled your smtp and imap to
> accept STARTTLS from client and upgrade insecure connection up to
> secured one.
>
> One last step: to enable outgoing StartTLS when you sent a mail to
> others, go into mailetcontainer.xml - to remotedelivery section - and
> then right after the "outgoing" line - put
>
> <startTLS>true</startTLS>
>
> just right in there. This way, your james will try to StartTLS when
> connected outgoin to other MX-servers. For example: gmail will tell
> you if mail was received over encrypted connection or not.
>
> Yes, this is also antoher long mail - but sadly these topics not or
> only barely covert in current docs - so it took me long time to figure
> all this out. I'm glad I'm now be able to share this knowledge to
> others so they can get it done right fast without much hassel.
>
>
> So long,
>
> Matt
>
> Am 20.02.2019 um 21:20 schrieb Marc Chamberlin:
>> Hi Matt - We need you to put all your wonderful replies and commentary
>> up on the James website as part of the documentation. Some of the stuff
>> there is pretty sparse and you are doing a great job of explaining
>> things! ;-) I will intersperse a few comments below -
>>
>> On 02/20/2019 09:50 AM, cryptearth wrote:
>>> Evening all, Matt here.
>>>
>>> Marc, let's look at the doc:
>>>
>>> "This is an anti-relay matcher/mailet combination
>>>
>>> Emails sent from servers not in the network list are rejected as spam.
>>> This is one method of preventing your server from being used as an
>>> open relay. Make sure you understand how to prevent your server from
>>> becoming an open relay before changing this configuration. See
>>> also<authorizedAddresses>in SMTP Server
>>>
>>> This matcher/mailet combination must come after local delivery has
>>> been performed. Otherwise local users will not be able to receive
>>> email from senders not in this remote address list.
>>>
>>> If you are using this matcher/mailet you will probably want to update
>>> the configuration to include your own network/addresses. The matcher
>>> can be configured with a comma separated list of IP addresses
>>> wildcarded IP subnets, and wildcarded hostname subnets.
>>> e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*, 192.168.0.*"
>> Understood. This is a perfectly valid approach to cutting down on spam
>> being sent through a James server.. It would be interesting to know if
>> this is the most commonly used approach, or whether most servers are
>> using SMTP authentication instead, or whether most servers are using
>> both methods. My argument is not against using this particular
>> matcher/mailet, but that the default configuration files should come
>> supplied and set up in a way that reflects the most common usage. To
>> restrict emails to only come from users on the local host, by default in
>> the supplied config file, seems to be awfully restrictive and uncommon
>> usage, but I am only guessing. My suspicion is that most folks using
>> James are going to use SMTP authentication, at least that is my own
>> personal experience, and for users to be on a LAN/WLAN.
>>
>> So I am wondering if this matcher/mailet should not be enabled by
>> default and SMTP authentication should be enabled instead, by default. I
>> understand the need for James to start up safely, from the default
>> configurations, so as not to be an open relay by default.
>>
>>> If you are using SMTP authentication then you can (and generally
>>> should) disable this matcher/mailet pair."
>> I think this relationship between using SMTP authentication and this
>> matcher/mailet should be automated. In other words, if SMTP
>> authentication is turned on then this matcher/mailet should be disabled
>> by default automatically. And vice/versa. I also think that the
>> administrator should be able to override this automated relationship,
>> with an explicitly set option, if for some reason both or neither
>> approaches are wanted.
>>
>> Again, the real question is, what is the most common way James is being
>> configured, and how can mistakes, such as I made, be minimized. The goal
>> being to keep James robust and easy to manage.
>>> So, as far as I understand it: "Don't touch it if you don't understand
>>> it - but you should remove it anyway when smtp auth is used.". Guess
>>> that's it for you.
>> I took the "Don't touch it" approach as much as I could. Trouble is I
>> didn't catch this somewhat hidden matcher/mailet nor did I expect that
>> the James server would come up with a very restrictive policy that was
>> preventing me from testing/using it from somewhere else on my LAN.
>> Especially after I had enabled SMTP authentication, which kinda implied,
>> at least to me, that I would be able to use James from across my LAN.
>> This is re-enforce by the observation the IMAP and POP3 were working
>> from across my LAN and made it difficult to understand why SMTP
>> wouldn't.
>>
>>> I've never encountered that as I only have my domain cryptearth.de in
>>> domainlist - neither localhost nor other local entries. I've never
>>> tried to send a mail to localhost - allthough, that's one part of my
>>> own current thread about overwrite local service mails from
>>> sendmail-nullclient used by apache and cron - but that's its own
>>> topic. So still have this matcher/mailet in my config, allthough I
>>> have smtp auth enabled.
>>>
>>> So, as far as I understood your reply, you now finally got james up
>>> and running so you can also send mails to others?
>> Yep! :-) And don't get me wrong, I am NOT complaining about Apache James
>> really, just throwing out some thoughts to think about, which might make
>> it easier for others following in my footsteps, in installing and
>> bringing up James. I am very impressed with the amount of work that has
>> obviously gone into developing James, and totally appreciate the amount
>> of support you and Benoit have given me!
>>
>> I am going to work on getting SSL/TLS working with LetsEncrypt
>> certificates next... Marc..
>>
>>> Matt
>>>
>>>
>>> Am 20.02.2019 um 16:59 schrieb Marc Chamberlin:
>>>> Morning Benoit ;-) This could get into being a philosophical
>>>> discussion
>>>> for certain! I have mixed feelings about customization of error
>>>> messages, and you are correct in saying I could change this particular
>>>> one. I have always approached software design with the attitude that
>>>> error handling and error messages should be carefully crafted so as to
>>>> guide users to a solution, not just tell them that something went
>>>> wrong.
>>>> Which is what this particular error message is doing when left in it's
>>>> current default state. We could change/customize it for our own users,
>>>> (actually I will just remove this mailet) but doing so leads to a
>>>> different issue. If everyone who installs James servers (or any other
>>>> application for that matter) is allowed to customize error messages
>>>> then
>>>> it leads to a non-standard environment. Often, when users encounter an
>>>> error message, that doesn't provide an understandable solution, they
>>>> will then Google it looking for a solution, hoping to find a guru or a
>>>> collective mind to provide one. Even in cases such as this, where the
>>>> solution will require the assistance of the James administrators to
>>>> solve this problem, the user needs to be told that he/she must contact
>>>> them AND what exactly they need to tell the administrators. I would
>>>> craft this message to say, "Your email server is rejecting your
>>>> request
>>>> to send your email messages. Please contact your Internet Service
>>>> Provider and/or IT administrator and tell them that your email
>>>> server is
>>>> rejecting your request to relay email because it is not configured to
>>>> accept email from your IP address. They need to check the
>>>> configuration
>>>> of the anti-relay matcher/mailet or remove this matcher/mailet from
>>>> the
>>>> server." In this way, both the user and the administrators have been
>>>> guided to a solution making it easier to resolve this problem. I am
>>>> not
>>>> sure that I would design this matcher/mailet to allow easy
>>>> customization
>>>> of the error message however, I think that should be only done
>>>> internally within the code itself. But you could convince me otherwise
>>>> if you can provide me with some compelling reasons to allow
>>>> customization.
>>>>
>>>> Marc....
>>>>
>>>> On 02/20/2019 12:15 AM, Benoit Tellier wrote:
>>>>> Hi.
>>>>>
>>>>> This is very true. But the technical knowledge limitation is not the
>>>>> only one... There is also internationalization + text/plain
>>>>> messages...
>>>>>
>>>>> Note that "Bounce" mailet family allows a '<message>' field allowing
>>>>> you
>>>>> to maybe further explain this to non techie users you might have to
>>>>> handle - and in the language of your choice, which is a big +.
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Benoit
>>>>>
>>>>> On 2/20/19 12:02 PM, Marc Chamberlin wrote:
>>>>>> Funny that I wasn't getting the notice "550 - Requested action not
>>>>>> taken: relaying denied" in a bounce email... (but even that is a
>>>>>> really
>>>>>> bad error message that most users will not understand nor know
>>>>>> what to
>>>>>> do about it.)
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by cryptearth <cr...@cryptearth.de>.
Hey Marc,
glad to hear to great news.
After your explanation I know can understand your hassle. As said, for
me james is just running fully external on my root-server at OVH - and
my backup is really just for receiving when I bring down my root for
maintanance (weekly security updates). That's why I never encountered
the very issues you speaking about. Guess that's what you have to deal
with when you use james in an office / corporate network where james is
running on the main server (or maybe even on another machine just
communicating over the main-router/-server).
I've started using Citadel/UX - but they dropped support for SuSE at
some point so I just needed an easy to use replacement as I still can't
get other main MTAs like postfix, sendmail, exim, others - to work
properly. Most promising was once a try with a tutorial specific written
for then-up-to-date versions for I think it was back for 13.1 or so with
postfix and postfix-admin - but I also failed with this step-by-step
guide. Also, what no-other MTA than james could offer me is one thing:
not only using database for user management - but also for mail storage.
This way I can easy backup by a database dump.
I fully aggree with you on the mentioned matcher/mailet vs smtp-auth -
espacially as it is mentioned in the doc itsefl. Also the
"master-override" might be useful - for what ever odd reason.
So, let's get started with let's encrypt then:
This is what I use the get a new certificate:
import org.shredzone.acme4j.Session;
import java.security.KeyPair;
import org.shredzone.acme4j.util.KeyPairUtils;
import java.io.FileReader;
import org.shredzone.acme4j.Account;
import org.shredzone.acme4j.AccountBuilder;
import java.net.URL;
import org.shredzone.acme4j.Login;
import org.shredzone.acme4j.Account;
import org.shredzone.acme4j.Order;
import org.shredzone.acme4j.Authorization;
import org.shredzone.acme4j.challenge.Dns01Challenge;
import org.shredzone.acme4j.Status;
import org.shredzone.acme4j.util.CSRBuilder;
import org.shredzone.acme4j.Certificate;
import java.io.FileWriter;
public final class Acme
{
public final static void main(final String... args) throws
Exception
{
Session session=new Session("acme://letsencrypt.org");
KeyPair accountKeyPair=KeyPairUtils.readKeyPair(new
FileReader("account-openssl.key"));
Account account=(new
AccountBuilder()).onlyExisting().useKeyPair(accountKeyPair).create(session);
URL accountLocationUrl=account.getLocation();
Login login=session.login(accountLocationUrl,
accountKeyPair);
Order order=account.newOrder().domains("cryptearth.de",
"*.cryptearth.de").create();
for(Authorization auth : order.getAuthorizations())
processAuth(auth);
KeyPair domainKeyPair=KeyPairUtils.readKeyPair(new
FileReader("server-openssl.key"));
CSRBuilder csrBuilder=new CSRBuilder();
csrBuilder.addDomain("cryptearth.de");
csrBuilder.addDomain("*.cryptearth.de");
csrBuilder.sign(domainKeyPair);
order.execute(csrBuilder.getEncoded());
while(order.getStatus()!=Status.VALID)
{
System.out.println(order.getStatus());
if(order.getStatus()==Status.INVALID)
throw new RuntimeException("invalid");
Thread.sleep(3000L);
order.update();
}
System.out.println(order.getStatus());
Certificate certificate=order.getCertificate();
System.out.println(certificate.getLocation());
FileWriter fileWriter=new FileWriter("chain.crt");
certificate.writeCertificate(fileWriter);
fileWriter.flush();
fileWriter.close();
}
private final static void processAuth(Authorization auth)
throws Exception
{
Dns01Challenge
challenge=auth.findChallenge(Dns01Challenge.TYPE);
System.out.println(auth.getDomain());
System.out.println(challenge.getDigest());
System.in.read();
challenge.trigger();
while(challenge.getStatus()!=Status.VALID)
{
System.out.println(challenge.getStatus());
if(challenge.getStatus()==Status.INVALID)
throw new RuntimeException("invalid");
Thread.sleep(3000L);
challenge.update();
}
System.out.println(challenge.getStatus());
}
}
This requires the acme4j, bouncycastle, jose4j and slf4j libs -
instructions can be found following from let's encrypt site to acme4j
github-repo. The two key-files are just two RSA4096 keypairs in
openssl-style pem. This is very important, as acme4j uses bouncy-castles
openssl-pem-reader.
There is a wired quirk in how different keys can be represented:
openssl only adds the numbers really used and a OID in front
java internal always uses a full RSA-private-CRT-key - even for public
keys - but all private values just set to 0 - and when exporting there
is no leading OID
So you have to supply the right type of keys - if you don't you get an
exception about wrong key type.
These lines uses the DNS-type of acme challenge - you can read up in
let's encrypt wiki where and how to set the data returned by this code.
For example, when runnig this code, I get one line I have to set as
_acme-challenge.cryptearth.de TXT - the wait a bit for my dns provider
to refresh the zone file - then just hit enter to pass the first
challenge for main domain cryptearth.de. The second is the same but for
wildcard *.cryptearth.de. It's easier to just setup you certificate that
way since it's supported by let's encrypt.
Then, chain.crt contains both, my server certificate and the let's
encrypt intermediate certificate. For step two, you first have to split
them into thier own files. Then you can run this code to create the
keystore:
import java.math.BigInteger;
import java.security.*;
import java.security.spec.*;
import java.security.cert.*;
import java.io.*;
public final class James
{
public final static void main(final String... args) throws Exception
{
KeyStore keyStore=KeyStore.getInstance("JKS");
keyStore.load(null, null);
DataInputStream din=new DataInputStream(new FileInputStream(new
File("tls.key")));
BigInteger p=new BigInteger(din.readUTF(), 16), q=new
BigInteger(din.readUTF(), 16);
din.close();
BigInteger N=p.multiply(q),
phi=p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE)),
e=BigInteger.valueOf(65537L), d=e.modInverse(phi),
dmp1=d.mod(p.subtract(BigInteger.ONE)),
dmq1=d.mod(q.subtract(BigInteger.ONE)), iqmp=q.modInverse(p);
PrivateKey
privateKey=KeyFactory.getInstance("RSA").generatePrivate(new
RSAPrivateCrtKeySpec(N, e, d, p, q, dmp1, dmq1, iqmp));
java.security.cert.Certificate
main=CertificateFactory.getInstance("X509").generateCertificate(new
FileInputStream(new File("server.crt")));
java.security.cert.Certificate
inter=CertificateFactory.getInstance("X509").generateCertificate(new
FileInputStream(new File("le-inter.crt")));
keyStore.setKeyEntry("james", privateKey,
"secret".toCharArray(), new java.security.cert.Certificate[] { main,
inter });
keyStore.store(new FileOutputStream(new File("james.jks")),
"secret".toCharArray());
}
}
You should replace the key-load bit - as this only fits my special type
of private key file - wich just contains of the two primes P and Q - and
is calculated on the fly - another way would be to use
java.security.spec.PKCS8EncodedKeySpec - I have to re-work this code as
it's over 4 years old now.
Important: Although java keystore supports different keys for keystore
itself and for each key - you have to use same for both - as the config
only allows to set one passphrase. This all comes down to Microsoft -
wich, as once leader of marketshare, enforced all others to use same
phrase for keystore and key itself - damn you Microsoft ...
After you created the keystore - head to the config files
smtpserver.xml, imapserver.xml and maybe pop3server.xml if you use pop3
(wich I have disabled) and set "startTLS" to true and the secret for
your keystore. This way, you have enabled your smtp and imap to accept
STARTTLS from client and upgrade insecure connection up to secured one.
One last step: to enable outgoing StartTLS when you sent a mail to
others, go into mailetcontainer.xml - to remotedelivery section - and
then right after the "outgoing" line - put
<startTLS>true</startTLS>
just right in there. This way, your james will try to StartTLS when
connected outgoin to other MX-servers. For example: gmail will tell you
if mail was received over encrypted connection or not.
Yes, this is also antoher long mail - but sadly these topics not or only
barely covert in current docs - so it took me long time to figure all
this out. I'm glad I'm now be able to share this knowledge to others so
they can get it done right fast without much hassel.
So long,
Matt
Am 20.02.2019 um 21:20 schrieb Marc Chamberlin:
> Hi Matt - We need you to put all your wonderful replies and commentary
> up on the James website as part of the documentation. Some of the stuff
> there is pretty sparse and you are doing a great job of explaining
> things! ;-) I will intersperse a few comments below -
>
> On 02/20/2019 09:50 AM, cryptearth wrote:
>> Evening all, Matt here.
>>
>> Marc, let's look at the doc:
>>
>> "This is an anti-relay matcher/mailet combination
>>
>> Emails sent from servers not in the network list are rejected as spam.
>> This is one method of preventing your server from being used as an
>> open relay. Make sure you understand how to prevent your server from
>> becoming an open relay before changing this configuration. See
>> also<authorizedAddresses>in SMTP Server
>>
>> This matcher/mailet combination must come after local delivery has
>> been performed. Otherwise local users will not be able to receive
>> email from senders not in this remote address list.
>>
>> If you are using this matcher/mailet you will probably want to update
>> the configuration to include your own network/addresses. The matcher
>> can be configured with a comma separated list of IP addresses
>> wildcarded IP subnets, and wildcarded hostname subnets.
>> e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*, 192.168.0.*"
> Understood. This is a perfectly valid approach to cutting down on spam
> being sent through a James server.. It would be interesting to know if
> this is the most commonly used approach, or whether most servers are
> using SMTP authentication instead, or whether most servers are using
> both methods. My argument is not against using this particular
> matcher/mailet, but that the default configuration files should come
> supplied and set up in a way that reflects the most common usage. To
> restrict emails to only come from users on the local host, by default in
> the supplied config file, seems to be awfully restrictive and uncommon
> usage, but I am only guessing. My suspicion is that most folks using
> James are going to use SMTP authentication, at least that is my own
> personal experience, and for users to be on a LAN/WLAN.
>
> So I am wondering if this matcher/mailet should not be enabled by
> default and SMTP authentication should be enabled instead, by default. I
> understand the need for James to start up safely, from the default
> configurations, so as not to be an open relay by default.
>
>> If you are using SMTP authentication then you can (and generally
>> should) disable this matcher/mailet pair."
> I think this relationship between using SMTP authentication and this
> matcher/mailet should be automated. In other words, if SMTP
> authentication is turned on then this matcher/mailet should be disabled
> by default automatically. And vice/versa. I also think that the
> administrator should be able to override this automated relationship,
> with an explicitly set option, if for some reason both or neither
> approaches are wanted.
>
> Again, the real question is, what is the most common way James is being
> configured, and how can mistakes, such as I made, be minimized. The goal
> being to keep James robust and easy to manage.
>> So, as far as I understand it: "Don't touch it if you don't understand
>> it - but you should remove it anyway when smtp auth is used.". Guess
>> that's it for you.
> I took the "Don't touch it" approach as much as I could. Trouble is I
> didn't catch this somewhat hidden matcher/mailet nor did I expect that
> the James server would come up with a very restrictive policy that was
> preventing me from testing/using it from somewhere else on my LAN.
> Especially after I had enabled SMTP authentication, which kinda implied,
> at least to me, that I would be able to use James from across my LAN.
> This is re-enforce by the observation the IMAP and POP3 were working
> from across my LAN and made it difficult to understand why SMTP wouldn't.
>
>> I've never encountered that as I only have my domain cryptearth.de in
>> domainlist - neither localhost nor other local entries. I've never
>> tried to send a mail to localhost - allthough, that's one part of my
>> own current thread about overwrite local service mails from
>> sendmail-nullclient used by apache and cron - but that's its own
>> topic. So still have this matcher/mailet in my config, allthough I
>> have smtp auth enabled.
>>
>> So, as far as I understood your reply, you now finally got james up
>> and running so you can also send mails to others?
> Yep! :-) And don't get me wrong, I am NOT complaining about Apache James
> really, just throwing out some thoughts to think about, which might make
> it easier for others following in my footsteps, in installing and
> bringing up James. I am very impressed with the amount of work that has
> obviously gone into developing James, and totally appreciate the amount
> of support you and Benoit have given me!
>
> I am going to work on getting SSL/TLS working with LetsEncrypt
> certificates next... Marc..
>
>> Matt
>>
>>
>> Am 20.02.2019 um 16:59 schrieb Marc Chamberlin:
>>> Morning Benoit ;-) This could get into being a philosophical discussion
>>> for certain! I have mixed feelings about customization of error
>>> messages, and you are correct in saying I could change this particular
>>> one. I have always approached software design with the attitude that
>>> error handling and error messages should be carefully crafted so as to
>>> guide users to a solution, not just tell them that something went wrong.
>>> Which is what this particular error message is doing when left in it's
>>> current default state. We could change/customize it for our own users,
>>> (actually I will just remove this mailet) but doing so leads to a
>>> different issue. If everyone who installs James servers (or any other
>>> application for that matter) is allowed to customize error messages then
>>> it leads to a non-standard environment. Often, when users encounter an
>>> error message, that doesn't provide an understandable solution, they
>>> will then Google it looking for a solution, hoping to find a guru or a
>>> collective mind to provide one. Even in cases such as this, where the
>>> solution will require the assistance of the James administrators to
>>> solve this problem, the user needs to be told that he/she must contact
>>> them AND what exactly they need to tell the administrators. I would
>>> craft this message to say, "Your email server is rejecting your request
>>> to send your email messages. Please contact your Internet Service
>>> Provider and/or IT administrator and tell them that your email server is
>>> rejecting your request to relay email because it is not configured to
>>> accept email from your IP address. They need to check the configuration
>>> of the anti-relay matcher/mailet or remove this matcher/mailet from the
>>> server." In this way, both the user and the administrators have been
>>> guided to a solution making it easier to resolve this problem. I am not
>>> sure that I would design this matcher/mailet to allow easy customization
>>> of the error message however, I think that should be only done
>>> internally within the code itself. But you could convince me otherwise
>>> if you can provide me with some compelling reasons to allow
>>> customization.
>>>
>>> Marc....
>>>
>>> On 02/20/2019 12:15 AM, Benoit Tellier wrote:
>>>> Hi.
>>>>
>>>> This is very true. But the technical knowledge limitation is not the
>>>> only one... There is also internationalization + text/plain messages...
>>>>
>>>> Note that "Bounce" mailet family allows a '<message>' field allowing
>>>> you
>>>> to maybe further explain this to non techie users you might have to
>>>> handle - and in the language of your choice, which is a big +.
>>>>
>>>> Cheers,
>>>>
>>>> Benoit
>>>>
>>>> On 2/20/19 12:02 PM, Marc Chamberlin wrote:
>>>>> Funny that I wasn't getting the notice "550 - Requested action not
>>>>> taken: relaying denied" in a bounce email... (but even that is a
>>>>> really
>>>>> bad error message that most users will not understand nor know what to
>>>>> do about it.)
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Hi Matt - We need you to put all your wonderful replies and commentary
up on the James website as part of the documentation. Some of the stuff
there is pretty sparse and you are doing a great job of explaining
things! ;-) I will intersperse a few comments below -
On 02/20/2019 09:50 AM, cryptearth wrote:
> Evening all, Matt here.
>
> Marc, let's look at the doc:
>
> "This is an anti-relay matcher/mailet combination
>
> Emails sent from servers not in the network list are rejected as spam.
> This is one method of preventing your server from being used as an
> open relay. Make sure you understand how to prevent your server from
> becoming an open relay before changing this configuration. See
> also<authorizedAddresses>in SMTP Server
>
> This matcher/mailet combination must come after local delivery has
> been performed. Otherwise local users will not be able to receive
> email from senders not in this remote address list.
>
> If you are using this matcher/mailet you will probably want to update
> the configuration to include your own network/addresses. The matcher
> can be configured with a comma separated list of IP addresses
> wildcarded IP subnets, and wildcarded hostname subnets.
> e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*, 192.168.0.*"
Understood. This is a perfectly valid approach to cutting down on spam
being sent through a James server.. It would be interesting to know if
this is the most commonly used approach, or whether most servers are
using SMTP authentication instead, or whether most servers are using
both methods. My argument is not against using this particular
matcher/mailet, but that the default configuration files should come
supplied and set up in a way that reflects the most common usage. To
restrict emails to only come from users on the local host, by default in
the supplied config file, seems to be awfully restrictive and uncommon
usage, but I am only guessing. My suspicion is that most folks using
James are going to use SMTP authentication, at least that is my own
personal experience, and for users to be on a LAN/WLAN.
So I am wondering if this matcher/mailet should not be enabled by
default and SMTP authentication should be enabled instead, by default. I
understand the need for James to start up safely, from the default
configurations, so as not to be an open relay by default.
>
> If you are using SMTP authentication then you can (and generally
> should) disable this matcher/mailet pair."
I think this relationship between using SMTP authentication and this
matcher/mailet should be automated. In other words, if SMTP
authentication is turned on then this matcher/mailet should be disabled
by default automatically. And vice/versa. I also think that the
administrator should be able to override this automated relationship,
with an explicitly set option, if for some reason both or neither
approaches are wanted.
Again, the real question is, what is the most common way James is being
configured, and how can mistakes, such as I made, be minimized. The goal
being to keep James robust and easy to manage.
>
> So, as far as I understand it: "Don't touch it if you don't understand
> it - but you should remove it anyway when smtp auth is used.". Guess
> that's it for you.
I took the "Don't touch it" approach as much as I could. Trouble is I
didn't catch this somewhat hidden matcher/mailet nor did I expect that
the James server would come up with a very restrictive policy that was
preventing me from testing/using it from somewhere else on my LAN.
Especially after I had enabled SMTP authentication, which kinda implied,
at least to me, that I would be able to use James from across my LAN.
This is re-enforce by the observation the IMAP and POP3 were working
from across my LAN and made it difficult to understand why SMTP wouldn't.
>
> I've never encountered that as I only have my domain cryptearth.de in
> domainlist - neither localhost nor other local entries. I've never
> tried to send a mail to localhost - allthough, that's one part of my
> own current thread about overwrite local service mails from
> sendmail-nullclient used by apache and cron - but that's its own
> topic. So still have this matcher/mailet in my config, allthough I
> have smtp auth enabled.
>
> So, as far as I understood your reply, you now finally got james up
> and running so you can also send mails to others?
Yep! :-) And don't get me wrong, I am NOT complaining about Apache James
really, just throwing out some thoughts to think about, which might make
it easier for others following in my footsteps, in installing and
bringing up James. I am very impressed with the amount of work that has
obviously gone into developing James, and totally appreciate the amount
of support you and Benoit have given me!
I am going to work on getting SSL/TLS working with LetsEncrypt
certificates next... Marc..
>
> Matt
>
>
> Am 20.02.2019 um 16:59 schrieb Marc Chamberlin:
>> Morning Benoit ;-) This could get into being a philosophical discussion
>> for certain! I have mixed feelings about customization of error
>> messages, and you are correct in saying I could change this particular
>> one. I have always approached software design with the attitude that
>> error handling and error messages should be carefully crafted so as to
>> guide users to a solution, not just tell them that something went wrong.
>> Which is what this particular error message is doing when left in it's
>> current default state. We could change/customize it for our own users,
>> (actually I will just remove this mailet) but doing so leads to a
>> different issue. If everyone who installs James servers (or any other
>> application for that matter) is allowed to customize error messages then
>> it leads to a non-standard environment. Often, when users encounter an
>> error message, that doesn't provide an understandable solution, they
>> will then Google it looking for a solution, hoping to find a guru or a
>> collective mind to provide one. Even in cases such as this, where the
>> solution will require the assistance of the James administrators to
>> solve this problem, the user needs to be told that he/she must contact
>> them AND what exactly they need to tell the administrators. I would
>> craft this message to say, "Your email server is rejecting your request
>> to send your email messages. Please contact your Internet Service
>> Provider and/or IT administrator and tell them that your email server is
>> rejecting your request to relay email because it is not configured to
>> accept email from your IP address. They need to check the configuration
>> of the anti-relay matcher/mailet or remove this matcher/mailet from the
>> server." In this way, both the user and the administrators have been
>> guided to a solution making it easier to resolve this problem. I am not
>> sure that I would design this matcher/mailet to allow easy customization
>> of the error message however, I think that should be only done
>> internally within the code itself. But you could convince me otherwise
>> if you can provide me with some compelling reasons to allow
>> customization.
>>
>> Marc....
>>
>> On 02/20/2019 12:15 AM, Benoit Tellier wrote:
>>> Hi.
>>>
>>> This is very true. But the technical knowledge limitation is not the
>>> only one... There is also internationalization + text/plain messages...
>>>
>>> Note that "Bounce" mailet family allows a '<message>' field allowing
>>> you
>>> to maybe further explain this to non techie users you might have to
>>> handle - and in the language of your choice, which is a big +.
>>>
>>> Cheers,
>>>
>>> Benoit
>>>
>>> On 2/20/19 12:02 PM, Marc Chamberlin wrote:
>>>> Funny that I wasn't getting the notice "550 - Requested action not
>>>> taken: relaying denied" in a bounce email... (but even that is a
>>>> really
>>>> bad error message that most users will not understand nor know what to
>>>> do about it.)
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by cryptearth <cr...@cryptearth.de>.
Evening all, Matt here.
Marc, let's look at the doc:
"This is an anti-relay matcher/mailet combination
Emails sent from servers not in the network list are rejected as spam.
This is one method of preventing your server from being used as an open
relay. Make sure you understand how to prevent your server from
becoming an open relay before changing this configuration. See
also<authorizedAddresses>in SMTP Server
This matcher/mailet combination must come after local delivery has been
performed. Otherwise local users will not be able to receive email from
senders not in this remote address list.
If you are using this matcher/mailet you will probably want to update
the configuration to include your own network/addresses. The matcher
can be configured with a comma separated list of IP addresses wildcarded
IP subnets, and wildcarded hostname subnets.
e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*, 192.168.0.*"
If you are using SMTP authentication then you can (and generally should)
disable this matcher/mailet pair."
So, as far as I understand it: "Don't touch it if you don't understand
it - but you should remove it anyway when smtp auth is used.". Guess
that's it for you.
I've never encountered that as I only have my domain cryptearth.de in
domainlist - neither localhost nor other local entries. I've never tried
to send a mail to localhost - allthough, that's one part of my own
current thread about overwrite local service mails from
sendmail-nullclient used by apache and cron - but that's its own topic.
So still have this matcher/mailet in my config, allthough I have smtp
auth enabled.
So, as far as I understood your reply, you now finally got james up and
running so you can also send mails to others?
Matt
Am 20.02.2019 um 16:59 schrieb Marc Chamberlin:
> Morning Benoit ;-) This could get into being a philosophical discussion
> for certain! I have mixed feelings about customization of error
> messages, and you are correct in saying I could change this particular
> one. I have always approached software design with the attitude that
> error handling and error messages should be carefully crafted so as to
> guide users to a solution, not just tell them that something went wrong.
> Which is what this particular error message is doing when left in it's
> current default state. We could change/customize it for our own users,
> (actually I will just remove this mailet) but doing so leads to a
> different issue. If everyone who installs James servers (or any other
> application for that matter) is allowed to customize error messages then
> it leads to a non-standard environment. Often, when users encounter an
> error message, that doesn't provide an understandable solution, they
> will then Google it looking for a solution, hoping to find a guru or a
> collective mind to provide one. Even in cases such as this, where the
> solution will require the assistance of the James administrators to
> solve this problem, the user needs to be told that he/she must contact
> them AND what exactly they need to tell the administrators. I would
> craft this message to say, "Your email server is rejecting your request
> to send your email messages. Please contact your Internet Service
> Provider and/or IT administrator and tell them that your email server is
> rejecting your request to relay email because it is not configured to
> accept email from your IP address. They need to check the configuration
> of the anti-relay matcher/mailet or remove this matcher/mailet from the
> server." In this way, both the user and the administrators have been
> guided to a solution making it easier to resolve this problem. I am not
> sure that I would design this matcher/mailet to allow easy customization
> of the error message however, I think that should be only done
> internally within the code itself. But you could convince me otherwise
> if you can provide me with some compelling reasons to allow customization.
>
> Marc....
>
> On 02/20/2019 12:15 AM, Benoit Tellier wrote:
>> Hi.
>>
>> This is very true. But the technical knowledge limitation is not the
>> only one... There is also internationalization + text/plain messages...
>>
>> Note that "Bounce" mailet family allows a '<message>' field allowing you
>> to maybe further explain this to non techie users you might have to
>> handle - and in the language of your choice, which is a big +.
>>
>> Cheers,
>>
>> Benoit
>>
>> On 2/20/19 12:02 PM, Marc Chamberlin wrote:
>>> Funny that I wasn't getting the notice "550 - Requested action not
>>> taken: relaying denied" in a bounce email... (but even that is a really
>>> bad error message that most users will not understand nor know what to
>>> do about it.)
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Morning Benoit ;-) This could get into being a philosophical discussion
for certain! I have mixed feelings about customization of error
messages, and you are correct in saying I could change this particular
one. I have always approached software design with the attitude that
error handling and error messages should be carefully crafted so as to
guide users to a solution, not just tell them that something went wrong.
Which is what this particular error message is doing when left in it's
current default state. We could change/customize it for our own users,
(actually I will just remove this mailet) but doing so leads to a
different issue. If everyone who installs James servers (or any other
application for that matter) is allowed to customize error messages then
it leads to a non-standard environment. Often, when users encounter an
error message, that doesn't provide an understandable solution, they
will then Google it looking for a solution, hoping to find a guru or a
collective mind to provide one. Even in cases such as this, where the
solution will require the assistance of the James administrators to
solve this problem, the user needs to be told that he/she must contact
them AND what exactly they need to tell the administrators. I would
craft this message to say, "Your email server is rejecting your request
to send your email messages. Please contact your Internet Service
Provider and/or IT administrator and tell them that your email server is
rejecting your request to relay email because it is not configured to
accept email from your IP address. They need to check the configuration
of the anti-relay matcher/mailet or remove this matcher/mailet from the
server." In this way, both the user and the administrators have been
guided to a solution making it easier to resolve this problem. I am not
sure that I would design this matcher/mailet to allow easy customization
of the error message however, I think that should be only done
internally within the code itself. But you could convince me otherwise
if you can provide me with some compelling reasons to allow customization.
Marc....
On 02/20/2019 12:15 AM, Benoit Tellier wrote:
> Hi.
>
> This is very true. But the technical knowledge limitation is not the
> only one... There is also internationalization + text/plain messages...
>
> Note that "Bounce" mailet family allows a '<message>' field allowing you
> to maybe further explain this to non techie users you might have to
> handle - and in the language of your choice, which is a big +.
>
> Cheers,
>
> Benoit
>
> On 2/20/19 12:02 PM, Marc Chamberlin wrote:
>> Funny that I wasn't getting the notice "550 - Requested action not
>> taken: relaying denied" in a bounce email... (but even that is a really
>> bad error message that most users will not understand nor know what to
>> do about it.)
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by Benoit Tellier <bt...@linagora.com>.
Hi.
This is very true. But the technical knowledge limitation is not the
only one... There is also internationalization + text/plain messages...
Note that "Bounce" mailet family allows a '<message>' field allowing you
to maybe further explain this to non techie users you might have to
handle - and in the language of your choice, which is a big +.
Cheers,
Benoit
On 2/20/19 12:02 PM, Marc Chamberlin wrote:
> Funny that I wasn't getting the notice "550 - Requested action not
> taken: relaying denied" in a bounce email... (but even that is a really
> bad error message that most users will not understand nor know what to
> do about it.)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath SOLVED
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Well at this point I will say that the upgrade to James 3.4 SNAPSHOT has
worked, I finally found the remaining problem that had been overlooked.
(this is a rather bad user trap IMHO and probably should be
re-addressed.) There is a mailet defined in the mailetcontainer.xml
that needs to be removed, (commented out) -
<mailet match="RemoteAddrNotInNetwork=127.0.0.1" class="ToProcessor">
<processor>relay-denied</processor>
<notice>550 - Requested action not taken: relaying denied</notice>
</mailet>
if one is going to enable SMTP authorization. Yeah there is a lot of
comments that say as much, in that file, but this is easily overlooked
IMHO. Would be safer to automate the removal of this mailet when SMTP
authorization is enabled and then in the rare cases where this is also
wanted, require the installer to opt in rather than having to opt out.
Just a thought.... Anyways thanks everyone for all your help, I will now
start to set up all the rest of my domains and users that I need to
support and see how far I get... If I have more questions I will start a
new thread...
Funny that I wasn't getting the notice "550 - Requested action not
taken: relaying denied" in a bounce email... (but even that is a really
bad error message that most users will not understand nor know what to
do about it.)
Marc..
On 02/19/2019 06:57 PM, Marc Chamberlin wrote:
> Oh well never mind this exception about localhost, my bad, I had added
> localhost to the domainlist as an experiment and that was not a good
> idea. Removing it cleared up this exception, but I still cannot send
> anything out... Still looking for a solution...
>
> Marc...
>
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Oh well never mind this exception about localhost, my bad, I had added
localhost to the domainlist as an experiment and that was not a good
idea. Removing it cleared up this exception, but I still cannot send
anything out... Still looking for a solution...
Marc...
On 02/19/2019 06:16 PM, Marc Chamberlin wrote:
> Hi Matt, Geez thanks so much for taking the time to do such a wonderful
> write up! And following your advice did solve the double entry into
> Thunderbird's sent folder. I still cannot get James to send anything out
> though but I am now getting messages written to the james-server.log
> file and discovered the following stack exception is occurring. Doesn't
> make sense to me why James is trying to do a DNS lookup on localhost,
> but better eyes might grok this -
>
> INFO 17:39:38,418 |
> org.apache.james.protocols.netty.BasicChannelUpstreamHandler |
> Connection established from 192.168.10.10
> WARN 17:39:38,571 | org.apache.james.dnsservice.dnsjava.DNSJavaService
> | Error determining result
> java.lang.IllegalStateException: Lookup of localhost A isn't done
> at org.xbill.DNS.Lookup.checkDone(Lookup.java:595)
> at org.xbill.DNS.Lookup.getResult(Lookup.java:632)
> at
> org.apache.james.dnsservice.dnsjava.DNSJavaService.lookup(DNSJavaService.java:374)
> at
> org.apache.james.dnsservice.dnsjava.DNSJavaService.lookupNoException(DNSJavaService.java:396)
> at
> org.apache.james.dnsservice.dnsjava.DNSJavaService.getAllByName(DNSJavaService.java:484)
> at
> org.apache.james.domainlist.lib.AbstractDomainList.getDomainIpStream(AbstractDomainList.java:215)
> at
> org.apache.james.domainlist.lib.AbstractDomainList.lambda$getDomainsIpStream$1(AbstractDomainList.java:209)
> at
> java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:267)
> at java.util.Iterator.forEachRemaining(Iterator.java:116)
> at
> java.util.Spliterators$IteratorSpliterator.forEachRemaining(Spliterators.java:1801)
> at
> java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481)
> at
> java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471)
> at
> java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708)
> at
> java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
> at
> java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499)
> at
> org.apache.james.domainlist.lib.AbstractDomainList.detectIps(AbstractDomainList.java:178)
> at
> org.apache.james.domainlist.lib.AbstractDomainList.getDomains(AbstractDomainList.java:163)
> at
> org.apache.james.domainlist.lib.AbstractDomainList.containsDomain(AbstractDomainList.java:151)
> at
> org.apache.james.smtpserver.fastfail.ValidRcptHandler.isLocalDomain(ValidRcptHandler.java:101)
> at
> org.apache.james.protocols.smtp.core.fastfail.AbstractValidRcptHandler.doRcpt(AbstractValidRcptHandler.java:42)
> at
> org.apache.james.protocols.smtp.core.RcptCmdHandler.callHook(RcptCmdHandler.java:234)
> at
> org.apache.james.protocols.smtp.core.RcptCmdHandler.callHook(RcptCmdHandler.java:51)
> at
> org.apache.james.protocols.smtp.core.AbstractHookableCmdHandler.processHooks(AbstractHookableCmdHandler.java:116)
> at
> org.apache.james.protocols.smtp.core.AbstractHookableCmdHandler.onCommand(AbstractHookableCmdHandler.java:77)
> at
> org.apache.james.protocols.smtp.core.AbstractHookableCmdHandler.onCommand(AbstractHookableCmdHandler.java:52)
> at
> org.apache.james.protocols.api.handler.CommandDispatcher.dispatchCommandHandlers(CommandDispatcher.java:179)
> at
> org.apache.james.protocols.api.handler.CommandDispatcher.onLine(CommandDispatcher.java:157)
> at
> org.apache.james.protocols.netty.BasicChannelUpstreamHandler.messageReceived(BasicChannelUpstreamHandler.java:155)
> at
> org.apache.james.smtpserver.netty.SMTPChannelUpstreamHandler.messageReceived(SMTPChannelUpstreamHandler.java:60)
> at
> org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70)
> at
> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
> at
> org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
> at
> org.jboss.netty.channel.SimpleChannelUpstreamHandler.messageReceived(SimpleChannelUpstreamHandler.java:124)
> at
> org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70)
> at
> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
> at
> org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
> at
> org.jboss.netty.handler.execution.ChannelUpstreamEventRunnable.doRun(ChannelUpstreamEventRunnable.java:43)
> at
> org.jboss.netty.handler.execution.ChannelEventRunnable.run(ChannelEventRunnable.java:67)
> at
> org.jboss.netty.handler.execution.OrderedMemoryAwareThreadPoolExecutor$ChildExecutor.run(OrderedMemoryAwareThreadPoolExecutor.java:314)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> ERROR 17:39:38,571 | org.apache.james.domainlist.lib.AbstractDomainList
> | Cannot get IP address(es) for Domain : localhost
> ERROR 17:39:38,797 | org.apache.james.transport.mailets.ToSenderFolder |
> Local delivery with ToSenderFolder mailet for mail
> Mail1550626778745-2872afb2-854c-4583-b990-05ccc26fcc74 with sender
> marc@domesweetdome.us.com in folder Sent
> WARN 17:39:38,798 | org.apache.james.dnsservice.dnsjava.DNSJavaService
> | Error determining result
> java.lang.IllegalStateException: Lookup of localhost A isn't done
> at org.xbill.DNS.Lookup.checkDone(Lookup.java:595)
> at org.xbill.DNS.Lookup.getResult(Lookup.java:632)
> at
> org.apache.james.dnsservice.dnsjava.DNSJavaService.lookup(DNSJavaService.java:374)
>
> yada yada yada...
>
> BTW I am receiving emails from lots of external servers now! ;-)
>
> HTHs Marc..
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Hi Matt, Geez thanks so much for taking the time to do such a wonderful
write up! And following your advice did solve the double entry into
Thunderbird's sent folder. I still cannot get James to send anything out
though but I am now getting messages written to the james-server.log
file and discovered the following stack exception is occurring. Doesn't
make sense to me why James is trying to do a DNS lookup on localhost,
but better eyes might grok this -
INFO 17:39:38,418 |
org.apache.james.protocols.netty.BasicChannelUpstreamHandler |
Connection established from 192.168.10.10
WARN 17:39:38,571 | org.apache.james.dnsservice.dnsjava.DNSJavaService
| Error determining result
java.lang.IllegalStateException: Lookup of localhost A isn't done
at org.xbill.DNS.Lookup.checkDone(Lookup.java:595)
at org.xbill.DNS.Lookup.getResult(Lookup.java:632)
at
org.apache.james.dnsservice.dnsjava.DNSJavaService.lookup(DNSJavaService.java:374)
at
org.apache.james.dnsservice.dnsjava.DNSJavaService.lookupNoException(DNSJavaService.java:396)
at
org.apache.james.dnsservice.dnsjava.DNSJavaService.getAllByName(DNSJavaService.java:484)
at
org.apache.james.domainlist.lib.AbstractDomainList.getDomainIpStream(AbstractDomainList.java:215)
at
org.apache.james.domainlist.lib.AbstractDomainList.lambda$getDomainsIpStream$1(AbstractDomainList.java:209)
at
java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:267)
at java.util.Iterator.forEachRemaining(Iterator.java:116)
at
java.util.Spliterators$IteratorSpliterator.forEachRemaining(Spliterators.java:1801)
at
java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481)
at
java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471)
at
java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708)
at
java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at
java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499)
at
org.apache.james.domainlist.lib.AbstractDomainList.detectIps(AbstractDomainList.java:178)
at
org.apache.james.domainlist.lib.AbstractDomainList.getDomains(AbstractDomainList.java:163)
at
org.apache.james.domainlist.lib.AbstractDomainList.containsDomain(AbstractDomainList.java:151)
at
org.apache.james.smtpserver.fastfail.ValidRcptHandler.isLocalDomain(ValidRcptHandler.java:101)
at
org.apache.james.protocols.smtp.core.fastfail.AbstractValidRcptHandler.doRcpt(AbstractValidRcptHandler.java:42)
at
org.apache.james.protocols.smtp.core.RcptCmdHandler.callHook(RcptCmdHandler.java:234)
at
org.apache.james.protocols.smtp.core.RcptCmdHandler.callHook(RcptCmdHandler.java:51)
at
org.apache.james.protocols.smtp.core.AbstractHookableCmdHandler.processHooks(AbstractHookableCmdHandler.java:116)
at
org.apache.james.protocols.smtp.core.AbstractHookableCmdHandler.onCommand(AbstractHookableCmdHandler.java:77)
at
org.apache.james.protocols.smtp.core.AbstractHookableCmdHandler.onCommand(AbstractHookableCmdHandler.java:52)
at
org.apache.james.protocols.api.handler.CommandDispatcher.dispatchCommandHandlers(CommandDispatcher.java:179)
at
org.apache.james.protocols.api.handler.CommandDispatcher.onLine(CommandDispatcher.java:157)
at
org.apache.james.protocols.netty.BasicChannelUpstreamHandler.messageReceived(BasicChannelUpstreamHandler.java:155)
at
org.apache.james.smtpserver.netty.SMTPChannelUpstreamHandler.messageReceived(SMTPChannelUpstreamHandler.java:60)
at
org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70)
at
org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at
org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
at
org.jboss.netty.channel.SimpleChannelUpstreamHandler.messageReceived(SimpleChannelUpstreamHandler.java:124)
at
org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70)
at
org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at
org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
at
org.jboss.netty.handler.execution.ChannelUpstreamEventRunnable.doRun(ChannelUpstreamEventRunnable.java:43)
at
org.jboss.netty.handler.execution.ChannelEventRunnable.run(ChannelEventRunnable.java:67)
at
org.jboss.netty.handler.execution.OrderedMemoryAwareThreadPoolExecutor$ChildExecutor.run(OrderedMemoryAwareThreadPoolExecutor.java:314)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
ERROR 17:39:38,571 | org.apache.james.domainlist.lib.AbstractDomainList
| Cannot get IP address(es) for Domain : localhost
ERROR 17:39:38,797 | org.apache.james.transport.mailets.ToSenderFolder |
Local delivery with ToSenderFolder mailet for mail
Mail1550626778745-2872afb2-854c-4583-b990-05ccc26fcc74 with sender
marc@domesweetdome.us.com in folder Sent
WARN 17:39:38,798 | org.apache.james.dnsservice.dnsjava.DNSJavaService
| Error determining result
java.lang.IllegalStateException: Lookup of localhost A isn't done
at org.xbill.DNS.Lookup.checkDone(Lookup.java:595)
at org.xbill.DNS.Lookup.getResult(Lookup.java:632)
at
org.apache.james.dnsservice.dnsjava.DNSJavaService.lookup(DNSJavaService.java:374)
yada yada yada...
BTW I am receiving emails from lots of external servers now! ;-)
HTHs Marc..
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath
Posted by Raphael OUAZANA <ra...@linagora.com>.
Hi Matt,
Thank you very much for this very nice explanation!
For me long mails are perfectly fine on a mailing list, and better
suited than small parts.
Thanks again for sharing.
Regards,
Raphaël.
Le 2019-02-19 19:13, cryptearth a écrit :
> Hey Marc,
>
> ah, I can see a lot of myself in you back when I used james first back
> in 2015 or so ... maybe I can help you out on some questions as I also
> learned a bit since then. But, if I fell, Benoit is one kind of a
> crack on james and, as far as I remember for my questions, always has
> some neat trick handy. I think he is glad to help another new user to
> join this awesome project.
>
> First, let me get on this "sent messages shows up twice in sent
> folder"-thing, as it took me ages to figure it out:
>
> To keep it short: it some wired issue when using thunderbird with james
>
> A bit more explain: IMAP is not only capable of downloading messages
> from the server but also to manage and even store messages from client
> onto the server. Thunderbird is set to save a copy of the message you
> sent in the users sent folder. But also: the same is true for james
> =P. This is easy to fix: in thunderbird - go into account settings -
> select your james mail account - navigate to "copy & folders" on the
> left side - and just untick the two checkboxes labled "save copy into
> sent" and "save archive" - fixed. James will do the rest for you as it
> always copies a sent message - wich I personally find a neat option
> (but this can be disabled in config).
>
> Next thing you should address is a very important security thing:
> enable smtp auth enforcement in smtpserver.xml by un-comment this
> line:
>
> <authRequired>true</authRequired>
>
> Why is this important? In order to receive mails from the outside
> world - you have open TCP/25 to be reachable from the outside world -
> as this is how SMTP works. The main catch here: Any MTA (mail transfer
> agent) should only handle mails for domains it is authorized for -
> otherwise you will become a realy for mails of domains wich don't
> belong to you. In it's default configuration, james' SMTP server will
> accept any mail from any source and realy it to any target found in
> "To:" address. This is what's kown as an "open relay" and is a major
> security issue. By un-comment the above mentioned line you enforce a
> rule, that mails to any other target than your own domain can be send
> only when a connected user has correctly authenticated (logged in for
> that matter). Other client's trying to drop mails for other domains
> simply get an error message denying un-authorized relay.
>
> The last thing I set on my james is in domainlist.xml: change the
> autodetect from true to false and setting my domain "cryptearth.de" as
> the defaultDomain. Any thing else is ready to go by default and should
> need no further touch (or, if you someone like me, using MySQL/MariaDB
> - set james-database.properties to needed values).
>
> Next step: sudo /path/to/james/bin/james start - and you should be
> ready to go. After open TCP/25 for SMTP to receive mails and maybe
> TCP/143 for IMAP you should be able to send and receive mails.
> Oh, one more important thing: you should check domain and user by
> these commands:
>
> /path/to/james/bin/james-cli.sh -h localhost listdomains
> /path/to/james/bin/james-cli.sh -h localhost listusers
>
> The first should at least reply the domain you set in domainlist.xml
> as default domain, and the latter one the user you set. When you first
> start james, no users are set, so you need to add at least one:
>
> /path/to/james/bin/james-cli.sh -h localhost adduser user@domain
> password
>
> It's important, that you use the full user-name with domain-part, like
> this: webmaster@cryptearth.de
> Passwords are stored as MD5 hashed, but this can be changed in
> usersrepository.xml to some more secure like SHA-256, wich should be
> done when you use a real full-blown database server like me instead of
> file-based H2 wich is stored somewhere in james' directory tree.
>
> To add a bit more security, you can set a JavaKeyStore with a let's
> encrypt certificate (I do it this way) to activate encryption on
> client-to-server and server-to-server communication - but this should
> be for another mail as you need some more to get this working. Unless,
> you should not send sensitive data and should use a very unique
> password - as with encryption also your login-data transfered
> un-encrypted. - But we will come back to this in another e-mail if you
> like.
>
> That's it - now you should be up and running.
>
> Possible reasons, why you can't sent e-mails to others:
> 1) You're not a legitimate admin for the domain you want to use (you
> have to set some specific DNS-settings to make your domain fully
> working - like SPF).
> 2) You're tryin to use a host on your personal connection - wich
> should be blocked by almost any major system
> - for example: I have a root hosted at OVH in Roubaix - and a small
> backup here at home right next to me
> I can send mails only from my root - but not from my backup here at
> home as it flagged as spam as my personal ip is well known in a
> "dial-up range" used for personal internet connections ISPs offer to
> private customers - although I have special contract offering my a
> static assigned IP with personal reverse-entry.
> 3) The IP doesn't have correct reverse-PTR matching domain, it's A and
> MX record - wich is also considered as spam.
>
> wrapper.log can give you hints if it's sending correctly or if
> something is wrong while trying to sent out the mail to the host. For
> example: If you try to sent some mail to me, for example to
> cryptearth@cryptearth.de, your log should show something like this
> (just an example done on my local backup - wich actually get's
> delievered to gmail):
>
> INFO | jvm 1 | 2019/02/19 19:02:11 | INFO 19:02:11,632 |
> org.apache.james.smtpserver.SendMailHandler | Successfully spooled
> mail Mail1550599331039-1848bd42-356b-4fe6-959c-33c89e0f3640 from
> home@cryptearth.de on localhost/127.0.0.1 for
> [cryptearth@googlemail.com]
>
> In Google, this mail looks like this:
>
> Delivered-To: cryptearth@gmail.com
> Received: by 2002:a4f:4d89:0:0:0:0:0 with SMTP id a131csp3259841ivb;
> Tue, 19 Feb 2019 10:02:15 -0800 (PST)
> X-Google-Smtp-Source:
> AHgI3Ia9mVf1zqhOXrqseW+K24FVYgYWRLDICEo1/5pydarEFonG16/wkqk7GrAg5559aXQLVe28
> X-Received: by 2002:a17:906:1611:: with SMTP id
> m17mr21353835ejd.237.1550599335000;
> Tue, 19 Feb 2019 10:02:15 -0800 (PST)
> ARC-Seal: i=1; a=rsa-sha256; t=1550599334; cv=none;
> d=google.com; s=arc-20160816;
>
> b=Jr7FnAhVUYDKWmb2SU2FG+1HwJjInZ1zxedaT5O4FuG4DlzUSYRJ6karbBugSGXXZQ
>
> Gkzw5HA5kwUOpt+qxsckfPps6/+myjPkjK8PhIDl5IZ6/Soxupvse2GujFCqLrGHuCAA
>
> m/ZbEHwTohjtrYlS4UpHytehRX5O19e8WNxziYI5OzmNzYjYiwv5NdVBAofMZvRgyo3X
>
> LgOWW8zxZzDcENy/qLO1LBNwAAHxs6Q13Z2or/QK+c2MFpRQ14QWqUmaFjtLZmAtJ0vk
>
> BuZrK3Ae6p6+91Nf9e8vjaAVJ5S2IY+lCBz5+9GhcFjWOtgPWRnA6OuPC74LKhgqedJa
> MhBQ==
> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
> d=google.com; s=arc-20160816;
> h=subject:to:from:message-id:date;
> bh=fdkeB/A0FkbVP2k4J4pNPoeWH6vqBm9+b0C3OY87Cw8=;
>
> b=LBrinwlcWwi5I9grr2K/8Ku9QQwTH+ox7PS+J3SKAwb9lAFAeIab2MNPiAqOpPxzl5
>
> GC7potmHn0jiemuvDGiDruDkfuSEBHIikzO6+slCevxvTAbvkj3PYSPTXsunShLPPy7N
>
> UCMw+sgSd7ZLczvsd0Tv2zRkth0xMUr0Qc9psXyOr1TaRtULwIo2pLykgi2EABalZiqo
>
> Lh7aDp8zJFhZjDZuHQ7i2WOXw5AE2g06BknsD8VKjjocfiaYSGJh6G8p0DdrFBOqnqiP
>
> AQt3yhpxgkf/OZQ556BL2og5xV962SfS8hSjakcv2bwGzF/11TV+QuhKCHsfH1XgfqoK
> jVNA==
> ARC-Authentication-Results: i=1; mx.google.com;
> spf=pass (google.com: domain of home@cryptearth.de designates
> 213.211.219.9 as permitted sender) smtp.mailfrom=home@cryptearth.de
> Return-Path: <ho...@cryptearth.de>
> Received: from home.cryptearth.de (home.cryptearth.de. [213.211.219.9])
> by mx.google.com with ESMTPS id
> l24si2214636edc.223.2019.02.19.10.02.14
> for <cr...@gmail.com>
> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256
> bits=128/128);
> Tue, 19 Feb 2019 10:02:14 -0800 (PST)
> Received-SPF: pass (google.com: domain of home@cryptearth.de
> designates 213.211.219.9 as permitted sender) client-ip=213.211.219.9;
> Authentication-Results: mx.google.com;
> spf=pass (google.com: domain of home@cryptearth.de designates
> 213.211.219.9 as permitted sender) smtp.mailfrom=home@cryptearth.de
> Date: Tue, 19 Feb 2019 10:02:14 -0800 (PST)
> Message-Id:
> <5c...@mx.google.com>
> Received: from localhost (EHLO localhost) ([127.0.0.1])
> by home.cryptearth.de (JAMES SMTP Server ) with ESMTP ID
> -1791581771
> for <cr...@googlemail.com>;
> Tue, 19 Feb 2019 19:01:58 +0100 (CET)
> From: home@cryptearth.de
> To: cryptearth@googlemail.com
> Subject: Test
>
> Test
>
> As you can see - google checks my SPF domain records wich contains my
> personal IP 213.211.219.9 wich is assigned to me by my local ISP and
> matches one of my MX records - also my IP is only in just one
> black-list-service wich matches my range 213.211.219.0/24 as assigned
> from RIPE NCC to my local uplink-service MD-Link - as I regular check
> for such entries and request de-listings to keep my domain and it's
> mail-servers as available as possible.
> Also worth to note: google says: "by ESMTPS with cipher ..." wich
> means that not only the connection between my local client to my local
> james-server was encrypted (well, in this case it wasn't as I used
> telnet on localhost), but also the way from my local server to gmail -
> more security can only be served by encrypting the mail itself.
>
> Just try to sent me a mail from your james and show us the logs - then
> we can try to figure out what went wrong while your james tried to
> deliver your mail to my server.
>
>
> Sorry for this way to long mail - I know it's most likely against
> list-rules as it spams everyone subscribed - but I'm used to boards
> like coderanch where you can split up long posts into smaller ones -
> but I didn't want to spam with multiple messages - I still have to
> learn how to use this sort of communication.
>
> Matt
>
> Am 19.02.2019 um 07:39 schrieb Marc Chamberlin:
>> I should have mentioned I am working with the imap server on James,
>> not
>> pop3... Marc..
>>
>> On 02/18/2019 05:26 PM, Marc Chamberlin wrote:
>>> Thanks Matt, you were correct, I needed to install the java-devel
>>> packages. Maven then ran fine, kinda scary actually watching it run!
>>> That is a LOT of code being downloaded and processed! I will table
>>> the
>>> systemd issue for now and just concentrate on getting James running.
>>> I
>>> like your idea of using crontab to work around it for now...
>>>
>>> Any wise, I installed the new version of James 3.4 and got closer to
>>> getting it up and running. I set it up with one domain and one user
>>> (myself) and I can now send and receive email to/from myself on it.
>>> But
>>> I cannot send an outgoing email to anywhere else! I am using
>>> Thunderbird
>>> to test it with and when I try to send an outgoing email to some
>>> other
>>> domain, something weird is happening. It acts as if it sent it OK,
>>> but
>>> it is showing up in the sent folder, in Thunderbird, twice! I tried
>>> to
>>> send an email from my account on James to a GMail account I have and
>>> it
>>> never showed up, so something is failing still.
>>>
>>> Going in the other direction, if I send an email from an outside
>>> server
>>> to my account on James, I do receive it OK.
>>>
>>> BTW this latest version of James did not fix the log file problems I
>>> reported earlier. Marc..
>>>
>>> On 02/18/2019 11:12 AM, cryptearth wrote:
>>>> Well, for me, I just added "@reboot /path/to/james/bin/james start"
>>>> to
>>>> my root crontab - no need for init.d/systemd.
>>>> As the issue arised after you let systemctl create files - seems
>>>> something went wrong there.
>>>>
>>>> As for your maven issue: do you have java-devel installed?
>>>>
>>>> Matt
>>>>
>>>> Am 18.02.2019 um 03:40 schrieb Benoit Tellier:
>>>>> I am not sure you can use "james script" directly like this as a
>>>>> initd
>>>>> script.
>>>>>
>>>>> What we do use in docker (and thus is maintained) is
>>>>>
>>>>> ./bin/wrapper-linux-x86-64 conf/wrapper.conf
>>>>> wrapper.syslog.ident=james
>>>>> wrapper.pidfile=var/james.pid wrapper.daemonize=FALSE
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Benoit
>>>>>
>>>>> On 2/18/19 7:39 a ²M, Marc Chamberlin wrote:
>>>>>> Hi Matt, thanks for responding! It appears to me that "classpath"
>>>>>> is
>>>>>> actually defined in the startup scripts. There are two different
>>>>>> scripts
>>>>>> used to start the james server, either "james" or "run.sh". I do
>>>>>> not
>>>>>> believe "classpath" is defined in any of the config files
>>>>>> themselves. I
>>>>>> am not using "run.sh" to start the james server, instead I noted
>>>>>> that
>>>>>> the james script is configured with the classic init.d entry
>>>>>> points -
>>>>>> start, stop, restart, etc. I modified the "james" script slightly
>>>>>> so
>>>>>> that I could run james as a systemd service instead (see below).
>>>>>> At
>>>>>> this
>>>>>> point I strongly suspect that the definition of environment
>>>>>> variables,
>>>>>> using the james startup script, is failing, so I am pursuing this
>>>>>> to
>>>>>> see what is going on. However, running james as a systemd service
>>>>>> does
>>>>>> not seem to be the problem, even if I just run the james startup
>>>>>> script
>>>>>> by itself, not as a service, I am still getting the same failure
>>>>>> with
>>>>>> the "classpath" variable.
>>>>>>
>>>>>> If anyone has ported james to run as a systemd service I would
>>>>>> much
>>>>>> appreciate knowing how you did it. What I have done was to add the
>>>>>> init.d initialization comments to the beginning of the james shell
>>>>>> script then let systemd take it from there to create the actual
>>>>>> .service
>>>>>> files -
>>>>>> added to beginning of the james startup script to define init.d
>>>>>> runlevels -
>>>>>>
>>>>>> ### BEGIN INIT INFO
>>>>>> # Provides: james
>>>>>> # Required-Start: $network $syslog $time
>>>>>> # Required-Stop: $network $syslog $time
>>>>>> # Default-Start: 2 3 4 5
>>>>>> # Default-Stop: 0 1 6
>>>>>> # Description: Initscript for Apache James Mail Server
>>>>>> ### END INIT INFO
>>>>>>
>>>>>> and FYI these are the steps I then took to set up the init.d
>>>>>> services
>>>>>> and then convert them to systemd services on OpenSuSE Leap 15.0 -
>>>>>>
>>>>>> First I created a soft link from /etc/init.d to the james startup
>>>>>> script -
>>>>>>
>>>>>> ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
>>>>>> /etc/init.d/james
>>>>>>
>>>>>> Next install in james script into the various init.d runlevels
>>>>>>
>>>>>> cd /etc/init.d
>>>>>> insserv james
>>>>>>
>>>>>> Next set up the systemd files from the new init.d configuration
>>>>>> files
>>>>>> and start the service.
>>>>>>
>>>>>> systemctl daemon-reload
>>>>>> systemctl start james.service
>>>>>>
>>>>>> The james service does start up OK and will report that it is
>>>>>> running
>>>>>> when checking on it's status. It is just not working properly in
>>>>>> accepting connections or doing the various tasks that the service
>>>>>> should
>>>>>> be doing and my goal at this point is to resolve any and all
>>>>>> exceptions
>>>>>> that are occurring such as this one.
>>>>>>
>>>>>> Marc...
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 02/17/2019 06:01 AM, cryptearth wrote:
>>>>>>> Hey Marc, Matt here.
>>>>>>>
>>>>>>> The provided stack only says that you given "classpath" to some
>>>>>>> parameter wich expectes a url in some config file. So I guess it
>>>>>>> could
>>>>>>> help if you also show the config where you set "classpath" so one
>>>>>>> can
>>>>>>> figure out, if "classpath" is a legal input for the setting you
>>>>>>> set
>>>>>>> it.
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath
Posted by cryptearth <cr...@cryptearth.de>.
Hey Marc,
ah, I can see a lot of myself in you back when I used james first back
in 2015 or so ... maybe I can help you out on some questions as I also
learned a bit since then. But, if I fell, Benoit is one kind of a crack
on james and, as far as I remember for my questions, always has some
neat trick handy. I think he is glad to help another new user to join
this awesome project.
First, let me get on this "sent messages shows up twice in sent
folder"-thing, as it took me ages to figure it out:
To keep it short: it some wired issue when using thunderbird with james
A bit more explain: IMAP is not only capable of downloading messages
from the server but also to manage and even store messages from client
onto the server. Thunderbird is set to save a copy of the message you
sent in the users sent folder. But also: the same is true for james =P.
This is easy to fix: in thunderbird - go into account settings - select
your james mail account - navigate to "copy & folders" on the left side
- and just untick the two checkboxes labled "save copy into sent" and
"save archive" - fixed. James will do the rest for you as it always
copies a sent message - wich I personally find a neat option (but this
can be disabled in config).
Next thing you should address is a very important security thing: enable
smtp auth enforcement in smtpserver.xml by un-comment this line:
<authRequired>true</authRequired>
Why is this important? In order to receive mails from the outside world
- you have open TCP/25 to be reachable from the outside world - as this
is how SMTP works. The main catch here: Any MTA (mail transfer agent)
should only handle mails for domains it is authorized for - otherwise
you will become a realy for mails of domains wich don't belong to you.
In it's default configuration, james' SMTP server will accept any mail
from any source and realy it to any target found in "To:" address. This
is what's kown as an "open relay" and is a major security issue. By
un-comment the above mentioned line you enforce a rule, that mails to
any other target than your own domain can be send only when a connected
user has correctly authenticated (logged in for that matter). Other
client's trying to drop mails for other domains simply get an error
message denying un-authorized relay.
The last thing I set on my james is in domainlist.xml: change the
autodetect from true to false and setting my domain "cryptearth.de" as
the defaultDomain. Any thing else is ready to go by default and should
need no further touch (or, if you someone like me, using MySQL/MariaDB -
set james-database.properties to needed values).
Next step: sudo /path/to/james/bin/james start - and you should be ready
to go. After open TCP/25 for SMTP to receive mails and maybe TCP/143 for
IMAP you should be able to send and receive mails.
Oh, one more important thing: you should check domain and user by these
commands:
/path/to/james/bin/james-cli.sh -h localhost listdomains
/path/to/james/bin/james-cli.sh -h localhost listusers
The first should at least reply the domain you set in domainlist.xml as
default domain, and the latter one the user you set. When you first
start james, no users are set, so you need to add at least one:
/path/to/james/bin/james-cli.sh -h localhost adduser user@domain password
It's important, that you use the full user-name with domain-part, like
this: webmaster@cryptearth.de
Passwords are stored as MD5 hashed, but this can be changed in
usersrepository.xml to some more secure like SHA-256, wich should be
done when you use a real full-blown database server like me instead of
file-based H2 wich is stored somewhere in james' directory tree.
To add a bit more security, you can set a JavaKeyStore with a let's
encrypt certificate (I do it this way) to activate encryption on
client-to-server and server-to-server communication - but this should be
for another mail as you need some more to get this working. Unless, you
should not send sensitive data and should use a very unique password -
as with encryption also your login-data transfered un-encrypted. - But
we will come back to this in another e-mail if you like.
That's it - now you should be up and running.
Possible reasons, why you can't sent e-mails to others:
1) You're not a legitimate admin for the domain you want to use (you
have to set some specific DNS-settings to make your domain fully working
- like SPF).
2) You're tryin to use a host on your personal connection - wich should
be blocked by almost any major system
- for example: I have a root hosted at OVH in Roubaix - and a small
backup here at home right next to me
I can send mails only from my root - but not from my backup here at home
as it flagged as spam as my personal ip is well known in a "dial-up
range" used for personal internet connections ISPs offer to private
customers - although I have special contract offering my a static
assigned IP with personal reverse-entry.
3) The IP doesn't have correct reverse-PTR matching domain, it's A and
MX record - wich is also considered as spam.
wrapper.log can give you hints if it's sending correctly or if something
is wrong while trying to sent out the mail to the host. For example: If
you try to sent some mail to me, for example to
cryptearth@cryptearth.de, your log should show something like this (just
an example done on my local backup - wich actually get's delievered to
gmail):
INFO | jvm 1 | 2019/02/19 19:02:11 | INFO 19:02:11,632 |
org.apache.james.smtpserver.SendMailHandler | Successfully spooled mail
Mail1550599331039-1848bd42-356b-4fe6-959c-33c89e0f3640 from
home@cryptearth.de on localhost/127.0.0.1 for [cryptearth@googlemail.com]
In Google, this mail looks like this:
Delivered-To: cryptearth@gmail.com
Received: by 2002:a4f:4d89:0:0:0:0:0 with SMTP id a131csp3259841ivb;
Tue, 19 Feb 2019 10:02:15 -0800 (PST)
X-Google-Smtp-Source: AHgI3Ia9mVf1zqhOXrqseW+K24FVYgYWRLDICEo1/5pydarEFonG16/wkqk7GrAg5559aXQLVe28
X-Received: by 2002:a17:906:1611:: with SMTP id m17mr21353835ejd.237.1550599335000;
Tue, 19 Feb 2019 10:02:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1550599334; cv=none;
d=google.com; s=arc-20160816;
b=Jr7FnAhVUYDKWmb2SU2FG+1HwJjInZ1zxedaT5O4FuG4DlzUSYRJ6karbBugSGXXZQ
Gkzw5HA5kwUOpt+qxsckfPps6/+myjPkjK8PhIDl5IZ6/Soxupvse2GujFCqLrGHuCAA
m/ZbEHwTohjtrYlS4UpHytehRX5O19e8WNxziYI5OzmNzYjYiwv5NdVBAofMZvRgyo3X
LgOWW8zxZzDcENy/qLO1LBNwAAHxs6Q13Z2or/QK+c2MFpRQ14QWqUmaFjtLZmAtJ0vk
BuZrK3Ae6p6+91Nf9e8vjaAVJ5S2IY+lCBz5+9GhcFjWOtgPWRnA6OuPC74LKhgqedJa
MhBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=subject:to:from:message-id:date;
bh=fdkeB/A0FkbVP2k4J4pNPoeWH6vqBm9+b0C3OY87Cw8=;
b=LBrinwlcWwi5I9grr2K/8Ku9QQwTH+ox7PS+J3SKAwb9lAFAeIab2MNPiAqOpPxzl5
GC7potmHn0jiemuvDGiDruDkfuSEBHIikzO6+slCevxvTAbvkj3PYSPTXsunShLPPy7N
UCMw+sgSd7ZLczvsd0Tv2zRkth0xMUr0Qc9psXyOr1TaRtULwIo2pLykgi2EABalZiqo
Lh7aDp8zJFhZjDZuHQ7i2WOXw5AE2g06BknsD8VKjjocfiaYSGJh6G8p0DdrFBOqnqiP
AQt3yhpxgkf/OZQ556BL2og5xV962SfS8hSjakcv2bwGzF/11TV+QuhKCHsfH1XgfqoK
jVNA==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of home@cryptearth.de designates 213.211.219.9 as permitted sender) smtp.mailfrom=home@cryptearth.de
Return-Path: <ho...@cryptearth.de>
Received: from home.cryptearth.de (home.cryptearth.de. [213.211.219.9])
by mx.google.com with ESMTPS id l24si2214636edc.223.2019.02.19.10.02.14
for <cr...@gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Tue, 19 Feb 2019 10:02:14 -0800 (PST)
Received-SPF: pass (google.com: domain of home@cryptearth.de designates 213.211.219.9 as permitted sender) client-ip=213.211.219.9;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of home@cryptearth.de designates 213.211.219.9 as permitted sender) smtp.mailfrom=home@cryptearth.de
Date: Tue, 19 Feb 2019 10:02:14 -0800 (PST)
Message-Id: <5c...@mx.google.com>
Received: from localhost (EHLO localhost) ([127.0.0.1])
by home.cryptearth.de (JAMES SMTP Server ) with ESMTP ID -1791581771
for <cr...@googlemail.com>;
Tue, 19 Feb 2019 19:01:58 +0100 (CET)
From: home@cryptearth.de
To: cryptearth@googlemail.com
Subject: Test
Test
As you can see - google checks my SPF domain records wich contains my
personal IP 213.211.219.9 wich is assigned to me by my local ISP and
matches one of my MX records - also my IP is only in just one
black-list-service wich matches my range 213.211.219.0/24 as assigned
from RIPE NCC to my local uplink-service MD-Link - as I regular check
for such entries and request de-listings to keep my domain and it's
mail-servers as available as possible.
Also worth to note: google says: "by ESMTPS with cipher ..." wich means
that not only the connection between my local client to my local
james-server was encrypted (well, in this case it wasn't as I used
telnet on localhost), but also the way from my local server to gmail -
more security can only be served by encrypting the mail itself.
Just try to sent me a mail from your james and show us the logs - then
we can try to figure out what went wrong while your james tried to
deliver your mail to my server.
Sorry for this way to long mail - I know it's most likely against
list-rules as it spams everyone subscribed - but I'm used to boards like
coderanch where you can split up long posts into smaller ones - but I
didn't want to spam with multiple messages - I still have to learn how
to use this sort of communication.
Matt
Am 19.02.2019 um 07:39 schrieb Marc Chamberlin:
> I should have mentioned I am working with the imap server on James, not
> pop3... Marc..
>
> On 02/18/2019 05:26 PM, Marc Chamberlin wrote:
>> Thanks Matt, you were correct, I needed to install the java-devel
>> packages. Maven then ran fine, kinda scary actually watching it run!
>> That is a LOT of code being downloaded and processed! I will table the
>> systemd issue for now and just concentrate on getting James running. I
>> like your idea of using crontab to work around it for now...
>>
>> Any wise, I installed the new version of James 3.4 and got closer to
>> getting it up and running. I set it up with one domain and one user
>> (myself) and I can now send and receive email to/from myself on it. But
>> I cannot send an outgoing email to anywhere else! I am using Thunderbird
>> to test it with and when I try to send an outgoing email to some other
>> domain, something weird is happening. It acts as if it sent it OK, but
>> it is showing up in the sent folder, in Thunderbird, twice! I tried to
>> send an email from my account on James to a GMail account I have and it
>> never showed up, so something is failing still.
>>
>> Going in the other direction, if I send an email from an outside server
>> to my account on James, I do receive it OK.
>>
>> BTW this latest version of James did not fix the log file problems I
>> reported earlier. Marc..
>>
>> On 02/18/2019 11:12 AM, cryptearth wrote:
>>> Well, for me, I just added "@reboot /path/to/james/bin/james start" to
>>> my root crontab - no need for init.d/systemd.
>>> As the issue arised after you let systemctl create files - seems
>>> something went wrong there.
>>>
>>> As for your maven issue: do you have java-devel installed?
>>>
>>> Matt
>>>
>>> Am 18.02.2019 um 03:40 schrieb Benoit Tellier:
>>>> I am not sure you can use "james script" directly like this as a initd
>>>> script.
>>>>
>>>> What we do use in docker (and thus is maintained) is
>>>>
>>>> ./bin/wrapper-linux-x86-64 conf/wrapper.conf wrapper.syslog.ident=james
>>>> wrapper.pidfile=var/james.pid wrapper.daemonize=FALSE
>>>>
>>>> Cheers,
>>>>
>>>> Benoit
>>>>
>>>> On 2/18/19 7:39 a ²M, Marc Chamberlin wrote:
>>>>> Hi Matt, thanks for responding! It appears to me that "classpath" is
>>>>> actually defined in the startup scripts. There are two different
>>>>> scripts
>>>>> used to start the james server, either "james" or "run.sh". I do not
>>>>> believe "classpath" is defined in any of the config files themselves. I
>>>>> am not using "run.sh" to start the james server, instead I noted that
>>>>> the james script is configured with the classic init.d entry points -
>>>>> start, stop, restart, etc. I modified the "james" script slightly so
>>>>> that I could run james as a systemd service instead (see below). At
>>>>> this
>>>>> point I strongly suspect that the definition of environment variables,
>>>>> using the james startup script, is failing, so I am pursuing this to
>>>>> see what is going on. However, running james as a systemd service does
>>>>> not seem to be the problem, even if I just run the james startup script
>>>>> by itself, not as a service, I am still getting the same failure with
>>>>> the "classpath" variable.
>>>>>
>>>>> If anyone has ported james to run as a systemd service I would much
>>>>> appreciate knowing how you did it. What I have done was to add the
>>>>> init.d initialization comments to the beginning of the james shell
>>>>> script then let systemd take it from there to create the actual
>>>>> .service
>>>>> files -
>>>>> added to beginning of the james startup script to define init.d
>>>>> runlevels -
>>>>>
>>>>> ### BEGIN INIT INFO
>>>>> # Provides: james
>>>>> # Required-Start: $network $syslog $time
>>>>> # Required-Stop: $network $syslog $time
>>>>> # Default-Start: 2 3 4 5
>>>>> # Default-Stop: 0 1 6
>>>>> # Description: Initscript for Apache James Mail Server
>>>>> ### END INIT INFO
>>>>>
>>>>> and FYI these are the steps I then took to set up the init.d services
>>>>> and then convert them to systemd services on OpenSuSE Leap 15.0 -
>>>>>
>>>>> First I created a soft link from /etc/init.d to the james startup
>>>>> script -
>>>>>
>>>>> ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
>>>>> /etc/init.d/james
>>>>>
>>>>> Next install in james script into the various init.d runlevels
>>>>>
>>>>> cd /etc/init.d
>>>>> insserv james
>>>>>
>>>>> Next set up the systemd files from the new init.d configuration files
>>>>> and start the service.
>>>>>
>>>>> systemctl daemon-reload
>>>>> systemctl start james.service
>>>>>
>>>>> The james service does start up OK and will report that it is running
>>>>> when checking on it's status. It is just not working properly in
>>>>> accepting connections or doing the various tasks that the service
>>>>> should
>>>>> be doing and my goal at this point is to resolve any and all exceptions
>>>>> that are occurring such as this one.
>>>>>
>>>>> Marc...
>>>>>
>>>>>
>>>>>
>>>>> On 02/17/2019 06:01 AM, cryptearth wrote:
>>>>>> Hey Marc, Matt here.
>>>>>>
>>>>>> The provided stack only says that you given "classpath" to some
>>>>>> parameter wich expectes a url in some config file. So I guess it could
>>>>>> help if you also show the config where you set "classpath" so one can
>>>>>> figure out, if "classpath" is a legal input for the setting you set
>>>>>> it.
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>
Re: MalformedURLException: unknown protocol: classpath
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
I should have mentioned I am working with the imap server on James, not
pop3... Marc..
On 02/18/2019 05:26 PM, Marc Chamberlin wrote:
> Thanks Matt, you were correct, I needed to install the java-devel
> packages. Maven then ran fine, kinda scary actually watching it run!
> That is a LOT of code being downloaded and processed! I will table the
> systemd issue for now and just concentrate on getting James running. I
> like your idea of using crontab to work around it for now...
>
> Any wise, I installed the new version of James 3.4 and got closer to
> getting it up and running. I set it up with one domain and one user
> (myself) and I can now send and receive email to/from myself on it. But
> I cannot send an outgoing email to anywhere else! I am using Thunderbird
> to test it with and when I try to send an outgoing email to some other
> domain, something weird is happening. It acts as if it sent it OK, but
> it is showing up in the sent folder, in Thunderbird, twice! I tried to
> send an email from my account on James to a GMail account I have and it
> never showed up, so something is failing still.
>
> Going in the other direction, if I send an email from an outside server
> to my account on James, I do receive it OK.
>
> BTW this latest version of James did not fix the log file problems I
> reported earlier. Marc..
>
> On 02/18/2019 11:12 AM, cryptearth wrote:
>> Well, for me, I just added "@reboot /path/to/james/bin/james start" to
>> my root crontab - no need for init.d/systemd.
>> As the issue arised after you let systemctl create files - seems
>> something went wrong there.
>>
>> As for your maven issue: do you have java-devel installed?
>>
>> Matt
>>
>> Am 18.02.2019 um 03:40 schrieb Benoit Tellier:
>>> I am not sure you can use "james script" directly like this as a initd
>>> script.
>>>
>>> What we do use in docker (and thus is maintained) is
>>>
>>> ./bin/wrapper-linux-x86-64 conf/wrapper.conf wrapper.syslog.ident=james
>>> wrapper.pidfile=var/james.pid wrapper.daemonize=FALSE
>>>
>>> Cheers,
>>>
>>> Benoit
>>>
>>> On 2/18/19 7:39 a ²M, Marc Chamberlin wrote:
>>>> Hi Matt, thanks for responding! It appears to me that "classpath" is
>>>> actually defined in the startup scripts. There are two different
>>>> scripts
>>>> used to start the james server, either "james" or "run.sh". I do not
>>>> believe "classpath" is defined in any of the config files themselves. I
>>>> am not using "run.sh" to start the james server, instead I noted that
>>>> the james script is configured with the classic init.d entry points -
>>>> start, stop, restart, etc. I modified the "james" script slightly so
>>>> that I could run james as a systemd service instead (see below). At
>>>> this
>>>> point I strongly suspect that the definition of environment variables,
>>>> using the james startup script, is failing, so I am pursuing this to
>>>> see what is going on. However, running james as a systemd service does
>>>> not seem to be the problem, even if I just run the james startup script
>>>> by itself, not as a service, I am still getting the same failure with
>>>> the "classpath" variable.
>>>>
>>>> If anyone has ported james to run as a systemd service I would much
>>>> appreciate knowing how you did it. What I have done was to add the
>>>> init.d initialization comments to the beginning of the james shell
>>>> script then let systemd take it from there to create the actual
>>>> .service
>>>> files -
>>>> added to beginning of the james startup script to define init.d
>>>> runlevels -
>>>>
>>>> ### BEGIN INIT INFO
>>>> # Provides: james
>>>> # Required-Start: $network $syslog $time
>>>> # Required-Stop: $network $syslog $time
>>>> # Default-Start: 2 3 4 5
>>>> # Default-Stop: 0 1 6
>>>> # Description: Initscript for Apache James Mail Server
>>>> ### END INIT INFO
>>>>
>>>> and FYI these are the steps I then took to set up the init.d services
>>>> and then convert them to systemd services on OpenSuSE Leap 15.0 -
>>>>
>>>> First I created a soft link from /etc/init.d to the james startup
>>>> script -
>>>>
>>>> ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
>>>> /etc/init.d/james
>>>>
>>>> Next install in james script into the various init.d runlevels
>>>>
>>>> cd /etc/init.d
>>>> insserv james
>>>>
>>>> Next set up the systemd files from the new init.d configuration files
>>>> and start the service.
>>>>
>>>> systemctl daemon-reload
>>>> systemctl start james.service
>>>>
>>>> The james service does start up OK and will report that it is running
>>>> when checking on it's status. It is just not working properly in
>>>> accepting connections or doing the various tasks that the service
>>>> should
>>>> be doing and my goal at this point is to resolve any and all exceptions
>>>> that are occurring such as this one.
>>>>
>>>> Marc...
>>>>
>>>>
>>>>
>>>> On 02/17/2019 06:01 AM, cryptearth wrote:
>>>>> Hey Marc, Matt here.
>>>>>
>>>>> The provided stack only says that you given "classpath" to some
>>>>> parameter wich expectes a url in some config file. So I guess it could
>>>>> help if you also show the config where you set "classpath" so one can
>>>>> figure out, if "classpath" is a legal input for the setting you set
>>>>> it.
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Thanks Matt, you were correct, I needed to install the java-devel
packages. Maven then ran fine, kinda scary actually watching it run!
That is a LOT of code being downloaded and processed! I will table the
systemd issue for now and just concentrate on getting James running. I
like your idea of using crontab to work around it for now...
Any wise, I installed the new version of James 3.4 and got closer to
getting it up and running. I set it up with one domain and one user
(myself) and I can now send and receive email to/from myself on it. But
I cannot send an outgoing email to anywhere else! I am using Thunderbird
to test it with and when I try to send an outgoing email to some other
domain, something weird is happening. It acts as if it sent it OK, but
it is showing up in the sent folder, in Thunderbird, twice! I tried to
send an email from my account on James to a GMail account I have and it
never showed up, so something is failing still.
Going in the other direction, if I send an email from an outside server
to my account on James, I do receive it OK.
BTW this latest version of James did not fix the log file problems I
reported earlier. Marc..
On 02/18/2019 11:12 AM, cryptearth wrote:
> Well, for me, I just added "@reboot /path/to/james/bin/james start" to
> my root crontab - no need for init.d/systemd.
> As the issue arised after you let systemctl create files - seems
> something went wrong there.
>
> As for your maven issue: do you have java-devel installed?
>
> Matt
>
> Am 18.02.2019 um 03:40 schrieb Benoit Tellier:
>> I am not sure you can use "james script" directly like this as a initd
>> script.
>>
>> What we do use in docker (and thus is maintained) is
>>
>> ./bin/wrapper-linux-x86-64 conf/wrapper.conf wrapper.syslog.ident=james
>> wrapper.pidfile=var/james.pid wrapper.daemonize=FALSE
>>
>> Cheers,
>>
>> Benoit
>>
>> On 2/18/19 7:39 a ²M, Marc Chamberlin wrote:
>>> Hi Matt, thanks for responding! It appears to me that "classpath" is
>>> actually defined in the startup scripts. There are two different
>>> scripts
>>> used to start the james server, either "james" or "run.sh". I do not
>>> believe "classpath" is defined in any of the config files themselves. I
>>> am not using "run.sh" to start the james server, instead I noted that
>>> the james script is configured with the classic init.d entry points -
>>> start, stop, restart, etc. I modified the "james" script slightly so
>>> that I could run james as a systemd service instead (see below). At
>>> this
>>> point I strongly suspect that the definition of environment variables,
>>> using the james startup script, is failing, so I am pursuing this to
>>> see what is going on. However, running james as a systemd service does
>>> not seem to be the problem, even if I just run the james startup script
>>> by itself, not as a service, I am still getting the same failure with
>>> the "classpath" variable.
>>>
>>> If anyone has ported james to run as a systemd service I would much
>>> appreciate knowing how you did it. What I have done was to add the
>>> init.d initialization comments to the beginning of the james shell
>>> script then let systemd take it from there to create the actual
>>> .service
>>> files -
>>> added to beginning of the james startup script to define init.d
>>> runlevels -
>>>
>>> ### BEGIN INIT INFO
>>> # Provides: james
>>> # Required-Start: $network $syslog $time
>>> # Required-Stop: $network $syslog $time
>>> # Default-Start: 2 3 4 5
>>> # Default-Stop: 0 1 6
>>> # Description: Initscript for Apache James Mail Server
>>> ### END INIT INFO
>>>
>>> and FYI these are the steps I then took to set up the init.d services
>>> and then convert them to systemd services on OpenSuSE Leap 15.0 -
>>>
>>> First I created a soft link from /etc/init.d to the james startup
>>> script -
>>>
>>> ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
>>> /etc/init.d/james
>>>
>>> Next install in james script into the various init.d runlevels
>>>
>>> cd /etc/init.d
>>> insserv james
>>>
>>> Next set up the systemd files from the new init.d configuration files
>>> and start the service.
>>>
>>> systemctl daemon-reload
>>> systemctl start james.service
>>>
>>> The james service does start up OK and will report that it is running
>>> when checking on it's status. It is just not working properly in
>>> accepting connections or doing the various tasks that the service
>>> should
>>> be doing and my goal at this point is to resolve any and all exceptions
>>> that are occurring such as this one.
>>>
>>> Marc...
>>>
>>>
>>>
>>> On 02/17/2019 06:01 AM, cryptearth wrote:
>>>> Hey Marc, Matt here.
>>>>
>>>> The provided stack only says that you given "classpath" to some
>>>> parameter wich expectes a url in some config file. So I guess it could
>>>> help if you also show the config where you set "classpath" so one can
>>>> figure out, if "classpath" is a legal input for the setting you set
>>>> it.
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath
Posted by cryptearth <cr...@cryptearth.de>.
Well, for me, I just added "@reboot /path/to/james/bin/james start" to
my root crontab - no need for init.d/systemd.
As the issue arised after you let systemctl create files - seems
something went wrong there.
As for your maven issue: do you have java-devel installed?
Matt
Am 18.02.2019 um 03:40 schrieb Benoit Tellier:
> I am not sure you can use "james script" directly like this as a initd
> script.
>
> What we do use in docker (and thus is maintained) is
>
> ./bin/wrapper-linux-x86-64 conf/wrapper.conf wrapper.syslog.ident=james
> wrapper.pidfile=var/james.pid wrapper.daemonize=FALSE
>
> Cheers,
>
> Benoit
>
> On 2/18/19 7:39 a ²M, Marc Chamberlin wrote:
>> Hi Matt, thanks for responding! It appears to me that "classpath" is
>> actually defined in the startup scripts. There are two different scripts
>> used to start the james server, either "james" or "run.sh". I do not
>> believe "classpath" is defined in any of the config files themselves. I
>> am not using "run.sh" to start the james server, instead I noted that
>> the james script is configured with the classic init.d entry points -
>> start, stop, restart, etc. I modified the "james" script slightly so
>> that I could run james as a systemd service instead (see below). At this
>> point I strongly suspect that the definition of environment variables,
>> using the james startup script, is failing, so I am pursuing this to
>> see what is going on. However, running james as a systemd service does
>> not seem to be the problem, even if I just run the james startup script
>> by itself, not as a service, I am still getting the same failure with
>> the "classpath" variable.
>>
>> If anyone has ported james to run as a systemd service I would much
>> appreciate knowing how you did it. What I have done was to add the
>> init.d initialization comments to the beginning of the james shell
>> script then let systemd take it from there to create the actual .service
>> files -
>>
>> added to beginning of the james startup script to define init.d runlevels -
>>
>> ### BEGIN INIT INFO
>> # Provides: james
>> # Required-Start: $network $syslog $time
>> # Required-Stop: $network $syslog $time
>> # Default-Start: 2 3 4 5
>> # Default-Stop: 0 1 6
>> # Description: Initscript for Apache James Mail Server
>> ### END INIT INFO
>>
>> and FYI these are the steps I then took to set up the init.d services
>> and then convert them to systemd services on OpenSuSE Leap 15.0 -
>>
>> First I created a soft link from /etc/init.d to the james startup script -
>>
>> ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
>> /etc/init.d/james
>>
>> Next install in james script into the various init.d runlevels
>>
>> cd /etc/init.d
>> insserv james
>>
>> Next set up the systemd files from the new init.d configuration files
>> and start the service.
>>
>> systemctl daemon-reload
>> systemctl start james.service
>>
>> The james service does start up OK and will report that it is running
>> when checking on it's status. It is just not working properly in
>> accepting connections or doing the various tasks that the service should
>> be doing and my goal at this point is to resolve any and all exceptions
>> that are occurring such as this one.
>>
>> Marc...
>>
>>
>>
>> On 02/17/2019 06:01 AM, cryptearth wrote:
>>> Hey Marc, Matt here.
>>>
>>> The provided stack only says that you given "classpath" to some
>>> parameter wich expectes a url in some config file. So I guess it could
>>> help if you also show the config where you set "classpath" so one can
>>> figure out, if "classpath" is a legal input for the setting you set it.
>>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath
Posted by Benoit Tellier <bt...@linagora.com>.
I am not sure you can use "james script" directly like this as a initd
script.
What we do use in docker (and thus is maintained) is
./bin/wrapper-linux-x86-64 conf/wrapper.conf wrapper.syslog.ident=james
wrapper.pidfile=var/james.pid wrapper.daemonize=FALSE
Cheers,
Benoit
On 2/18/19 7:39 a ²M, Marc Chamberlin wrote:
> Hi Matt, thanks for responding! It appears to me that "classpath" is
> actually defined in the startup scripts. There are two different scripts
> used to start the james server, either "james" or "run.sh". I do not
> believe "classpath" is defined in any of the config files themselves. I
> am not using "run.sh" to start the james server, instead I noted that
> the james script is configured with the classic init.d entry points -
> start, stop, restart, etc. I modified the "james" script slightly so
> that I could run james as a systemd service instead (see below). At this
> point I strongly suspect that the definition of environment variables,
> using the james startup script, is failing, so I am pursuing this to
> see what is going on. However, running james as a systemd service does
> not seem to be the problem, even if I just run the james startup script
> by itself, not as a service, I am still getting the same failure with
> the "classpath" variable.
>
> If anyone has ported james to run as a systemd service I would much
> appreciate knowing how you did it. What I have done was to add the
> init.d initialization comments to the beginning of the james shell
> script then let systemd take it from there to create the actual .service
> files -
>
> added to beginning of the james startup script to define init.d runlevels -
>
> ### BEGIN INIT INFO
> # Provides: james
> # Required-Start: $network $syslog $time
> # Required-Stop: $network $syslog $time
> # Default-Start: 2 3 4 5
> # Default-Stop: 0 1 6
> # Description: Initscript for Apache James Mail Server
> ### END INIT INFO
>
> and FYI these are the steps I then took to set up the init.d services
> and then convert them to systemd services on OpenSuSE Leap 15.0 -
>
> First I created a soft link from /etc/init.d to the james startup script -
>
> ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
> /etc/init.d/james
>
> Next install in james script into the various init.d runlevels
>
> cd /etc/init.d
> insserv james
>
> Next set up the systemd files from the new init.d configuration files
> and start the service.
>
> systemctl daemon-reload
> systemctl start james.service
>
> The james service does start up OK and will report that it is running
> when checking on it's status. It is just not working properly in
> accepting connections or doing the various tasks that the service should
> be doing and my goal at this point is to resolve any and all exceptions
> that are occurring such as this one.
>
> Marc...
>
>
>
> On 02/17/2019 06:01 AM, cryptearth wrote:
>> Hey Marc, Matt here.
>>
>> The provided stack only says that you given "classpath" to some
>> parameter wich expectes a url in some config file. So I guess it could
>> help if you also show the config where you set "classpath" so one can
>> figure out, if "classpath" is a legal input for the setting you set it.
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: MalformedURLException: unknown protocol: classpath
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
Hi Matt, thanks for responding! It appears to me that "classpath" is
actually defined in the startup scripts. There are two different scripts
used to start the james server, either "james" or "run.sh". I do not
believe "classpath" is defined in any of the config files themselves. I
am not using "run.sh" to start the james server, instead I noted that
the james script is configured with the classic init.d entry points -
start, stop, restart, etc. I modified the "james" script slightly so
that I could run james as a systemd service instead (see below). At this
point I strongly suspect that the definition of environment variables,
using the james startup script, is failing, so I am pursuing this to
see what is going on. However, running james as a systemd service does
not seem to be the problem, even if I just run the james startup script
by itself, not as a service, I am still getting the same failure with
the "classpath" variable.
If anyone has ported james to run as a systemd service I would much
appreciate knowing how you did it. What I have done was to add the
init.d initialization comments to the beginning of the james shell
script then let systemd take it from there to create the actual .service
files -
added to beginning of the james startup script to define init.d runlevels -
### BEGIN INIT INFO
# Provides: james
# Required-Start: $network $syslog $time
# Required-Stop: $network $syslog $time
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: Initscript for Apache James Mail Server
### END INIT INFO
and FYI these are the steps I then took to set up the init.d services
and then convert them to systemd services on OpenSuSE Leap 15.0 -
First I created a soft link from /etc/init.d to the james startup script -
ln -s /mail/apache-james-3.2/james-server-app-3.2.0/bin/james
/etc/init.d/james
Next install in james script into the various init.d runlevels
cd /etc/init.d
insserv james
Next set up the systemd files from the new init.d configuration files
and start the service.
systemctl daemon-reload
systemctl start james.service
The james service does start up OK and will report that it is running
when checking on it's status. It is just not working properly in
accepting connections or doing the various tasks that the service should
be doing and my goal at this point is to resolve any and all exceptions
that are occurring such as this one.
Marc...
On 02/17/2019 06:01 AM, cryptearth wrote:
> Hey Marc, Matt here.
>
> The provided stack only says that you given "classpath" to some
> parameter wich expectes a url in some config file. So I guess it could
> help if you also show the config where you set "classpath" so one can
> figure out, if "classpath" is a legal input for the setting you set it.
--
Linux Counter
Re: MalformedURLException: unknown protocol: classpath
Posted by cryptearth <cr...@cryptearth.de>.
Hey Marc, Matt here.
The provided stack only says that you given "classpath" to some
parameter wich expectes a url in some config file. So I guess it could
help if you also show the config where you set "classpath" so one can
figure out, if "classpath" is a legal input for the setting you set it.
To get current source, just clone git:
git clone -b master https://github.com/apache/james-project <your james
folder>
branch 3.2.0 is completed and isn't worked on anymore, branch 3.2.x got
last update in Dec 10, 2018 - so you have to use master branch to get
current fixes
to compile james from source - cd into your james directory and type:
mvn clean package
I would recommend to also add: -DskipTests
to save time - and, well, if you haven't set up docker, the tests fail
at this point wich fails the whole project. With skipping tests depend
on power takes about 15min to compile. Completed pack is then found in
<james folder>/server/app/target/james-server-[version]-app.tar.gz (and
.zip). Simple extract it to where you want - check config in
<james-root>/conf (check domainlist.xml is most important - all other
shouldn't need not touch at all) - and james should be able to start up
with <james-root>/bin/james start
Matt
Am 17.02.2019 um 08:29 schrieb Marc Chamberlin:
> I am still trying to configure and set up a new Apache James 3.2.0 with Spring wiring and am running into a new snag. I suspect I am overlooking something in the config files. So can a kind guru decipher this stack walkback, shown in the wrapper.log file, and give me a clue on how to fix and make James a happy camper?
> I won't show the entire stack walkback just what I think are the highlights, but if anyone wants the whole thing I certainly can provide it.
>
> (Benoit - I have not figured out how to acquire the source code, with the fixes you mentioned in my previous threads, and build/test the new version of James. Perhaps you could send me instructions? Just send me a link to the source code and a Makefile preferably, I have never used Docker and don't understand how that works.. )
>
> Thanks in advance... Marc
>
> INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.843 [WrapperSimpleAppMain] DEBUG org.springframework.beans.factory.xml.XmlBeanDefinitionReader - Loaded 13 bean definitions from location pattern [classpath:META-INF/spring/loaders-context.xml]
> INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.843 [WrapperSimpleAppMain] DEBUG org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader - Imported 13 bean definitions from URL location [classpath:META-INF/spring/loaders-context.xml]
> INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.843 [WrapperSimpleAppMain] INFO org.springframework.beans.factory.xml.XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [META-INF/org/apache/james/spring-mailbox-authenticator.xml]
> INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.844 [WrapperSimpleAppMain] DEBUG org.springframework.beans.factory.xml.DefaultDocumentLoader - Using JAXP provider [com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl]
> INFO | jvm 1 | 2019/02/16 22:51:04 | 22:51:04.846 [WrapperSimpleAppMain] DEBUG org.springframework.beans.factory.xml.ResourceEntityResolver - Could not resolve XML entity [classpath:org/springframework/beans/factory/xml/spring-beans-3.0.xsd] against system root URL
> INFO | jvm 1 | 2019/02/16 22:51:04 | java.net.MalformedURLException: unknown protocol: classpath
> INFO | jvm 1 | 2019/02/16 22:51:04 | at java.net.URL.<init>(URL.java:600)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at java.net.URL.<init>(URL.java:490)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at java.net.URL.<init>(URL.java:439)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at org.springframework.beans.factory.xml.ResourceEntityResolver.resolveEntity(ResourceEntityResolver.java:79)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.util.EntityResolverWrapper.resolveEntity(EntityResolverWrapper.java:110)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.resolveEntity(XMLEntityManager.java:1081)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.resolveDocument(XMLSchemaLoader.java:654)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.findSchemaGrammar(XMLSchemaValidator.java:2431)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1768)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:741)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:374)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl$NSContentDriver.scanRootElementHook(XMLNSDocumentScannerImpl.java:613)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:3132)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:852)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:602)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:112)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:505)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:842)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:771)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
> INFO | jvm 1 | 2019/02/16 22:51:04 | at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:243)
>
> yada yada yada...
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org