Fix inbox-server config for development

Signed-off-by: Tamal Saha <[email protected]>
ops-center · May 6, 2024 · 8b86dff · 8b86dff
1 parent c3ca96c
commit 8b86dff
Show file tree

Hide file tree

Showing 14 changed files with 385 additions and 95 deletions.
diff --git a/charts/inbox-server/configs/blob.properties b/charts/inbox-server/configs/blob.properties
@@ -1,7 +1,7 @@
 # ============================================= BlobStore Implementation ==================================
 # Choose your BlobStore implementation
 # Mandatory, allowed values are: cassandra, s3
-implementation=s3
+implementation=cassandra
 
 # ========================================= ObjectStorage deduplication ========================================
 # If you choose to enable deduplication, the mails with the same content will be stored only once.

diff --git a/charts/inbox-server/configs/cassandra-driver.conf b/charts/inbox-server/configs/cassandra-driver.conf
@@ -0,0 +1,147 @@
+# James reference configuration for the DataStax Java driver for Apache Cassandra®.
+#
+# Unless you use a custom mechanism to load your configuration (see
+# SessionBuilder.withConfigLoader), all the values declared here will be used as defaults.
+#
+# See https://docs.datastax.com/en/developer/java-driver/4.13/manual/core/configuration/ for
+# available options.
+#
+# Please note that contact point and authentication needs to be set in cassandra.properties for now.
+datastax-java-driver {
+
+  basic.request {
+    timeout = 5 seconds
+
+    consistency = QUORUM
+
+    page-size = 5000
+
+    serial-consistency = SERIAL
+  }
+
+  advanced.connection {
+    connect-timeout = 5 seconds
+
+    init-query-timeout = 5 seconds
+
+    pool {
+      local.size = 2
+
+      remote.size = 2
+    }
+
+    max-requests-per-connection = 1024
+
+    max-orphan-requests = 256
+
+    warn-on-init-error = true
+  }
+
+  advanced.throttler {
+    // class = org.apache.james.backends.cassandra.utils.LockLessConcurrencyLimitingRequestThrottler
+    class = ConcurrencyLimitingRequestThrottler
+
+    max-queue-size = 10000
+
+    max-concurrent-requests = 192
+  }
+
+  advanced.reconnect-on-init = true
+
+  advanced.reconnection-policy {
+    class = ExponentialReconnectionPolicy
+
+    base-delay = 1 second
+    max-delay = 60 seconds
+  }
+
+  advanced.retry-policy {
+    class = DefaultRetryPolicy
+  }
+
+  advanced.ssl-engine-factory {
+    // class = DefaultSslEngineFactory
+
+    // hostname-validation = true
+
+    // truststore-path = /path/to/client.truststore
+    // truststore-password = password123
+    // keystore-path = /path/to/client.keystore
+    // keystore-password = password123
+  }
+
+  advanced.request-tracker {
+    logs {
+      slow {
+        threshold = 2 second
+
+        enabled = true
+      }
+
+      max-query-length = 500
+    }
+  }
+
+  advanced.metrics {
+    factory {
+      class = DefaultMetricsFactory
+    }
+
+    id-generator {
+      class = DefaultMetricIdGenerator
+      prefix = "cassandra"
+    }
+    session {
+      enabled = [
+        // bytes-sent,
+
+        // bytes-received
+
+        // connected-nodes,
+
+        // cql-requests,
+
+        // cql-client-timeouts,
+
+        // cql-prepared-cache-size,
+
+        // throttling.delay,
+
+        // throttling.queue-size,
+
+        // throttling.errors,
+
+      ]
+
+      cql-requests {
+        highest-latency = 10 seconds
+
+        lowest-latency = 1 millisecond
+
+        significant-digits = 3
+
+        refresh-interval = 5 minutes
+      }
+    }
+  }
+
+  profiles {
+    # Provides controls on Execution profiles used by James
+    LWT {
+      basic.request.consistency = SERIAL
+      basic.request.serial-consistency = SERIAL
+    }
+    CACHING {
+      basic.request.consistency = LOCAL_ONE
+      basic.request.serial-consistency = LOCAL_ONE
+      basic.request.timeout = 100 milliseconds
+    }
+    OPTIMISTIC_CONSISTENCY_LEVEL {
+      basic.request.consistency = LOCAL_ONE
+      basic.request.serial-consistency = LOCAL_ONE
+    }
+    BATCH {
+      basic.request.timeout = 1 hour
+    }
+  }
+}
diff --git a/charts/inbox-server/configs/imapserver.xml b/charts/inbox-server/configs/imapserver.xml
@@ -19,26 +19,64 @@ specific language governing permissions and limitations
 under the License.
 -->
 
-<!--
-http://james.apache.org/server/config-imap4.html
--->
+<!-- Read https://james.apache.org/server/config-imap4.html for further details -->
+
 <imapservers>
-	<imapserver enabled="${env:JAMES_IMAP_SMTP_ENABLED}">
-		<jmxName>imapserver-ssl</jmxName>
-		<bind>0.0.0.0:993</bind>
-		<connectionBacklog>200</connectionBacklog>
-		<tls socketTLS="true" startTLS="false">
-                    <privateKey>file://secrets/tls.key</privateKey>
-                    <certificates>file://secrets/tls.crt</certificates>
-		</tls>
-		<connectionLimit>0</connectionLimit>
-		<connectionLimitPerIP>0</connectionLimitPerIP>
-		<inMemorySizeLimit>102400</inMemorySizeLimit>
-		<literalSizeLimit>${env:JAMES_MESSAGE_SIZE}</literalSizeLimit>
-		<connectionBacklog>9600</connectionBacklog>
-		<compress>true</compress>
-		<timeout>3600</timeout>
-		<connectiontimeout>3600</connectiontimeout>
-	</imapserver>
-</imapservers>
+    <imapserver enabled="true">
+        <jmxName>imapserver</jmxName>
+        <bind>0.0.0.0:143</bind>
+        <connectionBacklog>200</connectionBacklog>
+        <tls socketTLS="false" startTLS="true">
+            <!-- To create a new keystore execute:
+              keytool -genkey -alias james -keyalg RSA -storetype PKCS12 -keystore /path/to/james/conf/keystore
+             -->
+            <keystore>file://keystore</keystore>
+            <keystoreType>PKCS12</keystoreType>
+            <secret>james72laBalle</secret>
+            <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
+
+            <!-- Alternatively TLS keys can be supplied via PEM files -->
+            <!-- <privateKey>file://conf/private.key</privateKey> -->
+            <!-- <certificates>file://conf/certs.self-signed.csr</certificates> -->
+            <!-- An optional secret might be specified for the private key -->
+            <!-- <secret>james72laBalle</secret> -->
+        </tls>
+        <connectionLimit>0</connectionLimit>
+        <connectionLimitPerIP>0</connectionLimitPerIP>
+        <idleTimeInterval>120</idleTimeInterval>
+        <idleTimeIntervalUnit>SECONDS</idleTimeIntervalUnit>
+        <enableIdle>true</enableIdle>
+        <plainAuthDisallowed>true</plainAuthDisallowed>
+        <auth>
+            <plainAuthEnabled>true</plainAuthEnabled>
+        </auth>
+    </imapserver>
+    <imapserver enabled="true">
+        <jmxName>imapserver-ssl</jmxName>
+        <bind>0.0.0.0:993</bind>
+        <connectionBacklog>200</connectionBacklog>
+        <tls socketTLS="true" startTLS="false">
+            <!-- To create a new keystore execute:
+              keytool -genkey -alias james -keyalg RSA -storetype PKCS12 -keystore /path/to/james/conf/keystore
+             -->
+            <keystore>file://keystore</keystore>
+            <keystoreType>PKCS12</keystoreType>
+            <secret>james72laBalle</secret>
+            <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
 
+            <!-- Alternatively TLS keys can be supplied via PEM files -->
+            <!-- <privateKey>file://conf/private.key</privateKey> -->
+            <!-- <certificates>file://conf/certs.self-signed.csr</certificates> -->
+            <!-- An optional secret might be specified for the private key -->
+            <!-- <secret>james72laBalle</secret> -->
+        </tls>
+        <connectionLimit>0</connectionLimit>
+        <connectionLimitPerIP>0</connectionLimitPerIP>
+        <idleTimeInterval>120</idleTimeInterval>
+        <idleTimeIntervalUnit>SECONDS</idleTimeIntervalUnit>
+        <enableIdle>true</enableIdle>
+        <auth>
+            <plainAuthEnabled>true</plainAuthEnabled>
+        </auth>
+    </imapserver>
+</imapservers>
diff --git a/charts/inbox-server/configs/jmap.properties b/charts/inbox-server/configs/jmap.properties
@@ -1,7 +1,7 @@
 # Configuration file for JMAP
 
 enabled=${env:JAMES_JMAP_ENABLED}
-tls.keystoreURL=file://secrets-jwt/keystore
+tls.keystoreURL=file://keystore
 tls.secret=${env:JAMES_KEYSTORE_PASSWORD}
 
 #

diff --git a/charts/inbox-server/configs/mailetcontainer.xml b/charts/inbox-server/configs/mailetcontainer.xml
@@ -37,11 +37,23 @@
     <processors>
         <processor state="root" enableJmx="true">
             <mailet match="All" class="PostmasterAlias"/>
-            <mailet match="RelayLimit=30" class="ToRepository">
-                <repositoryPath>cassandra://var/mail/relay-limit-exceeded/</repositoryPath>
+            <mailet match="RelayLimit=30" class="Null"/>
+            <mailet match="All" class="mailets.IgnoreSuffixOfPlusSign"/>
+            <mailet match="matchers.NotInBlackList" class="ToProcessor">
+                <processor>transport</processor>
             </mailet>
             <mailet match="All" class="ToProcessor">
-                <processor>transport</processor>
+                <processor>blacklisted</processor>
+            </mailet>
+        </processor>
+
+
+        <processor state="blacklisted" enableJmx="true">
+            <mailet match="All" class="MetricsMailet">
+                <metricName>blacklisted</metricName>
+            </mailet>
+            <mailet match="All" class="ToRepository">
+                <repositoryPath>cassandra://var/mail/blacklisted/</repositoryPath>
             </mailet>
         </processor>