MtaTlsStrategy
Defines a TLS security strategy for outbound connections.
This object can be configured from the WebUI under Settings › MTA › Outbound › TLS Strategies
Fields
name
Type:
String· read-onlyShort identifier for the TLS strategy
allowInvalidCerts
Type:
Boolean· default:falseWhether to allow connections to servers with invalid TLS certificates
dane
Type:
MtaRequiredOrOptional· default:"optional"Whether DANE is required, optional, or disabled
description
Type:
String?A short description of the TLS strategy, which can be used to identify it in the list of strategies
mtaSts
Type:
MtaRequiredOrOptional· default:"optional"Whether MTA-STS is required, optional, or disabled
startTls
Type:
MtaRequiredOrOptional· default:"optional"Whether TLS support is required, optional, or disabled
mtaStsTimeout
Type:
Duration· default:"5m"Maximum time to wait for the MTA-STS policy lookup to complete
tlsTimeout
Type:
Duration· default:"3m"Maximum time to wait for the TLS handshake to complete
JMAP API
The MtaTlsStrategy object is available via the urn:stalwart:jmap capability.
x:MtaTlsStrategy/get
This is a standard Foo/get method as defined in RFC 8620, Section 5.1.
This method requires the sysMtaTlsStrategyGet permission.
curl -X POST https://mail.example.com/api \
-H 'Authorization: Bearer $TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"methodCalls": [
[
"x:MtaTlsStrategy/get",
{
"ids": [
"id1"
]
},
"c1"
]
],
"using": [
"urn:ietf:params:jmap:core",
"urn:stalwart:jmap"
]
}'
x:MtaTlsStrategy/set
This is a standard Foo/set method as defined in RFC 8620, Section 5.3.
Supports create, update, and destroy operations in a single call.
Create
This operation requires the sysMtaTlsStrategyCreate permission.
curl -X POST https://mail.example.com/api \
-H 'Authorization: Bearer $TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"methodCalls": [
[
"x:MtaTlsStrategy/set",
{
"create": {
"new1": {
"allowInvalidCerts": false,
"dane": "optional",
"description": "Example",
"mtaSts": "optional",
"mtaStsTimeout": "5m",
"startTls": "optional",
"tlsTimeout": "3m"
}
}
},
"c1"
]
],
"using": [
"urn:ietf:params:jmap:core",
"urn:stalwart:jmap"
]
}'
Update
This operation requires the sysMtaTlsStrategyUpdate permission.
curl -X POST https://mail.example.com/api \
-H 'Authorization: Bearer $TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"methodCalls": [
[
"x:MtaTlsStrategy/set",
{
"update": {
"id1": {
"description": "updated value"
}
}
},
"c1"
]
],
"using": [
"urn:ietf:params:jmap:core",
"urn:stalwart:jmap"
]
}'
Destroy
This operation requires the sysMtaTlsStrategyDestroy permission.
curl -X POST https://mail.example.com/api \
-H 'Authorization: Bearer $TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"methodCalls": [
[
"x:MtaTlsStrategy/set",
{
"destroy": [
"id1"
]
},
"c1"
]
],
"using": [
"urn:ietf:params:jmap:core",
"urn:stalwart:jmap"
]
}'
x:MtaTlsStrategy/query
This is a standard Foo/query method as defined in RFC 8620, Section 5.5.
This method requires the sysMtaTlsStrategyQuery permission.
curl -X POST https://mail.example.com/api \
-H 'Authorization: Bearer $TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"methodCalls": [
[
"x:MtaTlsStrategy/query",
{
"filter": {
"name": "example"
}
},
"c1"
]
],
"using": [
"urn:ietf:params:jmap:core",
"urn:stalwart:jmap"
]
}'
The x:MtaTlsStrategy/query filter argument accepts the following conditions (combinable with AnyOf / AllOf / Not per RFC 8620):
| Condition | Kind |
|---|---|
name | text |
CLI
stalwart-cli wraps the same JMAP calls. See the CLI reference for installation, authentication, and general usage.
Fetch
stalwart-cli get mta-tls-strategy id1
Create
stalwart-cli create mta-tls-strategy \
--field allowInvalidCerts=false \
--field dane=optional \
--field description=Example \
--field mtaSts=optional \
--field startTls=optional \
--field mtaStsTimeout=5m \
--field tlsTimeout=3m
Query
stalwart-cli query mta-tls-strategy
stalwart-cli query mta-tls-strategy --where name=example
Update
stalwart-cli update mta-tls-strategy id1 --field description='Updated'
Delete
stalwart-cli delete mta-tls-strategy --ids id1
Enums
MtaRequiredOrOptional
| Value | Label |
|---|---|
optional | Optional |
require | Required |
disable | Disabled |