Netscape Messaging Server
Tuning Guide
Last update: 2002/05/09 This Tuning Guide has the following sections:
|
Platform Tuning Information | ||||||||||||||||||||||||
Solaris
Tuning Tips
Software Requirements Netscape Messaging Server on Solaris requires the following patches:
Tuning Parameters Modify the TCP settings (in /etc/system): set
tcp:tcp_conn_hash_size=262144
* set
hard limit on file descriptors
* set
soft limit on file descriptors
The following effects occur based on your setting of the maxusers parameter:
Bump up the Directory Name Lookup Cache (DNLC): set ncsize=300000 Bump up the inode cache: set ufs_ninode=300000 (suggested by Solaris support is 35000) If you are using Veritas VxFS, check for the following values:
set vxio:vxfs_ninode 400000 For Veritas support you should visit their site: http://support.veritas.com/. The following should be at the top of /etc/rc2.d/S69inet: # TCP
stack tuning for Netscape Messaging
Note: the hiwat settings above will use this much memory per connection, so be aware of the impact on your system. Also verify that the following parameters are set properly, if needed (in /etc/rc2.d/S69inet): tcp_ip_abort_interval
You should also review whether the Solaris Priority Paging capability is right for you. This is discussed at http://www.sun.com/sun-on-net/performance/priority_paging.html. Solaris 2 Performance tuning is discussed in detail at http://www.sun.com/sun-on-net/performance.html. Solaris Network performance is discussed at http://www.sun.com/blueprints/tools/nddconfig and http://www.rvs.uni-hannover.de/people/voeckler/tune/EN/tune.html. HP-UX Tuning Tips Hardware Requirements Netscape Messaging Server can be run on any system running HP-UX 11.0 (PA-RISC1.1 or better). To determine what your box is, search for the model name in the /usr/sam/lib/mo/sched.models file. Software Requirements Netscape Messaging Server on HP-UX requires:
Certain kernel parameters may be tweaked to optimize performance. These kernel parameters are described in this section and they must be set manually; HP-UX system administration tools (sam, kmtune) will not allow numbers to be set this high. To set these parameters, edit the /stand/system file. After modifying this file, run the following command to build the new kernel: # mk_kernel -o /stand/vmunix and then reboot the system. The parameters and the values to which they should be set are listed below:
These numbers should serve as a baseline for kernel tuning; they are slightly higher than the recommended numbers for safely using a 128MB C160 (workstation class machine). If you set the numbers too high, your system will exhaust lockable memory, and it will fail to start up properly (network tracing and logging daemons will be the first to complain, and X will not work). Note: For workstation class machines with only 128MB of memory, the maxfiles_lim, nfile, and ninode parameters should be helf the values listed above; they should be 16384, 32768, and 16384, respectively. It is unlikely that such a workstation could support the mail load that would require the high file values. Netscape Messaging Server requires many intra-process resources, but comparatively few global resources. For this reason, nproc, nusers, and other similar system-wide resources can be left low to free up memory for inode and thread structures. the exceptions to this rule are nkthread, nfile, and ninode, which also restrict per-process limits. Many of the ndd parameters listed in the Solaris Tuning Tips section would also be appropriate for HP-UX systems. HP-UX maintains a separate configuration file, /etc/rc.config.d/nddconf, to isolate ndd settings at system startup. The parameters tcp_keepalive_interval and tcp_conn_req_max (equivalent to tcp_conn_req_max_q) can be set as described. The xmit/recv values are already at those levels on an HP-UX system. Other HP/UX tuning parameters which may be useful to review include: STRMSGSZ dbc_min_pct dbc_max_pct maxfiles maxswapchunks maxuprc maxusers nflocks nproc nstrpty num_tachyon_adapters ncallout shmmniAIX Tuning Tips Software Requirements On AIX 4.3.2, you must acquire and install AIX patch PTF U463922 on the installation machine before installing the product. Without this patch, the extracting file messages are not displayed during installation. IBM provides patches from the web site http://service.software.ibm.com/cgi-bin/support/rs6000.support/downloads/. Tuning Parameters For Messaging Server 4.0x, AIX requires that the minruncount tuning parameter service.smtp.mailbox-deliver.minruncount be set to 1. To do so, run the following command: # configutil -o service.smtp.mailbox-deliver.minruncount -v 1 AIX Tuning parameters are discussed in detail at the web site http://www.rs6000.ibm.com/doc_link/en_US/a_doc_lib/aixbman/prftungd/tunableaixparms.htm. Linux Tuning Tips System Requirements The system requirements for Linux are described below:
Avoiding Extra Disk Updates By default, every time a file is read Linux writes the access time to disk. Netscape Messaging Server never uses this information. The partitions that hold the server, stores, and queues may be mounted with the noatime option to avoid these extra disk writes. Note: These partitions should not be shared with applications that need access time information (for example, tmpwatch). To make this change, edit your /etc/fstab file. Below is a sample entry: /dev/sda6 /nsmsg ext2 defaults,noatime 1 2 Low Default File Descriptor Limits Low system process file descriptor limits may limit the IMAP connection counts. Linux 2.2 with the appropriate patches can support many connections (64,000), but the system limit is often too low. RedHat 6.0 includes the patches to support 64,000 file descriptors per process. If you are an expert experimenting with non RedHat-kernels, apply the "Alan Cox" patches to get 64,000 file descriptors. Note: An unmodified Linux 2.2 is limited to 1,000 file descriptors per process. The following command raises the system file descriptor limit to 80,000: # echo 80000 > /proc/sys/fs/file-max && echo 80000 > /proc/sys/fs/inode-max Low Default Process Limits A low system process limit of 256 per user may limit thread creation for the default server configurations. Note: Each Linux thread uses a process table entry just like a full process would. To change this, edit /usr/src/linux/include/linux/tasks.h and change NR_TASKS to 1024 or more and MAX_TASKS_PER_USER to be (NR_TASKS-256): #define
NR_TASKS 1024
Rebuild the kernel for these changes to take effect. Not all the Memory is Used By default, Linux only uses 1Gb of memory, even if more is available. A portion of that 1Gb is set aside, so only 960Mb is available. Messaging performance may be enhanced using 2Gb of memory. Note: Some modules (for example, boot ramdisk) may not work with the larger memory limit. If you do not specify a 2Gb limit when you configure the kernel, you can edit the following two files are described below:
Tru64 Unix 4.0d, 4.0e and 4.0f Tuning Tips Software Requirements Additional tuning information can be found at the Compaq Tru64 Unix web site: http://www.unix.digital.com/internet/tuning.htm. Tuning Parameters For Tru64 Unix 4.0d and later, the following parameters should be updated in /etc/sysconfigtab: proc:
max-threads-per-user=20000 task-max=512 thread-max=20000 open-max-soft=32768 open-max-hard=32768
vm-maxvas=8589934592 vm-vpagemax=131072 Software Requirements For Windows NT, you must have Windows NT 4.0 Service Pack 4 or later installed to run and install the Messaging Server 4.15 or later. |
MTA Tuning Information |
Configuration
Parameters
Configuration parameters for the MTA are described below:
Even in 4.1x, the SMTP daemon still does not have a maxsessions parameter; it will plex these threads among as many SMTP sessions as it can. The default for this parameter is 32. For 4.0x, this parameter directly controls the number of active SMTP sessions that can be serviced at one time and that can be safely tuned up to several hundred threads. With the new SMTP thread model in 4.1x, this parameter should be left alone in most cases. service.smtp.smtp-router.minruncount service.smtp.autoreply-handler.minruncount service.smtp.error-handler.minruncount service.smtp.smtp-deliver.minruncount service.smtp.prog-deliver.minruncount service.smtp.unix-deliver.minruncount service.smtp.mailbox-deliver.minruncount The semantics of these parameters are similar to service.smtp.smtp-accept.minruncount but apply to their respective SMTP daemon modules. In most cases, the default values are fine. When increasing the value of any of these parameters, you should exercise the same care as in selecting reasonable values for IMAP/POP/HTTP servers (see the Protocol Tuning Information section). For example, multiplying all the defaults by 10 would not be resonable, but doubling the number of program-deliver threads on a machine that runs a program delivery mail list manager should be fine. service.smtp.account-handler.log service.smtp.autoreply-handler.log service.smtp.error-handler.log service.smtp.mailbox-deliver.log service.smtp.smtp-deliver.log service.smtp.prog-deliver.log service.smtp.unix-deliver.log service.smtp.smtp-router.log These parameters turn on or off the logging for each MTA module. The following parameters default to on (yes) if not set:
service.smtp.error-handler.log service.smtp.smtp-deliver.log
service.smtp.autoreply-handler.log service.smtp.mailbox-deliver.log service.smtp.prog-deliver.log service.smtp.unix-deliver.log service.smtp.smtp-router.log
Our recommended value specifies a language table that only includes languages for which Netscape has resource bundles: The meaning of this parameter is that each line in service.smtp.domainlangtable consists of:
language-list is an ordered list of languages separated by commas or pipes (|). Currently the ,'s and |'s have the exact same meaning. (We were intending to have the |'s be used when you want to display more than one language (e.g. for a reply to Canada send both English and French), but that never go into the product.) To make your life simpler, it's probably best to just use commas everywhere until functionality changes. The meaning of a line like:
The From:, To: and CC: lines are rewritten. The overhead is an additional LDAP lookup on the From: address. The To: and CC: addresses should already be cached and no additional lookup is required. The default value for this parameter is quoted. A value of never turns the header rewriting off.
This parameter controls not only the size of the SMTP LDAP pool, but also specifies the default size of the LDAP pool used by other messaging server processes. Since there is no way to change the LDAP pool size for other processes, this effectively sets the pool size for all messaging server processes. The default for this parameter is 32, which should be adequate in most cases. Decreasing the value of this parameter may actually help performance in some situations, particularly if you have many IMAP/POP/HTTP daemons since you will be swapping LDAP with too many total connections. However, care should be taken when dropping this number to avoid introducing contention for the LDAP connection among the other working threads. Dropping this value below 8 in most cases is not recommended. Increasing this value by a large amount is usually just a waste of resources.
By default, this value is not set; and works as if set to yes. service.smtp.smtp-router.dorewritesenderusingauth These parameters will rewrite the From: and Sender: headers with the information from the authentication session. service.smtp.smtp-accept.timeoutdata These parameters help make sure that connections that are not used and not closed get closed after a certain amount of time. By default, these parameters are set to 600 seconds (10 minutes). If users are sending large attachments over slow dialup lines, you may need to modify these to avoid connections waiting for threads. service.smtp.prog-deliver.defaultgid This is the user and group IDs used for program delivery. By default these values are 1, which often corresponds to the daemon use and other group in your local /etc/passwd file. service.smtp.error-handler.quotaexceedactions service.smtp.error-handler.unknownactions These parameters describe the error handling when the MTA hop count is exceeded, quota is exceeded, or something unknown happens. These values are numeric sums of the following actions:
Messaging Server 4.x provides two additional ways to stop denial of service attacks along with plugins and filters:
To throttle SMTP accepts, configure the following parameters:
The default value is 100000.
There is no parameter default value; the internal value is 2000. The MTA will fail to start if it doesn't find a postmaster account, nor will it start if it finds more than one postmaster account. More information is available from http://help.netscape.com/kb/corporate/19990216-3.html. Routing Multiple Recipients The SMTP routing is done after the envelope of the message has been split on recipient domains. This means that if you route all mail with one routing rule in a routing table: *:smtp.otherdomainand send a message to user1@mydomain and userX@yourdomain, then the server sends two messages to smtp.otherdomain: one for user1 and one for userX. This is probably not efficient if you have a hub or router machine that handles all outgoing mail. Caching LDAP Queries Each time an LDAP query is made (on message senders and recipients), the entry info is kept; it is 'tagged' by the search that retrieved the entry (could be either recipient address or UID). This information is kept in memory, roughly tracking the Control information for the message (stored separately, but linked) and removed when the message is delivered or dropped. Theoretically, this keeps us to one LDAP entry per recipient per message; and most of the time this is the way it works out. Note: The LDAP information between messages is not cached; it is assumed that there is little chance of random messages containing the same recipients. DNS Caching For performance reasons, the MTA caches DNS entries. The following describes the impact and process of the caching.
Turning DNS Caching off Starting with Messaging Server 4.1 Patch 2 and 4.15 Patch 1, DNS caching by the MTA can be turned off if you wish to have more control over the DNS behavior. The following configuration setting will turn off DNS caching in the MTA:
Customer experience shows that the following should improve performance on outbound SMTP servers. They usually build up to large SMTP Deliver queues causing the server to stop accepting incoming connections. Specifically, the lower setting for smtp-deliver.timeoutgreet and higher setting for smtp-deliver.minruncount are important.
configutil -o service.imap.enable -v no configutil -o service.pop.enable -v no configutil -o service.ldapmemcache -v no configutil -o service.smtp.smtp-deliver.minruncount -v 130 configutil -o service.smtp.smtp-accept.minruncount -v 140 configutil -o service.smtp.smtp-router.minruncount -v 50 configutil -o service.smtp.smtp-deliver.timeoutgreet -v 30 configutil -o service.smtp.account-handler.minruncount -v 40 configutil -o service.smtp.error-handler.minruncount -v 3 configutil -o service.smtp.mailbox-deliver.minruncount -v 1 configutil -o service.smtp.unix-deliver.minruncount -v 1 configutil -o service.smtp.prog-deliver.minruncount -v 1 configutil -o service.smtp.autoreply-handler.minruncount -v 1 setconf local.dbtxnsync 1
Starting with Messaging Server 4.15 Patch 1, you can create a fallback host ("host of last resort") so that if you timeout connections on all of the remote MTAs, you can route messages to a fallback MTA; for example a local MTA that acts as an offline deferred queue. The following configuration setting will enable a fallback host for the MTA:
If the real MXs for the domain are all dead, these pseudo-MX IP addresses will float to the top and stay there for the duration of TTL (typically). Trivial case of *:<host> forwards all deferred mail to <host>. Beginning with Messaging Server 4.15 Patch 1, the ability to turn off LDAP lookups for outbound-only relays is available through the following configuration parameter:
For example:
*
will make everything remote.
In Messaging Server 4.1, the queue handling is designed using a structure based on a directory containing control files and auxiliary directories containing the body of the messages. The idea is to use status attributes in the control files holding information about:
The queue reporting tool, mailq, performs a count of the number of envelope files in the control directory for a deferred domain and displays that information to the user. Differences between 4.0x and 4.1x Queueing Behavior The organization of the deferred directory for SMTP delivery has been changed between 4.0x and 4.1x. Multi-level hash directories have been employed to fan-out domains and message files under queue/deferred/SMTP-Deliver. The hash directories are two levels deep, and is computed for domainname and also for the message files. The hashdir utility can be used to find the hash values. The deferred queue for the domain netscape.com in 4.0 was queue/deferred/SMTP-Deliver/netscape.com/env-XXX. The 4.1 deferred queue is queue/deferred/SMTP-Deliver/xx/yy/netscape.com/env-XXX, where xx and yy is the hash value computed over netscape.com. Additionally, in 4.0x when a message was deferred the message file was left in the /messages directory, and only the envelope file was moved to the deferred directory. In 4.1, the message file is now also moved to deferred directory. Ie. queue/deferred/SMTP-Deliver/xx/yy/netscape.com/aa/bb/XXXXXXXX.XXX, where XXXXXXXX.XXX is the message file. This was changed to minimize the number of files in the messages directory. Queue Processing when the MTA is Started On start up, the MTA will attempt a sanity check between contents of the files in the queue/control/env-XXX and the files under queue/messages. In 4.0x, since we're leaving the message files for deferred messages in the queue/messages directory, a situation could arise where one ended up with many tens of thousands of files in the queue/messages directory (say if a site like hotmail.com is down). This considerably slows down the checking performed by the server at start up. To prevent this situation from occurring the deferred messages are no longer kept in the queue/messages directory. In 4.1x, since we move deferred message files to their own directory under queue/deferred/SMTP-Deliver, and also since the default throttle limit for the server is 2000, we should rarely, if ever, end up with a situation where there are 20,000 message files in the messages directory. It is conceivable that this processing could be done in the background, but this is not the way 4.x has been architected. Also it is questionable to start the MTA without doing a sanity check first. Note: The deferred queue is not processed on start up. Mail Headers If a message is received with only one (envelope) recipient, then the MTA will put the recipient address into the Received: header. For multiple recipients, it adds no extra information. For example, the following is what you may see for a single recipient: Received: from yourdomain (yourmailserver.yourdomain [XXX.YYY.ZZ.AA]) by anotherserver.yourdomain (Netscape Messaging Server X.Y) with ESMTP id AAA5555 for <user1@testenv.yourdomain>; Fri, 14 Jan 2000 15:00:00 -0700while for multiple recipients, you would see: Received: from yourdomain (yourmailserver.yourdomain [XXX.YYY.ZZ.AA]) by anotherserver.yourdomain (Netscape Messaging Server X.Y) with ESMTP id AAA5555; Fri, 14 Jan 2000 15:00:00 -0700Language criteria for Replies The Messaging Server uses the following criteria for determining the language of replies:
The sendmail utility is a fixed command located at /usr/lib/sendmail which is part of the Messaging Server. Since multiple instances of the Messaging Server can be installed, but only one of /usr/lib/sendmail, this causes issues with which sendmail utility to use. Starting with Messaging Server 4.05 Patch 1, 4.1 Patch 2 and 4.15 Patch 1, the following configuration parameters are now available for use by the sendmail utility:
local.service.sendmail.port
The sendmail utility now does the following when looking up its listen address and port number:
|
Messenger Express (WebMail) Tuning Information |
Configuration
Parameters
Configuration parameters for Messenger Express (WebMail) are described below:
If you have a reverse proxy requirement, where the clients will not be connecting directly with the daemon, you will probably need to disable (set to no) this parameter. Note: disabling this parameter will not restrict the session ID available to the authenticating IP address. There are several LDAP attributes used by WebMail. Some of these are defined here:
WebMail uses the LDAP language extension. This is the only way in which it can let the MTA know which language to use for auto-reply messages, for applying the appropriate MIME encoding for header and body. More information about the LDAP language extension can be found at: http://www.cis.ohio-state.edu/htbin/rfc/rfc2596.html |
Security Tuning Information |
Configuration
Parameters
Configuration parameters for security are described below:
The default value is 900 seconds, which is on the short side. With the average POP client performing POP checks every 10 minutes, this value would result in an LDAP search being done for every other POP check. Typically, values on the order of a few days are recommended for ISPs. The authentication cache is not persistent across server restarts, and it is not shared between different processes. The value of the authentication cache is reduced if proxyauth is used for final user login to the mail store machines as may be the case in some Multiplexor configurations.
The default value is 10,000 entries, which is fine for servers with user populations smaller than 10,000 users.
Data stored here is necessarily temporary; state is not kept over server restarts. Authenticated SMTP can be enforced within specified domains by using the service.smtp.authmaildomain parameter. This is a space-separated list of entries and can only be set by IP address. (Domain names are either spoofable, or take too long to look up in DNS.) Partial IP addresses are implicitly "asterisked," and exceptions can also be entered by starting with a !. If finer tuning is needed, a bit mask can be entered after the restricted IP (separated by a tab). For example: 202.11. will require any IP address 202.11.x.x to AUTH before sending mail (NOTE: the trailing . is needed on 1 or 2 digit octets, otherwise 202.111.x.x will match, which is probably not what is wanted.) 202.11. !202.11.33.233 will allow 202.11.33.233 to connect without AUTH even though it's in the above domain. You may also specify a mask, for example: 202.11.170.<tab>255.255.240.0 will restrict logins from (hex) CA.11.Fx.xx to be authenticated. Specifying Mailbox Access Domains
The mailAccessDomain filter syntax is:
Or, to restrict the MMP to a SUBNET/IP range, but leave the store open, if it's behind a secure lan:
If you do not know a user's password, it is possible to authenticate against the message store so that you can select a mailbox to check for new messages. To do so:
The Authentication SDK is discussed in the Plugin section. |
Store Tuning Information |
Configuration
Parameters
Configuration parameters for the store are described below:
The dbtmpdir parameter controls where these cache files are placed, and should be placed on a RAM backed file system on operating systems that support this feature (for example, /tmp/msg_dbtmpdir on Solaris). Note: this is unlikely to greatly improve performance for running the reconstruct utility. The performance gain for store.dbtmpdir will only be felt if you have greater than 100,000 users, a correspondingly large data.db2 file (say greater than 50MB) and you've started to increase store.dbcachesize to compensate (say something greater than 100MB). This is exactly the same mechanism used in directory for storing the cache on a tmpfs to avoid excessive and unnecessary page-outs of data that is inherently volatile and deletable. To know if you need this, look for high wait-times and lots of write io's on your disk volume containing mboxlist.
This parameter is not applicable for the 4.01 server, as it was added to 4.03 and later patches to correct problems in the 4.0 and 4.01 servers. The default value is 1000. For large machines, this value should be set between 100-200. For small boxes, this value should be left at 1000 or even increased.
The 4.x mail store does not unlink message files as soon as they have been deleted via IMAP expunge or POP delete. Instead, the server keeps track of all the messages that have been placed in a deleted state and unlinks the files at the specified hour. This was done to improve performance during peak server usage since unlink() is a potentially slow action executed in filesystem (kernel) space. For IMAP servers, this expire run normally deletes a relatively small percentage of the messages in the mail store. On a POP server, this nightly expire run can potentially delete a very large percentage of the messages in the mail store since POP is a download-and-delete protocol. This can translate to several hours of intensive filesystem activity during the expire run, so care should be taken when selecting a value for the parameter to avoid loading the system during peak usage hours. The default value is 23, which specifies that the expire run should occur during the 11:00pm hour. Finer specification beyond specifying what hours to run is not possible. The default value of 23 is appropriate for enterprise deployments where the server sees very little usage at night. For an ISP, an off hour such as 03 (3:00am) may be more appropriate.
Starting with NMS 4.03, and included in the 4.1x and later releases, the Messaging Server writes all messages in fdatasync() mode. This includes messages in the queue, envelope log information, messages written to the store, and metadata within the store, including indices, cache, etc. Using the following configuration parameters, it can be modified to either using the fsync() mode or no syncing at all (allowing filesystem syncs to handle all issues): local.dbtxnsyncThis parameter will turn off calling the fdatasync() routine that causes transactions to be synchronized to disk everytime a transaction occurs and allow the filesystem/drive array to schedule the syncs itself. local.store.messagesynclevel local.store.cachesynclevel local.store.indexsynclevel local.store.expungesynclevel local.store.perusersynclevel local.store.subscribesynclevel local.store.synclevelThese parameters can be set to a value of 0, 1, or 2. While local.dbtxnsync applies to all database transactions, the local.store.* parameters apply to the store indices and values. If set to 0, all writes related to file descriptors used by the store are sync'd according to the OS and filesystem. If set to 1 (the default), all writes related to file descriptors use the fdatasync() command, which forces all currently queued I/O operations associated with the file descriptor to synchronized I/O data integrity completion. If set to 2, an fsync() moves all modified data and attributes associated with the file descriptor to a storage device guaranteeing that all in-memory modified copies of buffers associated with the file descriptor have been written to disk. Note: If local.store.synclevel is set, then by default (unless specifically overwritten), the other local.store.*synclevel parameters will use that value. local.service.smtp.envelopesynclevel local.service.smtp.messagesynclevelThese parameters can be set to a value of 0, 1, or 2, as noted above. While local.dbtxnsync and local.store.* apply to all database and store transactions, respectively, the envelopesynclevel and messagesynclevel apply only to the MTA. With a higher synchronization level, you will have worse performance, but if data integrity is the most important issue, then turning up the synchronization level may be what you want. (Please review your system's man pages for more information on what fdatasync() and fsync() mean.) Single Copy Message Store Unlike Single Copy Message Store (SCMS) capabilities in NMS 3.x, the NMS 4.x has SCMS that works and cannot be turned off. It is implemented as hard links on both Unix and NT, and can be archived using normal filesystem utilities. The reference count is kept by the filesystem, not the Messaging Server. The message size is counted towards the quota of each mailbox that contains a link to the message file. reconstruct and Message Store Maintenance reconstruct is a utility used to rebuild data in the message store. The message store consists of a master mailbox list (mboxlist) and individual user folders and messages. Each entry in the mboxlist corresponds to a folder in the specific user area. reconstruct as well as reconstruct -r is used to rebuild the individual user folders in case they become corrupted or inconsistant. (The -r option specifies a recursive reconstruct on user folders.) Damaged user folders are usually detected from errors in logs, as well as actual user reports and complaints.
Joe1 reports that he can not access his messages in his INBOX. The system otherwise appears to be working properly. Therefore the admin would assume the folder has become inconsistant and run the following:
reconstruct -m is used to rebuild the master mailbox list (mboxlist). The mboxlist is protected by a logging database, and is thus difficult to corrupt. After a mail server crash or system crash, the mail server will automatically attempt to recover itself. During this recovery period, you may get a warning message that the message store has not come up in the expected time period. If stored is running, it is likely still in the recovery process. If stored is not running, you should check the stored log file as specified by the warning message. Do not try to restart the store daemon. Most likely the recovery process will succeed and the store will come up. If it does not, the log files will indicate you need to run reconstruct -m. In order to run reconstruct -m in this particular situation (catastrophic failure of the database system) you need to keep the store down, delete the contents of the store/mboxlist directory, and run reconstruct -m. Besides (in addition to) catastrophic recovery, reconstruct -m is also used to resynchronize the mboxlist with the user folders. The mboxlist is the absolute definition of which user folders are valid. Therefore, if a user folder exists in the store, but is, for some reason, not recorded in the mboxlist, the user will be unable to access this folder. Currently this situation may be the result of some restore functions as described in backup/restore. Although unlikely, it may also happen in the case of rare system failures. The symptoms are that the folder physically exists in the store, yet it can not be accessed through the server, and reconstruct claims it does not exist. In this case, you would run reconstruct -m on a running store WITHOUT removing any files as described under catastrophic failure. reconstruct -m will sift thru all existing folders without much interference to normal operation, and resynchronize existing folders into its database. Now that the mboxlist knows about the folder, a reconstruct can be run on the specific folder in order to make sure the folder is rebuilt correctly. For example:
Looking in the joe1 directory in the message store, it appears as if there is valid data there. Thus we conclude the joe1 folder is not in the mboxlist database, and run a reconstruct -m. Then we run a reconstruct user/joe1/INBOX to make sure the folder is consistent.
In this extremely unlikely case, we know the mboxlist database is damaged. So following normal proceedures, we would do the following: Excepting hardware failures, the two leading causes of message store corruption are lack of disk space and manual manipulation of files. Disk space is absolutely required for a mail server to function as desired. Running out of disk space often leads to administrators trying to move files around and sometimes manually removing them. This very frequently results in some type of corruption. If you can avoid these two things, there is a very high probability you will avoid some VERY undesirable situations. Deleting Orphaned Mailboxes Orphaned mailboxes (formerly active mailbox accounts that have had their LDAP entry deleted) can be deleted with the following two-step process:
The actual commands themselves look something like this: mboxutil -d /user/test/annie/INBOX
|
High Availability Tuning Information |
Tuning
VxFS to Prevent Kernal Map Fragmentation
Noticeable performance slowdowns may be experienced when running Veritas File System (VxFS) 3.x on large memory (more than 1GB RAM) machines. The fragmentation occurs after VxFS allotts large amounts of memory for buffer cache use due to an immediate need and then frees the buffers when they are no longer needed. This occurs most commonly after a backup process has been run on a file system. This issue affects all users who match all of the following criteria:
To determine if you have a kernel map fragmentation problem, use the following command: # echo "map kernelmap" | crash | grep SEGMENT If the total number of segments returned by this command is over 5,000, then the system is most likely experiencing a slowdown during memory allocations which can affect general performance. Veritas inode Issues One of the benefits of the VxFS file system is the promise of unlimited inodes; the ability to create an unlimited number of directories and files in a file system. However, VxFS has a bug that could limit the number of inodes to just over 8 million. To overcome this limitation, you can do one of the following:
# /usr/lib/fs/vxfs/fsadm /data This command returns either nolargefiles or largefiles. If nolargefiles is returned, change the setting with the following: # /usr/lib/fs/vxfs/fsadm -o largefiles /data The fsadm command should be run while the file system is mounted. It will not disrupt the normal operation of the file system. VxFS Tuning and Support For Veritas support and tuning issues you should visit: http://support.veritas.com/. Directory Server failover You can specify multiple LDAP servers for failover conditions if one of them goes down. To do this, you need to specify multiple LDAP servers in the local.ugldaphost parameter and set the local.ugldapuselocal parameter to yes. For example, if you specify: configutil -o local.ugldaphost -v "ldap01.yourdomain ldap02.yourdomain" configutil -o local.ugldapuselocal -v "yes"then if ldap01.yourdomain becomes inaccessible, it will fail over to use ldap02.yourdomain. Implementing RAID for Messaging The recommended method for implementing RAID for messaging is to stripe first, then mirror. With the many areas of storage used by the Messaging Server, it has been found that RAID 0+1 for the message queue(s) and a hardware RAID5 solution for the mail store (software RAID being slow) works for some customer configurations. |
Backup and Restore Information |
Configuration
Parameters
Backup Tips and Information You can backup your file system either live or from a snapshot; either method will serve to get the bits on tape. For recovery, you should shut down the server and restore the message store from tape, plus any incremental backups. If you're restoring everything, you should wipe out the mboxlist database and then run reconstruct -m to restore the mboxlist information and the quota information. If you did not perform the backup from a snapshot, you must run reconstruct -r to rebuild the index files in each folder. Restoring a Single Message To restore a single message, locate the #.msg file and use the deliver utility to push it back into a folder. Then run the following command: reconstruct -r <mailbox> where <mailbox> includes something like user/<userid>/inbox.old. Restoring a User's Inbox To restore a particular Inbox:
where <mailbox> includes something like user/<userid>/inbox-old. To restore a single folder, move the folder from the backup tape to the user's directory (for example, partition/primary/=user/<hashdir_result>/<userid>/inbox.old). Then, run the following command: # reconstruct -r <mailbox> where <mailbox> includes something like user/<userid>/inbox.old. |
Recovering
a User's Messages
The following details a temporary workaround so that a user (mrobinson, in this example) can get access to his/her mail:
Note: Do not copy the store.* files; leave the ones that already exist in =restored.
This may be run while the server is up. The messages should now be in the user's restored folder. |
MTA Plugin and UBE Information |
Understanding
Plugins
Plugins are discussed at: http://home.netscape.com/eng/server/messaging/4.1/api/plugapi.htm and http://home.netscape.com/eng/server/messaging/4.1/papi/contents.htm. Authentication SDK (ProxyAuth) information can be found under your Messaging Server installation at <server-root>/bin/msg/authsdk/. Writing Plugins Issues related to writing plugins include:
A very important distinction here is that authentication may only happen once.
return PP_DONE and don't DEFERLINE. Remember, the real server is at the bottom of the stack. |
Install and Upgrade Information |
Understanding
Installation and Upgrade
Installation is discussed in detail at: http://docs.iplanet.com/docs/manuals/messaging/nms41/install/contents.htm upgrade utility When using the upgrade utility with the -r option to remove messages, it first converts the file from Messaging Server 3.x format to 4.x format; if successful, it removes the 3.x file, and then moves onto the next file for conversion. |
Revision History |
|
© Copyright 1999, 2000 Netscape Communications Corp., a subsidiary of America Online, Inc. All rights reserved.