Complete Contents
Chapter 1 Getting Started With Netscape Messaging Server
Chapter 2 Configuring IMAP and POP Services
Chapter 3 Configuring SMTP Services
Chapter 4 Managing Mail Users and Mailing Lists
Chapter 5 Managing the Message Store
Chapter 6 Security and Access Control
Chapter 7 Working With SMTP Plugins
Chapter 8 Filtering Unsolicited Bulk Email
Chapter 9 Message Routing
Chapter 10 Monitoring and Maintaining Your Server
Chapter 11 Logging and Log Analysis
Appendix A Command Line Utilities
Appendix B Program Delivery
Appendix C sendmail Migration and Compatibility
Appendix D SNMP MIB
Glossary
Messaging Server Administrator's Guide: Getting Started with Netscape
Next Contents Index Bookshelf


Chapter 1 Getting Started with Netscape Messaging Server

Welcome to Netscape Messaging Server 4.0. Messaging Server provides a powerful and flexible cross-platform solution to the email needs of enterprises and messaging hosts of all sizes. It uses an open, Internet-standard approach to messaging while providing lightning-fast processing of messages that is scalable to many thousands of simultaneous users.

This chapter describes how to get started administering Messaging Server 4.0, from installation through basic configuration of general messaging capabilities. It concludes with references to other chapters that contain configuration instructions and procedures for managing your server and your community of mail users.

This chapter has the following sections:


Messaging Server Features
Netscape Messaging Server 4.0 is the fourth generation of a powerful, standards-based Internet mail server. Messaging Server is designed for high-capacity, reliable handling of the messaging needs of both enterprises and service providers of all sizes, from small to extremely large.

The server consists of several modular, independently configurable components with many powerful features, including these:

Highly scalability with standard protocols:

Flexible configuration and monitoring:

Powerful security and access control:

Convenient Management Interface:

Procedures for configuring these and other features are described in this book. Depending on the current status of your messaging deployment, you may want to start with one of the following sections in this chapter:


Deployment and Installation
Before you can administer a server, its place in a deployment scheme must be determined and it must be installed. This section gives an overview of the issues involved in designing and installing a messaging solution with Netscape Messaging Server. It outlines some important deployment concepts and installation configurations to be considered, and then summarizes the installation process for a single server.

For complete documentation on Messaging Server installation, see Installing Messaging Server 4.0. For more in-depth information on the deployment and installation-configuration topics presented here, see Managing Servers with Netscape Console, and Chapter 9, Message Routing, in this book.

Deployment Considerations

A successful messaging installation requires careful planning and execution. This section discusses some of the most basic topics to be considered in implementing a messaging solution with Messaging Server, including

This is not an exhaustive list of topics, and the discussion here won't by itself allow you to design and deploy a messaging solution; it provides only a context for subsequent server-specific discussions. For more in-depth information, consult the references listed with each topic.

Each installed Messaging Server is one component of the messaging solution implemented for your enterprise. Figure 1.1 is a simplified diagram of the principal components that might be found in an enterprise messaging solution. (Service providers may have additional components, as discussed in Enterprise vs. ISP Topologies.) How your Messaging Server needs to interact with clients, with other Messaging Servers, and with the other components shown in Figure 1.1 will affect how you install, configure, and maintain the server.

Figure 1.1 Potential components of an enterprise messaging solution

Sizing and Topology

Messaging installations that use Netscape Messaging Server are highly scalable. One or more servers can be organized into a messaging infrastructure that supports anywhere from a few users up to potentially millions of users.

Designing the network topology for a messaging solution, and calculating the numbers and sizes of host machines and server instances required (both today and in the foreseeable future), is a basic deployment task. It is also, typically, an iterative process.

One way to start is by relating your total user base to basic server capacity information:

  1. Start by assuming your total anticipated number of users.
  2. Estimate your peak load: how many of your users need simultaneous access their POP or IMAP mailboxes? Compare that to benchmark results of the maximum number of simultaneous connections possible with Messaging Server 4.0 on a given hardware configuration. Given those figures, estimate how many servers you need to handle your users.
  3. Estimate your message traffic: how many total messages need to be sent through your messaging system per day? Compare that to benchmark results of the maximum message-transfer rate possible with Messaging Server 4.0 on a given hardware configuration. Given those figures, estimate how many servers you need to handle the message flow.
Note that benchmark studies and field deployments have shown that a single Messaging Server, installed on a moderately powerful, single-processor, dedicated server host machine with sufficient memory and storage, can, under optimum conditions, support several thousand users and deliver tens to hundreds of thousands of messages per day. Furthermore, these figures scale to much higher numbers as you add more processors to the host machine.

Initial estimates you make in this way are just the start of a sizing effort. Messaging Server and the other components it relies on function in a complex network of interactions, and requirements for specialization and redundancy can add further complexity. Multiple stages of recalculation, including actual field testing, are required as additional components and refinements are brought into the design.

Your Netscape representative can also help you address sizing questions, both for a new installation and for scaling existing installations to meet added demand. Consultants from Netscape's Worldwide Professional Services are also available to help design and implement installations of any size or complexity.

Role of DNS

The Domain Name Service (DNS) is an integral part of Internet communication; it converts names to machine addresses. DNS is a requirement for routing mail in a Netscape messaging installation. Unix and Windows NT operating-system vendors make DNS available with their operating systems. For complete information on setting up and using DNS, see DNS and BIND, 2nd ed., by Paul Albitz and Cricket Liu (O'Reilly).

Your enterprise must have at least one DNS server (the primary server) that has authoritative information for the names in your domain. You can have other DNS servers as well, on several host machines in several locations. Your DNS servers may be on machines dedicated to DNS or on machines with other responsibilities as well. Firewall machines are commonly used also as DNS servers.

Fundamentally, DNS translates host names and domain names to IP addresses, and vice versa. DNS uses Address (A) records for this purpose. Therefore, you need to make sure that your DNS server has A records for all Messaging Server hosts in your enterprise.

Secondarily, DNS can also translate domain names and host names to other host names. DNS uses Mail Exchange (MX) records for this purpose. This feature allows you to create private domains and to use domain-based email addresses (such as sandee@airius.com) instead of host-specific email addresses (such as sandee@mail1.airius.com).

The way you set up DNS affects which of your servers first handle incoming messages, which ones pass outgoing messages to external recipients, and how messages within the enterprise get to the right mailbox server. For details on setting up A records and MX records, see Chapter 9, Message Routing.

SMTP routing table. Each Messaging Server instance keeps a local SMTP routing table that, in addition to DNS, can determine the proper destination server for a message based on the recipient's address or domain. Entries in the routing table are optional, but they provide a method for directly transferring messages from one server to another. Routing-table entries are commonly used, for example, to directly transfer all outside messages to a firewall server. For more information, see Chapter 9, Message Routing.

The Role of the LDAP Directory

Messaging Server 4.0 requires the use of an LDAP directory, such as Netscape Directory Server, for storing both server-configuration settings and mail-account information (Figure 1.2). A Directory Server must already have installed somewhere on your network before you can install Messaging Server.

Figure 1.2 User directory and configuration directory

The LDAP user directory in which your Messaging Server stores account information is typically on a separate host machine. A single Directory Server can manage the user directory for a very large organization, although for performance reasons all or parts of the directory are often replicated to one or more other machines. Setting up a directory is covered in detail in Directory Server Deployment Guide and Directory Server Administrator's Guide.

The entry for each user's account in the user directory includes mail-addressing and mail-routing attributes for that account. Whenever Messaging Server receives a message, it checks the user directory to make sure that the recipient's mail address (such as sandee@airius.com) exists in the directory; if it does, Messaging Server routes the mail to the recipient's host server, also indicated in the directory entry. Routing the message may involve rewriting the mail address.

The process that Messaging Server uses to match a user in the directory with an email address can be complex. You can specify at least the following attributes for each user's directory entry: primary mail address, alternate mail addresses, mail host, and mail-routing address. For detailed information on how Messaging Server uses these mail-related attributes, see Chapter 9, Message Routing.

Separation of Services

For increased performance and security, large enterprises may want to separate their messaging services by placing them on different host machines. As noted in Figure 1.1, for example, mailbox services might be separated from centralized message-transfer services at a mail hub. Furthermore, different mailbox servers might be specialized for only POP or only IMAP. Other enterprises might in addition separate outgoing messages from incoming messages, channeling them through different SMTP mail hubs.

Such specializations increase the total number of servers and hosts in the enterprise and can greatly increase the complexity of routing configurations. As a result, directory services, DNS records, and SMTP routing tables need careful setup.

Redundancy Requirements

Server software is not perfect, nor are the host machines and network hardware it relies on. Almost any enterprise needs to plan for backup and for failover in case any of its important servers go down.

Therefore, in designing a messaging installation, be sure to consider the consequences of a failure of each individual Messaging Server and its host machine. Usually this means providing extra, redundant machines that can automatically take over a given server's tasks if it should fail. In installations in which messaging is distributed among specialized machines, servers already used to implement distributed functionality and replication can also function as failover servers (see Figure 1.3.)

Figure 1.3 Redundancy in a portion of a messaging installation

Designing your messaging topology for redundancy and setting up automatic failover capability can add greater complexity to an already complex configuration in a large installation.

Firewalls and Messaging

Most enterprises connected to the Internet maintain some form of firewall, a hardware or software barrier intended to prevent unauthorized external users from accessing the enterprise's servers and host machines. You can increase security by locating Messaging Servers behind the firewall, and channeling all mail access to the enterprise through one or more mail hubs, as shown in Figure 1.1. Channeling all outgoing mail through another hub provides additional control and security, allowing you to rewrite addresses or otherwise control information that leaves your enterprise.

For enterprises that receive a large volume of external mail, it might be optimal to place one Messaging Server, containing only publicly accessible accounts, outside the firewall. That server in turn would have limited access to internal servers, across the firewall, for forwarding messages to internal accounts.

Using a setup with mail hubs communicating across a firewall requires careful setup of firewall routing configurations, DNS services, and possibly SMTP routing tables to handle the complex routing possibilities. If you place a mail server outside the firewall, you might need to use a separate, external, directory server as well.

Creation and Migration of Mail Accounts

Installing Messaging Server does not by itself create any user or group accounts or migrate existing proprietary mail accounts to the user directory. Messaging Server provides the Netscape Console graphical interface for entering user and group information for individual accounts; it provides command-line utilities for batch migration of large numbers of users to Netscape messaging from existing mail systems.

For instructions on how to enter and modify mail-related attributes in the user directory, see Chapter 4, Managing Mail Users and Mailing Lists. For instructions on migrating sendmail user accounts to the LDAP user directory, see Appendix C, sendmail Migration and Compatibility.

Enterprise vs. ISP Topologies

Enterprises with messaging intranets for employees are similar to Internet service providers (ISPs) with messaging hosting for subscribers, in that can both be required to support many thousands of accounts and a high volume of daily traffic. Typical network topologies and server configurations may differ, however.

For example, an enterprise might have many internal, directly connected mail users, with client machines and mail hosts located mostly inside the company firewall. Domain names may relate directly to host IP addresses. Client connections to mail servers may be frequent and heavy during the day, but drop off sharply after hours. Clients may stay connected for long periods.

An ISP, on the other hand, may have many servers but very few onsite client machines. Its customers typically retrieve their mail through dial-up connections. The ISP may offer custom domain services and thus may have multiple server instances per physical host machine. At the same time, ISPs may want to isolate users from specific mail hosts and thus are more likely to use a solution like Messaging Multiplexor. ISPs may have a larger proportion of mailbox servers to hubs than do most enterprises. Redundancy for 100% reliability may be even more important to an ISP than to many enterprises. Client connections to the mail servers may be less frequent and shorter in duration, but they also may be spread out over more hours during the day, especially during the evening. ISPs, even more than enterprises, may be concerned with denying access to unauthorized users and filtering out unsolicited bulk email (UBE) to keep it from filling their customers' mailboxes.

Differences like these all have effects on the implementation of mail-routing strategies, access-filtering techniques, server-performance tuning, and server-installation configuration. For more information on access filtering and UBE filtering, see Chapter 2, Configuring IMAP and POP Services, and Chapter 8, Filtering Unsolicited Bulk Email, in this book.

Installation Configurations

To deploy a messaging solution that meets your needs and addresses the issues raised in the previous section, you may need to install Netscape Messaging Server on different host machines in different installation configurations. Depending on the size and purpose of your enterprise and the nature of your network and system hardware, your messaging deployment can consist of one or many instances of Messaging Server, on one or many host machines, with identical or different messaging capabilities. Required supporting software--such as Netscape Console, Administration Server, Directory Server, and the DNS service--may also be concentrated or distributed across your network.

This section summarizes the common Messaging Server installation configurations. For more detailed information on installation configuration and on the interaction between Netscape Messaging Server and other services, see Managing Servers with Netscape Console. For additional information on LDAP directories and the Netscape Directory Server, see the Directory Server documentation.

All Services on One Host

A one-host configuration (shown in Figure 1.4) can be practical for smaller installations. It economizes on server hardware at the expense of performance and capacity. (It also provides no backup, should the one server fail.)Nevertheless, it is possible to use a single host machine to house everything. Note that, in this configuration, the single server root (the directory into which all Netscape servers are installed) contains the three required Netscape servers--Messaging Server, Directory Server, and Administration Server--as a single server group (the set of servers managed by a single Administration Server). The single Directory Server in this case manages both the user directory (which contains mail-account information) and the configuration directory (which contains server-configuration information). The DNS service and Netscape Console are also on the same host machine.

Figure 1.4 All messaging-related services on a single host

In this configuration the one host machine must have sufficient performance capacity to handle all services without undue strain. It must also have sufficient storage capacity to hold all messages and all directory information for the enterprise.

One Messaging Server per Dedicated Host

A common deployment configuration is to have a dedicated host machine for each Messaging Server instance. As Figure 1.5 shows, the LDAP directory (or directories, if user and configuration directories are separated), the DNS service, and possibly Netscape Console are on separate hosts from the installed Messaging Server. There may be one or several messaging host machines, but each contains a single server root in which a single Messaging Server and its Administration Server make up the server group.

Figure 1.5 Single Messaging Server on a single host

This configuration allows for optimizing each server host machine for strictly messaging tasks. Different divisions or offices of the enterprise may each have their own Messaging Server in a configuration like this one, perhaps with all servers accessing a single user directory on a dedicated host machine.

Specialized Messaging Services on Each Host

Another common deployment configuration, especially in larger installations, is to implement only certain messaging services on each host machine. As shown in Figure 1.6, for example, a centralized mail hub server, using only SMTP, connects to individual mailbox servers that use only POP or only IMAP to send mail to their users.

Figure 1.6 Mail hub and mailbox servers on separate hosts

This configuration can increase security (because outsiders can connect only at one point, the mail hub), and it allows for optimizing each server machine for the specific service (SMTP, POP, IMAP) that it supports.

Multiple Server Instances per Host

If appropriate for your needs, you can install multiple server instances on a single host machine. As the example in Figure 1.7 shows, a single server root contains a server group consisting of one Administration Server and multiple instances of Messaging Server. All Messaging Server instances run from a single installed set of executable programs and libraries.

Figure 1.7 Multiple instances of Messaging Server on a single host

This configuration allows multiple custom domain names to be created for a single machine that has a single IP address. A host machine in this configuration must have sufficient capacity to execute and store messages from all the server instances.

Multiple Server Roots per Host

If a single host machine includes Netscape servers that have different version numbers, it may be necessary to create separate server groups, and thus separate server root directories, on the machine. Figure 1.8 shows an example in which some employees in an enterprise are using Netscape Messaging Server 3.0, while others have upgraded to Netscape Messaging Server 4.0. Both servers are running on the same host machine.

Figure 1.8 Two versions of Messaging Server on a single host

This configuration may be necessary because different versions of Messaging Server may require different directory structures or different versions of the Administration Server. The Netscape Server Setup program facilitates this configuration, letting you create a separate server root when you install new servers and leaving an existing server root undisturbed.

This configuration is commonly used for pilot deployment of new server versions, for creating a temporary setup until all users migrate to the newer version, or even for failover protection, with different server instances stored on different physical storage devices.

The Installation Process

All Netscape servers, and also the Netscape Console application that you use to manage them, are installed by running the Netscape Server Setup program. The program is provided with every Netscape server product.

This section only summarizes the installation process. For detailed instructions on installing Netscape Messaging Server, see the document Installing Messaging Server 4.0 (file Install.htm) in your installation package. For additional general information on the Netscape Server Setup Program, see Managing Servers with Netscape Console.

Before you install Messaging Server, your Netscape Directory Server (version 3.1 or later) must be installed and your DNS service set up. Then you can install Messaging Server onto its host machine.

In summary, take these steps:

  1. Obtain the Messaging Server installation package and unpack the files.
  2. Whether you have obtained the package from a CD-ROM or through a network download, copy the package into a temporary directory and unpack the files into that directory.

  3. Configure your LDAP Directory Server appropriately for messaging, using the tools provided.
  4. The configuration tools add Messaging Server schema extensions to the configuration directory and prepare it for holding server-configuration information for this server instance.

  5. Run the Netscape Server Setup Program (setup).
  6. Read the Welcome message and the Licensing Agreement, select the products to be installed (servers, components, or Netscape Console), choose a level of installation (Express, Typical, or Custom), and answer the prompts.

    If this is the first installation of Netscape servers on this host machine, the setup program also installs an instance of Netscape Administration Server. See Managing Servers with Netscape Console for information on how the Administration Server works and how to install and configure it.

  7. At the last prompt, confirm the correctness of the information you have entered.
  8. At this point, the installer extracts the appropriate files, configures the Administration Server (if it is being installed) and the Messaging Server, and starts the servers.

Installation is complete. You can now use Netscape Console (see Using Netscape Console) to continue configuring the server (see Configuring General Messaging Capabilities and Where to Go from Here).

Silent Install. You can use the Netscape Server Setup program, along with a special configuration file, to install Messaging Server in a non-interactive mode that does not require your continued presence at the machine on which the installation occurs. If you have many similar server configurations to set up, you can place the configuration file plus the server installation package on each machine. You execute the setup program on each machine; it then extracts all information it needs from the configuration file as it performs the installation.

Whenever you perform a manual installation, the setup program creates a log file that you can use as the configuration file for subsequent silent installs. See Installing Messaging Server 4.0 for more information.

Console-only installation. You can use the Netscape Server Setup program to install the Netscape Console alone, so that you can use it from a client machine for remote administration. The Setup program can also install Messaging Server patches and updates. See Installing Messaging Server 4.0 for details.

Post-Installation Directory and File Organization

Once you have installed Messaging Server 4.0, its directories and files are arranged in the organization depicted in Table 1.1. The table is not exhaustive; it shows only those directories and files of most interest for typical server administration tasks.

Note: Where pathnames for Windows NT and Unix installations are identical except for separator symbols, only the Unix version is shown. Where they differ materially, both are shown. Metavariables (replaceable text strings) in pathnames are shown in italics.

Table 1.1 Important Messaging Server directories and files

Directory or file
Default or required location
Explanation
server root directory (serverRoot)
Unix:
usr/netscape/server4/
(default location)

The directory into which all servers of a given server group (that is, all servers managed by a given Administration Server) are installed. This may include other Netscape servers in addition to Messaging Server.
installation directory (installDirectory)
serverRoot/bin/msg/
(required location)

The directory containing the binary (executable) files of the installed Messaging Server
instance directory (instanceDirectory)
serverRoot/
msg-
instanceName/
(required location)

where instanceName is the name of this instance of Messaging Server, as specified at installation. (Default = host name of server machine)
The directory containing the configuration files that define a given instance of Messaging Server. Multiple instances of Messaging Server, all using the same binary files, may exist on a given host machine.
message queue directory
instanceDirectory/queue/
(default location)

The directory that holds the message queues, the temporary holding areas for received messages. See Managing the Message Queue for more details.
message store directory
instanceDirectory/store/
(default location)

The directory that holds the user mailboxes. See Managing the Message Store for more details.
user mailbox
instanceDirectory/
store/partition/primary/=user/
userID/
subMailbox/

where userID is the mail ID of the user, and subMailbox is the POP or IMAP folder (such as INBOX)
(required location)

The location within the message store of a given mailbox directory. See Managing the Message Store for more details.
administrative command-line utilities
installDirectory/
admin/bin/
(required location)

The directory containing command-line utilities that handle most aspects of server configuration and management. See Command-line Utilities for more details.
storage-related command-line utilities
installDirectory/
store/bin/
(required location)

The directory containing command-line utilities that handle mail delivery and storage-database management. See Command-line Utilities for more details.
start-stop utility
Unix:
/etc/NscpMsg
(required location)

Windows NT:
Control Panel->
Services->Start or Stop
(required location)

A Unix-only utility that starts and stops Messaging services. See Command-line Utilities for more details.
local configuration file
instanceDirectory/
config/configdb
(required location for Unix,
default location for NT)

A file containing locally stored Messaging Server configuration information; includes the location of the main server-configuration information, stored on an LDAP directory server. See configutil for more details.
SMTP routing table
instanceDirectory/
config/configdb

A portion of the file configdb consisting of routing instructions for forwarding messages from this server to other servers. SeeEditing SMTP Routing Table Entries for more details.
trusted directory
instanceDirectory/
smtp-bin/delivery
(required location)

The directory that holds programs that work with program delivery. See the appendix Program Delivery for more details.
Mailstone utility
/mailstone/
(default location after separate Mailstone installation)

The directory that holds the executable and configuration files for the Mailstone stress-testing utility. See Netscape Mailstone Utility for more details.
Messaging Multiplexor
serverRoot/mmp/
(default location after separate Multiplexor installation)

The directory that holds the executable and configuration files for Messaging Multiplexor server. See Netscape Messaging Multiplexor for more details.
log files
instanceDirectory/
log/
service
(default location)

where service is the name of the service (such as IMAP) being logged
The directories containing sets of log files for each of the services provided by Messaging Server. See the chapter Logging and Log Analysis for more details.
SMTP plug-ins configuration file
instanceDirectory/
smtp-bin/plugins/
plugins.cfg
(required location)

The file that specifies which SMTP plug-ins have been installed and what their configurations are. See the chapter Working With SMTP Plug-Ins for more details.
UBE filter configuration file
instanceDirectory/
smtp-bin/plugins/
UBEfilter.cfg
(default location)

The file that contains the mail filtering rules for the Unsolicited Bulk Email (UBE) plug-in. See the chapter Filtering Unsolicited Bulk Email for more details.
End-user interface HTML pages
serverRoot/bin/
user/admin/
(default location)

Customizable HTML pages and associated CGIs that provide end-user access to account information. See Configuring End-User Information for more details.


Using Netscape Console
Netscape Console is a Java application that provides server administrators with a graphical interface for managing all Netscape servers. From any installed instance of Netscape Console, you can see and access all the Netscape servers on your enterprise's network to which you have been granted access rights. (See Configuring Administrator Access to Messaging Server for information on how administrator access to servers is configured.) For complete documentation on Netscape Console, see Managing Servers with Netscape Console.

If you need to create a new instance of Netscape Console for managing Messaging Server, use the Netscape Server Setup program (see The Installation Process) to install Netscape Console onto the machine from which you intend to administer your Messaging Servers. You can install Netscape Console onto the same host as a Messaging Server, or onto any other machine on the network.

Note: For any given instance of Netscape Console, the limits of the network it can administer are defined by the set of resources whose configuration information is stored in the same configuration directory. That is the maximum set of hosts and servers that can appear in the Console window. For a given administrator using Netscape Console, the actual number of visible serves and hosts may be fewer, depending on the access permissions that administrator has.

When you launch Netscape Console, it first displays a login window (Figure 1.9). You enter your administrator's ID, your password, and the URL (including port number) of the Administration Server representing a server group to which you have access. You cannot use Netscape Console without having login access to at least one server group on your network.

Figure 1.9 Netscape Console login window

If the information you enter into the login window is acceptable, Netscape Console displays a graphical representation of all the hosts and servers on your network that you have access to.

In the example shown in Figure 1.10, the left pane of the Console window shows that the entire network to which the administrator has access consists of a single host machine and all the servers on it. (See Managing Servers with Netscape Console for an explanation of the administrative-domain information displayed in the right pane of Figure 1.10.)

Figure 1.10 Netscape Console window (with Domain Information form)

Getting to a Messaging Server

After you have launched Netscape Console, take these steps to access the instance of Messaging Server you want to manage:

  1. In the Netscape Console window, click the Console tab if it is not already frontmost.
  2. Open the icon of the host machine containing the server.
  3. Open the folder icon representing the server group that contains the server.
  4. Select the icon of the server itself. The Server Information form for the selected server appears, as shown in Figure 1.11.
  5. Open the selected Messaging Server. Either click the Open Server button in the Server Information form or double-click the selected server icon below the Console tab. The Messaging Server Tasks form, described next, appears.

Figure 1.11 Netscape Console window (with Server Information form)

Performing Typical Tasks

When you open Messaging Server from Netscape console, the first item displayed is the Tasks form (Figure 1.12). The Tasks form contains a list of common Messaging Server administration tasks; clicking the button beside a task opens windows through which you can perform the task.

Figure 1.12 Messaging Server Tasks form

Figure 1.12 shows the full list of available tasks. When you open a Messaging Server, you may see fewer tasks, depending on your access rights to the server. See Configuring Administrator Access to Messaging Server for more information on administrator access to server tasks.

Table 1.2 directs you to the part of this book that describes procedures for performing each task listed in Figure 1.12.

Table 1.2 Documentation for tasks listed in the Tasks form

Task
Where described
Start/Stop services
Starting and Stopping Services
Message Queue control
Managing the Message Queue
Configure Unsolicited Bulk Email filters
Filtering Unsolicited Bulk Email
View IMAP Service logs
Searching and Viewing Logs
View POP Service logs
Searching and Viewing Logs
View SMTP Service logs
Searching and Viewing Logs
View administration logs
Searching and Viewing Logs
View default logs
Searching and Viewing Logs

Using the Task form is not the only way to access server tasks. If you have the required access rights to the server, you can perform all the tasks shown in Figure 1.12--and many other tasks as well--through the Configuration Tab (described next).

Performing All Configuration and Administration Tasks

You can use the Configuration Tab to access all task and configuration forms available through Netscape Console. Access through the Configuration tab is more complete, though not always as direct, as through the Tasks form. Take these steps to access a task through the Configuration tab:

  1. In Netscape Console, open the Messaging Server that you want to configure. (See Getting to a Messaging Server if you need instructions.)
  2. Click the Configuration tab.
  3. The left pane of the window displays a hierarchical set of icons that represent the services and features of Messaging Server. The Messaging Server icon itself is at the top; directly below it are icons for Services, Message Store, and Log files. These icons can be individually selected, and some can also be opened to reveal other icons that can themselves be selected or opened.

  4. Select an icon, or open an icon and select one of the icons that appear below it.
  5. The right pane displays a form, possibly including tabs for accessing additional forms. For forms that include tabs, clicking a tab displays another form related specifically to that tab.The form or forms are the interface to a configuration or administration task represented by the selected icon.

  6. View or enter information into the forms, as appropriate, to complete the task.
For example, if you select the Messaging Server icon itself in the left pane, the right pane displays the three tabs shown in Figure 1.13.

Figure 1.13 Messaging Server Configuration form with Messaging Server icon selected

The tasks that you can perform through these Netscape Console forms are described throughout the rest of this book.

Note: The set of tasks available in this manner is a superset of the tasks available through the Tasks form described in the previous section. Also note that some server tasks can be performed from the command line; see Using the Command Line (next).


Using the Command Line
Netscape Messaging provides a set of command-line utilities as an alternative to using the Netscape Console interface for performing certain configuration and administration tasks. In the case of massive or repetitive operations, such as batch processing of user accounts, it can be far more efficient to use the command line than to manually enter information at the console.

Table 1.3 lists the command-line utilities available with Messaging 4.0. For reference information on these utilities, see Appendix A, Command-line Utilities, and Appendix C, sendmail Migration and Compatibility.

Table 1.3 Command-line utilities

Command-line utility
Description
Management
configutil
Lets you view and make changes to server configuration settings (both local settings and settings stored in the configuration directory).
imscripter
Executes an IMAP command or sequence of commands.
mboxutil
Lists, creates, renames, or moves mailboxes.
hashdir
Identifies the directory that contains the message store for a particular user.
processq
Manually delivers messages from the mail queue.
deliver
Delivers mail to a user mailbox.
stored
Performs background and daily tasks on the message store; erases expunged messages.
Monitoring and reporting
counterutil
Monitors a counter object and displays all counters in it.
mailq
Checks the mail queue and reports the number of messages in it.
quota
Reports mailbox quota usage.
readership
Collects readership information on shared mailboxes.
Recovery
NscpMsg
Starts and stops the server and resets configuration variables (Unix only).
reconstruct
Reconstructs mailboxes that have been damaged or corrupted.
Migration from another mail server
MoveUser
Moves contents of user mailboxes from one Messaging to another.
qconvert
Converts a Messaging 3.x message queue to Messaging 4.0 format.
upgrade
Converts Messaging 3.x mailboxes to 4.0 format and moves them to the 4.0 server.
Migration from
unix2ldif
Converts Unix sendmail user-account information to LDAP Directory Interchange Format (LDIF).
ldifsplit
Analyzes the results of the ldifsplit utility, separating the LDIF data into entries that are already in the user directory from those that are not.
chkuniq
Checks the output of unix2ldif and ldifsplit for duplicate entries.
ldapmodify
Updates an LDAP directory with the LDIF output of the sendmail utilities.
MigrateUnixSpool
Moves user messages from sendmail spool files to Messaging Server mailboxes.

Other command-line utilities described in the appendix include those for managing the Messaging Multiplexor server, described in Netscape Messaging Multiplexor, and the Mailstone stress-testing utility, described in Netscape Mailstone Utility.

In this book, the description of each server task you can perform includes a discussion of the command-line utilities, if any, that you can use to accomplish the task.


Configuring General Messaging Capabilities
This section describes the general Messaging Server tasks--such as starting and stopping services, configuring directory access, and configuring end-user access--that you can perform with Netscape Console or with command-line utilities. Tasks specific to individual Messaging Server services--such as POP, IMAP, and SMTP--are described in subsequent chapters.

Viewing Basic Server Information

You can review some of the basic information about an installed Messaging Server by viewing its Information form in Netscape Console.

To display the Information form:

  1. In Netscape Console, open the Messaging Server whose information you want to view.
  2. Select the server's icon in the left pane.
  3. Click the Information tab in the right pane, if it is not already frontmost.
  4. The Information form appears. It displays the server name, server root directory, installation directory, and instance directory. (See Table 1.1 for an explanation of these terms.)

See Server Information Tab for a complete description of the contents of this form.

SNMP Setup

You can use Netscape Console to set up and enable the Simple Network Management Protocol (SNMP) subagent for your Messaging Server. By using SNMP, an administrator can monitor multiple servers remotely through an SNMP network management station.

The Messaging Server subagent collects information and generates statistics relating to the server's functioning, and it transfers the information to the SNMP master agent.

Although this task is a general configuration task, it is described in Chapter 10, Monitoring and Maintaining Your Server. For a description of the Messaging Server SNMP management information base, see Appendix D, SNMP MIB. For information on setting up your network's SNMP master agent, see Managing Servers with Netscape Console.

Configuring End-User Information

Messaging Server provides end users with limited server access, through which they can manage certain aspects of their own mail accounts and also create or subscribe to mailing lists. The server employs HTML forms that users fill out to make these changes.

Messaging Server 4.0 includes a set of HTML forms (and associated CGI scripts) for this purpose. As server administrator, you can control which forms, if any, users can access, and where those forms are located. You specify the URLs to those forms, so that client software that connects to your server can access the forms. The following forms are provided with Messaging Server:

You can use the provided forms unchanged, or you can customize them for your enterprise. Note that the forms are complex; making more than minor cosmetic changes (especially to the Mail Account Manager form) can be a difficult process, requiring sophisticated manipulation of HTML and JavaScript. Whether you customize them or not, you should leave the forms in their default locations (serverRoot/bin/user/admin/html/) on the server.

On the other hand, if you have already implemented end-user access to directory information with HTML forms of your own design, you can provide client access to those forms by using Netscape Console to specify their URLs.

In addition to controlling access to end-user forms, Messaging Server also allows you to create a greeting message to be sent to each new user.

To configure end-user access or create a new-user greeting:

  1. Generate the HTML forms you need, or modify and use the forms provided with Messaging Server 4.0.
  2. Store the forms in an appropriate location. The default location for the forms provided with Messaging Server 4.0 is serverRoot/bin/user/admin/html/.
  3. In Netscape Console, open the Messaging Server whose end-user access you want to configure.
  4. Click the Configuration tab. If the server's icon in the left pane is not already highlighted, select it.
  5. Click the "End user" tab in the right pane. The End User Configuration form appears.
  6. Make changes to the form URLs as needed. The default URLs are consistent with the default locations of the HTML files.
  7. Create a new-user greeting or make changes, as needed.
  8. You must format the greeting as an email message, with a header (containing at least a subject line), then a blank line, then the message body.

    When you create a message, specify its language with the popup menu above the message field. You can create several messages in several languages, if desired. If you do, the locale of each new user is compared to the language of the message, and the server sends the correct message to the new user.

  9. Click Save.
See End-User Configuration Tab for a complete description of the contents of this form.

Starting and Stopping Services

Netscape Console provides a form that allows you to start and stop individual services and view status information about each of them.

For each service--IMAP, POP, and SMTP--the form displays the service's current state (on or off). If the service is running, the form shows the time at which the service was last started up, and it can also display other status information.

Note: You must first enable the POP and IMAP services before starting or stopping them. See Enabling and Disabling IMAP and POP.

You need to run only the services that your server actually uses. For example, if you are temporarily using a particular instance of Messaging Server solely as a message transfer agent (MTA), you can turn on SMTP alone. Or, if maintenance, repair, or security needs require shutting down the server, you may be able to turn off just the affected service. (If you never intend to run a particular service, you should disable it instead of just turning it off.)

To start up, shut down, or view the status of any messaging services:

  1. From Netscape Console, open the Messaging Server whose services you want to start or stop.
  2. Get to the Services General Configuration form in either of these two ways:
  3. The Services General Configuration form appears.
  4. The left column of the Process Control field lists the services supported by the server; the right column gives the basic status of each of the services (ON or OFF, plus--if it is ON--the time it was last started).

  5. To view status information about a service that is currently on, select the service in the Process Control field. The Service Status field displays status information about the service.
  6. For POP and IMAP, the field shows the last connection time, the total number of connections, the current number of connections, the number of failed connections since the service last started, and the number of failed logins since the service last started.

    For SMTP, the field shows the current number of queued messages, the total number of messages sent and received since startup, and the current numbers of messages waiting for both external and internal delivery.

    The information in this field helps you to understand the load on the server and the reliability of its service, and it can help spotlight attacks against the server's security.

  7. To turn a service on, select it in the Process Control field and click Start.
  8. To turn a service off, select it in the Process Control field and click Stop.
  9. To turn all enabled services on or off simultaneously, click the Start All or Stop All button.
See Services General Configuration Tab for a complete description of this form's contents.

Command-line utility. On Unix platforms you can also use the NscpMsg utility to start or stop any of the messaging services. See NscpMsg for more information.

Customizing Directory Lookups

Netscape Messaging Server 4.0 cannot function without an LDAP-based directory system such as the Netscape Directory Server. Messaging Server and Netscape Console require directory access for three purposes:

You can modify each of these directory-configuration settings in the following ways:

Reconfiguring your Messaging Server to connect to a different user directory for user and group lookups is strictly optional. In most cases, the user directory that defines your server's administrative domain is the one used by all servers in the domain.

Important: If you specify a custom user directory for your Messaging Server lookups, you must also specify that same directory whenever you access the Users and Groups interface of Netscape Console to make changes to the directory's user or group information. See Chapter 4, Managing Mail Users and Mailing Lists, for more information.

To modify the Messaging Server LDAP user-lookup settings:

  1. From Netscape Console, open the Messaging Server whose LDAP connection you want to customize.
  2. Click the Configuration tab.
  3. Select the Services folder in the left pane.
  4. Select the LDAP tab in the right pane. The LDAP form appears.
  5. The LDAP form displays the configuration settings for both the configuration directory and the user directory. The configuration-directory settings, however, are read-only in this form. See the Administration Server chapter of Managing Servers with Netscape Console if you need to change them.

  6. To change the user-directory connection settings, click the box labeled "Use messaging server specific directory settings".
  7. Update the LDAP configuration by entering or modifying any of the following information (for explanations of directory concepts, including definitions of terms such as distinguished name, see the Directory Server Administrator's Guide):
  8. Host name: The name of the host machine on which the directory containing your installation's user information resides. This is typically not the same as the Messaging Server host, although for very small installations it might be.

    Port number: The port number on the directory host that Messaging Server must use to access the directory for user lookup. This number is defined by the directory administrator, and may not necessarily be the default port number (389).

    Bind DN: The distinguished name that your Messaging Server uses to represent itself when it connects to the directory server for lookups. The bind DN must be the distinguished name of an entry in the user directory itself that has been given search privileges to the user portion of the directory. If the directory allows anonymous search access, you can leave this entry blank.

    Base DN: The search base--the distinguished name of a directory entry that represents the starting point for user lookups. To speed the lookup process, the search base should be as close as possible in the directory tree to the information being sought. If your installation's directory tree has a "people" or "users" branch, that is a reasonable starting point.

  9. To change the password used, in conjunction with the Bind DN, to authenticate this Messaging Server to the LDAP directory for user lookups, click the Change password button. A Password-Entry window opens, into which you can enter the updated password.
  10. Your own security policies should determine what password you use in this situation. Initially, the password is set to no password. The password is not used if you have specified anonymous access by leaving the Bind DN field blank.

To return to using the default user directory, uncheck the "Use messaging server specific directory settings" box.

See LDAP Configuration Tab for a complete description of the contents of that form. See Password Entry Window for a complete description of the contents of that window.

Encryption Settings

You can use Netscape Console to enable Secure Sockets layer (SSL) encryption and authentication for Messaging Server and to select the specific encryption ciphers that the server will support across all of its services.

Although this task is a general configuration task, it is described in Enabling SSL. That section is part of Chapter 6, Security and Access Control, which also contains background information on all security and access-control topics for Messaging Server.


Where to Go from Here
This chapter has provided background information on messaging deployment and Messaging Server installation, and it has described how to make general configuration settings to Messaging Server. Subsequent chapters in this book describe the bulk of the administrative tasks, from configuring services through setting up users and groups to monitoring and maintaining the server.

To perform the following tasks, go to the chapters or appendixes indicated.


Interface Reference: General Messaging Services
This section describes the Netscape Console interface elements that allow you to execute and perform general configuration of the services supported by Messaging Server. See Managing Servers with Netscape Console for information on using Netscape Console to manage Messaging Server and other servers.


Messaging Server Tasks Tab
You use the form accessed through this tab as a convenient way to quickly perform several typical Messaging Server administration tasks. The Tasks form provides direct access to common tasks that may be less directly accessible through the Configuration tab.

For more information, see also Performing Typical Tasks.

The Tasks form contains the following elements:

Start/Stop services. Click this button to display a window (see Services General Configuration Tab) that allows you to start or stop any of the Messaging Server services.

Message Queue control. Click this button to display a form (see Queued Messages Tab) that allows you to manage the Messaging Server message queues.

Configure Unsolicited Bulk Email filters. Click this button to display a form (see Unsolicited Bulk Email Configuration Tab) that allows you to create or modify filters that can help block unwanted email.

View IMAP service logs. Click this button to display a form (see Log Files Content Tab) from which you can select, view, and search the contents of an IMAP log file.

View POP service logs. Click this button to display a form (see Log Files Content Tab) from which you can select, view, and search the contents of a POP log file.

View SMTP service logs. Click this button to display a form (see Log Files Content Tab) from which you can select, view, and search the contents of an SMTP log file.

View administration logs. Click this button to display a form (see Log Files Content Tab) from which you can select, view, and search the contents of a Messaging Server administration log file.

View default logs. Click this button to display a form (see Log Files Content Tab) from which you can select, view, and search the contents of a log file created by a Messaging Server service or utility other than one listed above.


Messaging Server Configuration Tab
You use the form accessed through this tab to get to and configure all the services, as well as the message store and log files, of Messaging Server. You can perform all administration tasks from the Configuration form.

For more information, see also Performing All Configuration and Administration Tasks.

In the left pane of the Configuration form, you can select and open any of the icons (Services, Message Store, or Log Files) to gain further access to Messaging Server components.

The right pane contains three tabs. For descriptions of the forms accessed through these tabs, see the following sections:


Server Information Tab
You use the form accessed through this tab to view basic, read-only configuration information about Messaging Server.

For more information, see also Viewing Basic Server Information.

The Information form has the following non-editable fields:

Server name. The name given to this instance of Messaging Server when it was installed.

Server root. The directory that holds all of this server's files, plus the files of its Administration Server, plus the files of any other Netscape servers in the same server group (that is, administered by that Administration Server). A host typically has only one server root, but more than one is possible, especially if different version numbers of the same server are installed on a single host.

Install directory. The directory, within the server root directory, that holds all of the Messaging Server executable program files.There can be only one Messaging Server installation directory within the server root.

Instance directory. The directory, within the server root directory, that holds the files that define this instance of Messaging Server plus the files created and maintained by this instance. There may be multiple Messaging Server instance directories within the server root.

Action Buttons

Help. Click this button to display online help (this document) that describes the Information form.


End-User Configuration Tab
You use the form accessed through this tab to configure end-user access to account-management forms and to specify a greeting message sent to new users.

For more information, see also Configuring End-User Information.

The End-User Configuration form has the following elements:

Personal Account Manager URL. In this field, enter the URL to the form that allows users to manage their personal information.

Mail Account Manager URL. In this field, enter the URL to the form that allows users to manage mail-account configuration, including sharing access to their mail folders.

New user greeting form. In this field, enter the text of the greeting that is to be sent to each new user. Format the greeting as an email message, with a header (containing at least a subject line), then a blank line, then the message body. You can create different messages in different languages; use the popup menu above the field to specify the language of each greeting message that you create. The appropriate message is then sent to each new user whose locale corresponds to one of the languages you select.

Action Buttons

Save. Click this button to commit any settings you have made in the End-User Configuration form.

Reset. Click this button to return the form to the settings it displayed when you opened it (unless you have previously clicked Save, in which case the form returns to the settings it had when you last clicked Save).

Help. Click this button to display online help (this document) that describes the End-User Configuration form.


Services General Configuration Tab
You use the form accessed through this tab to start, stop or view the status of any services of the Messaging Server.

For more information, see also Starting and Stopping Services.

The Services General Configuration form has the following elements:

Process Control. This field lists all accessible Messaging Server services (in the Service column) and their fundamental status (in the ON/OFF column).

Service. This column of the Process Control field lists all the Messaging Server services that you can start or stop. These are the available services:

IMAP
POP
SMTP

If you select a service in the Process Control field, you can then apply the Start or Stop buttons to it.

ON/OFF. This column of the Process Control field notes, for each service listed in the Service column, whether the service is off or on, and (if on) when it was last started.

Start. Click this button to start a service that you have selected in the Service field.

Stop. Click this button to stop a service that you have selected in the Service field.

Start All. Click this button to start all services.

Stop All. Click this button to stop all services.

Service status. This field displays the status of the service currently selected in the Services column. (The field is blank for inactive services.) These are items displayed in the field for the POP or IMAP service:

Last connection time. The time at which the most recent connection was made to this service. This can tell you, for example, whether the server is having problems accepting connections.

Total number of connections. The number of connections that have been made to this service since it was last started. This can give you an overall, time-averaged picture of the level of this service's activity.

Number of current connections. The number of currently active connections to this service. This can give you an idea of how heavily loaded the server currently is.

Number of failed connections. The number of connection requests that have been refused since the service last started. This can spotlight network problems or indicate an overloaded server.

Number of failed logins. The number of login requests that have been refused by the service since it last started. This can help spotlight attacks against the security of the server.

These are items displayed in the field for the SMTP service:

Number of messages stored. The current total (physical) number of queued messages.

Number of messages sent. The total number of messages sent through SMTP-Deliver since startup.

Number of messages received. The total number of messages accepted through SMTP-Accept since startup.

Outgoing queued messages. The current total (logical) number of queued messages waiting to be sent to another MTA.

Incoming queued messages. The current total (logical) number of queued messages waiting to be delivered locally.

Action Buttons

Help. Click this button to display online help (this document) that describes the Services General Configuration form.


LDAP Configuration Tab
You use the form accessed through this tab to view and configure connections to the LDAP directory used by your Messaging Server.

For more information, see also

The LDAP form has the following elements:

LDAP Connection for Server Configuration

Host name. A non-editable field that lists the host name of the LDAP directory server on which the configuration information for this Messaging Server is stored.

Port number. A non-editable field that lists the port number to be used for access to the LDAP directory server on which the configuration information for this Messaging Server is stored.

Bind DN. A non-editable field that lists the bind distinguished name, the user name under which this Messaging Server accesses the LDAP directory server on which its configuration information is stored.

Base DN. A non-editable field that lists the search base, the distinguished name of the location in the LDAP directory at which to start searching for the configuration information for this Messaging Server.

LDAP Connection for User Lookup

Use Messaging Server-specific directory settings. Check this box if you want to customize the LDAP connection for user lookup by changing any of the following fields: Host name, Port number, Bind DN, Base DN. Uncheck this box to return to using the default user directory for your server group.

Host name. Use this field to specify the host name of the LDAP directory server on which this Messaging Server is to look up user and group information.

Port number. Use this field to specify the port number used to access the LDAP directory server on which this Messaging Server is to look up user and group information.

Bind DN. Use this field to specify the bind distinguished name, the user name under which this Messaging Server accesses the LDAP directory server to obtain user and group information.

Base DN. Use this field to specify the search base, the distinguished name of the location in the LDAP directory at which to start searching for user and group information.

Change password. Click this button to open a window (see Password Entry Window) that allows you to change the password to be used to authenticate this Messaging Server to the LDAP directory for user lookups.

Action Buttons

Save. Click this button to commit any settings you have made in the LDAP Configuration form.

Reset. Click this button to return the form to the settings it displayed when you opened it (unless you have previously clicked Save, in which case the form returns to the settings it had when you last clicked Save).

Help. Click this button to display online help (this document) that describes the LDAP Configuration form.


Password Entry Window
You use this window to change the password that Messaging Server uses to authenticate itself to the LDAP directory for user and group lookup.

For more information, see also Customizing Directory Lookups.

The Password-Entry window has the following elements:

Password. Enter the password in this field.

Confirm password. Re-enter the password in this field. If what you enter is different from what you entered in the Password field, you are prompted to try again.

Action Buttons

OK. Click this button to commit to the changed password and close the Password-Entry window.

Cancel. Click this button to cancel the password-changing operation and close the Password-Entry window, leaving the current password unchanged.

Help. Click this button to display online help (this document) that describes the Password-Entry window.

 

© Copyright 1998 Netscape Communications Corporation