About Messaging Multiplexor

The Sun Java System Messenger Express Multiplexor is a specialized server that acts as a single point of connection to the HTTP access service. Messenger Express is the client interface to the Sun Java System Messaging Server HTTP service. All users connect to the single messaging proxy server, which directs them to their appropriate mailbox. As a result, an entire array of messaging servers will appear to your mail users to be a single host.

While Messaging Multiplexor (MMP) connects to POP and IMAP servers, the Messenger Express Multiplexor connects to an HTTP server. In other words, the Messenger Express Multiplexor is to Messenger Express as MMP is to POP and IMAP.

Like MMP, the Messenger Express Multiplexor supports:

• Both unencrypted and encrypted (SSL) communication with mail clients

  For more information on configuring SSL, refer to Security and Access Control in Chapter 19, Configuring Security and Access Control.

• Hosted Domains

Unlike MMP, the Messenger Express Multiplexor is built into the mshttpd service, and consequently uses the same logging and configuration mechanisms.

How Messenger Express Multiplexor Works

The Messenger Express Multiplexor is made up of a proxy messaging server that acts as a Multiplexor; it allows you to connect to the HTTP service of Messaging Server (Messenger Express). The Messenger Express Multiplexor facilitates distributing mailboxes across multiple server machines. Clients connect to the Multiplexor when logging onto Messenger Express, which determines the correct server for the users, connects to that server, and then passes data between the client and server. This capability allows large installations to spread message stores across multiple machines (to increase capacity) while providing the appearance of a single mail host for users (to increase efficiency) and for external clients (to increase security). How Messenger Express Multiplexor Works describes where the Messenger Express Multiplexor resides in an Messaging Server installation.

Figure 7–3 Overview of Messenger Express Multiplexor

The Messenger Express Multiplexor interfaces between the Messenger Express client and Messaging Servers by accepting connections and routing them appropriately. As is typical with other mail server installations, each user is assigned a specific address and mailbox on a specific messaging server. However, all HTTP connections are routed through the Messenger Express Multiplexor.

In more detail, these are the steps involved when establishing a user connection:

1. A user’s client connects to the Messenger Express Multiplexor, which accepts preliminary authentication information.

2. The Messenger Express Multiplexor queries Directory Server to determine which messaging server contains the user’s mailbox.

3. The Messenger Express Multiplexor connects to the associated Messaging Server, replays authentication, then acts as a pass-through pipe for the duration of the session.

Setting Up the Messenger Express Multiplexor

This section will describe the steps you should follow to set up and configure your Messenger Express Multiplexor. Topics that are covered include:

• To Install Messaging Server on Proxy Machine

• Configuring Messenger Express Multiplexor Parameters

• To Enable Messenger Express Multiplexor

To Install Messaging Server on Proxy Machine

The first step is to install Messaging Server on the proxy machine that will become the Messenger Express Multiplexor. For specific installation instructions, see the Sun Java Enterprise System 2005Q4 Installation Guide for UNIX.

Be sure to configure the Messaging Server to a users and groups directory server that points to the back-end messaging servers. This directory server will be used to authenticate users to Messaging Server through the Messenger Express Multiplexor.

Configuring Messenger Express Multiplexor Parameters

After you complete the Messaging Server installation on the proxy machine, configure the Messenger Express Multiplexor parameters:

To Configure Messenger Express Multiplexor Parameters

Steps

1. Gather the needed back-end Messaging Server information.

   Run the configutil command in the directory of your back-end messaging servers to determine the values of the parameters that are later described in this section. The configuration of the proxy machine (where the Multiplexor will be enabled) must match the back-end messaging servers to ensure successful setup.

2. Set the configuration parameters for the Messenger Express Multiplexor.

   Run the configutil command in directory msg_svr_base/sbin/configutil of your proxy machine messaging server to set the configuration values. Note that these values should match the values of the back-end messaging servers.

   The following sections describe the configutil parameters needed to set up the Messenger Express Multiplexor:

   • LDAP Parameters

   • dcroot

   • Default Domain

   • Login Separator

LDAP Parameters

You will need to make sure that the Directory Server parameters are correctly specified prior to enabling the Messenger Express Multiplexor. To determine your LDAP parameters, run the following command in the appropriate back-end Messaging Server instance directory:

• configutil -o local.ugldaphost

  This parameter displays the users and groups LDAP Directory Server that the back-end messaging servers use. Make sure that ldaphost is set to the same value (or a replicated LDAP server containing the same data) that the back-end messaging servers use.

• configutil -o local.ugldapbinddn and configutil -o local.ugldapbindcred

  These parameters display the DN and password of the users and groups Directory Server administrator. Both ldapbinddn and ldapbindcred must be the same as in your back-end messaging servers specifications.

dcroot

You will need to make sure that the dcroot is correctly specified. To determine your dcroot, run the following command in the appropriate messaging server instance directory:

configutil -o service.dcroot

Default Domain

You will need to make sure that the messaging server default domain (defaultdomain) is correctly indicated. To determine your messaging server default domain, run the following configutil command in the appropriate messaging server instance directory:

configutil -o service.defaultdomain

Login Separator

Make sure that the login separator (loginseparator) is consistent with the login separator used by the back-end messaging server. To determine your messaging server login separator, run the configutil command in the appropriate back-end messaging server instance directory:

configutil -o service.loginseparator

To Enable Messenger Express Multiplexor

Once you set the configuration parameters, you can enable the Messenger Express Multiplexor on the proxy machine. To do so, run the following configutil command in the directory msg_svr_base/sbin/configutil of the messaging server instance on the proxy machine:

configutil -o local.service.http.proxy -v 1

where 1 enables the Messenger Express Multiplexor (default 0).

When a non-local user (users whose mail host is not on the server where they log in) logs in and the value of local.service.http.proxy is 0, the user will be directed to his host, and the user will see the host name change; therefore, the Multiplexor is not enabled.

If the value of local.service.http.proxy is set to 1, the Multiplexor is enabled, the host name does not change, and the entire array of messaging servers will appear to be a single host to your non-local mail users.

For local users (users whose mail host is the server where they log in), the server will use the local message store regardless of the local.service.http.proxy parameter value. It is possible to have both proxy and local users coexisting on the same messaging server.

Testing Your Setup

In this section, you will learn how to test your Messenger Express Multiplexor setup and to look for messages in the log files. It is assumed that you have configured and enabled the Messenger Express Multiplexor.

To Access Messenger Express Client

Prior to testing your installation, you should already be familiar with the Messenger Express product. In addition, you should already have a test account that you have previously created.

To test your Messenger Express Multiplexor proxy, follow these steps:

Steps

1. Through the Messenger Express Multiplexor, connect to Messenger Express by typing in the browser location:

   http://msgserver_name in the browser location.

   For example:

   http://budgie.sesta.com

2. Using a test account that you previously created, log in to Messenger Express.

3. You should be able to successfully log in and access messages from the back-end messaging servers.

4. If the messaging server name changes once you log in through Messenger Express, make sure local.service.http.proxy is set to 1 and that you have restarted the messaging proxy server. The Messenger Express Multiplexor should provide the appearance of a single mail host to your users.

Error Messages

If you receive an error message when you enter the user id, password, and click Connect, you should review the HTTP log file of the proxy machine. To view the error messages, go to the msg_svr_base/log directory. In most cases, the error message will contain sufficient information to diagnose the problem. In those instances where there is not sufficient information to diagnose the problem, contact Customer Support.

Administering Your Messenger Express Multiplexor

This section describes the basic administration capabilities of the Messenger Express Multiplexor.

To Configure and Administer SSL

To configure and administer SSL (otherwise known as Secure Sockets Layer) for your Messenger Express Multiplexor, refer to To Enable SSL and Selecting Ciphers

To Set Up Multiple Proxy Servers

To set up multiple Messenger Express Multiplexors that are addressed by a single name, you can use a session-aware load balancing device. With this device, all requests can be routed from any given client to a unique server.

To Manage Different Versions of Messaging Server and Messenger Express Multiplexor

If you use different versions of Messaging Server for the Messenger Express Multiplexor and the back-end mail hosts, you need to update the Messenger Express static files to ensure compatibility between the servers.

The static files which make up the Messenger Express interface are served directly from the Messenger Express Multiplexor, not the user’s mail host. The Multiplexor finds these files in the msg_svr_base/config/html directory.

To update these files in order to ensure compatibility between servers, replace the entire contents (which consist of these static files that make up the Messenger Express interface) of the directory msg_svr_base/config/html in the newer version of Messaging Server with the entire contents of the same directory in the older version of Messaging Server.

For example, if the back-end messaging servers use Messaging Server 6 2003Q4 and you have installed Messaging Server 6 2005Q4 as the Messenger Express Multiplexor, you need to replace the entire contents of the directory msg_svr_base/config/html of the Messenger Express Multiplexor with the contents of the same directory from the Messaging Server 6 2003Q4 back-end server. When you eventually upgrade Messaging Server 6 2003Q4 to Messaging Server 6 2005Q4, you can update these static files in directory msg_svr_base/config/html for the Messenger Express Multiplexor server as well.

To Configure the Port of the Back-end Messaging Server with the Messenger Express Multiplexor

If you want to configure the port of the back-end HTTP Messaging Server with the Messenger Express Multiplexor, use the following configutil command on your Multiplexor machine:

local.service.http.proxy.port.hostname

where hostname is the host of the back-end HTTP Messaging Server.

For example, if the host name of the back-end messaging server is sesta.com and the port number is 8888, the command would be in the following format:

configutil -o local.service.http.proxy.port.store.sesta.com -v 8888

local.service.HTTP.proxy.port applies to all back-end message stores except those which have their own port (same as local.service.proxy.admin).

To Configure Single Sign-on

Single sign-on must be configured on the Messenger Express Multiplexor machine in the same way as the Messaging (HTTP) server, with the following additional configurations:

configutil -o local.service.http.proxy.admin -v store_administrator

where store_administrator is the back-end store administrator specified during your back-end Messaging Server installation.

configutil -o local.service.http.proxy.adminpass -v store_admin_password

where store_admin_password is the back-end store administrator password specified during your back-end Messaging Server installation.

If you are using multiple back-end Messaging Servers that use different store administrators and passwords, you can configure them individually by appending the fully qualified host name to each configuration variable in Messenger Express Multiplexor:

configutil -o local.service.http.proxy.admin.hostname -v store_administrator

configutil -o local.service.http.proxy.adminpass.hostname -v store_admin_password

where hostname is the host of the back-end HTTP Messaging Server, store_administrator and store_admin_password are the back-end store administrator and password specified during your back-end Messaging Server installation.

To log the user into the back-end servers, Messenger Express Multiplexor uses the proxyauth login command. To enable proxyauth, use the following configutil parameter on the back-end message store:

configutil -o service.http.allowadminproxy -v 1

---

Note –

If Single sign-on is enabled through the Messenger Express Multiplexor, it does not need to be configured on the back-end HTTP Messaging Servers.

---