Apache Geronimo Mail

Clone this repo:
  1. e2eada1 GERONIMO-6892 - IMAP APPEND used to deadlock because the client never flushes the literal announcement by Richard Zowalla · 5 hours ago main
  2. 7b72cd3 GERONIMO-6891 by Richard Zowalla · 5 hours ago
  3. 914d926 Merge branch 'mail-tck': Jakarta Mail TCK 2.1.1 integration and fixes by Richard Zowalla · 6 hours ago
  4. 9d4601c Add geronimo-mail_2.1_tck module running the Jakarta Mail TCK 2.1.1 by Richard Zowalla · 6 hours ago mail-tck
  5. 3c98922 Connect the store in Session.getFolder(URLName) by Richard Zowalla · 6 hours ago

Building

To build you will need:

  • JDK 21+ (the embedded Apache James 3.9 test servers ship Java 21 class files)
  • Maven 3.9.x

The produced artifacts target Java 11, so they can be used on Java 11+ runtimes.

To build all changes incrementally:

mvn install

To perform clean builds, which are sometimes needed after some changes to the source tree:

mvn clean install

SSL/TLS Protocols used for Mail Connection

Default Behaviour

By default, the implementation checks for the presence of ssl.protocols. If this property is not set, the SSL/TLS socket is created with JVM defaults.

Enable Custom SSL Protocols

The property ssl.protocols can be used to specify a list of protocols, which should be enabled for the underlying SSL/TLS socket. It accepts a list of protocols with a whitespace as delimiter.

Example for SMTP

To support TLSv1+ the following property can be set:

mail.smtp.ssl.protocols=TLSv1 TLSv1.1 TLSv1.2 TLSv1.3

Using a Custom SSL Socket Factory (via Reflection)

The property ssl.socketFactory.class can be used to specify a custom SSL socket factory, which is used to create the underlying SSL/TLS socket. This allows full control of supported cyphers or protocols.

Example for SMTP

mail.smtp.ssl.socketFactory.class=my.custom.CustomSSLSocketFactory

Using a Custom SSL Socket Factory (as pre-configured instance)

The property ssl.socketFactory can be used to specify a pre-configured custom SSL socket factory, which is used to create the underlying SSL/TLS socket. In this context, the instance has to be passed to the Properties of the related MailSession. This allows full control of supported cyphers or protocols.

Cipher suites

Default Behaviour

By default, the implementation checks for the presence of ssl.ciphersuites. If this property is not set, the SSL/TLS socket is created with all supported ciphers of the given SSL Socket.

Enable Custom Cipher Suites

The property ssl.ciphersuites can be used to specify a list of ciphers, which should be enabled for the underlying SSL/TLS socket. It accepts a list of ciphers with a whitespace as delimiter. You have to ensure, that the listed cipher suites are supported by the given JVM.

Example for SMTP

To support only TLS_AES_128_GCM_SHA256 and TLS_AES_256_GCM_SHA384 the following property can be set:

mail.smtp.ssl.ciphersuites=TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384

Using a Custom SSL Socket Factory (via Reflection)

The property ssl.socketFactory.class can be used to specify a custom SSL socket factory, which is used to create the underlying SSL/TLS socket. This allows full control of supported cyphers or protocols.

Example for SMTP

mail.smtp.ssl.socketFactory.class=my.custom.CustomSSLSocketFactory

Using a Custom SSL Socket Factory (as pre-configured instance)

The property ssl.socketFactory can be used to specify a pre-configured custom SSL socket factory, which is used to create the underlying SSL/TLS socket. In this context, the instance has to be passed to the Properties of the related MailSession. This allows full control of supported cyphers or protocols.