Oracle® Beehive Administrator's Guide Release 1 (1.3) Part Number E10477-07 |
|
|
View PDF |
This module presents instructions for performing a variety of configuration tasks involving how Oracle Beehive handles e-mail. The instructions in this module assume that you are already familiar with the use of beectl
commands to set properties of the E-mail Service. For detailed instructions on setting E-mail Service properties, see "Managing the E-mail Service".
This module contains the following topics:
This section contains the following topics:
Broadly, there are two general methods by which you configure Oracle Beehive E-mail:
Most configuration of Oracle Beehive E-mail is accomplished by setting parameters of the E-mail Service. The commands, syntax, and a reference of parameters for the E-mail Service are provided in "Managing the E-mail Service".
Some configuration tasks described in this module require you to modify and import structured XML markup. These XML documents invoke the Oracle Beehive E-mail Rule Engine, by using the following elements:
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine">
When using XML to create rules with the E-Mail Rule Engine, the following general syntax rules apply:
The XML document invokes the Rule Engine and contains one or more Properties, each with a unique Property Name:
<void property="name"> <string>An Identifying Name</string> </void>
Each Property contains Rules, in an array of a length you specify. The specified length is the number of indexed entries in the array:
<void property="rules">
<array class="oracle.ocs.mail.service.ruleengine.Rule" length="#">
Where # is the total number of indexed entries in the array.
Each indexed array entry has an index value, beginning with 0
, and invokes some class of the Rule Engine. It also refers to a named property, and contains a definition of the element:
<void index="0"> <object class="oracle.ocs.mail.service.ruleengine.<some class>"> <void property="name"> <string>A Name</string> </void> ... definition of the element ... </object> </void>
Example 8-1, "Syntax of E-mail Rules Engine XML Documents" illustrates all of these requirements in combination. In this example, there is a single indexed entry (index number 0
), so the array length given on the fifth line is 1
. If a second indexed entry (index number 1
) were added, the array length must be updated to a value of 2
.
Example 8-1 Syntax of E-mail Rules Engine XML Documents
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"> <string>An Identifying Name</string> </void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="1"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.<some class>"> <void property="name"> <string>A Name</string> </void> ... definition of the element ... </object> </void> ... <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.TopLevel[Action|Function|Predicate]"> <void property="name"> <string>A Name</string> </void> <void property="group"> <string>THE_RULE</string> </void> <void property="rootRule"> <string>... the name of one of the defined Rules... </string> </void> <void property="argumentType"> <string>java class type that is returned</string> </void> </object> </void> </array> </void> </object> </java>
The SMTP Server component is a robust, scalable, and flexible component of Oracle Beehive that provides open protocol access to the Oracle Beehive E-mail Service. The SMTP Server has been designed to be both Internet and internal facing. The SMTP server can be divided into Virtual Mail Servers (VMSes). Oracle Beehive SMTP Servers may have multiple "Endpoints", and are configured with dispatch rules. These configuration options provide flexibility to facilitate servicing Internet and internal SMTP clients.
Virtual Mail Servers
A virtual mail server is a component which engages in SMTP conversations with clients. Two VMSes are differentiated by their behavior, which is controlled by many properties. For example, SMTP defines a time-out for inactivity. A VMS servicing the Internet may be configured with a low value for this time-out, to prevent service loss. A VMS servicing internal clients may permit a longer time-out (because internal clients are assumed not to be hostile). Time-outs are only one of more than a dozen properties of a VMS. Note that the primary driver for having VMSes is to facilitate different behavior for internal clients compared to external clients.
Endpoints
In addition to one or more virtual mail servers, the SMTP server presents "endpoints." Endpoints represent a logical listening point. In this terminology, a web server has two endpoints, one for SSL (port 443) and one for regular HTTP (port 80). In Oracle Beehive, the SMTP server can listen for both traditional TCP traffic from clients (on the traditional port 25 default, or on other ports as well or instead), and for internal traffic from other Oracle Beehive services. A given SMTP Server may listen for SMTP connections on more than one endpoint, and each endpoint is uniquely identified by a logical name. In most cases, an endpoint works the same as a TCP port.
Dispatch Rules
Dispatch rules map incoming connections to a VMS. The mapping is based on one of the following properties of the incoming connection:
The Endpoint at which the connection arrived
The network address of the client
The sender's e-mail address
The dispatch rules accept as input these data points, and return the appropriate VMS. Note that in the configuration, the dispatch rules are called "VMSEvaluators".
The Virtual Mail Server components of Oracle Beehive make use of an Evaluator to determine where and how e-mail messages are relayed. The VMS Evaluator picks which VMS will be used to process the message based on the source of the message or the Endpoint the client connects to.
The rules for the VMS Sender and Recipient matching decide which e-mail messages are allowed to be delivered to an Oracle Beehive recipient, are permitted by Oracle Beehive to be relayed, or will be rejected.
The following are typical types of rules for how Oracle Beehive relays e-mail messages:
Oracle Beehive accepts e-mail to addresses that it is configured to recognize as local. This generally means Oracle Beehive users, but there may be some special cases where a single domain includes some users in Oracle Beehive and some in another system. In this case, the Oracle Beehive VMS evaluators should be configured so that e-mail may be sent to any address in the domain, and the server determines the correct destination to deliver the message
Messages that aren't addressed to recipients in your local domains are routed to their destination. If the Oracle Beehive server is connected directly to the Internet, then the server can perform MX resolution through DNS to find the IP address of the recipient's server. If the Oracle Beehive e-mail server is behind a gateway or proxy, Oracle Beehive should relay all outbound traffic to some other "smart host" to send it out to the public Internet
Messages that aren't to your domains, and are also not from your local domains, are most likely spam or malicious, and e-mail servers should be configured to prevent or block such traffic
This section contains the following topics:
This section describes how to configure the VMS Evaluator to decide which VMS should process a given message, based on the source of the message (by its hostname or IP address: the "LocalHosts" HostFilterPredicate) or the Endpoint the client connects to (by "TrustedEndpoints" StringPatternPredicate).
The "TruthValue" in a rule refers to the name of a VMS defined in the mail server; by default, "OutboundVMS" means something that is a trusted Oracle Beehive connection, and "InboundVMS" is something connecting to Oracle Beehive from an external source (such as the Internet, or possibly other e-mail systems within a network which are not "trusted".
The following example XML document demonstrates a simple VMS Evaluator which determines which messages will be routed to the OutboundVMS or InboundVMS for further treatment.
The example contains five indexed rule entries.
The first indexed rule (rule 0
) contains a string (of length 2) with two indexed entries: a URL and IP range. These are defined as LocalHosts. Messages matching these patterns are routed to the OutboundVMS; messages originating from inside your organization should be sent outward.
Note:
Messages internal to Oracle Beehive (from one Oracle Beehive user to another Oracle Beehive user) are never routed to a VMS Evaluator. They are delivered directly to recipients without requiring the E-mail Service to evaluate or route them.The second rule (rule 1
) routes messages addressed to "trusted endpoints" to the OutboundVMS.
The third rule (rule 2
) ensures that all non-local messages are routed to the InboundVMS for further handling. In no case should a non-local message be treated as though it originated from within the organization.
The fourth and fifth rules (rules 3
and 4
) are used to make this document be an evaluator (select from choices in other rules).
Example 8-2 Simple VMS Evaluator
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"><string>SimpleVMSEvaluator</string></void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="5"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.HostFilterPredicate"> <void property="name"><string>LocalHosts</string></void> <void property="patterns"> <array class="java.lang.String" length="2"> <void index="0"><string>*.your_company.com</string></void> <void index="1"><string>IP_RANGE_HERE</string></void> </array> </void> <void property="scope"><string>remoteHost</string></void> <void property="truthValue"><string>OutboundVMS</string></void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate"> <void property="name"><string>TrustedEndpoints</string></void> <void property="pattern"><string>ENDPOINT_NAME_HERE</string></void> <void property="scope"><string>endPoint</string></void> <void property="truthValue"><string>OutboundVMS</string></void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.Rule"> <void property="name"><string>AllNonLocal</string></void> <void property="truthValue"><string>InboundVMS</string></void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="name"><string>ChooseVMS</string></void> <void property="children"> <array class="java.lang.String" length="3"> <void index="0"><string>LocalHosts</string></void> <void index="1"><string>TrustedEndpoints</string></void> <void index="2"><string>AllNonLocal</string></void> </array> </void> <void property="mode"><string>OR</string></void> </object> </void> <void index="4"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelFunction"> <void property="argumentType"> <string>oracle.ocs.mail.service.inetmail.smtp.server.VMSChoiceArgs</string> </void> <void property="name"><string>default</string></void> <void property="group"><string>default</string></void> <void property="rootRule"><string>ChooseVMS</string></void> <void property="resultType"><string>java.lang.String</string></void> </object> </void> </array> </void> </object> </java>
In order to prevent your Oracle Beehive deployment from acting as an open relay, you should use a configuration similar to the following:
The InboundVMS should reject recipients that are not in recognized local domains, and
The OutboundVMS should reject senders that are not allowed (either by mail address or by network location).
Note:
The terms InboundVMS and OutboundVMS are conventions used as labels for two arbitrary VMSes. In all examples in this module, the InboundVMS is a VMS being used for inbound e-mail messages, and the OutboundVMS is a VMS being used for outbound e-mail messages. But in both cases, there is nothing special about either VMS other than its particular configuration, which you can modify. You can set up additional VMSes, and remove VMSes, according to your needs."OutboundVMS" is for anything originating from Oracle Beehive (either by an Oracle Beehive user through internal Oracle Beehive services, or an Oracle Beehive user through SMTP) and "InboundVMS" is for anything originating outside of Oracle Beehive (whether sent to an Oracle Beehive user or for relay, if allowed).
SMTP messages are processed by Oracle Beehive in the following manner:
SMTP Mail (into and out of Oracle Beehive) is processed by a Virtual Mail Server (VMS)
A VMS is an abstract object that is capable of various rule-based processing choices
In a fresh Oracle Beehive installation, there are two default VMSes configured: InboundVMS and OutboundVMS
The SMTP Properties component has two important properties:
A rule that decides which VMS is chosen to process a message based on things like the client IP address, source address, and so on. For example, whether the source of the message was internal to the organization, or from an external domain
A list of the VMS configuration objects for this SMTP endpoint
Each VMS has the following properties which can be used to filter which addresses are acceptable:
SenderMatcher
RecipientMatcher
There are other ways you could configure Oracle Beehive. For example, you could have multiple end-points and different ports, secured behind port-mappings behind a load balancer or router, and so forth.
Example 8-3, "VMS Evaluator" illustrates a use of the VMSEvaluator to control relay configuration.
This evaluator sets anything from the localhost (IP addresses 127.0.0.1
-2
) and the domain us.example.com
to use the OutboundVMS. This means that traffic from these sources are considered safe, and acceptable to relay. In a default Oracle Beehive install, *.your_company.com
is used as the initial setting.
One exception is included in this example for the host foreignhost.us.example.com
, using the IP address 123.45.67.8
, as a test case to allow simulation of non-local e-mail submission from within the same network.
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"> <string>MyVMSevaluator</string> </void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="6"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.HostFilterPredicate"> <void property="name"> <string>AcceptAsLocalSourcesKnownLocalPatterns</string> </void> <void property="patterns"> <array class="java.lang.String" length="2"> <void index="0"> <string>*.us.example.com</string> </void> <void index="1"> <string>127.0.0.1-127.0.0.2</string> </void> </array> </void> <void property="scope"> <string>remoteHost</string> </void> <void property="truthValue"> <string>OutboundVMS</string> </void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate"> <void property="name"> <string>KnownInternalSources</string> </void> <void property="pattern"> <string>internal*</string> </void> <void property="scope"> <string>endPoint</string> </void> <void property="truthValue"> <string>OutboundVMS</string> </void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.Rule"> <void property="name"> <string>NotRecognizedAsLocal</string> </void> <void property="truthValue"> <string>InboundVMS</string> </void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.HostFilterPredicate"> <void property="name"> <string>ForceforeignhostInbound</string> </void> <void property="patterns"> <array class="java.lang.String" length="2"> <void index="0"> <string>foreignhost.us.example.com</string> </void> <void index="1"> <string>123.45.67.8</string> </void> </array> </void> <void property="scope"> <string>remoteHost</string> </void> <void property="truthValue"> <string>InboundVMS</string> </void> </object> </void> <void index="4"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="children"> <array class="java.lang.String" length="4"> <void index="0"> <string>ForceforeignhostInbound</string> </void> <void index="1"> <string>AcceptAsLocalSourcesKnownLocalPatterns</string> </void> <void index="2"> <string>KnownInternalSources</string> </void> <void index="3"> <string>NotRecognizedAsLocal</string> </void> </array> </void> <void property="mode"> <string>OR</string> </void> <void property="name"> <string>DecideIfSourceIsLocal</string> </void> </object> </void> <void index="5"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelFunction"> <void property="argumentType"> <string>oracle.ocs.mail.service.inetmail.smtp.server.VMSChoiceArgs</string> </void> <void property="group"> <string>default</string> </void> <void property="name"> <string>default</string> </void> <void property="resultType"> <string>java.lang.String</string> </void> <void property="rootRule"> <string>DecideIfSourceIsLocal</string> </void> </object> </void> </array> </void> </object> </java>
Example 8-4, "Inbound VMS SenderMatcher" and Example 8-5, "Inbound VMS RecipientMatcher" illustrate the use of the VMSEvaluator to control inbound relay configuration by matching senders and recipients to a specified pattern (all e-mail that is not from a "local" source). This VMS should deny relay to anyone not in the local domain, so the RecipientMatcher requires *@example.com
. Any other RCPT TO:
address in the SMTP conversation will be rejected. There are no restrictions specified on the Sender:
address (it is set to *@*
) in the SenderMatcher.
Example 8-4 Inbound VMS SenderMatcher
<java version="1.5.0_11" class="java.beans.XMLDecoder">
<object class="oracle.ocs.mail.service.ruleengine.RuleEngine">
<void property="name">
<string>fb6489f17f01c640:-2ee96784:1137436940b:-8000</string>
</void>
<void property="rules">
<array class="oracle.ocs.mail.service.ruleengine.Rule" length="4">
<void index="0">
<object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate">
<void property="name">
<string>p1</string>
</void>
<void property="pattern">
<string>*@*</string>
</void>
</object>
</void>
<void index="1">
<object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate">
<void property="name">
<string>p2</string>
</void>
<void property="pattern">
<string/>
</void>
</object>
</void>
<void index="2">
<object class="oracle.ocs.mail.service.ruleengine.CompositeRule">
<void property="children">
<array class="java.lang.String" length="2">
<void index="0">
<string>p1</string>
</void>
<void index="1">
<string>p2</string>
</void>
</array>
</void>
<void property="mode">
<string>OR</string>
</void>
<void property="name">
<string>c1</string>
</void>
</object>
</void>
<void index="3">
<object class="oracle.ocs.mail.service.ruleengine.TopLevelPredicate">
<void property="argumentType">
<string>java.lang.String</string>
</void>
<void property="group">
<string>senderRule</string>
</void>
<void property="name">
<string>senderRule</string>
</void>
<void property="rootRule">
<string>c1</string>
</void>
</object>
</void>
</array>
</void>
</object>
</java>
Example 8-5 Inbound VMS RecipientMatcher
<java version="1.5.0_11" class="java.beans.XMLDecoder">
<object class="oracle.ocs.mail.service.ruleengine.RuleEngine">
<void property="name">
<string>InboundRecipientMatcher</string>
</void>
<void property="rules">
<array class="oracle.ocs.mail.service.ruleengine.Rule" length="2">
<void index="0">
<object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate">
<void property="name">
<string>p1</string>
</void>
<void property="pattern">
<string>*@example.com</string>
</void>
</object>
</void>
<void index="1">
<object class="oracle.ocs.mail.service.ruleengine.TopLevelPredicate">
<void property="argumentType">
<string>java.lang.String</string>
</void>
<void property="group">
<string>recipientRule</string>
</void>
<void property="name">
<string>recipientRule</string>
</void>
<void property="rootRule">
<string>p1</string>
</void>
</object>
</void>
</array>
</void>
</object>
</java>
Example 8-6, "Outbound VMS SenderMatcher" and Example 8-7, "Outbound VMS RecipientMatcher" illustrate the use of the VMSEvaluator to control outbound relay configuration. In this example, there are no specific restrictions on Sender or Recipient for the OutboundVMS (they are both set to *@*
), because this VMS is intended for sources that are recognized as "local". All outbound messages should therefore be permitted.
Example 8-6 Outbound VMS SenderMatcher
<java version="1.5.0_11" class="java.beans.XMLDecoder">
<object class="oracle.ocs.mail.service.ruleengine.RuleEngine">
<void property="name">
<string>fb6489f17f01c640:-2ee96784:1137436940b:-8000</string>
</void>
<void property="rules">
<array class="oracle.ocs.mail.service.ruleengine.Rule" length="4">
<void index="0">
<object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate">
<void property="name">
<string>p1</string>
</void>
<void property="pattern">
<string>*@*</string>
</void>
</object>
</void>
<void index="1">
<object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate">
<void property="name">
<string>p2</string>
</void>
<void property="pattern">
<string/>
</void>
</object>
</void>
<void index="2">
<object class="oracle.ocs.mail.service.ruleengine.CompositeRule">
<void property="children">
<array class="java.lang.String" length="2">
<void index="0">
<string>p1</string>
</void>
<void index="1">
<string>p2</string>
</void>
</array>
</void>
<void property="mode">
<string>OR</string>
</void>
<void property="name">
<string>c1</string>
</void>
</object>
</void>
<void index="3">
<object class="oracle.ocs.mail.service.ruleengine.TopLevelPredicate">
<void property="argumentType">
<string>java.lang.String</string>
</void>
<void property="group">
<string>senderRule</string>
</void>
<void property="name">
<string>senderRule</string>
</void>
<void property="rootRule">
<string>c1</string>
</void>
</object>
</void>
</array>
</void>
</object>
</java>
Example 8-7 Outbound VMS RecipientMatcher
<java version="1.5.0_11" class="java.beans.XMLDecoder">
<object class="oracle.ocs.mail.service.ruleengine.RuleEngine">
<void property="name">
<string>fb6489f17f01c640:43157dc:11374540ec1:-8000</string>
</void>
<void property="rules">
<array class="oracle.ocs.mail.service.ruleengine.Rule" length="2">
<void index="0">
<object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate">
<void property="name">
<string>p1</string>
</void>
<void property="pattern">
<string>*@*</string>
</void>
</object>
</void>
<void index="1">
<object class="oracle.ocs.mail.service.ruleengine.TopLevelPredicate">
<void property="argumentType">
<string>java.lang.String</string>
</void>
<void property="group">
<string>recipientRule</string>
</void>
<void property="name">
<string>recipientRule</string>
</void>
<void property="rootRule">
<string>p1</string>
</void>
</object>
</void>
</array>
</void>
</object>
</java>
For any VMS, you can specify a "whitelist". E-mails that match the specified list, which may contain wildcards, are accepted; those that do not match are blocked.
The VMSEvaluator reads the sender's e-mail address, IP, and hostame, and decides which VMS will be used to process the message. Then each VMS has a set of sender and recipient matching algorithms, which act to accept or block e-mail. For example, a typical configuration allows only "internal" users (users with an internal e-mail address) to send e-mail out of the system, and prevents unauthorized users from relaying through the server (a form of spam control).
Each VMS has two properties, SenderMatcher and RecipientMatcher, which are checked during the SMTP transaction between client and server. The following XML samples are generic, but if applied to the RecipientMatcher of a VMS, this XML will control what are valid inputs to the SMTP RCPT TO: verb.
The valid strings are defined in StringPatternPredicates, and logically combined in the composite rule c1
.
To create a whitelist for a given VMS, perform the following steps:
Create an XML file in an accessible location, by using the following template. Substitute all bold items in this XML example with the appropriate values:
Replace *@org_1.com
and *@org_2.com
with the wildcard strings for accepted e-mail addresses (this example allows two subdomains of your domain, but you could create additional indexed entries to include any number of subdomains). For example, *@hr.example.com
specifies that only inbound e-mails addressed to users within the hr.example.com
subdomain are accepted.
Each wildcard string is contained in a separate, indexed entry (node), with a name. In this example, there are two entries, named p1
and p2
.
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"> <string>fb6489f17f01c640:-2ee96784:1137436940b:-8000</string> </void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="4"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate"> <void property="name"> <string>p1</string> </void> <void property="pattern"> <string>*@org_1.com</string> </void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate"> <void property="name"> <string>p2</string> </void> <void property="pattern"> <string>*@org_2.com</string> </void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="children"> <array class="java.lang.String" length="2"> <void index="0"> <string>p1</string> </void> <void index="1"> <string>p2</string> </void> </array> </void> <void property="mode"> <string>OR</string> </void> <void property="name"> <string>c1</string> </void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelPredicate"> <void property="argumentType"> <string>java.lang.String</string> </void> <void property="group"> <string>recipientRule</string> </void> <void property="name"> <string>recipientRule</string> </void> <void property="rootRule"> <string>c1</string> </void> </object> </void> </array> </void> </object> </java>
You can add additional wild card strings, beyond the first two specified:
Change the length of the string specified by the rules property, to the number of indexed entries (if there are indexed entries 0 through 5, for example, the string should have a length of 6).
Update the index of every rule accordingly.
Modify and add this section of code to the XML file, with a new index, a new name and new wild card string:
<void index="NEW_INDEX"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate"> <void property="name"> <string>NEW_NAME</string> </void> <void property="pattern"> <string>NEW_WILD_CARD</string> </void> </object> </void>
Modify the node with <object class="oracle.ocs.mail.service.ruleengine.CompositeRule">
. Change the property children. In the example, index entry 2
shows such a node. Add your newly-added wildcard string node to this array, updating the array length. For example, if you add a wild card node named p3
, the CompositeRule should look like this:
<object class="oracle.ocs.mail.service.ruleengine.CompositeRule">
<void property="children">
<array class="java.lang.String" length="3">
<void index="0">
<string>p1</string>
</void>
<void index="1">
<string>p2</string>
</void>
<void index="2">
<string>p3</string>
</void>
</array>
</void>
<void property="mode">
<string>OR</string>
</void>
<void property="name">
<string>c1</string>
</void>
</object>
Use the
command to upload the XML file, overwriting the RecipientMatcher property for the VMS you want to modify:beectl
modify_property
./beectl modify_property --component <YOUR_VMS_PROPS_ID> -name RecipientMatcher --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
To set up relay servers, perform the following procedure:
Use the
command to enable AcceptInvalidLocalUsers:beectl
modify_property
./beectl modify_property --component <transport_props_id> --name AcceptInvalidLocalUsers --value true
Create an XML file in an accessible location, by using the following template. Substitute all bold items in this XML example with the appropriate values:
Replace YOUR_RELAY_SERVER_DOMAIN
with the domain name of your relay server
Replace YOUR_RELAY_SERVER_PORT
with the port of your relay server
This example XML template indicates that if the Address Pattern matches *
, then use the Delivery Technique defined here, which is to relay to these server(s). More servers could be defined, which is used by the service as a list; the first available will be used for a delivery attempt.
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"><string>RelayToRemote</string></void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="6"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelFunction"> <void property="argumentType"><string>java.lang.String</string></void> <void property="group"><string>RemoteRule</string></void> <void property="name"><string>RemoteRule</string></void> <void property="resultType"><string>oracle.ocs.mail.service.rules.DeliveryTechnique</string></void> <void property="rootRule"><string>RelayRemoteMail</string></void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.functions.DeliveryTechniqueFunction"> <void property="name"><string>defaultNull</string></void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="name"><string>RelayRemoteMail</string></void> <void property="children"> <array class="java.lang.String" length="1"> <void index="0"><string>isRemote</string></void> </array> </void> <void property="mode"><string>OR</string></void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate"> <void property="name"><string>remotePatterns</string></void> <void property="pattern"><string>*</string></void> </object> </void> <void index="4"> <object class="oracle.ocs.mail.service.ruleengine.mail.functions.DeliveryTechniqueFunction"> <void property="name"><string>SetRelayTechnique</string></void> <void property="deliveryTechnique"> <object class="oracle.ocs.mail.service.rules.DeliveryTechnique"> <void property="relayServers"> <array class="oracle.ocs.mail.net.HostPort" length="1"> <void index="0"> <object class="oracle.ocs.mail.net.HostPort"> <void property="host"><string>RELAY_SERVER_DOMAIN</string></void> <void property="port"><int>YOUR_RELAY_SERVER_PORT</int></void> </object> </void> </array> </void> <void property="technique"> <object class="oracle.ocs.mail.service.rules.DeliveryTechnique$Technique"/> </void> </object> </void> </object> </void> <void index="5"> <object class="oracle.ocs.mail.service.ruleengine.IfThenElseRule"> <void property="name"><string>isRemote</string></void> <void property="if"><string>remotePatterns</string></void> <void property="then"><string>SetRelayTechnique</string></void> <void property="else"><string>defaultNull</string></void> </object> </void> </array> </void> </object> </java>
Use the
command to upload the XML file, overwriting the DeliveryRules transport property:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name DeliveryRules --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
This section contains procedures for accomplishing a variety of tasks using rules configuration with Oracle Beehive. It contains the following topics:
Oracle Beehive allows you to specify a virus engine for use in scanning e-mail messages.
Note:
This procedure describes how to add a virus scanning engine. However, to enable virus scanning, you must also follow the instructions in "Managing Attachment Blocking and Virus Scanning".At any time, you can validate virus scan engine connectivity, using the
command:beectl
validate_virus_scan_engine_connectivity
beectl> validate_virus_scan_engine_connectivity [ --hostname <scanengine_hostname>] [ --port <scanengine_port> ]
To add a virus scanning engine to Oracle Beehive, perform the following steps:
Install and configure a virus scanning application. In Oracle Beehive Release 1, only Symantec Scan Engine version 5.1.2 or later is supported
Update Oracle Beehive with the virus scanner's host name and port, using the
command.beectl
add_virus_scan_engine
In Oracle Beehive version 1.2 or earlier, use the following syntax:
./beectl add_virus_scan_engine --hostname <scanengine_hostname> --port <scanengine_port> --test_connection <true/false>
In Oracle Beehive 1.3 or later, use the following syntax:
./beectl add_virus_scan_engine --hostname <scanengine_hostname> --port <scanengine_port> --validate_connection <true/false>
Note:
You can use this command to add multiple virus scan engines. Issue the command once for each virus scan engine you want to add.Specify a virus scan policy for Oracle Beehive, by using the
command:beectl
modify_virus_scan_policy
./beectl modify_virus_scan_policy --scanpolicy <virusscanpolicy>
The following are valid values for <virusscanpolicy>
:
NO_SCAN_OR_REPAIR
SCAN_ONLY
SCAN_AND_REPAIR
When the <virusscanpolicy>
is set to NO_SCAN_OR_REPAIR
, virus scanning is disabled.
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
Virus scanning and attachment blocking must be enabled explicitly on a per-VMS basis. Attachments can be blocked based on the filename's extension, such as ".zip" or ".exe".
You can enable attachment blocking only, enable virus scanning only, or enable both virus scanning and attachment blocking:
You can enable virus checking at pre-resolution or post-resolution. Perform the following steps to enable e-mail virus checking (but not enable attachment blocking).
In the XML file example in this procedure, the following components are defined:
virusStrip: checks the messages for viruses
virusIf: sends a notification if the message contains a virus
wrapperIf: repairs the infected message and wraps it in a new message before delivery
These are combined in a sequence and called by the toplevel rule.
Create an XML file in an accessible location, by using the following template. Substitute all bold items in this XML example with the appropriate values:
Replace YOUR_VMS_NAME
with a VMS name that processes the e-mails on which you want to perform attachment blocking, such as InboundVMS
Replace VIRUS_NOTIFICATION_BODY
and VIRUS_NOTIFICATION_SUBJECT
with the body and subject of the notification e-mail that is returned to a user that attempts to send a message containing a blocked attachment
Replace SENDER_EMAIL_ADDRESS
with the address that will appear in the sender line of the notification e-mail header.
Replace WRAPPER_BODY
and WRAPPER_SUBJECT
with the body and subject of the wrapping e-mail for the final e-mail
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"><string>VirusRules</string></void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="11"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.mail.functions.StripMOMPartFunction"> <void property="name"><string>stripMomFunction</string></void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.functions.MailVirusScannerFunction"> <void property="name"><string>vScanFunction</string></void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="name"><string>virusStrip</string></void> <void property="children"> <array class="java.lang.String" length="2"> <void index="0"><string>stripMomFunction</string></void> <void index="1"><string>vScanFunction</string></void> </array> </void> <void property="mode"><string>PIPELINE</string></void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.mail.actions.SendVirusNoticeAction"> <void property="name"><string>SendNotfnAction</string></void> <void property="composer"> <object class="oracle.ocs.mail.service.mom.TemplateMOMComposer"> <void property="bodyTemplate"><string>VIRUS_NOTIFICATION_BODY</string></void> <void property="notifySender"><boolean>true</boolean></void> <void property="sender"> <object class="oracle.ocs.mail.service.mom.MsgParticipant"> <void property="emailAddress"> <object class="oracle.ocs.mail.mime.EmailAddress"> <void property="addressString"><string>SENDER_EMAIL_ADDRESS</string></void> <void property="encodedPersonal"><string></string></void> </object> </void> </object> </void> <void property="subjectTemplate"><string>VIRUS_NOTIFICATION_SUBJECT</string></void> <void property="useSystemOrigin"><boolean>true</boolean></void> </object> </void> </object> </void> <void index="4"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.ContainVirusPredicate"> <void property="name"><string>ContainsVirus</string></void> </object> </void> <void index="5"> <object class="oracle.ocs.mail.service.ruleengine.IfThenElseRule"> <void property="name"><string>virusIf</string></void> <void property="if"><string>ContainsVirus</string></void> <void property="then"><string>SendNotfnAction</string></void> </object> </void> <void index="6"> <object class="oracle.ocs.mail.service.ruleengine.mail.actions.WrapModifiedMessageAction"> <void property="name"><string>WrapperAction</string></void> <void property="composer"> <object class="oracle.ocs.mail.service.mom.TemplateMOMComposer"> <void property="attachOriginal"><boolean>true</boolean></void> <void property="bodyTemplate"><string>WRAPPER_BODY</string></void> <void property="useOldMsgHeaders"><boolean>true</boolean></void> <void property="subjectTemplate"><string>WRAPPER_SUBJECT</string></void> <void property="useSystemOrigin"><boolean>true</boolean></void> </object> </void> </object> </void> <void index="7"> <object class="oracle.ocs.mail.service.ruleengine.IfThenElseRule"> <void property="name"><string>wrapperIf</string></void> <void property="if"><string>NeedWrapper</string></void> <void property="then"><string>WrapperAction</string></void> </object> </void> <void index="8"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.NeedWrapperPredicate"> <void property="name"><string>NeedWrapper</string></void> </object> </void> <void index="9"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="children"> <array class="java.lang.String" length="3"> <void index="0"><string>virusStrip</string></void> <void index="1"><string>virusIf</string></void> <void index="2"><string>wrapperIf</string></void> </array> </void> <void property="mode"><string>SEQUENCE</string></void> <void property="name"><string>ScanRepairNotify</string></void> </object> </void> <void index="10"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelAction"> <void property="argumentType"><string>oracle.ocs.mail.service.mom.MsgContentAndEnvelope</string></void> <void property="group"><string>THE_RULE</string></void> <void property="name"><string>THE_RULE</string></void> <void property="rootRule"><string>ScanRepairNotify</string></void> </object> </void> </array> </void> </object> </java>
You can enable virus checking at pre-resolution, or at post-resolution:
To enable virus checking at pre-resolution, use the
command to upload the XML file, overwriting the PreResolutionRules transport property:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name PreResolutionRules --file <YOUR_XML_FILE>
To enable virus checking at post-resolution, use the
command to upload the XML file, overwriting the PostResolutionRules transport property:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name PostResolutionRules --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
You can enable attachment blocking at pre-resolution or post-resolution. Perform the following steps to enable e-mail attachment blocking (but not enable virus scanning).
In the XML file example in this procedure, the following components are defined:
StripAttachment: looks for file extensions and removes attached files that match
RemoveFileExtensions: calls this rule for messages that originate from locations you have defined; for example, you could define that internal users are allowed to send files with the .exe
extension, but files of this type originating externally are assumed to be malicious and are blocked
AttachStripNotify: sends a notification message that a file attachment was removed from the message
wrapperIf: modifies the original message to indicate that the attachment was removed and includes the repaired version
These are all combined in a sequence by the main rule CheckAttachedFiles.
Create an XML file in an accessible location, by using the following template. Substitute all bold items in this XML example with the appropriate values:
Replace YOUR_VMS_NAME
with a VMS name that processes the e-mails on which you want to perform attachment blocking, such as InboundVMS
In this example, .zip
and .exe
are shown as two attachments to be blocked. Replace or add to these with extensions you want to be blocked
Replace EXT_NOTIFICATION_BODY
and EXT_NOTIFICATION_SUBJECT
with the body and subject of the notification e-mail that is returned to a user that attempts to send a message containing a blocked attachment
Replace WRAPPER_BODY
and WRAPPER_SUBJECT
with the body and subject of the wrapping e-mail for the final e-mail
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"> <string>AttachmentBlockRules</string> </void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="13"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.mail.functions.StripMOMPartFunction"> <void property="name"><string>stripFunction</string></void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.functions.ExtensionSearchFunction"> <void property="name"><string>AttachmentSearch</string></void> <void property="extensions"> <object class="java.util.ArrayList"> <void method="add"><string>exe</string></void> <void method="add"><string>zip</string></void> </object> </void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="name"><string>StripAttachment</string></void> <void property="children"> <array class="java.lang.String" length="2"> <void index="0"><string>stripFunction</string></void> <void index="1"><string>AttachmentSearch</string></void> </array> </void> <void property="mode"><string>PIPELINE</string></void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.IfThenElseRule"> <void property="name"><string>RemoveFileExtensions</string></void> <void property="if"><string>MsgOriginPred</string></void> <void property="then"><string>StripAttachment</string></void> </object> </void> <void index="4"> <object class="oracle.ocs.mail.service.ruleengine.mail.actions.SendExtNoticeAction"> <void property="name"><string>SendNotification</string></void> <void property="composer"> <object class="oracle.ocs.mail.service.mom.TemplateMOMComposer"> <void property="bodyTemplate"><string>EXT_NOTIFICATION_BODY</string></void> <void property="notifySender"><boolean>true</boolean></void> <void property="subjectTemplate"><string>EXT_NOTIFICATION_SUBJECT</string></void> </object> </void> </object> </void> <void index="5"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.ContainBadExtPredicate"> <void property="name"><string>BadAttachment</string></void> </object> </void> <void index="6"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.MsgOriginPredicate"> <void property="name"><string>MsgOriginPred</string></void> <void property="adapter"><string>YOUR_VMS_NAME</string></void> </object> </void> <void index="7"> <object class="oracle.ocs.mail.service.ruleengine.IfThenElseRule"> <void property="name"><string>AttachStripNotify</string></void> <void property="if"><string>BadAttachment</string></void> <void property="then"><string>SendNotification</string></void> </object> </void> <void index="8"> <object class="oracle.ocs.mail.service.ruleengine.mail.actions.WrapModifiedMessageAction"> <void property="name"><string>WrapMessage</string></void> <void property="composer"> <object class="oracle.ocs.mail.service.mom.TemplateMOMComposer"> <void property="attachOriginal"><boolean>true</boolean></void> <void property="bodyTemplate"><string>WRAPPER_BODY</string></void> <void property="subjectTemplate"><string>WRAPPER_SUBJECT</string></void> <void property="useOldMsgHeaders"><boolean>true</boolean> </void> </object> </void> </object> </void> <void index="9"> <object class="oracle.ocs.mail.service.ruleengine.IfThenElseRule"> <void property="name"><string>wrapperIf</string> </void> <void property="if"><string>NeedsWrapper</string></void> <void property="then"><string>WrapMessage</string> </void> </object> </void> <void index="10"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.NeedWrapperPredicate"> <void property="name"> <string>NeedsWrapper</string> </void> </object> </void> <void index="11"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="name"><string>CheckAttachedFiles</string> </void> <void property="children"> <array class="java.lang.String" length="3"> <void index="0"><string>RemoveFileExtensions</string></void> <void index="1"><string>AttachStripNotify</string></void> <void index="2"> <string>wrapperIf</string></void> </array> </void> <void property="mode"><string>SEQUENCE</string> </void> </object> </void> <void index="12"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelAction"> <void property="name"><string>THE_RULE</string></void> <void property="group"><string>THE_RULE</string></void> <void property="rootRule"><string>CheckAttachedFiles</string></void> <void property="argumentType"><string>oracle.ocs.mail.service.mom.MsgContentAndEnvelope</string></void> </object> </void> </array> </void> </object> </java>
You can enable attachment blocking at pre-resolution, or at post-resolution:
To enable attachment blocking at pre-resolution, use the
command to upload the XML file, overwriting the PreResolutionRules transport property:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name PreResolutionRules --file <YOUR_XML_FILE>
To enable attachment blocking at post-resolution, use the
command to upload the XML file, overwriting the PostResolutionRules transport property:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name PostResolutionRules --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
You can enable both attachment blocking and virus scanning. Virus scanning only works if you first perform the steps in "Adding a Virus Engine to Oracle Beehive", and set the <virusscanpolicy>
to either SCAN_ONLY
or SCAN_AND_REPAIR
.
The key to combining both attachment blocking and virus checking is the rule in the following XML segment:
<void index="##"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="name"><string>CheckAttachedFiles</string> </void> <void property="children"> <array class="java.lang.String" length="5"> <void index="0"><string>virusStrip</string></void> <void index="1"><string>virusIf</string></void> <void index="2"><string>RemoveFileExtensions</string></void> <void index="3"><string>AttachStripNotify</string></void> <void index="4"> <string>wrapperIf</string></void> </array> </void> <void property="mode"><string>SEQUENCE</string> </void> </object> </void>
So the combined action is a sequence of the following steps:
Checking and repairing virus messages
Sending a virus notification if a message is infected
Checking and removing disallowed attachment filetypes
Sending a notification of disallowed attachment filetype found
Wrapping the modified message in a new one for final delivery
The relevant XML can be combined; note the index values and the various array length attributes must be updated to correspond with the new output. This has been done in the following procedure.
To enable both attachment blocking, and virus scanning:
Create an XML file in an accessible location, by using the following template. Substitute all bold items in this XML example with the appropriate values:
Replace YOUR_VMS_NAME
with a VMS name that processes the e-mails on which you want to perform attachment blocking, such as InboundVMS
Replace YOUR_EXTENSION
with extension to be blocked, such as .zip
or .exe
Replace EXT_NOTIFICATION_BODY
and EXT_NOTIFICATION_SUBJECT
with the body and subject of the notification e-mail that is returned to a user that attempts to send a message containing a blocked attachment
Replace VIRUS_NOTIFICATION_BODY
and VIRUS_NOTIFICATION_SUBJECT
with the body and subject of the notification e-mail that is returned to a user that attempts to send a message containing a detected virus
Replace WRAPPER_BODY
and WRAPPER_SUBJECT
with the body and subject of the wrapping e-mail for the final e-mail
You can enable attachment blocking and virus checking at pre-resolution, or at post-resolution:
To enable attachment blocking and virus checking at pre-resolution, use the the
command to upload the XML file, overwriting the PreResolutionRules transport property:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name PreResolutionRules --file <YOUR_XML_FILE>
To enable attachment blocking and virus checking at post-resolution, use the the
command to upload the XML file, overwriting the PostResolutionRules transport property:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name PostResolutionRules --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
"Dead Letter" is the notification returned for undeliverable messages. Use the following procedure to set up and enable Dead Letter in Oracle Beehive.
In the following XML example, "Origins" are the VMS names that the rule will apply to, such as "InboundVMS", "OutboundVMS", and so forth. For example, it might be that you do not want to send dead letter e-mails back out to the Internet, because this could be a way of un-necessarily replying to spam. In this case, you would not include the InboundVMS as one of the "Origins".
Create an XML file in an accessible location, by using the following template. Substitute all bold items in this XML example with the appropriate values:
Replace YOUR_ORIGIN_1
and YOUR_ORIGIN_2
with the origin name of the e-mails you always want to send dead letter notification
Replace YOUR_OPTIONAL_ORIGIN
with the origin name of the e-mails you might want to send dead letter notification
Replace OPTIONAL_ORIGIN
with true if you want to send dead letter to YOUR_OPTIONAL_ORIGIN
Replace DEAD_LETTER_BODY
and DEAD_LETTER_SUBJECT
with strings of body and subject you want to appear in dead letter e-mail messages
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"><string>DeadLetterRuleEngine</string></void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="4"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.DeadLetterPredicate"> <void property="name"><string>DeadLetterPredicate</string></void> <void property="enabledOptionalOrigins"><boolean> true | false</boolean></void> <void property="mainOrigins"> <object class="java.util.ArrayList"> <void method="add"><string>YOUR_ORIGIN_1</string></void> <void method="add"><string>YOUR_ORIGIN_2</string></void> </object> </void> <void property="optionalOrigins"> <object class="java.util.ArrayList"> <void method="add"><string>YOUR_OPTIONAL_ORIGIN</string></void> </object> </void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.actions.SendDeadLetterAction"> <void property="name"><string>SendDeadLetterAction</string></void> <void property="composer"> <object class="oracle.ocs.mail.service.mom.TemplateMOMComposer"> <void property="attachOriginal"><boolean>true | false</boolean></void> <void property="bodyTemplate"><string>DEAD_LETTER_BODY</string></void> <void property="subjectTemplate"><string>DEAD_LETTER_SUBJECT</string></void> </object> </void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.IfThenElseRule"> <void property="name"><string>ifTree</string></void> <void property="if"><string>DeadLetterPredicate</string></void> <void property="then"><string>SendDeadLetterAction</string></void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelAction"> <void property="name"><string>DeadLetterRule</string></void> <void property="group"><string>DeadLetterRule</string></void> <void property="rootRule"><string>ifTree</string></void> <void property="argumentType"> <string>oracle.ocs.mail.service.mom.MsgContentAndEnvelope</string> </void> </object> </void> </array> </void> </object> </java>
Use the
command to upload the XML file, overwriting the MsgTerminusRules:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name MsgTerminusRules --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
You can define multiple endpoints for an Oracle Beehive SMTP server. An endpoint scheme contains a specification of protocol, a string or wildcard used as a filter, and a port. For example, MX:*:2226
. Perform the following steps to modify the default endpoint, and define additional endpoints:
If you are going to enable more than one endpoint, enable the Multiple Endpoint Flag by using the
command:beectl
modify_property
./beectl modify_property --component <YOUR_SMTP_PROPS_ID> --name AssumeSingleEndpoint --value false
If you want, you can modify the default endpoint name and scheme:
List all endpoints using the
command:beectl
list_properties
./beectl list_properties -component <YOUR_SMTP_PROPS_ID> --name EndpointPropertiesList
The result should include an ID for the default endpoint.
Change the current endpoint using the
command:beectl
modify_property
./beectl modify_property --component <YOUR_ENDPOINT_ID> --name EndpointName --value <YOUR_ENDPOINT_NAME>
To change the endpoint scheme:
./beectl modify_property --component <YOUR_ENDPOINT_ID> --name EndpointScheme --value <YOUR_ENDPOINT_SCHEME>
An example endpoint scheme might be MX:*:2226
Create one or more new endpoints using the following steps:
Create a new endpoint configuration object by using the
command:beectl
add_configuration_object
./beectl add_configuration_object --type 'oracle.ocs.management.model.EmailService$EndpointProperties'
The result should include an ID for the new configuration object
Set the name of endpoint using the
command:beectl
modify_property
./beectl modify_property --component <YOUR_ENDPOINT_ID> --name EndpointName --value <YOUR_ENDPOINT_NAME>
Set the endpoint scheme of the new endpoint:
./beectl modify_property --component <YOUR_ENDPOINT_ID> --name EndpointScheme --value <YOUR_ENDPOINT_SCHEME>
Append the new endpoint to the SMTP server's EndpointPropertiesList, by using the
command:beectl
append_value
./beectl append_value --component <YOUR_SMTP_PROPS_ID> --name EndpointPropertiesList --value <YOUR_ENDPOINT_ID>
To validate and commit your proposed configuration changes, run the
command:beectl
activate_configuration
./beectl activate_configuration
In some cases, you may want to configure Oracle Beehive to accept inbound e-mails sent to addresses within an acceptable domain, but of users whose address is not within Oracle Beehive. For example, if your domain is example.com, you may wish to accept (and subsequently relay) a message for User1@example.com, even though there is no User1 in Oracle Beehive.
By default such "invalid local users" are blocked. Use the
command to enable acceptance of such addresses:beectl
modify_property
./beectl modify_property --component YOUR_TRANSPORT_PROPS_ID --name AcceptInvalidLocalUsers --value true
To configure further relaying of such addresses, follow the instructions in "Setting Up Relay Servers".
You can use dispatch rules to configure domains (and domain IP ranges) for routing outbound messages to the outbound VMS. Domains not specified will not be routed to the outbound VMS.
To configure outbound Dispatch Rules, perform the following procedure:
Create an XML file in an accessible location, by using the following template. Substitute all bold items in this XML example with the appropriate values:
Replace *.your_company.com
with your company host's domain. For example, *.oracle.com
Replace IP_RANGE_HERE
with your internal domain range. For example, 127.0.0.1-127.0.0.2
Replace ENDPOINT_NAME_HERE
with the endpoint name that accepts connections from desired users
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-7ffb</string>
</void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="5"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.HostFilterPredicate"> <void property="name"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-8000</string> </void> <void property="patterns"> <array class="java.lang.String" length="2"> <void index="0"> <string>*.your_company.com</string> </void> <void index="1"> <string>IP_RANGE_HERE</string> </void> </array> </void> <void property="scope"> <string>remoteHost</string> </void> <void property="truthValue"> <string>OutboundVMS</string> </void> </object> </void> <void index="1"> <object class="oracle.ocs.mail.service.ruleengine.mail.predicates.StringPatternPredicate"> <void property="name"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-7fff</string> </void> <void property="pattern"> <string>ENDPOINT_NAME_HERE</string> </void> <void property="scope"> <string>endPoint</string> </void> <void property="truthValue"> <string>OutboundVMS</string> </void> </object> </void> <void index="2"> <object class="oracle.ocs.mail.service.ruleengine.Rule"> <void property="name"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-7ffe</string> </void> <void property="truthValue"> <string>InboundVMS</string> </void> </object> </void> <void index="3"> <object class="oracle.ocs.mail.service.ruleengine.CompositeRule"> <void property="children"> <array class="java.lang.String" length="3"> <void index="0"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-8000</string> </void> <void index="1"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-7fff</string> </void> <void index="2"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-7ffe</string> </void> </array> </void> <void property="mode"> <string>OR</string> </void> <void property="name"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-7ffd</string> </void> </object> </void> <void index="4"> <object class="oracle.ocs.mail.service.ruleengine.TopLevelFunction"> <void property="argumentType"> <string>oracle.ocs.mail.service.inetmail.smtp.server.VMSChoiceArgs</string> </void> <void property="group"> <string>default</string> </void> <void property="name"> <string>default</string> </void> <void property="resultType"> <string>java.lang.String</string> </void> <void property="rootRule"> <string>fb6489f17f01c640:3f0ba428:113745bb91f:-7ffd</string> </void> </object> </void> </array> </void> </object> </java>
Use the
command to upload the XML file, overwriting the VMSEvaluator property of your SMTP server:beectl
modify_property
./beectl modify_property --component <YOUR_SMTP_PROPS_ID> -name VMSEvaluator --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
To specify one or more local users domains, use the
command to modify the LocalEmailPatterns property of the E-mail Service:beectl
append_value
./beectl append_value --component _EmailService --name LocalEmailPatterns --value "*@<YOUR_DOMAIN>"
You can add more than one domain to LocalEmailPatterns. The
command appends a value to any existing values, or you can use the beectl
append_value
command with multiple beectl
modify_property--value
keys:
./beectl modify_property --component _EmailService --name LocalEmailPatterns --value "*@<YOUR_DOMAIN1>" --value "*@<YOUR_DOMAIN2>"
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
In the event that you have created an undesirable set of pre-resolution, post-resolution, or message terminus Transport rules, you can use the following procedure to disable these rules, restoring Oracle Beehive E-mail to safe functionality:
Create an XML file with the following content in an accessible folder:
<java version="1.5.0_11" class="java.beans.XMLDecoder"> <object class="oracle.ocs.mail.service.ruleengine.RuleEngine"> <void property="name"><string>NullRuleEngine</string></void> <void property="rules"> <array class="oracle.ocs.mail.service.ruleengine.Rule" length="1"> <void index="0"> <object class="oracle.ocs.mail.service.ruleengine.Rule"> <void property="name"><string>NullRule</string></void> </object> </void> </array> </void> </object> </java>
Using the
command, upload the XML file to modify the transport properties, specifying which rules you want to overwrite:beectl
modify_property
./beectl modify_property --component <YOUR_TRANSPORT_PROPS_ID> --name [PreResolutionRules|PostResolutionRules|MsgTerminusRules] --file <YOUR_XML_FILE>
Validate and activate your proposed configuration using the
command:beectl
activate_configuration
./beectl activate_configuration
You may be installing Oracle Beehive in an environment with some e-mail users using pre-existing e-mail domains. You can maintain a common e-mail domain for all users, allowing new Oracle Beehive users to use the same domain, without creating a conflict between the multiple, coexisting e-mail servers.
Example
If a pre-existing user's e-mail address is user1@example.com, and Oracle Beehive is installed on a server beehive.example.com, then configure the co-existing e-mail system to auto-forward user1's e-mail to user1@beehive.example.com. Then, add an additional e-mail address for user1 in Oracle Beehive as user1@beehive.example.com, and add *@beehive.example.com
as a LocalEmailPattern.
Note:
This relies on the co-existing system's e-mail forwards being envelope forwards; e-mails will be forwarded and accepted as user1@beehive.example.com, but the message headers will still be user1@example.com, and visible that way to the Oracle Beehive user.To allow this type of coexistence, perform the following steps:
Use the
command to set the AccpetInvalidLocalUsers transport property to true:beectl
modify_property
./beectl modify_property --component <transport_props_id> --name AcceptInvalidLocalUsers --value true
Append the e-mail domain you want to use with Oracle Beehive to the SMTP Server's LocalEmailPatterns property, using the
command:beectl
append_value
./beectl append_value --component <smtp_props_id> --name LocalEmailPatterns --value "*@domain.com"
Or for multiple domains:
./beectl append_value --component <smtp_props_id> --name LocalEmailPatterns --value *@domain.com --value *@domain2.com
Configure the e-mail transport delivery rules, to specify the local domains for Oracle Beehive. See "Specifying a Local Users Domain" for instructions
On the non-Oracle Beehive e-mail system, configure user accounts of Oracle Beehive users to automatically forward to the Oracle Beehive SMTP Server. For each Oracle Beehive users, add an additional e-mail address.