[JAMES-2969] RemoteDelivery should be tested against startTls/ssl - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Duplicate
Affects Version/s: master
Fix Version/s: None
Component/s: Remote Delivery, tests
Labels:
None

Description

Many users reported issue configuring SSL/startTLS for RemoteDelivery (~~JAMES-2961~~).

While working on the topic arised the question of being more strict upon RemoteDelivery regarding SSL/startTLS (see https://github.com/linagora/james-project/pull/2823)

Underlying such a choice, I want to bring people attention that we currently have no integration tests on RemoteDelivery SSL / startTls, and lack the dockerized SSL SMTP servers to add this to the James test suite.

We should:

Ensure that, when enabled, James uses startTls by default
Ensure that, when not strict, and startTls fails, james still sends the mail
Ensure that, when strict, and startTls fails, james do not send the mail
Ensure that, when enabled, James defaults to SSL
Ensure that, when enabled and strict, James refuses to transfer a mail to a mail server not supporting ssl.

Tests regarding cypherSuites and protocols should be considered a bonus.

Also, we need to check what happens when one does mix startTls with ssl options.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

image-2020-09-09-17-58-56-676.png
09/Sep/20 14:58
6 kB
Tolga Kaprol

Issue Links

is related to

JAMES-2631 TLS 1.2 problems with Certificate Request

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Benoit Tellier

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Nov/19 04:41

Updated:: 04/Sep/21 04:26

Resolved:: 04/Sep/21 04:26