Google Git
Sign in
apache / james-site / refs/heads/asf-site / . / content / server / config-system.html
blob: ee8c8633cde4da1bfcd9f65d65b147fb3b37d20c [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Generated by Apache Maven Doxia at 2024-03-14 -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Apache James Project &#x2013; Apache James Server 3 - Server Wide Configuration</title>
<style type="text/css" media="all">
@import url("../css/james.css");
@import url("../css/maven-base.css");
@import url("../css/maven-theme.css");
@import url("../css/site.css");
@import url("../js/jquery/css/custom-theme/jquery-ui-1.8.5.custom.css");
@import url("../js/jquery/css/print.css");
@import url("../js/fancybox/jquery.fancybox-1.3.4.css");
</style>
<script type="text/javascript" src="../js/jquery/js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="../js/jquery/js/jquery-ui-1.8.5.custom.min.js"></script>
<script type="text/javascript" src="../js/fancybox/jquery.fancybox-1.3.4.js"></script>
<link rel="stylesheet" href="../css/print.css" type="text/css" media="print" />
<meta name="Date-Revision-yyyymmdd" content="20240314" />
<meta http-equiv="Content-Language" content="en" />
<!-- Google Analytics -->
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-1384591-1']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script').item(0); s.parentNode.insertBefore(ga, s);
})();
</script>
</head>
<body class="composite">
<div id="banner">
<a href="../index.html" id="bannerLeft" title="james-logo.png">
<img src="../images/logos/james-logo.png" alt="James Project" />
</a>
<a href="https://www.apache.org/index.html" id="bannerRight">
<img src="images/logos/asf_logo_small.png" alt="The Apache Software Foundation" />
</a>
<div class="clear">
<hr/>
</div>
</div>
<div id="breadcrumbs">
<div class="xleft">
<span id="publishDate">Last Published: 2024-03-14</span>
</div>
<div class="xright"> <a href="../index.html" title="Home">Home</a>
|
<a href="../documentation.html" title="James">James</a>
|
<a href="../mime4j/index.html" title="Mime4J">Mime4J</a>
|
<a href="../jsieve/index.html" title="jSieve">jSieve</a>
|
<a href="../jspf/index.html" title="jSPF">jSPF</a>
|
<a href="../jdkim/index.html" title="jDKIM">jDKIM</a>
</div>
<div class="clear">
<hr/>
</div>
</div>
<div id="leftColumn">
<div id="navcolumn">
<h5>James components</h5>
<ul>
<li class="collapsed">
<a href="../documentation.html" title="About James">About James</a>
</li>
<li class="expanded">
<a href="../server/index.html" title="Server">Server</a>
<ul>
<li class="none">
<a href="../server/advantages.html" title="Advantages">Advantages</a>
</li>
<li class="none">
<a href="../server/objectives.html" title="Objectives">Objectives</a>
</li>
<li class="expanded">
<a href="../server/quick-start.html" title="User Manual">User Manual</a>
<ul>
<li class="collapsed">
<a href="../server/features.html" title="1. Features">1. Features</a>
</li>
<li class="none">
<a href="../server/packaging.html" title="2. Packaging">2. Packaging</a>
</li>
<li class="collapsed">
<a href="../server/install.html" title="3. Install James">3. Install James</a>
</li>
<li class="expanded">
<a href="../server/config.html" title="4. Configure James">4. Configure James</a>
<ul>
<li class="none">
<a href="../server/config-activemq.html" title="ActiveMQ">ActiveMQ</a>
</li>
<li class="none">
<a href="../server/config-listeners.html" title="Additional mailbox listeners">Additional mailbox listeners</a>
</li>
<li class="none">
<a href="../server/config-antispam.html" title="Anti Spam">Anti Spam</a>
</li>
<li class="none">
<a href="../server/config-blob-export.html" title="Blob Export">Blob Export</a>
</li>
<li class="none">
<a href="../server/config-blobstore.html" title="BlobStore">BlobStore</a>
</li>
<li class="none">
<a href="../server/config-cassandra.html" title="Cassandra">Cassandra</a>
</li>
<li class="none">
<a href="../server/config-opensearch.html" title="OpenSearch">OpenSearch</a>
</li>
<li class="none">
<a href="../server/config-vault.html" title="Deleted Messages Vault">Deleted Messages Vault</a>
</li>
<li class="none">
<a href="../server/config-dnsservice.html" title="DNS Service">DNS Service</a>
</li>
<li class="none">
<a href="../server/config-domainlist.html" title="Domain List">Domain List</a>
</li>
<li class="none">
<a href="../server/config-fetchmail.html" title="FetchMail">FetchMail</a>
</li>
<li class="none">
<a href="../server/config-guice.html" title="Guice">Guice</a>
</li>
<li class="none">
<a href="../server/config-imap4.html" title="IMAP4">IMAP4</a>
</li>
<li class="none">
<a href="../server/config-jmap.html" title="JMAP">JMAP</a>
</li>
<li class="none">
<a href="../server/config-mailrepositorystore.html" title="Mail Repository Stores">Mail Repository Stores</a>
</li>
<li class="none">
<a href="../server/config-mailbox.html" title="Mailbox">Mailbox</a>
</li>
<li class="none">
<a href="../server/config-mailetcontainer.html" title="Mailet Container">Mailet Container</a>
</li>
<li class="none">
<a href="../server/config-healthcheck.html" title="Periodical Health Checks">Periodical Health Checks</a>
</li>
<li class="none">
<a href="../server/config-pop3.html" title="POP3">POP3</a>
</li>
<li class="none">
<a href="../server/config-quota.html" title="Quota">Quota</a>
</li>
<li class="none">
<a href="../server/config-rabbitmq.html" title="RabbitMQ">RabbitMQ</a>
</li>
<li class="none">
<a href="../server/config-redis.html" title="Redis">Redis</a>
</li>
<li class="none">
<a href="../server/config-recipientrewritetable.html" title="Recipient Rewrite">Recipient Rewrite</a>
</li>
<li class="none">
<a href="../server/config-smtp-lmtp.html" title="SMTP LMTP">SMTP LMTP</a>
</li>
<li class="none">
<a href="../server/config-sieve.html" title="Sieve">Sieve</a>
</li>
<li class="none">
<a href="../server/config-ssl-tls.html" title="SSL/TLS">SSL/TLS</a>
</li>
<li class="none">
<strong>System</strong>
</li>
<li class="none">
<a href="../server/config-spring-jpa-postgres.html" title="Spring JPA Postgres">Spring JPA Postgres</a>
</li>
<li class="none">
<a href="../server/config-users.html" title="Users">Users</a>
</li>
<li class="none">
<a href="../server/config-webadmin.html" title="WebAdmin">WebAdmin</a>
</li>
</ul>
</li>
<li class="collapsed">
<a href="../server/manage.html" title="5. Manage">5. Manage</a>
</li>
<li class="collapsed">
<a href="../server/monitor.html" title="6. Monitor">6. Monitor</a>
</li>
<li class="collapsed">
<a href="../server/upgrade.html" title="7. Upgrade">7. Upgrade</a>
</li>
<li class="collapsed">
<a href="../server/dev.html" title="8. Developers Corner">8. Developers Corner</a>
</li>
</ul>
</li>
<li class="none">
<a href="../mail.html#James_Mailing_lists" title="Mailing Lists">Mailing Lists</a>
</li>
<li class="none">
<a href="../server/release-notes.html" title="Release Notes">Release Notes</a>
</li>
<li class="none">
<a href="../server/apidocs/index.html" title="Javadoc">Javadoc</a>
</li>
<li class="none">
<a href="https://issues.apache.org/jira/browse/JAMES" title="Issue Tracker">Issue Tracker</a>
</li>
<li class="none">
<a href="https://github.com/apache/james-project" title="Sources">Sources</a>
</li>
<li class="none">
<a href="../server/rfcs.html" title="RFCs">RFCs</a>
</li>
<li class="none">
<a href="../download.cgi#Apache_James_Server" title="Download releases">Download releases</a>
</li>
</ul>
</li>
<li class="collapsed">
<a href="../mailet/index.html" title="Mailets">Mailets</a>
</li>
<li class="collapsed">
<a href="../mailbox/index.html" title="Mailbox">Mailbox</a>
</li>
<li class="collapsed">
<a href="../protocols/index.html" title="Protocols">Protocols</a>
</li>
<li class="collapsed">
<a href="../mpt/index.html" title="MPT">MPT</a>
</li>
</ul>
<h5>Apache Software Foundation</h5>
<ul>
<li>
<strong>
<a title="ASF" href="http://www.apache.org/">ASF</a>
</strong>
</li>
<li>
<a title="Get Involved" href="http://www.apache.org/foundation/getinvolved.html">Get Involved</a>
</li>
<li>
<a title="FAQ" href="http://www.apache.org/foundation/faq.html">FAQ</a>
</li>
<li>
<a title="License" href="http://www.apache.org/licenses/" >License</a>
</li>
<li>
<a title="Sponsorship" href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a>
</li>
<li>
<a title="Thanks" href="http://www.apache.org/foundation/thanks.html">Thanks</a>
</li>
<li>
<a title="Security" href="http://www.apache.org/security/">Security</a>
</li>
</ul>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="poweredBy" alt="Built by Maven" src="../images/logos/maven-feather.png" />
</a>
</div>
</div>
<div id="bodyColumn">
<div id="contentBox">
<section>
<h2><a name="Server_Wide_Configuration"></a>Server Wide Configuration</h2>
<section>
<h3><a name="Introduction"></a>Introduction</h3>
<p>There are a number of global configuration files that do not fall into any one
component. They have effects that are global in scope across the server.</p>
<p>Some of these files are crucial, while others can be ignored by any but the most sophisticated
server administrators.</p>
</section>
<section>
<h3><a name="spring-server.xml"></a>spring-server.xml</h3>
<p>In James distribution, the spring files are located under conf/context folder and splitted into a main
file (james-server-context.xml) which imports 3 other files (1 per mailbox type): james-mailbox-jpa-context.xml,
james-mailbox-memory-context.xml.</p>
<p>Consult <a class="externalLink" href="https://github.com/apache/james-project/tree/master/server/container/spring/src/main/resources/META-INF/org/apache/james/spring-server.xml">spring-server.xml</a> in GIT to
get some examples and hints.</p>
<p>spring beans files are the place where the Apache James Server wiring is done. It should be modified only by expert-users.</p>
<p>In combination with james-database.properties and META-INF/persistence.xml, the datasource to access the database is defined in spring-server.xml</p>
</section>
<section>
<h3><a name="james-database.properties"></a>james-database.properties</h3>
<p>This configuration file is only relevant when using JPA, with Spring or Guice.</p>
<p>Consult <a class="externalLink" href="https://github.com/apache/james-project/tree/master/server/apps/spring-app/src/main/resources/james-database.properties">james-database.properties</a> in GIT to get some examples and hints.</p>
<p>The database connection in database.properties</p>
<p>James has the capacity to use a JDBC-compatible database for storage of both message and user
data. This section explains how to configure James to utilize a database for storage.</p>
<p>To avoid vendor-specific issues, the JPA (Java Persistence Architecture) is used (using the Apache OpenJPA implementation).</p>
<p>There must be a database instance accessible from the James server. An account with appropriate
privileges (select, insert, delete into tables, and on initial startup creation of tables) and
with sufficient quota for the data to be inserted into the database must be available.</p>
<p>Also, since James will use JDBC to access the database, an appropriate JDBC driver must be
available for installation. You can place the JDBC driver jar in the conf/lib folder, it will
be automatically loaded.</p>
<p>Database configuration</p>
<dl>
<dt><b>database.driverClassName</b></dt>
<dd>The class name of the database driver to be used.</dd>
<dt><b>database.url</b></dt>
<dd>The JDBC connection URL for your database/driver.</dd>
<dt><b>database.username</b></dt>
<dd>The user id of the database account to be used by this connection.</dd>
<dt><b>database.password</b></dt>
<dd>The password of the database account to be used by this connection.</dd>
<dt><b>vendorAdapter.database</b></dt>
<dd>Supported adapters are: DB2, DERBY, H2, HSQL, INFORMIX, MYSQL, ORACLE, POSTGRESQL, SQL_SERVER, SYBASE .</dd>
<dt><b>openjpa.streaming</b></dt>
<dd>true or false - Use streaming for Blobs. This is only supported on a limited set of databases atm. You
should check if it's supported by your DB before enable it. See <a class="externalLink" href="http://openjpa.apache.org/builds/latest/docs/manual/ref_guide_mapping_jpa.html">http://openjpa.apache.org/builds/latest/docs/manual/ref_guide_mapping_jpa.html</a> (#7.11. LOB Streaming).</dd>
</dl>
<p>NOTE: all<code>openjpa.*</code> properties will be passed to OpenJPA library as configuration See <a class="externalLink" href="https://openjpa.apache.org/builds/3.2.2/apache-openjpa/docs/ref_guide_conf_openjpa.html">https://openjpa.apache.org/builds/3.2.2/apache-openjpa/docs/ref_guide_conf_openjpa.html</a> for a complete list </p>
<p>The JPA datasource and connection pooling can be delegated to commons-dbcp2 - the library dependency has to be present in classpath for it to be enabled. dbcp2 properties can be configured through james-database.properties - all properties prefixed with <code>datasource.*</code> will be passed to DBCP2 library via <code>openjpa.ConnectionProperties</code> OpenJPA property. The corresponding definitions and default values can be found in the <a class="externalLink" href="https://commons.apache.org/proper/commons-dbcp/configuration.html">dbcp documentation</a>, some of the properties (but not limited to)</p>
<ul>
<li>datasource.testOnBorrow</li>
<li>datasource.validationQueryTimeoutSec</li>
<li>datasource.validationQuery</li>
<li>datasource.initialSize</li>
<li>datasource.minIdle</li>
<li>datasource.maxTotal</li>
</ul>
<p>NOTE: Connection poolling requires that <code>openjpa.Multithreaded</code> property is set to <code>true</code> (default)</p>
<p>Note for postgresql databases: Add <code>standard_conforming_strings=off</code> to your postgresql.xml, otherwise you
will get <code>&quot;&quot;Invalid escape string Hint: Escape string must be empty or one character. {prepstmnt 174928937
SELECT t0.mailbox_id, t0.mailbox_highest_modseq, t0.mailbox_last_uid, t0.mailbox_name, t0.mailbox_namespace,
t0.mailbox_uid_validity, t0.user_name FROM public.james_mailbox t0 WHERE (t0.mailbox_name LIKE ?
ESCAPE '\\' AND t0.user_name = ? AND t0.mailbox_namespace = ?) [params=?, ?, ?]} [code=0, state=22025]&quot;</code></p>
<p>Attachment storage configuration</p>
<dl>
<dt><b>attachmentStorage.enabled</b></dt>
<dd>The attachment storage configuration for JPA is used to enable the implementation of the attachment storage mechanism.
*WARNING*: this configuration is not designed to store large binary content (no more than 1 GB of data), as it is not optimized for this purpose.
Optional, Allowed values are: `true` or `false`, defaults to `false`</dd>
</dl>
</section>
<section>
<h3><a name="META-INF.2Fpersistence.xml"></a>META-INF/persistence.xml</h3>
<p>Consult <a class="externalLink" href="https://github.com/apache/james-project/tree/master/server/apps/spring-app/src/main/resources/META-INF/persistence.xml">META-INF/persistence.xml</a> in GIT to get some examples and hints.</p>
<p>The JPA mapping and properties are defined in the in META-INF/persistence.xml.</p>
<p>You can override the definition in external file and importing the external file in the persistence.xml (see jpa-mappings.xml provided example in GIT)</p>
<div class="source">
<pre>
&lt;mapping-file&gt;META-INF/jpa-mappings.xml&lt;/mapping-file&gt;</pre></div>
</section>
<section>
<h3><a name="jmx.properties"></a>jmx.properties</h3>
<p><b>Disclaimer: </b> JMX poses several security concerns and had been leveraged to conduct arbitrary code execution.
This threat is mitigated by not allowing remote connections to JMX, setting up authentication and pre-authentication filters.
However, we recommend to either run James in isolation (docker / own virtual machine) or disable JMX altogether.<br />
James JMX endpoint provides command line utilities and exposes a few metrics, also available on the metric endpoint.</p>
<p>Consult <a class="externalLink" href="https://github.com/apache/james-project/tree/master/server/apps/spring-app/src/main/resources/jmx.properties">jmx.properties</a> in GIT to get some examples and hints.</p>
<p>This is used to configure the JMX MBean server via which all management is achieved (also used by via the james-cli).</p>
<dl>
<dt><b>jmx.enabled</b></dt>
<dd>(Guice only). Boolean. Should the JMX server be enabled? Defaults to `true`.</dd>
<dt><b>jmx.address</b></dt>
<dd>The IP address (host name) the MBean Server will bind/listen to.</dd>
<dt><b>jmx.port</b></dt>
<dd>The port number the MBean Server will bind/listen to.</dd>
</dl>
<p>To access from a remote location, it has been reported that <code>-Dcom.sun.management.jmxremote.ssl=false</code> is
needed in the startup script. Exposing JMX remotely poses numerous security issues and as such is strongly discouraged.</p>
<b>JMX Security</b>
<p>In order to set up JMX authentication, we need to put <code>jmxremote.password</code> and <code>jmxremote.access</code> file
to <code>/conf</code> directory.</p>
<p><code>jmxremote.password</code>: define the username and password, that will be used by the client (here is james-cli)</p>
<p>File's content example:</p>
<div>
<pre><code>
james-admin pass1
</code></pre></div>
<p><code>jmxremote.access</code>: define the pair of username and access permission</p>
<p>File's content example:</p>
<div>
<pre><code>
james-admin readwrite
</code></pre></div>
<p>(Guice only) When James runs with option <code>-Djames.jmx.credential.generation=true</code>, James will automatically
generate <code>jmxremote.password</code> if the file does not exist.
Then the default username is <code>james-admin</code> and a random password. This option defaults to true.</p>
<p>(Spring only) Presence of JMX credentials is compulsory to start the server.</p>
</section>
<section>
<h3><a name="sqlResources.xml"></a>sqlResources.xml</h3>
<p>Consult <a class="externalLink" href="https://github.com/apache/james-project/tree/master/server/apps/spring-app/src/main/resources/sqlResources.xml">sqlResources.xml</a> in GIT to get some examples and hints.</p>
<p>This file is deprecated but some mailets... still need it. The standard way to access database
is JPA, but some functionalities are not yet migrated and still need the sqlResources.xml resources.</p>
<p>The precise SQL statements used by Apache James Server to modify and view data stored in the database
are specified in sqlResources.xml file.</p>
<p>If you are using a SQL database with unusual SQL commands or data types, you may
need to add special entries to this file. The James team
does try to keep sqlResources.xml updated, so if you do run into a
special case, please let us know.</p>
<p>Also, if the database tables are not created a priori, but rather are to be created by James
upon startup, special attention should be paid to the &quot;create table&quot; statements in this file. Such
statements tend to be both very database and very database instance specific.</p>
</section>
<section>
<h3><a name="jvm.properties"></a>jvm.properties</h3>
<p>This configuration file is only relevant when using Guice.</p>
<p>It may contain any additional system properties for tweaking JVM execution.
When you normally would add a command line option <code>-Dmy.property=whatever</code>,
you can put it in this file as <code>my.property=whatever</code> instead.
These properties will be added as system properties on server start.</p>
<p>Note that in some rare cases this might not work,
when a property affects very early JVM start behaviour.</p>
<p>For testing purposes, you may specify a different file path via the
command line option <code>-Dextra.props=/some/other/jvm.properties</code>.</p>
<p>Some tuning can be done via system properties. This includes:</p>
<dl>
<dt><b>james.message.memory.threshold</b></dt>
<dd>(Optional). String (size, integer + size units, example: `12 KIB`, supported units are bytes KIB MIB GIB TIB). Defaults to 100KIB. <br />
This governs the threshold MimeMessageInputStreamSource relies on for storing MimeMessage content on disk. <br />
Below, data is stored in memory. Above data is stored on disk.
Lower values will lead to longer processing time but will minimize heap memory usage. Modern SSD hardware
should however support a high throughput. Higher values will lead to faster single mail processing at the cost
of higher heap usage.
</dd>
<dt><b>james.message.usememorycopy</b></dt>
<dd>Optional. Boolean. Defaults to false. Recommended value is false. <br />
Should MimeMessageWrapper use a copy of the message in memory? Or should bigger message exceeding james.message.memory.threshold be copied to temporary files?</dd>
<dt><b>james.lifecycle.leak.detection.mode</b></dt>
<dd>Optional. Allowed values are: none, simple, advanced, testing. Defaults to simple. <br />
Mode level of resource leak detection. It is used to detect a resource not be disposed of before it's garbage-collected. Example `MimeMessageInputStreamSource` <br />
- none: Disables resource leak detection.<br />
- simple: Enables output a simplistic error log if a leak is encountered and would free the resources (default). <br />
- advanced: Enables output an advanced error log implying the place of allocation of the underlying object and would free resources. <br />
- testing: Enables output an advanced error log implying the place of allocation of the underlying object and rethrow an error, that action is being taken by the development team. <br />
</dd>
<dt><b>james.protocols.mdc.hostname</b></dt>
<dd>Optional. Boolean. Defaults to true. <br />
Should we add the host in the MDC logging context for incoming IMAP, SMTP, POP3? Doing so, a DNS resolution
is attempted for each incoming connection, which can be costly. Remote IP is always added to the logging context.</dd>
<dt><b>james.blob.id.hash.encoding</b></dt>
<dd>Optional. String. Defaults to base64Url. <br />
The encoding type when encode blobId. The support value are: base16, hex, base32, base32Hex, base64, base64Url.</dd>
<dt><b>james.jmap.quota.draft.compatibility</b></dt>
<dd>Optional. Boolean. Default to false. <br />
This property allows to enable JMAP Quota draft compatibility for some JMAP clients and allow them a time window to adapt to the RFC-9245 JMAP Quota.</dd>
</dl>
</section>
</section>
</div>
</div>
<div class="clear">
<hr/>
</div>
<div id="footer">
<div class="xright">Copyright &#169; 2006-2024
<a href="https://www.apache.org/">The Apache Software Foundation</a>.
All Rights Reserved.
</div>
<div class="clear">
<hr/>
</div>
</div>
</body>
</html>