| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| <!-- Generated by Apache Maven Doxia at 2021-11-12 --> |
| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> |
| <title>Apache James Project – Apache James Server 3 - Blob Configuration</title> |
| <style type="text/css" media="all"> |
| @import url("../css/james.css"); |
| @import url("../css/maven-base.css"); |
| @import url("../css/maven-theme.css"); |
| @import url("../css/site.css"); |
| @import url("../js/jquery/css/custom-theme/jquery-ui-1.8.5.custom.css"); |
| @import url("../js/jquery/css/print.css"); |
| @import url("../js/fancybox/jquery.fancybox-1.3.4.css"); |
| </style> |
| <script type="text/javascript" src="../js/jquery/js/jquery-1.4.2.min.js"></script> |
| <script type="text/javascript" src="../js/jquery/js/jquery-ui-1.8.5.custom.min.js"></script> |
| <script type="text/javascript" src="../js/fancybox/jquery.fancybox-1.3.4.js"></script> |
| <link rel="stylesheet" href="../css/print.css" type="text/css" media="print" /> |
| <meta name="Date-Revision-yyyymmdd" content="20211112" /> |
| <meta http-equiv="Content-Language" content="en" /> |
| |
| <!-- Google Analytics --> |
| <script type="text/javascript"> |
| |
| var _gaq = _gaq || []; |
| _gaq.push(['_setAccount', 'UA-1384591-1']); |
| _gaq.push(['_trackPageview']); |
| |
| (function() { |
| var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; |
| ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; |
| var s = document.getElementsByTagName('script').item(0); s.parentNode.insertBefore(ga, s); |
| })(); |
| |
| </script> |
| </head> |
| <body class="composite"> |
| <div id="banner"> |
| <a href="../index.html" id="bannerLeft" title="james-logo.png"> |
| |
| |
| <img src="../images/logos/james-logo.png" alt="James Project" /> |
| </a> |
| <a href="https://www.apache.org/index.html" id="bannerRight"> |
| |
| |
| <img src="images/logos/asf_logo_small.png" alt="The Apache Software Foundation" /> |
| </a> |
| <div class="clear"> |
| <hr/> |
| </div> |
| </div> |
| <div id="breadcrumbs"> |
| |
| |
| <div class="xleft"> |
| <span id="publishDate">Last Published: 2021-11-12</span> |
| </div> |
| <div class="xright"> <a href="../index.html" title="Home">Home</a> |
| | |
| <a href="../documentation.html" title="James">James</a> |
| | |
| <a href="../mime4j/index.html" title="Mime4J">Mime4J</a> |
| | |
| <a href="../jsieve/index.html" title="jSieve">jSieve</a> |
| | |
| <a href="../jspf/index.html" title="jSPF">jSPF</a> |
| | |
| <a href="../jdkim/index.html" title="jDKIM">jDKIM</a> |
| |
| |
| </div> |
| <div class="clear"> |
| <hr/> |
| </div> |
| </div> |
| <div id="leftColumn"> |
| <div id="navcolumn"> |
| |
| |
| <h5>James components</h5> |
| <ul> |
| <li class="collapsed"> |
| <a href="../documentation.html" title="About James">About James</a> |
| </li> |
| <li class="expanded"> |
| <a href="../server/index.html" title="Server">Server</a> |
| <ul> |
| <li class="none"> |
| <a href="../server/advantages.html" title="Advantages">Advantages</a> |
| </li> |
| <li class="none"> |
| <a href="../server/objectives.html" title="Objectives">Objectives</a> |
| </li> |
| <li class="expanded"> |
| <a href="../server/quick-start.html" title="User Manual">User Manual</a> |
| <ul> |
| <li class="collapsed"> |
| <a href="../server/features.html" title="1. Features">1. Features</a> |
| </li> |
| <li class="none"> |
| <a href="../server/packaging.html" title="2. Packaging">2. Packaging</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/install.html" title="3. Install James">3. Install James</a> |
| </li> |
| <li class="expanded"> |
| <a href="../server/config.html" title="4. Configure James">4. Configure James</a> |
| <ul> |
| <li class="none"> |
| <a href="../server/config-listeners.html" title="Additional mailbox listeners">Additional mailbox listeners</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-antispam.html" title="Anti Spam">Anti Spam</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-blob-export.html" title="Blob Export">Blob Export</a> |
| </li> |
| <li class="none"> |
| <strong>BlobStore</strong> |
| </li> |
| <li class="none"> |
| <a href="../server/config-cassandra.html" title="Cassandra">Cassandra</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-elasticsearch.html" title="ElasticSearch">ElasticSearch</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-vault.html" title="Deleted Messages Vault">Deleted Messages Vault</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-dnsservice.html" title="DNS Service">DNS Service</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-domainlist.html" title="Domain List">Domain List</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-fetchmail.html" title="FetchMail">FetchMail</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-guice.html" title="Guice">Guice</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-imap4.html" title="IMAP4">IMAP4</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-jmap.html" title="JMAP">JMAP</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-mailrepositorystore.html" title="Mail Repository Stores">Mail Repository Stores</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-mailbox.html" title="Mailbox">Mailbox</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-mailetcontainer.html" title="Mailet Container">Mailet Container</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-healthcheck.html" title="Periodical Health Checks">Periodical Health Checks</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-pop3.html" title="POP3">POP3</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-quota.html" title="Quota">Quota</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-rabbitmq.html" title="RabbitMQ">RabbitMQ</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-recipientrewritetable.html" title="Recipient Rewrite">Recipient Rewrite</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-smtp-lmtp.html" title="SMTP LMTP">SMTP LMTP</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-sieve.html" title="Sieve">Sieve</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-ssl-tls.html" title="SSL/TLS">SSL/TLS</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-system.html" title="System">System</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-spring-jpa-postgres.html" title="Spring JPA Postgres">Spring JPA Postgres</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-users.html" title="Users">Users</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-webadmin.html" title="WebAdmin">WebAdmin</a> |
| </li> |
| </ul> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/manage.html" title="5. Manage">5. Manage</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/monitor.html" title="6. Monitor">6. Monitor</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/upgrade.html" title="7. Upgrade">7. Upgrade</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/dev.html" title="8. Developers Corner">8. Developers Corner</a> |
| </li> |
| </ul> |
| </li> |
| <li class="none"> |
| <a href="../mail.html#James_Mailing_lists" title="Mailing Lists">Mailing Lists</a> |
| </li> |
| <li class="none"> |
| <a href="../server/release-notes.html" title="Release Notes">Release Notes</a> |
| </li> |
| <li class="none"> |
| <a href="../server/apidocs/index.html" title="Javadoc">Javadoc</a> |
| </li> |
| <li class="none"> |
| <a href="https://issues.apache.org/jira/browse/JAMES" title="Issue Tracker">Issue Tracker</a> |
| </li> |
| <li class="none"> |
| <a href="https://github.com/apache/james-project" title="Sources">Sources</a> |
| </li> |
| <li class="none"> |
| <a href="../server/rfcs.html" title="RFCs">RFCs</a> |
| </li> |
| <li class="none"> |
| <a href="../download.cgi#Apache_James_Server" title="Download releases">Download releases</a> |
| </li> |
| </ul> |
| </li> |
| <li class="collapsed"> |
| <a href="../mailet/index.html" title="Mailets">Mailets</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../mailbox/index.html" title="Mailbox">Mailbox</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../protocols/index.html" title="Protocols">Protocols</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../mpt/index.html" title="MPT">MPT</a> |
| </li> |
| </ul> |
| <h5>Apache Software Foundation</h5> |
| <ul> |
| <li> |
| <strong> |
| <a title="ASF" href="http://www.apache.org/">ASF</a> |
| </strong> |
| </li> |
| <li> |
| <a title="Get Involved" href="http://www.apache.org/foundation/getinvolved.html">Get Involved</a> |
| </li> |
| <li> |
| <a title="FAQ" href="http://www.apache.org/foundation/faq.html">FAQ</a> |
| </li> |
| <li> |
| <a title="License" href="http://www.apache.org/licenses/" >License</a> |
| </li> |
| <li> |
| <a title="Sponsorship" href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a> |
| </li> |
| <li> |
| <a title="Thanks" href="http://www.apache.org/foundation/thanks.html">Thanks</a> |
| </li> |
| <li> |
| <a title="Security" href="http://www.apache.org/security/">Security</a> |
| </li> |
| </ul> |
| <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"> |
| <img class="poweredBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /> |
| </a> |
| |
| |
| </div> |
| </div> |
| <div id="bodyColumn"> |
| <div id="contentBox"> |
| |
| |
| |
| |
| <section> |
| <h2><a name="BlobStore_Configuration"></a>BlobStore Configuration</h2> |
| |
| <p> |
| BlobStore is the dedicated component to store blobs, non-indexable content. |
| James uses the BlobStore for storing blobs which are usually mail contents, attachments, deleted mails... |
| You can choose the underlying implementation of BlobStore to fit with your James setup. |
| It could be the implementation on top of Cassandra or file storage service like Openstack Swift, AWS S3. |
| |
| This configuration is only applicable with Guice products. |
| </p> |
| |
| <p> |
| Consult <a class="externalLink" href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/sample-configuration/blob.properties">blob.properties</a> |
| in GIT to get some examples and hints. |
| </p> |
| |
| |
| <p> |
| Blobs storing configuration |
| </p> |
| |
| <dl> |
| |
| <dt><b>implementation</b></dt> |
| |
| <dd>cassandra: use cassandra based BlobStore</dd> |
| |
| <dd>s3: use AWS S3 based BlobStore</dd> |
| |
| <dd><b>WARNING</b>: JAMES-3591 Cassandra is not made to store large binary content, its use will be suboptimal compared to |
| alternatives (namely S3 compatible BlobStores backed by for instance S3, MinIO or Ozone) |
| </dd> |
| |
| <dd> |
| The generated startup warning log can be deactivated via the cassandra.blob.store.disable.startup.warning environment |
| variable being positioned to false. |
| </dd> |
| |
| <dt><b>deduplication/enable</b></dt> |
| |
| <dd>Mandatory. Supported value: true and false.</dd> |
| |
| <dd>If you choose to enable deduplication, the mails with the same content will be stored only once.</dd> |
| |
| <dd>Warning: Once this feature is enabled, there is no turning back as turning it off will lead to the deletion of all</dd> |
| |
| <dd>the mails sharing the same content once one is deleted.</dd> |
| |
| <dd>This feature also requires a garbage collector mechanism to effectively drop blobs. A first implementation |
| based on bloom filters can be used and triggered using the WebAdmin REST API. See |
| <a href="manage-webadmin.html#Running_blob_garbage_collection">Running blob garbage collection</a>. |
| In order to avoid concurrency issues upon garbage collection, we slice the blobs in generation, the two more recent |
| generations are not garbage collected.</dd> |
| |
| <dd><b>deduplication.gc.generation.duration</b></dd> |
| |
| <dd>Allow controlling the duration of one generation. Longer implies better deduplication |
| but deleted blobs will live longer. Duration, defaults on 30 days, the default unit is in days.</dd> |
| |
| <dd><b>deduplication.gc.generation.family</b></dd> |
| |
| <dd>Every time the duration is changed, this integer counter must be incremented to avoid |
| conflicts. Defaults to 1.</dd> |
| |
| <dd>Upgrade note: If you are upgrading from James 3.5 or older, the deduplication was enabled.</dd> |
| </dl> |
| |
| |
| <section> |
| <h3><a name="Cassandra_BlobStore_Cache"></a>Cassandra BlobStore Cache</h3> |
| |
| <p>A Cassandra cache can be enabled to reduce latency when reading small blobs frequently. |
| A dedicated keyspace with a replication factor of one is then used. |
| Cache eviction policy is TTL based. |
| Only blobs below a given threshold will be stored. |
| To be noted that blobs are stored within a single Cassandra row, hence a low threshold should be used. |
| </p> |
| |
| <dl> |
| |
| <dt><b>cache.enable</b></dt> |
| |
| <dd>DEFAULT: false, optional, must be a boolean. Whether the cache should be enabled.</dd> |
| </dl> |
| |
| <dl> |
| |
| <dt><b>cache.cassandra.ttl</b></dt> |
| |
| <dd>DEFAULT: 7 days, optional, must be a duration. Cache eviction policy is TTL based. </dd> |
| </dl> |
| |
| <dl> |
| |
| <dt><b>cache.cassandra.timeout</b></dt> |
| |
| <dd>DEFAULT: 100ms, optional, must be a duration, cannot exceed 1 hour. |
| Timeout after which this cache should be bypassed.</dd> |
| </dl> |
| |
| <dl> |
| |
| <dt><b>cache.sizeThresholdInBytes</b></dt> |
| |
| <dd>DEFAULT: 8192, optional, must be a positive integer. Unit: bytes. |
| Supported units: bytes, Kib, MiB, GiB, TiB |
| Maximum size of stored objects expressed in bytes.</dd> |
| </dl> |
| </section> |
| <section> |
| <h3><a name="Encryption_choice"></a>Encryption choice</h3> |
| |
| <p> |
| Data can be optionally encrypted with a symmetric key using AES before being stored in the blobStore. As many user relies |
| on third party for object storage, a compromised third party will not escalate to a data disclosure. Of course, a |
| performance price have to be paid, as encryption takes resources. |
| </p> |
| |
| <dl> |
| |
| <dt><b>encryption.aes.enable</b></dt> |
| |
| <dd>Optional boolean, defaults to false</dd> |
| </dl> |
| |
| <p>If AES encryption is enabled, then the following properties MUST be present:</p> |
| |
| <dl> |
| |
| <dt><b>encryption.aes.password</b></dt> |
| |
| <dd>String</dd> |
| </dl> |
| |
| <dl> |
| |
| <dt><b>encryption.aes.salt</b></dt> |
| |
| <dd>Hexadecimal string.</dd> |
| </dl> |
| |
| <p><b>WARNING:</b> Once chosen this choice can not be reverted, all the data is either clear or encrypted. Mixed encryption |
| is not supported.</p> |
| |
| <p> |
| Here is an example of how you can generate the above values (be mindful to customize the byte lengths in order to add |
| enough entropy. |
| </p> |
| |
| <div> |
| <pre> |
| |
| # Password generation |
| openssl rand -base64 64 |
| |
| # Salt generation |
| generate salt with : openssl rand -hex 16 |
| |
| </pre></div> |
| </section> |
| <section> |
| <h3><a name="ObjectStorage_BlobStore_Buckets_Configuration"></a>ObjectStorage BlobStore Buckets Configuration</h3> |
| |
| <dl> |
| |
| <dt><b>objectstorage.bucketPrefix</b></dt> |
| |
| <dd> |
| Bucket is an concept in James and similar to Containers in Swift or Buckets in AWS S3. |
| BucketPrefix is the prefix of bucket names in James BlobStore |
| </dd> |
| |
| |
| <dt><b>objectstorage.namespace</b></dt> |
| |
| <dd> |
| BlobStore default bucket name. Most of blobs storing in BlobStore are inside the default bucket. |
| Unless a special case like storing blobs of deleted messages. |
| </dd> |
| </dl> |
| </section> |
| <section> |
| <h3><a name="ObjectStorage_Underlying_Service_Configuration"></a>ObjectStorage Underlying Service Configuration</h3> |
| </section><section> |
| <h3><a name="ObjectStorage_AWS_S3_Configuration"></a>ObjectStorage AWS S3 Configuration</h3> |
| |
| <dl> |
| |
| <dt><b>objectstorage.s3.endPoint</b></dt> |
| |
| <dd>S3 service endpoint</dd> |
| |
| |
| <dt><b>objectstorage.s3.region</b></dt> |
| |
| <dd>S3 region</dd> |
| |
| |
| <dt><b>objectstorage.s3.accessKeyId</b></dt> |
| |
| <dd><a class="externalLink" href="https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys">S3 access key id</a></dd> |
| |
| |
| <dt><b>objectstorage.s3.secretKey</b></dt> |
| |
| <dd><a class="externalLink" href="https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys">S3 access key secret</a></dd> |
| |
| |
| <dt><b>objectstorage.s3.http.concurrency</b></dt> |
| |
| <dd>Allow setting the number of concurrent HTTP requests allowed by the Netty driver.</dd> |
| </dl> |
| </section> |
| |
| </section> |
| |
| |
| |
| |
| </div> |
| </div> |
| <div class="clear"> |
| <hr/> |
| </div> |
| <div id="footer"> |
| <div class="xright">Copyright © 2006-2021 |
| <a href="https://www.apache.org/">The Apache Software Foundation</a>. |
| All Rights Reserved. |
| |
| </div> |
| <div class="clear"> |
| <hr/> |
| </div> |
| </div> |
| </body> |
| </html> |