[prev in list] [next in list] [prev in thread] [next in thread]
List: james-dev
Subject: svn commit: r905038 [2/2] -
From: norman () apache ! org
Date: 2010-01-31 13:32:34
Message-ID: 20100131133235.27B8D23888CF () eris ! apache ! org
[Download RAW message or body]
Added: james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml
URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml?rev=905038&view=auto
==============================================================================
--- james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml (added)
+++ james/server/trunk/spring-deployment/src/main/config/james/smtpserver.xml Sun Jan \
31 13:32:33 2010 @@ -0,0 +1,301 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+ -->
+
+ <!-- The SMTP server is enabled by default -->
+ <!-- Disabling blocks will stop them from listening, -->
+ <!-- but does not free as many resources as removing them would -->
+ <smtpserver enabled="true">
+ <!--
+ Port 25 is the well-known/IANA registered port for SMTP.
+ Port 465 is the well-known/IANA registered port for SMTP over TLS.
+ -->
+ <port>25</port>
+
+ <!-- Uncomment this if you want to bind to a specific inetaddress -->
+ <!-- Please NOTE: you should add this IP also to your RemoteAddrNotInNetwork \
--> + <!-- in order to avoid relay check for locallly generated bounces -->
+ <!--
+ <bind> </bind>
+ -->
+
+ <!-- Use provider elements to specify additional JCE providers.
+ The jars should be put into $JAMES_HOME/lib.
+ For example, Uncomment this if you want to use
+ BouncyCastle JCE (http://www.bouncycastle.org)
+ <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider> -->
+
+ <!-- Set to true to support STARTTLS or TLS for the Socket.
+ To use this you need to copy sunjce_provider.jar to /path/james/lib \
directory. + -->
+ <tls socketTLS="false" startTLS="false">
+ <!-- To create a new keystore execute:
+ keytool -genkey -alias james -keyalg RSA -keystore \
/path/to/james/conf/keystore + -->
+ <keystore>file://conf/keystore</keystore>
+ <secret>yoursecret</secret>
+ <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
+ </tls>
+
+ <handler>
+ <!-- This is the name used by the server to identify itself in the SMTP -->
+ <!-- protocol. If autodetect is TRUE, the server will discover its -->
+ <!-- own host name and use that in the protocol. If discovery fails, -->
+ <!-- the value of 'localhost' is used. If autodetect is FALSE, James -->
+ <!-- will use the specified value. -->
+ <!--
+ <helloName autodetect="true">myMailServer</helloName>
+ -->
+
+ <!-- connection timeout in secconds -->
+ <connectiontimeout>360</connectiontimeout>
+
+ <!-- Set the maximum simultaneous incoming connections for this service -->
+ <connectionLimit> 0 </connectionLimit>
+
+ <!-- Set the maximum simultaneous incoming connections per IP for this \
service --> + <connectionLimitPerIP> 0 </connectionLimitPerIP>
+
+ <!-- Uncomment this if you want to require SMTP authentication.
+
+ supported values:
+ true: required but announced only to not authorizedAddresses
+ false: don't use AUTH
+ announce: like true, but always announce AUTH capability to clients
+
+ The correct behaviour per RFC value would be false or announce
+ but we still support true for backward compatibility and because
+ some webmail client fails when AUTH is announced but no \
authentication + information has been provided
+ -->
+ <!--
+ <authRequired>true</authRequired>
+ -->
+
+<!-- CHECKME! -->
+ <!-- Uncomment this if you want to authorize specific addresses/networks.
+ If you use SMTP AUTH, addresses that match those specified here will
+ be permitted to relay without SMTP AUTH. If you do not use SMTP
+ AUTH, and you specify addreses here, then only addresses that match
+ those specified will be permitted to relay.
+
+ Addresses may be specified as a an IP address or domain name, with an
+ optional netmask, e.g.,
+
+ 127.*, 127.0.0.0/8, 127.0.0.0/255.0.0.0, and localhost/8 are all the \
same +
+ See also the RemoteAddrNotInNetwork matcher in the transport \
processor. + You would generally use one OR the other approach.
+ -->
+ <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
+
+ <!-- Uncomment this if you want to verify sender addresses, ensuring that \
--> + <!-- the sender address matches the user who has authenticated. -->
+ <!-- This prevents a user of your mail server from acting as someone else \
--> + <!--
+ <verifyIdentity>true</verifyIdentity>
+ -->
+
+ <!-- This sets the maximum allowed message size (in kilobytes) for this \
--> + <!-- SMTP service. If unspecified, the value defaults to 0, which \
means no limit. --> + <maxmessagesize>0</maxmessagesize>
+
+ <!-- This sets wether to enforce the use of HELO/EHLO salutation before a \
--> + <!-- MAIL command is accepted. If unspecified, the value defaults to \
true --> + <!--
+ <heloEhloEnforcement>true</heloEhloEnforcement>
+ -->
+
+ <!-- WARNING: This is Non-RFC compliant (default value: true) -->
+ <!-- See: http://wiki.apache.org/james/StandardsComplianceStatement -->
+ <!-- TODO: CHANGE TO OFFICIAL URL LATER -->
+ <addressBracketsEnforcement>true</addressBracketsEnforcement>
+
+ <!-- This sets the SMTPGreeting which will be used when connect to the \
smtpserver --> + <!-- If none is specified a default is generated -->
+ <!--
+ <smtpGreeting> JAMES SMTP Server </smtpGreeting>
+ -->
+
+ <!-- The configuration handler chain -->
+ <handlerchain>
+
+ <!-- This connect handler can be used to enable POP3 before SMTP \
support --> + <!-- Plz note that only the ip get stored to indentify an \
authenticated client --> + <!-- The expireTime is the time after which an \
ipAddress is handled as expired --> + <!--
+ <handler \
class="org.apache.james.smtpserver.core.POP3BeforeSMTPHandler"> + \
<expireTime> 1 hour </expireTime> + </handler>
+ -->
+
+ <!-- This command handler check against RBL-Lists -->
+ <!-- If getDetail is set to true it try to retrieve information from \
TXT Record --> + <!-- why the ip was blocked. Default to false --> \
+ <!-- STOP - before you uncomment out the DNS RBL handler,
+ please take a moment to review each block list. We
+ have included some that various JAMES committers use,
+ but you must decide which, if any, are appropriate
+ for your environment. The mail servers hosting
+ @apache.org mailing lists, for example, use a
+ slightly different list than we have included below.
+ And it is likely that most JAMES committes also have
+ slightly different sets of lists. The SpamAssassin
+ user's list would be one good place to discuss the
+ measured quality of various block lists.
+
+ NOTA BENE: the domain names, below, are terminated
+ with '.' to ensure that they are absolute names in
+ DNS lookups. Under some circumstances, names that
+ are not explicitly absolute could be treated as
+ relative names, leading to incorrect results. This
+ has been observed on *nix and MS-Windows platforms
+ by users of multiple mail servers, and is not JAMES
+ specific. If you are unsure what this means for you,
+ please speak with your local system/network admins.
+ -->
+ <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.DNSRBLHandler"> + \
<getDetail> false </getDetail> + <rblservers>
+ <whitelist> query.bondedsender.org. </whitelist>
+ <blacklist> sbl-xbl.spamhaus.org. </blacklist>
+ <blacklist> dul.dnsbl.sorbs.net. </blacklist>
+ <blacklist> list.dsbl.org. </blacklist>
+ </rblservers>
+ </handler>
+ -->
+
+ <!-- This command handler can be used to reject emails with not match \
the SPF record of the sender domain --> + <!-- If checkAuthNetworks is \
set to true sender domain will be checked also for clients that --> + \
<!-- are allowed to relay. Default is false. --> + <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.SPFHandler"> + \
<blockSoftFail> false </blockSoftFail> + <blockPermError> true \
</blockPermError> + </handler>
+ -->
+
+ <!-- checks for resolvable HELO/EHLO before accept the HELO/EHLO -->
+ <!-- If checkAuthNetworks is set to true sender domain will be checked \
also for clients that --> + <!-- are allowed to relay. Default is false. \
--> + <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.ResolvableEhloHeloHandler"/> \
+ --> +
+ <!-- Checks HELO/EHLO is equal the reverse of the connecting client \
before accept it --> + <!-- If checkAuthNetworks is set to true sender \
domain will be checked also for clients that --> + <!-- are allowed to \
relay. Default is false. --> + <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.ReverseEqualsEhloHeloHandler"/>
+ -->
+
+ <!-- If activated mail is only accepted if the sender contains -->
+ <!-- a resolvable domain having a valid MX Record or A Record \
associated! --> + <!-- If checkAuthNetworks is set to true sender domain \
will be checked also for clients that --> + <!-- are allowed to relay. \
Default is false. --> + <!--
+ <handler \
class="org.apache.james.smtpserver.protocol.core.fastfail.ValidSenderDomainHandler"/> \
+ --> +
+
+ <!-- If activated all email will get rejected which has no valid user \
--> + <!-- You need to add the recipient to the validRecipient list if \
you want --> + <!-- to accept email for a recipient which not exist on \
the server --> + <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.ValidRcptHandler"/> + \
--> +
+ <!-- If activated you can limit the maximal recipients -->
+ <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.MaxRcptHandler"> + \
<maxRcpt> 10 </maxRcpt> + </handler>
+ -->
+
+ <!-- If uncomment this block you can enable greylisting. For more \
infos--> + <!-- how greylisting work see: \
http://projects.puremagic.com/greylisting/whitepaper.html --> + <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.JDBCGreylistHandler"> + \
<repositoryPath> db://maildb </repositoryPath> + \
<sqlFile>file://conf/sqlResources.xml</sqlFile> + <tempBlockTime> 1 \
hour </tempBlockTime> + <unseenLifeTime> 4 hours </unseenLifeTime>
+ <autoWhiteListLifeTime> 36 days </autoWhiteListLifeTime>
+ <whitelistedNetworks> 127.0.0.0/8 </whitelistedNetworks>
+ </handler>
+ -->
+
+ <!-- Tarpitting is a method to insert a small sleep after each rcpt. \
For more --> + <!-- infos read this: \
http://www.palomine.net/qmail/tarpit.html . --> + <!-- Default is set to \
0 (disabled). --> + <!-- You can also configure the time to sleep in \
milliseconds --> + <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.TarpitHandler"> + \
<tarpitRcptCount> 5 </tarpitRcptCount> + <tarpitSleepTime> 5000 \
</tarpitSleepTime> + </handler>
+ -->
+
+ <!-- This handler ignore duplicated recipients per session. So the \
email will get only send on time even --> + <!-- if the recipient is \
specified more then once --> + <!--
+ <handler \
class="org.apache.james.smtpserver.protocol.core.fastfail.SuppressDuplicateRcptHandler"/>
+ -->
+
+ <!-- Load the core command handlers -->
+ <handler \
class="org.apache.james.smtpserver.integration.CoreCmdHandlerLoader"/> + \
+ <!-- This MessageHandler could be used to check message against spamd \
before --> + <!-- accept the email. So its possible to reject a message \
on smtplevel if a --> + <!-- configured hits amount is reached. -->
+ <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.SpamAssassinHandler"> + \
<spamdHost> 127.0.0.1 </spamdHost> + <spamdPort> 783 </spamdPort>
+ <spamdRejectionHits> 10 </spamdRejectionHits>
+ </handler>
+ -->
+
+ <!-- This MessageHandler could be used to extract domain out of the \
message and check --> + <!-- this domains against uriRbllists. See \
http://www.surbl.org for more informations. --> + <!-- The message get \
rejected if a domain matched . --> + <!--
+ <handler \
class="org.apache.james.smtpserver.integration.fastfail.URIRBLHandler"> + \
<action> reject </action> + <getDetail> true </getDetail>
+ <uriRblServers>
+ <server> multi.surbl.org</server>
+ </uriRblServers>
+ </handler>
+ -->
+ <!--
+ <handler \
class="org.apache.james.smtpserver.integration.SetMimeHeaderHandler"> + \
<headername>SPF-test</headername> + <headervalue>passed</headervalue>
+ </handler>
+ -->
+
+ <!-- The default message receiving handler -->
+ <!-- The default behaviour is to put the message in the root processor \
of --> + <!-- the spooler -->
+ <handler \
class="org.apache.james.smtpserver.integration.SendMailHandler"></handler> + \
</handlerchain> + </handler>
+</smtpserver>
+
Added: james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml
URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml?rev=905038&view=auto
==============================================================================
--- james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml \
(added)
+++ james/server/trunk/spring-deployment/src/main/config/james/spoolmanager.xml Sun \
Jan 31 13:32:33 2010 @@ -0,0 +1,627 @@
+ <!-- The James Spool Manager block -->
+ <!-- -->
+ <!-- This block is responsible for processing messages on the spool. -->
+ <spoolmanager>
+ <!-- Number of spool threads -->
+ <threads> 10 </threads>
+
+ <!-- The root processor is a required processor - James routes all mail on the \
spool --> + <!-- through this processor first. -->
+ <!-- -->
+ <!-- This configuration is a sample configuration for the root processor. -->
+ <processor name="root">
+
+ <!-- This mailet redirects mail for the user 'postmaster' at any local \
domain to --> + <!-- the postmaster address specified for the server. The \
postmaster address --> + <!-- is required by rfc822. Do not remove this \
mailet unless you are meeting --> + <!-- this requirement through other means \
(e.g. a XML/JDBCVirtualUserTable mailet) --> + <mailet match="All" \
class="PostmasterAlias"/> +
+ <!-- Checks that the email Sender is associated with a valid domain. -->
+ <!-- Useful for detecting and eliminating spam. -->
+ <!-- For this block to function, the spam processor must be configured. -->
+ <!--
+ <mailet match="SenderInFakeDomain=64.55.105.9,64.94.110.11,194.205.62.122,19 \
4.205.62.62,195.7.77.20,206.253.214.102,212.181.91.6,219.88.106.80,194.205.62.42,216.35.187.246,203.119.4.6" \
class="ToProcessor"> + <processor> spam </processor>
+ </mailet>
+ -->
+
+ <!-- Important check to avoid looping -->
+ <mailet match="RelayLimit=30" class="Null"/>
+
+ <!-- Check for viruses -->
+ <!-- -->
+ <!-- Does an antivirus scan check using a ClamAV daemon (CLAMD). -->
+ <!-- -->
+ <!-- Interacts directly with the daemon using the "stream" method, -->
+ <!-- which should have the lowest possible overhead. -->
+ <!-- The CLAMD daemon will typically reside on localhost, but could reside \
on a --> + <!-- different host. -->
+ <!-- It may also consist on a set of multiple daemons, each residing on a \
different --> + <!-- server and on different IP number. -->
+ <!-- In such case a DNS host name with multiple IP addresses (round-robin \
load sharing) --> + <!-- is supported by the mailet (but on the same port \
number). --> + <!-- -->
+ <!-- Handles the following init parameters: -->
+ <!-- <debug> -->
+ <!-- <host>: the host name of the server where CLAMD runs. It can either be \
--> + <!-- a machine name, such as -->
+ <!-- "java.sun.com", or a textual representation of its -->
+ <!-- IP address. If a literal IP address is supplied, only the -->
+ <!-- validity of the address format is checked. -->
+ <!-- If the machine name resolves to multiple IP addresses, round-robin \
load sharing will --> + <!-- be used. -->
+ <!-- The default is "localhost". -->
+ <!-- <port>: the port on which CLAMD listens. The default is "3310". -->
+ <!-- <maxPings>: the maximum number of connection retries during startup. \
--> + <!-- If the value is "0" no startup test will be done. -->
+ <!-- The default is "6". -->
+ <!-- <pingIntervalMilli>: the interval (in milliseconds) -->
+ <!-- between each connection retry during startup. -->
+ <!-- The default is "30000" (30 seconds). -->
+ <!-- <streamBufferSize>: the BufferedOutputStream buffer size to use -->
+ <!-- writing to the stream connection. The default is "8192". -->
+ <!--
+ <mailet match="All" class="ClamAVScan" onMailetException="ignore">
+ <debug> true </debug>
+ </mailet>
+ -->
+
+ <!-- If infected go to virus processor -->
+ <mailet match="HasMailAttributeWithValue=org.apache.james.infected, true" \
class="ToProcessor"> + <processor> virus </processor>
+ </mailet>
+
+ <!-- Check attachment extensions for possible viruses -->
+ <!-- The "-z" option requests the check to be non-recursively applied -->
+ <!-- to the contents of any attached '*.zip' file. -->
+ <!--
+ <mailet match="AttachmentFileNameIs=-d -z *.exe *.com *.bat *.cmd *.pif \
*.scr *.vbs *.avi *.mp3 *.mpeg *.shs" class="Bounce" onMatchException="error"> + \
<inline>heads</inline> + <attachment>none</attachment>
+ <passThrough>false</passThrough>
+ <prefix>[REJECTED]</prefix>
+ <notice>
+The Security Policy of XXX does not allow to forward messages containing attachments \
having any of the extensions .exe, .com, .bat, .cmd, .pif, .scr, .vbs, .avi, .mp3, \
.mpeg, .shs, therefore your message has been rejected. +
+Please don't reply to this e-mail as it has been automatically sent by the antivirus \
system. +
+Regards, Postmaster XXX.YYY
+.....................................
+ </notice>
+ </mailet>
+ -->
+
+ <!-- Whitelist Management -->
+ <!-- Manages for each local user a "white list" of remote addresses whose \
messages --> + <!-- should never be blocked as spam. -->
+ <!-- -->
+ <!-- If <automaticInsert> is true, it will check, for a local sender, if a \
remote recipient --> + <!-- is already in the list: if not, it will be \
automatically inserted. --> + <!-- This is under the interpretation that if a \
local sender X sends a message to a --> + <!-- remote recipient Y, then later \
on if a message is sent by Y to X it should be --> + <!-- considered always \
valid and never blocked; hence Y should be in the white list --> + <!-- of X. \
--> + <!-- -->
+ <!-- Another mode of operations is when a local sender sends a message to \
<whitelistManagerAddress> --> + <!-- with one of three specific values in the \
subject, to --> + <!-- (i) send back a message displaying a list of the \
addresses in his own list (<displayFlag>); --> + <!-- (ii) insert some new \
addresses in his own list (<insertFlag>); --> + <!-- (iii) remove some \
addresses from his own list (<removeFlag>). --> + <!-- In all of the three \
above cases the message will be ghosted and the postmaster will reply --> + \
<!-- to the sender. --> + <!-- -->
+ <!-- The sender name is always converted to its primary name (handling \
aliases). --> + <!--
+ <mailet match="SMTPAuthSuccessful" class="WhiteListManager" \
onMailetException="ignore"> + <repositoryPath>db://maildb</repositoryPath>
+ <automaticInsert>true</automaticInsert>
+ <whitelistManagerAddress>whitelist.manager@xxx.yyy</whitelistManagerAddress>
+ <displayFlag>display</displayFlag>
+ <insertFlag>insert</insertFlag>
+ <removeFlag>remove</removeFlag>
+ </mailet>
+ -->
+
+ <!-- "not spam" bayesian analysis feeder. -->
+ <!--
+ <mailet match="RecipientIs=not.spam@xxx.yyy" \
class="BayesianAnalysisFeeder"> + <repositoryPath> db://maildb \
</repositoryPath> + <feedType>ham</feedType>
+ <maxSize>200000</maxSize>
+ </mailet>
+ -->
+
+ <!-- "spam" bayesian analysis feeder. -->
+ <!--
+ <mailet match="RecipientIs=spam@xxx.yyy" class="BayesianAnalysisFeeder">
+ <repositoryPath> db://maildb </repositoryPath>
+ <feedType>spam</feedType>
+ <maxSize>200000</maxSize>
+ </mailet>
+ -->
+
+ <!-- sample SMIME mailets configuration -->
+ <!--
+ <mailet match="IsSMIMEEncrypted" class="SMIMEDecrypt">
+ <keyStoreType>pkcs12</keyStoreType>
+ <keyStoreFileName>c:/path.pfx</keyStoreFileName>
+ <keyStorePassword>myKeyStorePass</keyStorePassword>
+ <keyAlias>myKeyAlias</keyAlias>
+ <keyAliasPassword>myKeyPass</keyAliasPassword>
+ </mailet>
+
+ <mailet match="IsSMIMESigned" class="SMIMECheckSignature">
+ <keyStoreType>pkcs12</keyStoreType>
+ <keyStoreFileName>c:/path.pfx</keyStoreFileName>
+ <keyStorePassword>myKeyStorePass</keyStorePassword>
+ <strip>false</strip>
+ <onlyTrusted>true</onlyTrusted>
+ </mailet>
+ -->
+
+ <!--
+ <mailet match="All" class="XMLVirtualUserTable">
+ <!- 1:1 mapping ->
+ <mapping>morgoth@middle-earth=sauron@mordor</mapping>
+ <!- 1:n mapping ->
+ <mapping>istari@middle-earth=saruman@isengard;radigast;gandalf</mapping>
+ <!- DSN mapping ->
+ <mapping>boromir@osgilliath=error:550 Requested action not taken: no \
such user here</mapping> + <!- regex based mapping ->
+ <mapping>*@osgilliath=regex:(.*)@osgilliath:${1}@minas-tirith</mapping>
+ <!- both standard and regex mapping ->
+ <mapping>ring@*=onering@mordor;regex:ring@(.*):ring@${1}</mapping>
+ <!- conditional regex mapping example ->
+ <mapping>*@listserver=regex:(.*)-on@listserver:${1}-subscribe@listserver;
+ \
regex:(.*)-off@listserver:${1}-unsubscribe@listserver + </mapping>
+ </mailet>
+ -->
+
+ <!-- Anti-spam processing -->
+ <!-- The following two entries avoid double anti-spam analysis -->
+ <!-- for forwarded messages. -->
+ <!-- Has spam checking already been done? -->
+ <mailet match="HasMailAttribute=spamChecked" class="ToProcessor">
+ <processor> transport </processor>
+ </mailet>
+ <!-- Spam checking will not be done twice -->
+ <mailet match="All" class="SetMailAttribute">
+ <spamChecked>true</spamChecked>
+ </mailet>
+
+ <!-- White List:
+ If you use block lists, you will probably want to check
+ for known permitted senders. This is particularly true
+ if you use more aggressive block lists, such as SPEWS,
+ that are prone to block entire subnets without regard
+ for non-spamming senders.
+ -->
+
+ <!-- Messages from authenticated senders never are spam -->
+ <mailet match="SMTPAuthSuccessful" class="ToProcessor">
+ <processor> transport </processor>
+ </mailet>
+
+ <!-- Messages signed by trusted users never are spam -->
+ <!-- Uncommenting the following entry, messages with valid signatures will \
never be considered spam. --> + <!-- This can be a valid policy *if* \
SMIMECheckSignature was invoked --> + <!-- with \
<onlyTrusted>true</onlyTrusted> set --> + <!--
+ <mailet match="HasMailAttribute=org.apache.james.SMIMECheckSignature" \
class="ToProcessor"> + <processor> transport </processor>
+ </mailet>
+ -->
+
+ <!-- specific known senders -->
+ <!--
+ <mailet match="SenderIs=goodboy@goodhost"
+ class="ToProcessor">
+ <processor> transport </processor>
+ </mailet>
+ -->
+
+ <!-- People on this list agree to pay a penalty if they send spam -->
+ <mailet match="InSpammerBlacklist=query.bondedsender.org."
+ class="ToProcessor">
+ <processor> transport </processor>
+ </mailet>
+
+ <!-- E-mail legally required not to be spam (see: http://www.habeas.com) \
--> + <!--
+ <mailet match="HasHabeasWarrantMark" class="ToProcessor">
+ <processor> transport </processor>
+ </mailet>
+ -->
+
+ <!-- If the sender is in a recipient's whitelist, it is a valid sender, -->
+ <!-- and as such the message should not be considered spam for such \
recipient. --> + <!--
+ <mailet match="IsInWhiteList=db://maildb" class="ToProcessor" \
onMatchException="noMatch"> + <processor> transport </processor>
+ </mailet>
+ -->
+
+ <!-- End of White List -->
+
+ <!-- Check for delivery from a known spam server -->
+ <!-- This set of matchers/mailets redirect all emails from known -->
+ <!-- black holes, open relays, and spam servers to the spam processor -->
+ <!-- For this set to function properly, the spam processor must be \
configured. --> + <mailet match="InSpammerBlacklist=dnsbl.njabl.org."
+ class="ToProcessor">
+ <processor> spam </processor>
+ <notice>550 Requested action not taken: rejected - see http://njabl.org/ \
</notice> + </mailet>
+
+ <!-- Sample matching to kill a message (send to Null) -->
+ <!--
+ <mailet match="RecipientIs=badboy@badhost" class="Null"/>
+ -->
+
+ <!-- Anti spam bayesian analysis -->
+ <!--
+ <mailet match="All" class="BayesianAnalysis" onMailetException="ignore">
+ <repositoryPath>db://maildb</repositoryPath>
+ <maxSize>200000</maxSize>
+ <headerName>X-MessageIsSpamProbability</headerName>
+ <ignoreLocalSender>true</ignoreLocalSender>
+ </mailet>
+
+ <mailet match="CompareNumericHeaderValue=X-MessageIsSpamProbability > 0.90" \
class="SetMailAttribute" onMatchException="noMatch"> + \
<isSpam>true</isSpam> + </mailet>
+
+ <mailet match="CompareNumericHeaderValue=X-MessageIsSpamProbability > 0.90" \
class="SetMimeHeader" onMatchException="noMatch"> + \
<name>X-MessageIsSpam</name> + <value>true</value>
+ </mailet>
+
+ <mailet match="CompareNumericHeaderValue=X-MessageIsSpamProbability > 0.99" \
class="ToProcessor" onMatchException="noMatch"> + <processor> spam \
</processor> + <notice>Spam not accepted</notice>
+ </mailet>
+ -->
+
+ <!-- Send remaining mails to the transport processor for either local or \
remote delivery --> + <mailet match="All" class="ToProcessor">
+ <processor> transport </processor>
+ </mailet>
+ </processor>
+
+ <!-- The error processor is required. James may internally set emails to the \
--> + <!-- error state. The error processor is generally invoked when there is \
an --> + <!-- unexpected error either in the mailet chain or internal to James. \
--> + <!-- -->
+ <!-- By default configuration all email that generates an error in placed in \
--> + <!-- an error repository. -->
+ <processor name="error">
+ <!-- If you want to notify the sender their message generated an error, \
uncomment this --> + <!--
+ <mailet match="All" class="Bounce"/>
+ -->
+ <!-- If you want to notify the postmaster that a message generated an \
error, uncomment this --> + <!--
+ <mailet match="All" class="NotifyPostmaster"/>
+ -->
+
+ <!-- Logs any messages to the repository specified -->
+ <mailet match="All" class="ToRepository">
+ <repositoryPath> file://var/mail/error/</repositoryPath>
+ <!-- An alternative database repository example follows. -->
+ <!--
+ <repositoryPath> db://maildb/deadletter/error </repositoryPath>
+ -->
+ </mailet>
+ </processor>
+
+ <!-- Processor CONFIGURATION SAMPLE: transport is a sample custom processor \
for local or --> + <!-- remote delivery -->
+ <processor name="transport">
+
+ <!-- This is an example configuration including configuration for a list \
server. --> + <!-- CHECKME: before uncommenting this, edit the configuration \
file's contents --> + <!--
+ &listserverConfig;
+ -->
+
+ <mailet match="SMTPAuthSuccessful" class="SetMimeHeader">
+ <name>X-UserIsAuth</name>
+ <value>true</value>
+ </mailet>
+
+ <mailet match="HasMailAttribute=org.apache.james.SMIMECheckSignature" \
class="SetMimeHeader"> + <name>X-WasSigned</name>
+ <value>true</value>
+ </mailet>
+
+ <!-- Add a server-side signature -->
+ <!--
+ <mailet match="All" class="SMIMESign" onMailetException="ignore">
+ <keyStoreType>jks</keyStoreType>
+ <keyStoreFileName>path.keystore</keyStoreFileName>
+ <keyStorePassword>myKeyStorePass</keyStorePassword>
+ <keyAlias>myKeyAlias</keyAlias>
+ <keyAliasPassword>myKeyPass</keyAliasPassword>
+ <signerName>XXX Trusted Server</signerName>
+ <rebuildFrom>true</rebuildFrom>
+ <postmasterSigns>true</postmasterSigns>
+ <debug>true</debug>
+ </mailet>
+ -->
+
+ <!-- Experimental quota Matcher -->
+ <!-- This matcher need to calculate the mailbox size everytime it is \
called. This can slow down things if there are many mails in --> + <!-- the \
mailbox. Some users also report big problems with the matcher if a JDBC based \
mailrepository is used. --> + <!-- Check if over quota -->
+ <!--
+ <mailet match="RecipientIsOverFixedQuota=20M" class="Resend">
+ <sender>postmaster</sender>
+ <replyTo>postmaster</replyTo>
+ <reversePath>null</reversePath>
+ <inline>none</inline>
+ <attachment>message</attachment>
+ <prefix>[OVER QUOTA WARNING]</prefix>
+ <message>
+When receiving the attached message, your mailbox is larger than 20 MB, which is the \
maximum allowed quota. The mailbox will not be blocked, but we ask you to empty it \
ASAP. +
+It is likely that you have set, in your mail client account, the option "leave a \
copy of messages on server". For any help ask your administrators. +
+Regards, Postmaster XXX.YYY
+.....................................
+ </message>
+ </mailet>
+ -->
+
+
+ <mailet match="All" class="VirtualUserTable">
+ <virtualusertable>DefaultVirtualUserTable</virtualusertable>
+ </mailet>
+
+
+ <!-- Deliver To IMAP mailboxes, applying a Sieve script if the user has one
+ <mailet match="All" class="SieveMailet"/>
+ -->
+
+ <!-- Is the recipient is for a local account, deliver it locally -->
+ <mailet match="RecipientIsLocal" class="LocalDelivery"/>
+
+ <!-- If the host is handled by this server and it did not get -->
+ <!-- locally delivered, this is an invalid recipient -->
+ <mailet match="HostIsLocal" class="ToProcessor">
+ <processor> local-address-error </processor>
+ <notice>550 - Requested action not taken: no such user here</notice>
+ </mailet>
+
+<!-- CHECKME! -->
+ <!-- This is an anti-relay matcher/mailet combination -->
+ <!-- -->
+ <!-- Emails sent from servers not in the network list are -->
+ <!-- rejected as spam. This is one method of preventing your -->
+ <!-- server from being used as an open relay. Make sure you understand -->
+ <!-- how to prevent your server from becoming an open relay before -->
+ <!-- changing this configuration. See also <authorizedAddresses> in SMTP \
Server --> + <!-- -->
+ <!-- This matcher/mailet combination must come after local delivery has -->
+ <!-- been performed. Otherwise local users will not be able to receive -->
+ <!-- email from senders not in this remote address list. -->
+ <!-- -->
+ <!-- If you are using this matcher/mailet you will probably want to -->
+ <!-- update the configuration to include your own network/addresses. The \
--> + <!-- matcher can be configured with a comma separated list of IP \
addresses --> + <!-- wildcarded IP subnets, and wildcarded hostname subnets. \
--> + <!-- e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*, 192.168.0.*" -->
+ <!-- -->
+ <!-- If you are using SMTP authentication then you can (and generally -->
+ <!-- should) disable this matcher/mailet pair. -->
+ <mailet match="RemoteAddrNotInNetwork=127.0.0.1" class="ToProcessor">
+ <processor> relay-denied </processor>
+ <notice>550 - Requested action not taken: relaying denied</notice>
+ </mailet>
+
+ <!-- Attempt remote delivery using the specified repository for the spool, \
--> + <!-- using delay time to retry delivery and the maximum number of \
retries --> + <mailet match="All" class="RemoteDelivery">
+ <outgoing> file://var/mail/outgoing/ </outgoing>
+ <!-- alternative database repository example below -->
+ <!--
+ <outgoing> db://maildb/spool/outgoing </outgoing>
+ -->
+
+ <!-- Delivery Schedule based upon RFC 2821, 4.5.4.1 -->
+ <!-- 5 day retry period, with 4 attempts in the first
+ hour, two more within the first 6 hours, and then
+ every 6 hours for the rest of the period. -->
+ <delayTime> 5 minutes </delayTime>
+ <delayTime> 10 minutes </delayTime>
+ <delayTime> 45 minutes </delayTime>
+ <delayTime> 2 hours </delayTime>
+ <delayTime> 3 hours </delayTime>
+ <delayTime> 6 hours </delayTime>
+ <maxRetries> 25 </maxRetries>
+
+ <!-- The max reties which will used if no A or MX record for the domain \
was found. --> + <!-- If 0 it will fail on first time -->
+ <maxDnsProblemRetries> 0 </maxDnsProblemRetries>
+
+ <!-- The number of threads that should be trying to deliver outgoing \
messages --> + <deliveryThreads> 1 </deliveryThreads>
+
+ <!-- If false the message will not be sent to given server if any \
recipients fail --> + <sendpartial>true</sendpartial>
+
+ <!-- By default we send bounces to the "bounce" processor -->
+ <!-- By removing this configuration James will fallback to hardcoded \
bounce --> + <!-- notifications -->
+ <bounceProcessor>bounces</bounceProcessor>
+
+ <!-- A single mail server to deliver all outgoing messages. -->
+ <!-- This is useful if this server is a backup or failover machine, -->
+ <!-- or if you want all messages to be routed through a particular mail \
server, --> + <!-- regardless of the email addresses specified in the \
message --> + <!-- -->
+ <!-- The gateway element specifies the gateway SMTP server name. -->
+ <!-- If your gateway mail server is listening on a port other than 25, \
--> + <!-- you can set James to connect to it on that port using the \
gatewayPort --> + <!-- element. -->
+ <!-- Although normally multiple addresses are implemented through proper \
--> + <!-- DNS configuration, the RemoteDelivery mail does allow \
specifying --> + <!-- multiple gateway elements, each of which may also \
have a port --> + <!-- e.g., mygateway:2525 -->
+ <!-- the gatewayPort element is used as a default -->
+ <!--
+ <gateway> otherserver.mydomain.com </gateway>
+ <gatewayPort>25</gatewayPort>
+ -->
+ <!-- If the gateway requires smtp authentication the following \
directives --> + <!-- (gatewayUsername/gatewayPassword) can be used. -->
+ <!--
+ <gatewayUsername>login</gatewayUsername>
+ <gatewayPassword>pass</gatewayPassword>
+ -->
+
+ <!-- Set the HELO/EHLO name to use when connectiong to remote \
SMTP-Server --> + <!--
+ <mail.smtp.localhost>myMailServer</mail.smtp.localhost>
+ -->
+ </mailet>
+
+ </processor>
+
+ <!-- Processor CONFIGURATION SAMPLE: spam is a sample custom processor for \
handling --> + <!-- spam. -->
+ <!-- You can either log these, bounce these, or just ignore them. -->
+ <processor name="spam">
+ <!-- To destroy all messages, uncomment this matcher/mailet configuration \
--> + <!--
+ <mailet match="All" class="Null"/>
+ -->
+
+ <!-- To notify the sender their message was marked as spam, uncomment this \
matcher/mailet configuration --> + <!--
+ <mailet match="All" class="Bounce"/>
+ -->
+
+ <!-- To notify the postmaster that a message was marked as spam, uncomment \
this matcher/mailet configuration --> + <!--
+ <mailet match="All" class="NotifyPostmaster"/>
+ -->
+
+ <!-- To log the message to a repository, this matcher/mailet configuration \
should be uncommented. --> + <!-- This is the default configuration. -->
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>file://var/mail/spam/</repositoryPath>
+
+ <!-- Changing the repositoryPath, as in this commented out example, will \
--> + <!-- cause the mails to be stored in a database repository. -->
+ <!-- Please note that only one repositoryPath element can be present for \
the mailet --> + <!-- configuration. -->
+ <!--
+ <repositoryPath> db://maildb/deadletter/spam </repositoryPath>
+ -->
+ </mailet>
+ </processor>
+
+ <!-- messages containing viruses. -->
+ <processor name="virus">
+
+ <!-- To avoid a loop while bouncing -->
+ <mailet match="All" class="SetMailAttribute">
+ <org.apache.james.infected>true, bouncing</org.apache.james.infected>
+ </mailet>
+
+ <!-- If the sender is authenticated, notify the infection -->
+ <mailet match="SMTPAuthSuccessful" class="Bounce">
+ <inline>heads</inline>
+ <attachment>none</attachment>
+ <notice> Warning: We were unable to deliver the message below because it \
was found infected by virus(es). </notice> + </mailet>
+
+ <!-- In any other situation ghost it, -->
+ <!-- as viruses almost always spoof the sender's address -->
+ <mailet match="All" class="Null" />
+ </processor>
+
+ <!-- This processor handles messages that are for local domains, where the \
user is unknown --> + <processor name="local-address-error">
+ <!-- To avoid bouncing/archiving spam, uncomment this matcher/mailet \
configuration --> + <!--
+ <mailet match="HasMailAttribute=isSpam" class="Null" \
onMatchException="noMatch"/> + -->
+
+ <!-- To notify the sender the address was invalid, uncomment this \
matcher/mailet configuration --> + <!-- The original message is not attached \
to keep the bounce processor from deliverying spam --> + <!--
+ <mailet match="All" class="Bounce">
+ <attachment>none</attachment>
+ </mailet>
+ -->
+
+ <!-- To notify the postmaster that a message had an invalid address, \
uncomment this matcher/mailet configuration --> + <!--
+ <mailet match="All" class="NotifyPostmaster"/>
+ -->
+
+ <mailet match="All" class="ToRepository">
+ <repositoryPath> file://var/mail/address-error/</repositoryPath>
+ <!-- An alternative database repository example follows. -->
+ <!--
+ <repositoryPath> db://maildb/deadletter/address-error </repositoryPath>
+ -->
+ </mailet>
+ </processor>
+
+ <!-- This processor handles messages that are for foreign domains, where \
relaying is denied --> + <!-- As of James v2.2, this processor can be deprecated \
by using the <authorizedAddresses> tag + in the SMTP Server, and rejecting \
the message in the protocol transaction. --> + <processor name="relay-denied">
+ <!-- To notify the sender the address was invalid, uncomment this \
matcher/mailet configuration --> + <!-- The original message is not attached \
to keep the bounce processor from deliverying spam --> + <!--
+ <mailet match="All" class="Bounce">
+ <attachment>none</attachment>
+ </mailet>
+ -->
+
+ <!-- To notify the postmaster that a relay request was denied, uncomment \
this matcher/mailet configuration --> + <!--
+ <mailet match="All" class="NotifyPostmaster"/>
+ -->
+
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>file://var/mail/relay-denied/</repositoryPath>
+ <!-- An alternative database repository example follows. -->
+ <!--
+ <repositoryPath> db://maildb/deadletter/relay-denied </repositoryPath>
+ -->
+ </mailet>
+ </processor>
+
+ <!-- This processor handle the bounces from RemoteDelivery: As of James v2.3, \
this is the new --> + <!-- Default. -->
+ <!-- -->
+ <!-- DSNBounce properly create a DSN compliant bounce -->
+ <processor name="bounces">
+ <mailet match="All" class="DSNBounce">
+ <passThrough>false</passThrough>
+
+ <!-- optional subject prefix prepended to the original message -->
+ <!--
+ <prefix>[bounce]</prefix>
+ -->
+
+ <!-- message, heads or none, default=message -->
+ <!--
+ <attachment>heads</attachment>
+ -->
+
+ <!-- the message sent in the bounce, the first occurrence of the pattern \
[machine] is --> + <!-- replaced with the name of the executing machine \
--> + <!-- Default: Hi. This is the James mail server at [machine] ... -->
+ <!--
+ <messageString>Here is [machine]. I'm not able to deliver this \
message.</messageString> + -->
+ </mailet>
+ </processor>
+ </spoolmanager>
\ No newline at end of file
Added: james/server/trunk/spring-deployment/src/main/config/james/users-store.xml
URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/users-store.xml?rev=905038&view=auto
==============================================================================
--- james/server/trunk/spring-deployment/src/main/config/james/users-store.xml \
(added)
+++ james/server/trunk/spring-deployment/src/main/config/james/users-store.xml Sun \
Jan 31 13:32:33 2010 @@ -0,0 +1,57 @@
+<!-- The User Storage block -->
+<users-store>
+ <!-- Configure User Repositories here. -->
+ <!-- -->
+ <!-- User repositories are required for the following purposes: -->
+ <!-- - storing James user information, including forwards, aliases, -->
+ <!-- and authentication data. -->
+ <!-- - holding lists of users for the listserv mailet -->
+ <!-- Currently, two different storage options are available: -->
+ <!-- - file-based storage using Java serialization -->
+ <!-- - database-backed storage -->
+ <!-- (Use of database or file-system is defined on a "per-repository" basis) -->
+ <!-- -->
+ <!-- Note: One user repository is required for James: -->
+ <!-- LocalUsers - the users for whom you are providing POP3, NNTP, or SMTP \
service --> + <!-- -->
+ <!-- Other repositories may be used by matchers or mailets. -->
+
+ <!-- Default: File-based user repositories Use these configurations to store \
user info in the filesystem --> + <!-- The LocalUsers repository, for storing \
James' User info. --> + <!--
+ <repository name="LocalUsers" \
class="org.apache.james.userrepository.UsersFileRepository"> + <destination \
URL="file://var/users/"/> + <ignoreCase>true</ignoreCase>
+ <enableAliases>true</enableAliases>
+ <enableForwarding>true</enableForwarding>
+ </repository>
+ -->
+
+ <!-- Database backed user repositories -->
+ <!-- -->
+ <!-- Use these configurations to store user info in a database. -->
+ <!-- Note: The <data-source> element must refer to a connection configured -->
+ <!-- in the <database-connections> configuration section. -->
+ <!-- The LocalUsers repository, for storing James' User info. -->
+ <repository name="LocalUsers" \
class="org.apache.james.userrepository.JamesUsersJdbcRepository" \
destinationURL="db://maildb/users"> + \
<sqlFile>file://conf/sqlResources.xml</sqlFile> + <!-- Set whether user names \
are case sensitive or case insensitive --> + <ignoreCase>true</ignoreCase>
+ <!-- Set whether to enable local aliases -->
+ <enableAliases>true</enableAliases>
+ <!-- Set whether to enable forwarding -->
+ <enableForwarding>true</enableForwarding>
+ </repository>
+
+ <!-- This is an example configuration including configuration for a list server. \
--> + <!-- CHECKME: before uncommenting this, edit the configuration file's \
contents --> + <!-- -->
+ <!-- Mailing list repositories -->
+ <!-- Add a user repository for each list -->
+ <!-- TODO: add more examples -->
+ <!--
+ <repository name="list-test" \
class="org.apache.james.userrepository.UsersFileRepository"> + <destination \
URL="file://var/lists/list-test/"/> + </repository>
+ -->
+</users-store>
\ No newline at end of file
Added: james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml
URL: http://svn.apache.org/viewvc/james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml?rev=905038&view=auto
==============================================================================
--- james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml \
(added)
+++ james/server/trunk/spring-deployment/src/main/config/james/virtualusertable-store.xml \
Sun Jan 31 13:32:33 2010 @@ -0,0 +1,30 @@
+<!-- The VirtualUserTable Store block -->
+<virtualusertable-store>
+ <!-- Configure VirtualUserTable stores here. -->
+ <!-- -->
+ <!-- If set recursiveMapping false only the first mapping will get processed. \
--> + <!-- Default true. -->
+ <!-- By setting the mappingLimit you can specify how much mapping will get \
processed --> + <!-- before a bounce will send. This avoid infinity loops. Default \
10. --> +
+ <!-- The DefaultVirtualUserTable for storing James' VirtualUserTable mappings. \
--> + <!--
+ <table name="DefaultVirtualUserTable" \
class="org.apache.james.vut.XMLVirtualUserTable"> + <recursiveMapping> true \
</recursiveMapping> + <mappingLimit> 10 </mappingLimit>
+
+ <mapping> some@domain=someuser </mapping>
+ </table>
+ -->
+
+ <!-- Database backed VirtualUsertable -->
+ <!-- -->
+ <!-- Use these configurations to store the VirtualUserTable in a database. -->
+
+ <!-- The DefaultVirtualUserTable for storing James' VirtualUserTable mappings. \
--> + <table name="DefaultVirtualUserTable" \
class="org.apache.james.vut.JDBCVirtualUserTable" \
destinationURL="db://maildb/VirtualUserTable"> + <recursiveMapping> true \
</recursiveMapping> + <mappingLimit> 10 </mappingLimit>
+ <sqlFile>file://conf/sqlResources.xml</sqlFile>
+ </table>
+</virtualusertable-store>
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic