James Configuration

To use cryptography mailets, the required Bouncy Castle libraries must be installed in james/lib . It is recommended that the correct versions for the JVM are used.

To use the mailets, the package org.apache.james.mailet.crypto.mailet must be available. To use the matchers, org.apache.james.mailet.crypto.matcher must be. For example:


                
                    <mailetpackages>
                    ...
                    <mailetpackage>org.apache.james.mailet.crypto.mailet</mailetpackage>
                    </mailetpackages>
                    <matcherpackages>
                    ...
                    <matcherpackage>org.apache.james.mailet.crypto.matcher</matcherpackage>
                    </matcherpackages>


            
Example SMIME mailet configurations:
            

                
                    <mailet match="IsSMIMEEncrypted" class="SMIMEDecrypt">
                    <keyStoreType>pkcs12</keyStoreType>
                    <keyStoreFileName>c:/path.pfx</keyStoreFileName>
                    <keyStorePassword>myKeyStorePass</keyStorePassword>
                    <keyAlias>myKeyAlias</keyAlias>
                    <keyAliasPassword>myKeyPass</keyAliasPassword>
                    </mailet>

                    <mailet match="IsSMIMESigned" class="SMIMECheckSignature">
                    <keyStoreType>pkcs12</keyStoreType>
                    <keyStoreFileName>c:/path.pfx</keyStoreFileName>
                    <keyStorePassword> myKeyStorePass
                    </keyStorePassword> <strip>false</strip>
                    <onlyTrusted>true</onlyTrusted>
                    </mailet>
                
            

            

            Matcher example: messages signed by trusted users never are spam
            Messages with valid signatures will never be considered spam. This
            can be a valid policy *if* SMIMECheckSignature was invoked with
            true
            set
            

                
                    <mailet
                    match="HasMailAttribute=org.apache.james.SMIMECheckSignature"
                    class="ToProcessor">
                    <processor>transport</processor>
                    </mailet>
                
            

            
Signing example: Add a server-side signature to all mail.
            

                
                    <mailet
                    match="HasMailAttribute=org.apache.james.SMIMECheckSignature"
                    class="SetMimeHeader">
                    <name>X-WasSigned</name>
                    <value>true</value>
                    </mailet>

                    <mailet match="All" class="SMIMESign" onMailetException="ignore">
                    <keyStoreType>jks</keyStoreType>
                    <keyStoreFileName>path.keystore</keyStoreFileName>
                    <keyStorePassword>myKeyStorePass</keyStorePassword>
                    <keyAlias>myKeyAlias</keyAlias>
                    <keyAliasPassword>myKeyPass</keyAliasPassword>
                    <signerName>XXX Trusted Server</signerName>
                    <rebuildFrom>true</rebuildFrom>
                    <postmasterSigns>true</postmasterSigns>
                    <debug>true</debug>
                    </mailet>

James components

Apache Software Foundation

James Configuration