Before you can administer a server, its place in a deployment scheme must be determined and it must be installed. This section gives an overview of the issues involved in designing and installing a messaging solution with Netscape Messaging Server. It outlines some important deployment concepts and installation configurations to be considered, and then summarizes the installation process for a single server.
For complete documentation on Messaging Server installation, see Installing Messaging Server 4.0. For more in-depth information on the deployment and installation-configuration topics presented here, see Managing Servers with Netscape Console, and Chapter 9, Message Routing, in this book.
Deployment Considerations
A successful messaging installation requires careful planning and execution. This section discusses some of the most basic topics to be considered in implementing a messaging solution with Messaging Server, including
This is not an exhaustive list of topics, and the discussion here won't by itself allow you to design and deploy a messaging solution; it provides only a context for subsequent server-specific discussions. For more in-depth information, consult the references listed with each topic.
Each installed Messaging Server is one component of the messaging solution implemented for your enterprise. Figure 1.1 is a simplified diagram of the principal components that might be found in an enterprise messaging solution. (Service providers may have additional components, as discussed in Enterprise vs. ISP Topologies.) How your Messaging Server needs to interact with clients, with other Messaging Servers, and with the other components shown in Figure 1.1 will affect how you install, configure, and maintain the server.
Figure 1.1 Potential components of an enterprise messaging solution
Sizing and Topology
Messaging installations that use Netscape Messaging Server are highly scalable. One or more servers can be organized into a messaging infrastructure that supports anywhere from a few users up to potentially millions of users.
Designing the network topology for a messaging solution, and calculating the numbers and sizes of host machines and server instances required (both today and in the foreseeable future), is a basic deployment task. It is also, typically, an iterative process.
One way to start is by relating your total user base to basic server capacity information:
Start by assuming your total anticipated number of users.
Estimate your peak load: how many of your users need simultaneous access their POP or IMAP mailboxes? Compare that to benchmark results of the maximum number of simultaneous connections possible with Messaging Server 4.0 on a given hardware configuration. Given those figures, estimate how many servers you need to handle your users.
Estimate your message traffic: how many total messages need to be sent through your messaging system per day? Compare that to benchmark results of the maximum message-transfer rate possible with Messaging Server 4.0 on a given hardware configuration. Given those figures, estimate how many servers you need to handle the message flow.
Note that benchmark studies and field deployments have shown that a single Messaging Server, installed on a moderately powerful, single-processor, dedicated server host machine with sufficient memory and storage, can, under optimum conditions, support several thousand users and deliver tens to hundreds of thousands of messages per day. Furthermore, these figures scale to much higher numbers as you add more processors to the host machine.
Initial estimates you make in this way are just the start of a sizing effort. Messaging Server and the other components it relies on function in a complex network of interactions, and requirements for specialization and redundancy can add further complexity. Multiple stages of recalculation, including actual field testing, are required as additional components and refinements are brought into the design.
Your Netscape representative can also help you address sizing questions, both for a new installation and for scaling existing installations to meet added demand. Consultants from Netscape's Worldwide Professional Services are also available to help design and implement installations of any size or complexity.
Role of DNS
The Domain Name Service (DNS) is an integral part of Internet communication; it converts names to machine addresses. DNS is a requirement for routing mail in a Netscape messaging installation. Unix and Windows NT operating-system vendors make DNS available with their operating systems. For complete information on setting up and using DNS, see DNS and BIND, 2nd ed., by Paul Albitz and Cricket Liu (O'Reilly).
Your enterprise must have at least one DNS server (the primary server) that has authoritative information for the names in your domain. You can have other DNS servers as well, on several host machines in several locations. Your DNS servers may be on machines dedicated to DNS or on machines with other responsibilities as well. Firewall machines are commonly used also as DNS servers.
Fundamentally, DNS translates host names and domain names to IP addresses, and vice versa. DNS uses Address (A) records for this purpose. Therefore, you need to make sure that your DNS server has A records for all Messaging Server hosts in your enterprise.
Secondarily, DNS can also translate domain names and host names to other host names. DNS uses Mail Exchange (MX) records for this purpose. This feature allows you to create private domains and to use domain-based email addresses (such as sandee@airius.com) instead of host-specific email addresses (such as sandee@mail1.airius.com).
The way you set up DNS affects which of your servers first handle incoming messages, which ones pass outgoing messages to external recipients, and how messages within the enterprise get to the right mailbox server. For details on setting up A records and MX records, see Chapter 9, Message Routing.
SMTP routing table.
Each Messaging Server instance keeps a local SMTP routing table that, in addition to DNS, can determine the proper destination server for a message based on the recipient's address or domain. Entries in the routing table are optional, but they provide a method for directly transferring messages from one server to another. Routing-table entries are commonly used, for example, to directly transfer all outside messages to a firewall server. For more information, see Chapter 9, Message Routing.
The Role of the LDAP Directory
Messaging Server 4.0 requires the use of an LDAP directory, such as Netscape Directory Server, for storing both server-configuration settings and mail-account information (Figure 1.2). A Directory Server must already have installed somewhere on your network before you can install Messaging Server.
Figure 1.2 User directory and configuration directory
The LDAP user directory in which your Messaging Server stores account information is typically on a separate host machine. A single Directory Server can manage the user directory for a very large organization, although for performance reasons all or parts of the directory are often replicated to one or more other machines. Setting up a directory is covered in detail in Directory Server Deployment Guide and Directory Server Administrator's Guide.
The entry for each user's account in the user directory includes mail-addressing and mail-routing attributes for that account. Whenever Messaging Server receives a message, it checks the user directory to make sure that the recipient's mail address (such as sandee@airius.com) exists in the directory; if it does, Messaging Server routes the mail to the recipient's host server, also indicated in the directory entry. Routing the message may involve rewriting the mail address.
The process that Messaging Server uses to match a user in the directory with an email address can be complex. You can specify at least the following attributes for each user's directory entry: primary mail address, alternate mail addresses, mail host, and mail-routing address. For detailed information on how Messaging Server uses these mail-related attributes, see Chapter 9, Message Routing.
Separation of Services
For increased performance and security, large enterprises may want to separate their messaging services by placing them on different host machines. As noted in Figure 1.1, for example, mailbox services might be separated from centralized message-transfer services at a mail hub. Furthermore, different mailbox servers might be specialized for only POP or only IMAP. Other enterprises might in addition separate outgoing messages from incoming messages, channeling them through different SMTP mail hubs.
Such specializations increase the total number of servers and hosts in the enterprise and can greatly increase the complexity of routing configurations. As a result, directory services, DNS records, and SMTP routing tables need careful setup.
Redundancy Requirements
Server software is not perfect, nor are the host machines and network hardware it relies on. Almost any enterprise needs to plan for backup and for failover in case any of its important servers go down.
Therefore, in designing a messaging installation, be sure to consider the consequences of a failure of each individual Messaging Server and its host machine. Usually this means providing extra, redundant machines that can automatically take over a given server's tasks if it should fail. In installations in which messaging is distributed among specialized machines, servers already used to implement distributed functionality and replication can also function as failover servers (see Figure 1.3.)
Figure 1.3 Redundancy in a portion of a messaging installation
Designing your messaging topology for redundancy and setting up automatic failover capability can add greater complexity to an already complex configuration in a large installation.
Firewalls and Messaging
Most enterprises connected to the Internet maintain some form of firewall, a hardware or software barrier intended to prevent unauthorized external users from accessing the enterprise's servers and host machines. You can increase security by locating Messaging Servers behind the firewall, and channeling all mail access to the enterprise through one or more mail hubs, as shown in Figure 1.1. Channeling all outgoing mail through another hub provides additional control and security, allowing you to rewrite addresses or otherwise control information that leaves your enterprise.
For enterprises that receive a large volume of external mail, it might be optimal to place one Messaging Server, containing only publicly accessible accounts, outside the firewall. That server in turn would have limited access to internal servers, across the firewall, for forwarding messages to internal accounts.
Using a setup with mail hubs communicating across a firewall requires careful setup of firewall routing configurations, DNS services, and possibly SMTP routing tables to handle the complex routing possibilities. If you place a mail server outside the firewall, you might need to use a separate, external, directory server as well.
Creation and Migration of Mail Accounts
Installing Messaging Server does not by itself create any user or group accounts or migrate existing proprietary mail accounts to the user directory. Messaging Server provides the Netscape Console graphical interface for entering user and group information for individual accounts; it provides command-line utilities for batch migration of large numbers of users to Netscape messaging from existing mail systems.
For instructions on how to enter and modify mail-related attributes in the user directory, see Chapter 4, Managing Mail Users and Mailing Lists. For instructions on migrating sendmail user accounts to the LDAP user directory, see Appendix C, sendmail Migration and Compatibility.
Enterprise vs. ISP Topologies
Enterprises with messaging intranets for employees are similar to Internet service providers (ISPs) with messaging hosting for subscribers, in that can both be required to support many thousands of accounts and a high volume of daily traffic. Typical network topologies and server configurations may differ, however.
For example, an enterprise might have many internal, directly connected mail users, with client machines and mail hosts located mostly inside the company firewall. Domain names may relate directly to host IP addresses. Client connections to mail servers may be frequent and heavy during the day, but drop off sharply after hours. Clients may stay connected for long periods.
An ISP, on the other hand, may have many servers but very few onsite client machines. Its customers typically retrieve their mail through dial-up connections. The ISP may offer custom domain services and thus may have multiple server instances per physical host machine. At the same time, ISPs may want to isolate users from specific mail hosts and thus are more likely to use a solution like Messaging Multiplexor. ISPs may have a larger proportion of mailbox servers to hubs than do most enterprises. Redundancy for 100% reliability may be even more important to an ISP than to many enterprises. Client connections to the mail servers may be less frequent and shorter in duration, but they also may be spread out over more hours during the day, especially during the evening. ISPs, even more than enterprises, may be concerned with denying access to unauthorized users and filtering out unsolicited bulk email (UBE) to keep it from filling their customers' mailboxes.
Differences like these all have effects on the implementation of mail-routing strategies, access-filtering techniques, server-performance tuning, and server-installation configuration. For more information on access filtering and UBE filtering, see Chapter 2, Configuring IMAP and POP Services, and Chapter 8, Filtering Unsolicited Bulk Email, in this book.
Installation Configurations
To deploy a messaging solution that meets your needs and addresses the issues raised in the previous section, you may need to install Netscape Messaging Server on different host machines in different installation configurations. Depending on the size and purpose of your enterprise and the nature of your network and system hardware, your messaging deployment can consist of one or many instances of Messaging Server, on one or many host machines, with identical or different messaging capabilities. Required supporting software--such as Netscape Console, Administration Server, Directory Server, and the DNS service--may also be concentrated or distributed across your network.
This section summarizes the common Messaging Server installation configurations. For more detailed information on installation configuration and on the interaction between Netscape Messaging Server and other services, see Managing Servers with Netscape Console. For additional information on LDAP directories and the Netscape Directory Server, see the Directory Server documentation.
All Services on One Host
A one-host configuration (shown in Figure 1.4) can be practical for smaller installations. It economizes on server hardware at the expense of performance and capacity. (It also provides no backup, should the one server fail.)Nevertheless, it is possible to use a single host machine to house everything. Note that, in this configuration, the single server root (the directory into which all Netscape servers are installed) contains the three required Netscape servers--Messaging Server, Directory Server, and Administration Server--as a single server group (the set of servers managed by a single Administration Server). The single Directory Server in this case manages both the user directory (which contains mail-account information) and the configuration directory (which contains server-configuration information). The DNS service and Netscape Console are also on the same host machine.
Figure 1.4 All messaging-related services on a single host
In this configuration the one host machine must have sufficient performance capacity to handle all services without undue strain. It must also have sufficient storage capacity to hold all messages and all directory information for the enterprise.
One Messaging Server per Dedicated Host
A common deployment configuration is to have a dedicated host machine for each Messaging Server instance. As Figure 1.5 shows, the LDAP directory (or directories, if user and configuration directories are separated), the DNS service, and possibly Netscape Console are on separate hosts from the installed Messaging Server. There may be one or several messaging host machines, but each contains a single server root in which a single Messaging Server and its Administration Server make up the server group.
Figure 1.5 Single Messaging Server on a single host
This configuration allows for optimizing each server host machine for strictly messaging tasks. Different divisions or offices of the enterprise may each have their own Messaging Server in a configuration like this one, perhaps with all servers accessing a single user directory on a dedicated host machine.
Specialized Messaging Services on Each Host
Another common deployment configuration, especially in larger installations, is to implement only certain messaging services on each host machine. As shown in Figure 1.6, for example, a centralized mail hub server, using only SMTP, connects to individual mailbox servers that use only POP or only IMAP to send mail to their users.
Figure 1.6 Mail hub and mailbox servers on separate hosts
This configuration can increase security (because outsiders can connect only at one point, the mail hub), and it allows for optimizing each server machine for the specific service (SMTP, POP, IMAP) that it supports.
Multiple Server Instances per Host
If appropriate for your needs, you can install multiple server instances on a single host machine. As the example in Figure 1.7 shows, a single server root contains a server group consisting of one Administration Server and multiple instances of Messaging Server. All Messaging Server instances run from a single installed set of executable programs and libraries.
Figure 1.7 Multiple instances of Messaging Server on a single host
This configuration allows multiple custom domain names to be created for a single machine that has a single IP address. A host machine in this configuration must have sufficient capacity to execute and store messages from all the server instances.
Multiple Server Roots per Host
If a single host machine includes Netscape servers that have different version numbers, it may be necessary to create separate server groups, and thus separate server root directories, on the machine. Figure 1.8 shows an example in which some employees in an enterprise are using Netscape Messaging Server 3.0, while others have upgraded to Netscape Messaging Server 4.0. Both servers are running on the same host machine.
Figure 1.8 Two versions of Messaging Server on a single host
This configuration may be necessary because different versions of Messaging Server may require different directory structures or different versions of the Administration Server. The Netscape Server Setup program facilitates this configuration, letting you create a separate server root when you install new servers and leaving an existing server root undisturbed.
This configuration is commonly used for pilot deployment of new server versions, for creating a temporary setup until all users migrate to the newer version, or even for failover protection, with different server instances stored on different physical storage devices.
The Installation Process
All Netscape servers, and also the Netscape Console application that you use to manage them, are installed by running the Netscape Server Setup program. The program is provided with every Netscape server product.
This section only summarizes the installation process. For detailed instructions on installing Netscape Messaging Server, see the document Installing Messaging Server 4.0 (file Install.htm) in your installation package. For additional general information on the Netscape Server Setup Program, see Managing Servers with Netscape Console.
Before you install Messaging Server, your Netscape Directory Server (version 3.1 or later) must be installed and your DNS service set up. Then you can install Messaging Server onto its host machine.
In summary, take these steps:
Obtain the Messaging Server installation package and unpack the files.
Whether you have obtained the package from a CD-ROM or through a network download, copy the package into a temporary directory and unpack the files into that directory.
Configure your LDAP Directory Server appropriately for messaging, using the tools provided.
The configuration tools add Messaging Server schema extensions to the configuration directory and prepare it for holding server-configuration information for this server instance.
Run the Netscape Server Setup Program (setup).
Read the Welcome message and the Licensing Agreement, select the products to be installed (servers, components, or Netscape Console), choose a level of installation (Express, Typical, or Custom), and answer the prompts.
If this is the first installation of Netscape servers on this host machine, the setup program also installs an instance of Netscape Administration Server. See Managing Servers with Netscape Console for information on how the Administration Server works and how to install and configure it.
At the last prompt, confirm the correctness of the information you have entered.
At this point, the installer extracts the appropriate files, configures the Administration Server (if it is being installed) and the Messaging Server, and starts the servers.
Installation is complete. You can now use Netscape Console (see Using Netscape Console) to continue configuring the server (see Configuring General Messaging Capabilities and Where to Go from Here).
Silent Install.
You can use the Netscape Server Setup program, along with a special configuration file, to install Messaging Server in a non-interactive mode that does not require your continued presence at the machine on which the installation occurs. If you have many similar server configurations to set up, you can place the configuration file plus the server installation package on each machine. You execute the setup program on each machine; it then extracts all information it needs from the configuration file as it performs the installation.
Whenever you perform a manual installation, the setup program creates a log file that you can use as the configuration file for subsequent silent installs. See Installing Messaging Server 4.0 for more information.
Console-only installation.
You can use the Netscape Server Setup program to install the Netscape Console alone, so that you can use it from a client machine for remote administration. The Setup program can also install Messaging Server patches and updates. See Installing Messaging Server 4.0 for details.
Post-Installation Directory and File Organization
Once you have installed Messaging Server 4.0, its directories and files are arranged in the organization depicted in Table 1.1. The table is not exhaustive; it shows only those directories and files of most interest for typical server administration tasks.
Note: Where pathnames for Windows NT and Unix installations are
identical except for separator symbols, only the Unix version is shown.
Where they differ materially, both are shown. Metavariables (replaceable
text strings) in pathnames are shown in italics.
|