Uploaded image for project: 'James Server'
  1. James Server
  2. JAMES-369

Always announce AUTH capability to clients

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.2.0
    • Fix Version/s: 2.3.0
    • Component/s: None
    • Labels:
      None

      Description

      It would be useful to have James always announce its ability to handle the AUTH commands, even when it is not required to authenticate, in order to have the sender optionally authenticate if able to do it.
      This way, if the sender MUA (or MTA) authenticates, the James server is able to SMIMESign the message because the sender user is known, independently of being or not in an authorized subnet and from becoming authorized to relay or not.

      1. SMTPHandler.java.patch
        0.7 kB
        Stefano Bagnara
      2. SMTPServer.java.patch
        3 kB
        Stefano Bagnara

        Issue Links

          Activity

          Hide
          vincenzo Vincenzo Gianferrari Pini added a comment -

          I'm satisfied

          Show
          vincenzo Vincenzo Gianferrari Pini added a comment - I'm satisfied
          Hide
          noel Noel J. Bergman added a comment -

          Fixed in SVN. Will let Vincenzo close it if he is satisfied.

          Show
          noel Noel J. Bergman added a comment - Fixed in SVN. Will let Vincenzo close it if he is satisfied.
          Hide
          noel Noel J. Bergman added a comment -

          Fixed in SVN. Will let Vincenzo close it if he is satisfied.

          Show
          noel Noel J. Bergman added a comment - Fixed in SVN. Will let Vincenzo close it if he is satisfied.
          Hide
          bago Stefano Bagnara added a comment -

          The latest patches are against the trunk-merged branch.

          Show
          bago Stefano Bagnara added a comment - The latest patches are against the trunk-merged branch.
          Hide
          bago Stefano Bagnara added a comment -

          This is my proposal.
          This is backward compatible (authRequired=false and authRequired=true works as before).
          Now it support authRequired = announce that will always announce the capability.

          Show
          bago Stefano Bagnara added a comment - This is my proposal. This is backward compatible (authRequired=false and authRequired=true works as before). Now it support authRequired = announce that will always announce the capability.
          Hide
          vincenzo Vincenzo Gianferrari Pini added a comment -

          The new approach taken, to always announce the SMTP auth capability, breaks the behaviour of some webmail MUAs. A safer approach is to have an extra config.xml parameter added: <authAnnounce>. When false, the behaviour would be as always (depend on <authRequired>); when true, would offer SMTP auth to every client, including the ones in the authorized subnets.
          A question though arises: would it make sense to have both <authRequired>false</authRequired> and <authAnnounce>true</authAnnounce>? If not, it would be better to just add a new possible value to <authRequired>: <authRequired>announce</authRequired>, that implies <authRequired>true</authRequired>.
          In the meantime, I will revert to the original behaviour to avoid problems.

          Show
          vincenzo Vincenzo Gianferrari Pini added a comment - The new approach taken, to always announce the SMTP auth capability, breaks the behaviour of some webmail MUAs . A safer approach is to have an extra config.xml parameter added: <authAnnounce>. When false, the behaviour would be as always (depend on <authRequired>); when true, would offer SMTP auth to every client, including the ones in the authorized subnets. A question though arises: would it make sense to have both <authRequired>false</authRequired> and <authAnnounce>true</authAnnounce>? If not, it would be better to just add a new possible value to <authRequired>: <authRequired>announce</authRequired>, that implies <authRequired>true</authRequired>. In the meantime, I will revert to the original behaviour to avoid problems.
          Hide
          vincenzo Vincenzo Gianferrari Pini added a comment -

          Modified SMTPHandler.

          Show
          vincenzo Vincenzo Gianferrari Pini added a comment - Modified SMTPHandler.

            People

            • Assignee:
              vincenzo Vincenzo Gianferrari Pini
              Reporter:
              vincenzo Vincenzo Gianferrari Pini
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development