| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| <meta charset="utf-8"> |
| <meta name="viewport" content="width=device-width,initial-scale=1"> |
| <title>Distributed James Server — jmap.properties :: Apache James</title> |
| <meta name="generator" content="Antora 3.1.2"> |
| <link rel="stylesheet" href="../../../_/css/site.css"> |
| </head> |
| <body class="article"> |
| <header class="header"> |
| <nav class="navbar"> |
| <div class="navbar-brand"> |
| <a class="navbar-item" href="https://james.apache.org"><img src="/_/img/james.svg" alt="james logo"> Apache James</a> |
| <button class="navbar-burger" data-target="topbar-nav"> |
| <span></span> |
| <span></span> |
| <span></span> |
| </button> |
| </div> |
| <div id="topbar-nav" class="navbar-menu"> |
| <div class="navbar-end"> |
| <a class="navbar-item" href="#">Home</a> |
| <div class="navbar-item has-dropdown is-hoverable"> |
| <a class="navbar-link" href="#">Products</a> |
| <div class="navbar-dropdown"> |
| <div class="navbar-item"><strong>James server</strong></div> |
| <a class="navbar-item" href="https://github.com/apache/james-project">Repository</a> |
| <a class="navbar-item" href="https://issues.apache.org/jira/projects/JAMES/issues">Issue Tracker</a> |
| <hr class="navbar-divider"> |
| <a class="navbar-item" href="https://james.apache.org/mime4j/index.html">Mime4J</a> |
| <a class="navbar-item" href="https://james.apache.org/jsieve/index.html">jSieve</a> |
| <a class="navbar-item" href="https://james.apache.org/jspf/index.html">jSPF</a> |
| <a class="navbar-item" href="https://james.apache.org/jdkim/index.html">jDKIM</a> |
| <a class="navbar-item" href="https://james.apache.org/hupa/index.html">HUPA</a> |
| </div> |
| </div> |
| <div class="navbar-item has-dropdown is-hoverable"> |
| <a class="navbar-link" href="#">Community</a> |
| <div class="navbar-dropdown"> |
| <!-- Not ideal but dropping the version in the href requires tweaking james-projet docs module first --> |
| <a class="navbar-item" href="/james-project/3.6.0/community/mailing-lists.html">Mailing lists</a> |
| <a class="navbar-item" href="https://gitter.im/apache/james-project"><svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 32 32" class="logo-gitter-sign" data-v-44ebcb1a=""><rect x="15" y="5" width="2" height="10"></rect> <rect x="10" y="5" width="2" height="20"></rect> <rect x="5" y="5" width="2" height="20"></rect> <rect width="2" height="15"></rect></svg> Gitter</a> |
| <a class="navbar-item" href="https://twitter.com/ApacheJames"> |
| <span class="icon"> |
| <svg aria-hidden="true" data-icon="twitter" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"> |
| <path fill="#57aaee" d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"></path> |
| </svg> |
| </span> Twitter |
| </a> |
| <a class="navbar-item" href="#"> <svg class="octicon octicon-mark-github v-align-middle" viewBox="0 0 16 16" version="1.1" aria-hidden="true"><path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"></path></svg> Github</a> |
| </div> |
| </div> |
| <!-- <div class="navbar-item"> |
| <span class="control"> |
| <a class="button is-primary" href="#">Download</a> |
| </span> |
| </div> --> |
| </div> |
| </div> |
| </nav> |
| </header> |
| <div class="body"> |
| <div class="nav-container" data-component="james-distributed-app" data-version="3.8.1"> |
| <aside class="nav"> |
| <div class="panels"> |
| <div class="nav-panel-menu is-active" data-panel="menu"> |
| <nav class="nav-menu"> |
| <button class="nav-menu-toggle" aria-label="Toggle expand/collapse all" style="display: none"></button> |
| <h3 class="title"><a href="../index.html">Apache James Distributed Server</a></h3> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="0"> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="1"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../index.html">Distributed James Application</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../objectives.html">Objectives and motivation</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../architecture/index.html">Architecture</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../architecture/implemented-standards.html">Implemented standards</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../architecture/consistency-model.html">Consistency Model</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../architecture/specialized-instances.html">Specialized instances</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../run/index.html">Run</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../run/run-java.html">Run with Java</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../run/run-docker.html">Run with Docker</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../run/run-kubernetes.html">Run with Kubernetes</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../run/k8s-checklist.html">Deployment Checklist</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../run/k8s-logsMetrics.html">Logs & Metrics</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../run/k8s-values.html">values.yaml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../run/k8s-secrets.html">secrets.yaml</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="index.html">Configuration</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Protocols</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="imap.html">imapserver.xml</a> |
| </li> |
| <li class="nav-item is-current-page" data-depth="4"> |
| <a class="nav-link" href="jmap.html">jmap.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="jmx.html">jmx.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="smtp.html">smtpserver.xml & lmtpserver.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="smtp-hooks.html">Packaged SMTP hooks</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="pop3.html">pop3server.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="webadmin.html">webadmin.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="ssl.html">SSL & TLS</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="sieve.html">Sieve & ManageSieve</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Storage dependencies</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="blobstore.html">blobstore.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="cassandra.html">cassandra.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="opensearch.html">opensearch.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="rabbitmq.html">rabbitmq.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="redis.html">redis.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="tika.html">tika.properties</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Core components</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="batchsizes.html">batchsizes.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="dns.html">dnsservice.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="domainlist.html">domainlist.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="healthcheck.html">healthcheck.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="mailetcontainer.html">mailetcontainer.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="mailets.html">Packaged Mailets</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="matchers.html">Packaged Matchers</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="mailrepositorystore.html">mailrepositorystore.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="recipientrewritetable.html">recipientrewritetable.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="search.html">search.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="usersrepository.html">usersrepository.xml</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Extensions</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="vault.html">deletedMessageVault.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="extensions.html">extensions.properties</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="listeners.html">listeners.xml</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="spam.html">Anti-Spam setup</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="remote-delivery-error-handling.html">About RemoteDelivery error handling</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="collecting-contacts.html">Contact collection</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="collecting-events.html">Event collection</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="dsn.html">ESMTP DSN support</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../operate/index.html">Operate</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/guide.html">Operator guide</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/performanceChecklist.html">Performance checklist</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/logging.html">Logging</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/webadmin.html">WebAdmin REST administration API</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/metrics.html">Metrics</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/migrating.html">Migrating existing data</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/cli.html">Command Line Interface</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/cassandra-migration.html">Cassandra migration</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../operate/security.html">Security checklist</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../extending/index.html">Extending server behavior</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../extending/mail-processing.html">Custom mail processing components</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../extending/mailbox-listeners.html">Custom Mailbox Listeners</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../extending/smtp-hooks.html">Custom SMTP hooks</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../extending/webadmin-routes.html">Custom WebAdmin routes</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../extending/imap.html">Custom IMAP processing</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../benchmark/index.html">Performance benchmark</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../benchmark/db-benchmark.html">Database benchmarks</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../benchmark/james-benchmark.html">James benchmarks</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </nav> |
| </div> |
| <div class="nav-panel-explore" data-panel="explore"> |
| <div class="context"> |
| <span class="title">Apache James Distributed Server</span> |
| <span class="version">3.8.1 SNAPSHOT</span> |
| </div> |
| <ul class="components"> |
| <li class="component is-current"> |
| <div class="title"><a href="../index.html">Apache James Distributed Server</a></div> |
| <ul class="versions"> |
| <li class="version is-current is-latest"> |
| <a href="../index.html">3.8.1 SNAPSHOT</a> |
| </li> |
| </ul> |
| </li> |
| <li class="component"> |
| <div class="title"><a href="../../../james-project/3.8.1/index.html">Apache James Server</a></div> |
| <ul class="versions"> |
| <li class="version is-latest"> |
| <a href="../../../james-project/3.8.1/index.html">3.8.1 SNAPSHOT</a> |
| </li> |
| <li class="version"> |
| <a href="../../../james-project/3.6.0/index.html">3.6.0 Snapshot</a> |
| </li> |
| </ul> |
| </li> |
| <li class="component"> |
| <div class="title"><a href="../../../james-site/latest/index.html">Apache James Site</a></div> |
| <ul class="versions"> |
| <li class="version is-latest"> |
| <a href="../../../james-site/latest/index.html">latest</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </aside> |
| </div> |
| <main class="article"> |
| <div class="toolbar" role="navigation"> |
| <button class="nav-toggle"></button> |
| <a href="../../../james-site/latest/homepage.html" class="home-link"></a> |
| <nav class="breadcrumbs" aria-label="breadcrumbs"> |
| <ul> |
| <li><a href="../index.html">Apache James Distributed Server</a></li> |
| <li><a href="../index.html">Distributed James Application</a></li> |
| <li><a href="index.html">Configuration</a></li> |
| <li>Protocols</li> |
| <li><a href="jmap.html">jmap.properties</a></li> |
| </ul> |
| </nav> |
| <div class="edit-this-page"><a href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/docs/modules/ROOT/pages/configure/jmap.adoc">Edit this Page</a></div> |
| </div> |
| <div class="content"> |
| <aside class="toc sidebar" data-title="Contents" data-levels="2"> |
| <div class="toc-menu"></div> |
| </aside> |
| <article class="doc"> |
| <h1 class="page">Distributed James Server — jmap.properties</h1> |
| <div id="preamble"> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p><a href="https://jmap.io/">JMAP</a> is intended to be a new standard for email clients to connect to mail |
| stores. It therefore intends to primarily replace IMAP + SMTP submission. It is also designed to be more |
| generic. It does not replace MTA-to-MTA SMTP transmission.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Consult this <a href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/sample-configuration/jmap.properties">example</a> |
| to get some examples and hints.</p> |
| </div> |
| <table class="tableblock frame-all grid-all stretch"> |
| <caption class="title">Table 1. jmap.properties content</caption> |
| <colgroup> |
| <col style="width: 50%;"> |
| <col style="width: 50%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Property name</th> |
| <th class="tableblock halign-left valign-top">explanation</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">enabled</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">true/false. Governs whether JMAP should be enabled</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">jmap.port</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Defaults to 80. The port this server will be listening on. This value must be a valid |
| port, ranging between 1 and 65535 (inclusive)</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">tls.keystoreURL</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Keystore to be used for generating authentication tokens for password authentication mechanism. |
| This should not be the same keystore than the ones used by TLS based protocols.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">tls.secret</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Password used to read the keystore</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">jwt.publickeypem.url</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Coma separated list of RSA public keys URLs to validate JWT tokens allowing requests to bypass authentication. |
| Defaults to an empty list.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">url.prefix</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configuration urlPrefix for JMAP routes. Default value: <a href="http://localhost" class="bare">http://localhost</a>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">websocket.url.prefix</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. URL for JMAP WebSocket route. Default value: ws://localhost</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">email.send.max.size</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configuration max size for message created in RFC-8621. |
| Default value: None. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">max.size.attachments.per.mail</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Defaults to 20MB. RFC-8621 <code>maxSizeAttachmentsPerEmail</code> advertised to JMAP client as part of the |
| <code>urn:ietf:params:jmap:mail</code> capability. This needs to be at least 33% lower than <code>email.send.max.size</code> property |
| (in order to account for text body, headers, base64 encoding and MIME structures). |
| JMAP clients would use this property in order not to create too big emails. |
| Default value: None. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">upload.max.size</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configuration max size for each upload file in new JMAP-RFC-8621. |
| Default value: 30M. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">upload.quota.limit</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configure JMAP upload quota for total existing uploads' size per user. User exceeding the upload quota would result in old uploads being cleaned up. |
| Default value: 200M. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">view.email.query.enabled</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Should simple Email/query be resolved against a Cassandra projection, or should we resolve them against OpenSearch? |
| This enables a higher resilience, but the projection needs to be correctly populated.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">user.provisioning.enabled</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to true. Governs whether authenticated users that do not exist locally should be created in the users repository.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">authentication.strategy.rfc8621</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional List[String] with delimiter <code>,</code> . Specify which authentication strategies system admin want to use for JMAP RFC-8621 server. |
| The implicit package name is <code>org.apache.james.jmap.http</code>. If you have a custom authentication strategy outside this package, you have to specify its FQDN. |
| If no authentication strategy is specified, JMAP RFC-8621 server will fallback to default strategies: |
| <code>JWTAuthenticationStrategy</code>, <code>BasicAuthenticationStrategy</code>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">jmap.version.default</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional string. Defaults to <code>rfc-8621</code>. Allowed values: rfc-8621 |
| Which version of the JMAP protocol should be served when none supplied in the Accept header.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">dynamic.jmap.prefix.resolution.enabled</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Supported Jmap session endpoint returns dynamic prefix in response. |
| When its config is true, and the HTTP request to Jmap session endpoint has a <code>X-JMAP-PREFIX</code> header with the value <code><a href="http://new-domain/prefix" class="bare">http://new-domain/prefix</a></code>, |
| then <code>apiUrl, downloadUrl, uploadUrl, eventSourceUrl, webSocketUrl</code> in response will be changed with a new prefix. Example: The <code>apiUrl</code> will be "http://new-domain/prefix/jmap". |
| If the HTTP request to Jmap session endpoint has the <code>X-JMAP-WEBSOCKET-PREFIX</code> header with the value <code>ws://new-domain/prefix</code>, |
| then <code>capabilities."urn:ietf:params:jmap:websocket".url</code> in response will be "ws://new-domain/prefix/jmap/ws".</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">webpush.prevent.server.side.request.forgery</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Prevent server side request forgery by preventing calls to the private network ranges. Defaults to true, can be disabled for testing.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">cassandra.filter.projection.activated</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Casandra backends only. Whether to use or not the Cassandra projection |
| for JMAP filters. This projection optimizes reads, but needs to be correctly populated. Turning it on on |
| systems with filters already defined would result in those filters to be not read.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">delay.sends.enabled</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Whether to support or not the delay send with JMAP protocol.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">disabled.capabilities</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional, defaults to empty. Coma separated list of JMAP capabilities to reject. |
| This allows to prevent users from using some specific JMAP extensions.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">email.get.full.max.size</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional, default value is 5. The max number of items for EmailGet full reads.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">get.max.size</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional, default value is 500. The max number of items for /get methods.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">set.max.size</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Optional, default value is 500. The max number of items for /set methods.</p></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_wire_tapping"><a class="anchor" href="#_wire_tapping"></a>Wire tapping</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Enabling <strong>TRACE</strong> on <code>org.apache.james.jmap.wire</code> enables reactor-netty wiretap, logging of |
| all incoming and outgoing requests, outgoing requests. This will log also potentially sensible information |
| like authentication credentials.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_oidc_set_up"><a class="anchor" href="#_oidc_set_up"></a>OIDC set up</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>The use of <code>XUserAuthenticationStrategy</code> allow delegating the authentication responsibility to a third party system, |
| which could be used to set up authentication against an OIDC provider.</p> |
| </div> |
| <div class="paragraph"> |
| <p>We do supply an <a href="https://github.com">example</a> of such a setup. It combines the <a href="https://www.keycloak.org/">Keycloack</a> |
| OIDC provider with the <a href="https://www.krakend.io/">Krackend</a> API gateway, but usage of similar technologies is definitely doable.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_generating_a_jwt_key_pair"><a class="anchor" href="#_generating_a_jwt_key_pair"></a>Generating a JWT key pair</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Apache James can alternatively be configured to check the validity of JWT tokens itself. No revocation mechanism is |
| supported in such a setup, and the <code>sub</code> claim is used to identify the user. The key configuration is static.</p> |
| </div> |
| <div class="paragraph"> |
| <p>This requires the <code>JWTAuthenticationStrategy</code> authentication strategy to be used.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The Distributed server enforces the use of RSA-SHA-256.</p> |
| </div> |
| <div class="paragraph"> |
| <p>One can use OpenSSL to generate a JWT key pair :</p> |
| </div> |
| <div class="literalblock"> |
| <div class="content"> |
| <pre># private key |
| openssl genrsa -out rs256-4096-private.rsa 4096 |
| # public key |
| openssl rsa -in rs256-4096-private.rsa -pubout > rs256-4096-public.pem</pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>The private key can be used to generate JWT tokens, for instance |
| using <a href="https://github.com/vandium-io/jwtgen">jwtgen</a>:</p> |
| </div> |
| <div class="literalblock"> |
| <div class="content"> |
| <pre>jwtgen -a RS256 -p rs256-4096-private.rsa 4096 -c "sub=bob@domain.tld" -e 3600 -V</pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>This token can then be passed as <code>Bearer</code> of the <code>Authorization</code> header :</p> |
| </div> |
| <div class="literalblock"> |
| <div class="content"> |
| <pre>curl -H "Authorization: Bearer $token" -XPOST http://127.0.0.1:80/jmap -d '...'</pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>The public key can be referenced as <code>jwt.publickeypem.url</code> of the <code>jmap.properties</code> configuration file.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_annotated_specification"><a class="anchor" href="#_annotated_specification"></a>Annotated specification</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>The [annotated documentation](<a href="https://github.com/apache/james-project/tree/master/server/protocols/jmap-rfc-8621/doc/specs/spec" class="bare">https://github.com/apache/james-project/tree/master/server/protocols/jmap-rfc-8621/doc/specs/spec</a>) |
| presents the limits of the JMAP RFC-8621 implementation part of the Apache James project. We furthermore implement |
| [JSON Meta Application Protocol (JMAP) Subprotocol for WebSocket](<a href="https://tools.ietf.org/html/rfc8887" class="bare">https://tools.ietf.org/html/rfc8887</a>).</p> |
| </div> |
| <div class="paragraph"> |
| <p>Some methods / types are not yet implemented, some implementations are naive, and the PUSH is not supported yet.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Users are invited to read these limitations before using actively the JMAP RFC-8621 implementation, and should ensure their |
| client applications only uses supported operations.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Contributions enhancing support are furthermore welcomed.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The list of tested JMAP clients are:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Experiments had been run on top of [LTT.RS](<a href="https://github.com/iNPUTmice/lttrs-android" class="bare">https://github.com/iNPUTmice/lttrs-android</a>). Version in the Accept |
| headers needs to be explicitly set to <code>rfc-8621</code>. [Read more](<a href="https://github.com/linagora/james-project/pull/4089" class="bare">https://github.com/linagora/james-project/pull/4089</a>).</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_jmap_auto_configuration"><a class="anchor" href="#_jmap_auto_configuration"></a>JMAP auto-configuration</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p><a href="https://datatracker.ietf.org/doc/html/rfc8620">RFC-8620</a> defining JMAP core RFC defines precisely service location.</p> |
| </div> |
| <div class="paragraph"> |
| <p>James already redirects <code><a href="http://jmap.domain.tld/.well-known/jmap" class="bare">http://jmap.domain.tld/.well-known/jmap</a></code> to the JMAP session.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You can further help your clients by publishing extra SRV records.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Eg:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre>_jmap._tcp.domain.tld. 3600 IN SRV 0 1 443 jmap.domain.tld.</pre> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_jmap_reverse_proxy_set_up"><a class="anchor" href="#_jmap_reverse_proxy_set_up"></a>JMAP reverse-proxy set up</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>James implementation adds the value of <code>X-Real-IP</code> header as part of the logging MDC.</p> |
| </div> |
| <div class="paragraph"> |
| <p>This allows for reverse proxies to cary other the IP address of the client down to the JMAP server for diagnostic purpose.</p> |
| </div> |
| </div> |
| </div> |
| </article> |
| </div> |
| </main> |
| </div> |
| <footer class="footer"> |
| <p>This page was built using the Antora default UI.</p> |
| <p>The source code for this UI is licensed under the terms of the MPL-2.0 license.</p> |
| </footer> |
| <script id="site-script" src="../../../_/js/site.js" data-ui-root-path="../../../_"></script> |
| <script async src="../../../_/js/vendor/highlight.js"></script> |
| </body> |
| </html> |