Audit trail pour Apache JAMES

[chibenwa]

Step 1: Audit trail implementation

In james-core add a AuditTrail class allowing to log critical user actions accross the application.

Usage:

AuditTrail.entry()
    .username(() -> ...)
    .remoteIp(() -> ...)
    .userAgent(() -> ...)
    .protocol(() -> ...)
    .action(() -> ...)
    .parameters(() -> aMap)
    .log();

Use SLF4J logger to back this.

Step 2: Use the audit trail where needed

• [x] SMTP authentication success including username
• [x] SMTP authentication failure including username
• [x] SMTP message spooled including mailId and mimeMessageId, sender, recipients
• [x] Recipient Rewritting ([x, y] rewritten in [w, y, z]) including mailId and mimeMessageId, sender, recipients before and after
• [x] LocalDelivery message including messageId, mailId and mimeMessageId, sender, recipients
• [x] MailRepository including mailId and mimeMessageId, sender, recipients
• [x] RemoteDelivery planned including mailId and mimeMessageId, sender, recipients
• [x] RemoteDelivery success
• [x] RemoteDelivery failure
• [x] JMAP email sent including mailId and mimeMessageId, sender, recipients
• [x] JMAP rights sharing changed including delegator and delegatee and user performing the action, mailboxId and rights
• [x] JMAP delegation including delegator and delegatee and user performing the action
• [x] LMTP email sent including mimeMessageId, MailId, sender, recipients
• [x] IMAP authentication success including username
• [x] IMAP authentication failure including username
• [x] IMAP expunge including list of messageIds
• [x] JMAP Email/set destroy including list of messageIds
• [ ] JMAP forward/set including username and forward list
• [x] JMAP email read (need to be FetchType full) EmailFullViewFactory - including username and messageId
• [x] IMAP email read (need to be FetchType full) FetchProcessor - including username and messageId

[Arsnael]

Log level: INFO

[vttranlina]

the list below is optional?

remoteIp
userAgent
protocol

we can't get this info in some classes

[chibenwa]

protocol can alsways be specified even if it's slightly distorded -> eg protocol=mailetcontainer

userAgent yes we can't always. Let's keep it best effort.

remoteIp -> best effet.

[vttranlina]

Quan concern: user action privacy issue (via logs)? -> Should we have a configuration to enable/disable this log?

[chibenwa]

user action privacy issue (via logs)?

Audit trail is easy to turn off if unwanted via logback.xml...

[quantranhong1999]

WIP: https://github.com/apache/james-project/pull/1738

[quantranhong1999]

LMTP email sent including mimeMessageId, MailId, sender, recipients

If I do not understand wrongly, LMTP email sending shares the SendMailHandler hook with SMTP. => Handled within SMTP message spooled including mailId and mimeMessageId, sender, recipients.

[chibenwa]

Maybe need the protocol to be configurable?

[quantranhong1999]

If I do not understand wrongly, LMTP email sending shares the SendMailHandler hook with SMTP.

Hmm, likely I was wrong. LMTP seems not to use a mail queue to send mail and LMTPServer actually does not include SendMailHandler but uses MailboxDeliverToRecipientHandler to directly deliver messages to local recipients.

[quantranhong1999]

JMAP forward/set including username and forward list

TODO on the TMail side: https://github.com/linagora/tmail-backend/issues/833