[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [mail-dev] Request for enhancement - Show transport protocol version
|
- From: Jason Mehrens <jason_mehrens@xxxxxxxxxxx>
- Date: Fri, 28 Aug 2020 03:51:29 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XLXlDmN8u99fMjrltL0GDSPhbHZndUFRInN++O+3uEw=; b=iB55dwp/EkvYFn7yJWzxQaw9oWR10OpDJYzOuslSnqXVtMJyDuFhj4TJbTtAfpE5f7V4ll9rdtE0RcU7d1IGDBip520N6tNAScFlo9ZNOE0UZsrYMuyDojRKrDBNU9KHYCLM5jTmvRZaBFs9I6MXJ+OUMIUS5RE32Hxp1LDBXzupWnShe3hiLkf1ZFdK2fK72gsBYYtOxxaPq14jwv4AVOA29Gqq80/zFmqkRLglREG4p2/bBugo84M2wGh2ZglQRQMAmsRaU9teBPtlcsYEiJiee8UIgGGjSoSiaS0TsdRLLRzo/7rR1NEtYVUvMy1s6fqbgxpnFB2crujI6VeKWA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gdcCTgixTTHI38tvaR1XjgP+zGg9UId0WjVzrOtXFqGxypOwGTEAFxFs0vCjjsslavkteGGQzczKioscW+4EooHEJZpMIMULevvt/Z9P8N9l8jCGk2A6GpcxqyEPQZE83hA+xVyDVAo9710AAmXqGsPJdRKXjGDk0wRh/K5REhS5JhgmnDf3729leYYJ9RVSpqJ8cSWgIOn4znFQPxPuNC3HsFUEWPTk5e3tvmLdQqyKqYUB1Eu6Mc5uozPA/pTu1G+Dt1BK4kQLY/avfku88a872wyS3cwnwKzP5HoIADkKTrSCkbn1zjWyF0R6NgPOBVPmlyLDha3hWs7wiWxlVg==
- Delivered-to: mail-dev@xxxxxxxxxxx
- List-archive: <https://www.eclipse.org/mailman/private/mail-dev>
- List-help: <mailto:mail-dev-request@eclipse.org?subject=help>
- List-subscribe: <https://www.eclipse.org/mailman/listinfo/mail-dev>, <mailto:mail-dev-request@eclipse.org?subject=subscribe>
- List-unsubscribe: <https://www.eclipse.org/mailman/options/mail-dev>, <mailto:mail-dev-request@eclipse.org?subject=unsubscribe>
- Thread-index: AdZ80S4STSNwJkyjSJOeOIup61x4UwAG23EI
- Thread-topic: Request for enhancement - Show transport protocol version
Hi Rob,
There are public methods that you can query to determine this information. You need to have access to a Transport, Message, or Session in order to invoke them.
A transport is a type of service so all you need to do is gain access to the Transport used to send the message. If you don't have a transport then you need to gain access to a Session that is used to create a transport. Message and MessageContext can gain access to the session assigned to a MimeMessage. Once you have access to the Session you need to call one of the getTransport methods. If you are using the static Transport::send the you need to emulate the transport lookup rules in : https://github.com/eclipse-ee4j/mail/blob/master/mail/src/main/java/jakarta/mail/Transport.java#L217
Now there is no service query method that determines if implementation is secure. However, there are query methods that don't require resorting to reflection. They are:
1. Inspect Service::getURLName (https://eclipse-ee4j.github.io/mail/docs/api/javax/mail/Service.html#getURLName--) to see if the transport is secure.
2. Check the type of the transport. If you are not using a custom transport the secure transport class contains SSL in the class name.
Jason
________________________________________
From: mail-dev-bounces@xxxxxxxxxxx <mail-dev-bounces@xxxxxxxxxxx> on behalf of Rob Griffin (rgriffin) <Rob.Griffin@xxxxxxxxx>
Sent: Thursday, August 27, 2020 7:29 PM
To: mail-dev@xxxxxxxxxxx
Subject: [mail-dev] Request for enhancement - Show transport protocol version
Hi,
We are using currently using JavaMail in our application (Spotlight on SQL Server Enterprise) but will be switching to Jakarta Mail shortly. We want to warn users when they are using an insecure protocol to send email. We are planning to use reflection to discover which protocol is being used but that is a very hacky way to find this out. Would it be possible to add a method to the API to show the transport protocol and version?
Regards,
Rob Griffin
Software Analyst, Spotlight on SQL Server
Quest | R&D
rob.griffin@xxxxxxxxx<mailto:rob.griffin@xxxxxxxxx> ?
