These are Administration Guide changes from 819-4428-10 to 819-4428-12. < > angle bracketed words indicate deleted text with replaced by words immediately following. [ ] bracketed words indicated new text.
Chapter 1, Post-install Tasks and Layout
1) <$(192.45.67.89/24)> $(192.45.67.89/32)
2) <first 24> full 32
When you <upgraded>installed previous versions of Messaging Server, the /usr/lib/sendmail binary was replaced with a component of the <sendmail>Messaging Server product. In Messaging Server, Messaging Server {6.0 to the current version,} this replacement during <upgrade>install is no longer <occurs>necessary. Therefore, you may need to obtain the proper version of the /usr/lib/sendmail binary from the most current sendmail patch.
<FEATURE("nullclient', "smtp:rhino.west.sesta.com')dnl MASQUERADE_AS("west.sesta.com')dnl define("confDOMAIN_NAME', "west.sesta.com')dnl> Replaced by: FEATURE(`nullclient', `smtp:rhino.west.sesta.com')dnl MASQUERADE_AS(`west.sesta.com')dnl define(`confDOMAIN_NAME', `west.sesta.com')dnl
Chapter 2, Upgrading from Messaging Server 5.2 to Sun Java System Messaging Server
All of this moved to the technical article entitled: Upgrading from Messaging Server 5.2 to Sun Java System Messaging Server.
Chapter 3, Configuring High Availability
3.1 Supported Versions Moved to Release Notes
3.4.1 Sun Cluster Requirements. Version requirements are moved to Release Notes.
Chapter 4, Configuring General Messaging Capabilities
4.4.1 To Start and Stop Services in an HA Environment
To Start, Stop, Restart in Veritas <1.3, 2.0, 2.1,>3.5, 4.0, 4.1 and <3.5> 5.0 Environments
4.4.2 To Start and Stop Services in a non-HA Environment. Minor typos.
4.4.3 Starting and Stopping a Messaging Server Running in MTA-only Mode. New section!
4.6 To Schedule Automatic Tasks
1) <A fully qualified command pathname is required.>Paths can be relative to msg-svr-base or absolute paths. See Pre-defined Automatic Tasks for relative path examples.
2) <send SIGHUP to> refresh the scheduler process: <kill -HUP> refresh sched [scheduler_pid]
<20,40,60> 0,20,40
4.8 To Set a User-Preferred Language
<accept-language> Accept-Language (twice!)
Chapter 5, Configuring POP, IMAP, and HTTP Services
5.2.1 To Allow Log In without Using the Domain Name
<inetdomainsearchfilter> inetDomainSearchFilter
<You don't need to disable password login to enable certificate-based login. If password login is enabled, and if> If
<Ibiff> iBiff (twice)
<As mailsrv run> Run:
<local.store.notifyplugin.ensHos> local.store.notifyplugin.enshost <local.store.notifyplugin.ensHost> local.store.notifyplugin.enshost <local.store.notifyplugin.ensEventKey> local.store.notifyplugin.enseventkey <local.store.notifyplugin.ensEventKeyl> local.store.notifyplugin.enseventkey
Chapter 6, Enabling Single Sign-On (SSO)
No changes.
Chapter 7, Configuring and Administering Multiplexor Services
7.2.3 Certificate-Based Client Authentication
<certmap>certmap.conf
To Configure MMP with SSL (Version 13)
Steps 2, 3, Note removed:
<2. If you have installed the Admin Server . . . >
<3. Since the sslpassword.conf file is set . . . >
< NOTE: An alternative approach to steps 1-8 . . .>
Steps 5 & 6 consolidated into a single step: [If you do not want to use SSL between the . . .]
7.4.1.1 IMAP Configuration Example
1) </opt/SUNWmsgsr/config/cert7.db> /opt/SUNWmsgsr/config/cert8.db
2) <"".> /opt/SUNWmsgsr/config/sslpassword.conf
7.4.1.2 POP Configuration Example
<It also provides a spoof message file.>
7.5.1 To Configure Mail Access with MMP
<is not configured automatically, it has to be explicitly configured. In addition, the MMP>
7.5.2 To Set a Failover MMP LDAP Server
1) <IMAPProxyAservice.cfg>ImapProxyAservice.cfg
2) </o=INTERNET"> /o=internet
3) [Make sure there is a space between the host names in the above configuration.]
No substantive changes.
Chapter 9, MTA Address Translation and Routing
9.1.1.2 Domain Map Determination of Domain Locality
Appended to end of section:
[Two MTA options support more efficient domain lookups from user base domain names. They are LDAP_BASEDN_FILTER_SCHEMA1, which is a string specifying a filter used to identify Schema 1 domains when performing user base domain name searches. The default is the value of LDAP_DOMAIN_FILTER_SCHEMA1 if that MTA option is specified. If neither option is specified the default is (objectclass=inetDomain). LDAP_BASEDN_FILTER_SCHEMA2 is a string specifying additional filter elements used to identify Schema 2 domains when performing user base domain name searches. The default is the value of LDAP_DOMAIN_FILTER_SCHEMA2, if that MTA option is specified. If neither option is specified, the default is an empty string.]
Added to bulleted MTA option list: LDAP_DOMAIN_ATTR_CATCHALL_MAPPING (no default value)
9.1.3.12 Optin and Presence Attributes
1) Rewrote the first sentence to: The LDAP_OPTIN1 through LDAP_OPTIN8 MTA options specify LDAP attributes for per-user spam filter opt-in values based on destination addresses.
2) Added the following to first paragraph: LDAP_SOURCE_OPTIN1 through LDAP_SOURCE_OPTIN8 provide comparable originator-address-based per-user spam filter optins.
9.1.4 To Modify Group Membership Attribute Syntax New section.
Chapter 10, About MTA Services and Configuration
<c_channel>b_channel <d_channel>a_channel
10.3.1 File Format in the Mappings File
1) In entire chapter: <use_text_database> use_text_databases
2) <252> 256 and 1024 characters respectively. [The maximum size of a line in the mapping file is 4096.]
In entry for $E: [$+1E exits immediately without interpreting the rest of the template.]
In entry MAX_MESSAGES [The minimum value is 10.]
10.9 To Convert Addresses from an Internal Form to a Public Form
<NOTE: Messaging Server provides other facilities for address manipulation, such as the aliases file and specialized mapping tables. For best performance, however, rewrite rules should be used whenever possible to perform address manipulations. See Chapter 11, Configuring Rewrite Rules.>
[Messaging Server provides other facilities for address manipulation, such as the aliases file and specialized mapping tables. For best performance, however, rewrite rules should be used whenever possible to perform address manipulations. See Chapter 11, Configuring Rewrite Rules.]
Added. Completely new.
10.10.4.1 To Block Content Return on Large Messages
Appended at end:
[The MTA fetches the block limit associated with the envelope return address and will set RET=HDRS if no return policy is specified and the message size exceeds the block limit. This prevents nondelivery reports for large messages from being undeliverable themselves. No new options or settings are associated with this change.]
10.12 Optimizing MTA Performance. New section.
10.12.1 Optimizing Authorization Checks to the LDAP Directory for Messages Addressed to Mailing Lists. New section.
Chapter 11, Configuring Rewrite Rules
Added entry for $nT: Overrides the default ALIAS_MAGIC setting, where n is an appropriate value for the ALIAS_MAGIC MTA option. Overrides the setting for the domain when the rule matches during alias expansion.
Added entry for $. See manual.
Chapter 12, Configuring Channel Definitions
New Channels: addresssrs, caption, chunkingclient, chunkingserver, description, destinationspamfilterX, destinationsrs, disabledestinationspamfilterX, disablesourcespamfilterX, ignoremessageencoding, ignoremultipartencoding, interpretmessageencoding, interpretmultipartencoding, noaddresssrs, nochunkingclient, nochunkingserver, nodestinationsrs, nosourcesrs, sourcespamfilterX, sourcesrs.
New sections: 12.4.6 Support for SMTP Chunking, 12.6.20 Recipient Address Handling, 12.8.5 Interpreting Content-transfer-encoding Fields on Multiparts and Message/RFC822 Parts, 12.12.9 Set Channel Displays for Monitoring Framework
12.12.5 Spam Filter Keywords. Rewrote and added new keywords.
Chapter 13, Using Predefined Channels
tcp_local entry adds the following: [Sometimes tcp_local gets mail from remote SMTP hosts via proxy or firewall. tcp_local is also sometimes used for internal relay activities.]
Added a lot of new material including a new section Including Conversion Tag Information in Various Mapping Probes.
Chapter 14, Integrating Spam and Virus Filtering Programs Into Messaging Server
LDAP_optinX rewritten. LDAP_SOURCE_OPTINX added.
New entry for USERNAME_MAPPING.
To Specify User-level Filtering
New Note added to Step 1.
To Specify Domain-level Filtering. New Note added to Step 1.
14.7 Support for Sieve Extensions. New paragraph added (3rd from top).
<spamfilterX_config_file=/opt/SUNWmsgsr/lib/milter.opt> spamfilter1_config_file=/opt/SUNWmsgsr/lib/milter.opt
14.10 Other Anti-Spam and Denial-of-Service Technologies. New section.
14.10.1 Anti-Spam Technique: Delay Sending the SMTP Banner. New Section
Chapter 15, Handling Forged Email Using the Sender Policy Framework
15.7 Handling Forwarded Mail in SPF Using the Sender Rewriting Scheme (SRS). New Section
16.5.1 To Configure Back End Stores with LMTP and a Minimal MTA. Rewritten.
16.5.4 Handling 4.2.1 Mailbox Busy Error in Response to LMTP Message Data. New section
Chapter 17, Vacation Automatic Message Reply
17.4 Vacation Autoreply Attributes
New attribute definition: LDAP_AUTOREPLY_ADDRESSES
17.5.1 To Send Autoreply Messages for Email That Have Been Automatically Forwarded from Another Mail Server. New section.
Chapter 18, Mail Filtering and Access Control
New entry for $! (Available in FROM_ACCESS only). Disables the sending of vacation messages regarding this message; that is, it sets the novacation flag.
18.3.3 FROM_ACCESS Mapping Table
Added paragraph to end of section: [The $( metacharacter in a FROM_ACCESS specifies that an address should be read from the result string and used to replace the current overriding postmaster address. $) has the same effect with the added constraint that the overriding postmaster address must not be set prior to invoking the mapping. This allows for specific postmaster addresses to be used with addresses in nonlocal domains - domain postmaster addresses by definition only work with locally defined domains. The override address is (currently) the last string read from the FROM_ACCESS result prior to reading any $N/$F failure result.]
New Entry for $D: Causes an additional argument to be read from the template result after the mandatory SMTP auth rulset and realm, and optional application information addition. This value must be an integer with the same semantics as the BANNER_PURGE_DELAY value. That is, it specifies the number of centiseconds to delay before purging and sending the banner. A value of 0 disabled both the delay and purge. Note that any PORT_ACCESS mapping setting overrides the BANNER_PURGE_DELAY SMTP channel option. See Anti-Spam Technique: Delay Sending the SMTP Banner for details on using this anti-spam feature. $U [Selectively] enable channel level debugging.
18.3.6 To Limit Specified IP Address Connections to the MTA
First paragraph rewritten: To limit how often a particular IP address can connect to the MTA, see Chapter 19, Throttling Incoming Connections Using MeterMaid. Limiting connections by particular IP addresses can be useful for preventing excessive connections used in denial-of-service attacks. In the past, this function was performed using the shared library, conn_throttle.so in the Port Access mapping table. No new enhancements are planned for conn_throttle.so and MeterMaid is its more effective replacement.
Two new bullets:
Sieve redirect can now add three header fields:
resent-date: date-of-resend-operation resent-to: address-specified-in-redirect resent-from: address-of-sieve-owner |
The new :resent and :noresent arguments to redirect can be used to control whether or not these fields are added. If neither argument is specific the system default is used. The system default is controlled by the new SIEVE_REDIRECT_ADD_RESENT MTAoption. Setting the option to 1 causes these fields to be generated unless :noresent used. A setting of 0 causes the fields to be generated only if :resent is used. The option defaults to 1, which means the fields are generated by default for regular redirects.
Sieve redirect has been enhanced with three new arguments:
:resetmailfrom - Reset the envelope FROM: address to that of the current Sieve owner.
:keepmailfrom- Preserve the envelope FROM: address from the original message.
:notify - Specify a new set of notification flags for the redirected message. A single parameter is required giving a list of notification flags. The same set of flags accepted by the NOTIFY parameter of the DSN SMTP extension are accepted here: SUCCESS, FAILURE, DELAY and NEVER. Note that these flags are specified as a Sieve list, for example:
redirect :notify ["SUCCESS","FAILURE"] "foo@example.com";
The default if :notify isn't specified as the normal SMTP default of FAILURE, DELAY.:keepmailfrom is the default unless :notify is specified, in which case the default switches to :resetmailfrom. The one additional exception is that specification of the SUCCESS flag forces the use of :resetmailfrom unconditionally.
Chapter 19, Throttling Incoming Connections Using MeterMaid
Rewritten for clarity. Also added two new sections:
19.4 Limit Excessive IP Address Connections Using Metermaid—Example and 19.4.1 Additional Useful MeterMaid Options
Chapter 20, Managing the Message Store
Changed three instances of store.overquotastatus to local.store.overquotastatus in Table 20–7and 20.8.4.4 To Enable or Disable Quota Enforcement.
20.14.1.4 Check stored Processes
<stored -t -v> imcheck
20.15 Migrating or Moving Mailboxes to a New System
This entire section was moved from Chapter 2, Upgrading from Messaging Server 5.2 to Sun Java System Messaging Server.
Chapter 21, Message Archiving No changes.
Chapter 22, Configuring the JMQ Notification Plug-in to Produce Messages for Message Queue
To Configure a JMQ Notification Plug-in.
<o Sun Java Messaging Server 6 2006Q3>
Chapter 23, Configuring Security and Access Control
For "End-user account configuration" bullet, <product (valid only for Sun LDAP Schema 1).>
Chapter 24, Administering S/MIME for Communications Express Mail
No substantive changes
25.3.1 Understanding the MTA Log Entry Format
Step 5: [The SMS channel can be configured to log a page count rather than file size in this field. See LOG_PAGE_COUNT.]
<P POP-before-SMTP via the MMP was used. P is added to the E record.>
25.3.3 Specifying Additional MTA Logging Options
<A value of 0 is the default and indicates that syslog (event log) logging is not performed.> [A value of 0 disables generation of the syslog notices. A non-zero value enables generation of the syslog notices, with the absolute value controlling the syslog priority and facility mask. (Positive values mean syslog notices and the regular mail.log* entries; negative values, which are not recommended, mean syslog notices only, disabling the regular mail.log* entries. A value of 0 is the default and indicates that syslog (event log) logging is not performed.]
To Control Formatting of Log Entries
1) Add to enqueue/dequeue attributes:
[qt - the amount of time a message has spent in the queue (LOG_QUEUE_TIME=1)]
2) Add to connection attributes: [ct - the amount of time a message has spent in the queue (LOG_QUEUE_TIME=1, also used in en entries)]
3) Updated the following MTA Logging examples:
25.3.4.5 MTA Logging Example – Sending to a Nonexistent Remote User
25.3.4.6 MTA Logging Example – Rejecting a Remote Side's Attempt to Submit a Message
25.3.4.7 MTA Logging Example – Multiple Delivery Attempts
25.3.4.8 MTA Logging – Incoming SMTP Message Routed Through the Conversion Channel — Outbound Connection Logging <process ID here is the same, 40a5> [process ID here is the same, 1f625] [10. The connection mailhub.sesta.com is closed now that the delivery of the message (dave in this example) is complete.]
25.3.4.10 MTA Logging Example: Inbound Connection Logging
1) [configutil -o local.msgtrace.active -v "msgtrace" In this command message trace information for all processes is written to the msgtrace log file]
2) Remove the next two sections: <To Redirect Message Tracing to a Single Log File> and <To Unconfigure Message Trace Loggings>
Chapter 26, Troubleshooting the MTA
26.2.4 Check that the Job Controller and Dispatcher are Running26.2.4 Check that the Job Controller and Dispatcher are Running
You could also use imsimta qm jobs to list, channel by channel, all active and pending delivery processing jobs currently being managed by the Job Controller. Additional cumulative information is provided for each channel such as the number of message files successfully delivered and those requeued for subsequent delivery attempts. The command syntax is as follows:
jobs [-[no]hosts] [-[no]jobs] [-[no]messages] [channel-name]
26.3.8.1 Diagnosing and Cleaning up .HELD Messages Rewritten.
Chapter 27, Monitoring Messaging Server
27.4.1.2 To Monitor the Size of the Message Queues
<use imsimta qm and imsimta summarize.> [use imsimta qm and imsimta summarize.]
Appendix A, SNMP SupportNo substantive changes
Appendix B, Administering Event Notification Service in Messaging Server No substantive changes.
Appendix C, Short Message Service (SMS)
Under Miscellaneous Options:
1) DEBUG - Default: <1>6
2) LISTEN_CONNECTION_MAX - Maximum number of concurrent, inbound TCP connections to allow across all SMPP relay and server instantiations. Default: 10,000
3) LOG_PAGE_COUNT - Controls the value recorded in the mail.log file's message size field to be page count instead of blocks. Default 0
New section for LOG_PAGE_COUNT.
Appendix D, Installation Worksheets No differences.