For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

Mail

Module Mail

Provides classes and predicates to reason about email vulnerabilities.


                                import semmle.code.java.security.Mail

Mail	Provides classes and predicates to work with email
java	Provides all default Java QL imports.

enablesEmailSsl	Holds if `ma` enables TLS/SSL with Apache Email.
hasSslCertificateCheck	Holds if a SSL certificate check is enabled on an access of `apacheEmail` with Apache Email.
isInsecureMailPropertyConfig	The insecure way to set Java properties in mail sessions. 1. Set the `mail.smtp.auth` property to provide the SMTP Transport with a username and password when connecting to the SMTP server or set the `mail.smtp.ssl.socketFactory`/`mail.smtp.ssl.socketFactory.class` property to create an SMTP SSL socket. 2. No `mail.smtp.ssl.checkserveridentity` property is enabled.