Important Product Alert: Root Certificate Expiration
If you are are using SSL with Netscape Messaging server, you need to be aware of important information related to root certificate expiration by the end of 1999. At a minimum, you may need to ask your users to upgrade their browsers to Communicator 4.7. Depending on how you are using SSL, you may also need to update the root certificate in your server. For important and urgent information on root certificate expiration, see Digital Certificate Security Alert.
These release notes contain important information about Netscape Messaging Server 4.04. Please read these notes before using hte product. Messaging Server 4.04 is available for the Solaris 2.6 and HP/UX 11.00 platforms. Use of this product is subject to the terms detailed in the license agreement accompanying it.
For information on Installing the Netscape Messaging Server 4.04, visit this site: http://home.netscape.com/eng/server/messaging/4.0/relnotes/install.htm.
These release notes contain the following sections:
Messaging Server 4.04 does not suffer from load-induced lockup.
Messaging Server 4.04 starts up only the stored instance specified if the -i flag is used.
Messaging Server 4.04 has been updated to correct the problem.
The Messaging Server 4.04 installer properly stops the Messaging Server 3.x instance.
Messaging Server 4.0 or 4.01, when it is receives a connection from a remote machine that is on its TCP Wrappers deny list, would print a 4xx SMTP greeting message and then close the connection, without waiting for any data. Messaging Server 4.04 sends a 5xx response (permanent instead of transient error), and waits a default of 10 seconds for the sending SMTP to send a QUIT message before closing the connection. If the QUIT message is received before the 10 seconds have passed, the connection will be closed immediately.
Messaging Server 4.04 is not sensitive to properly formatted comments in /etc/resolv.conf.
The stored utility in Messaging Server 4.04 will remove these files, so the manual workaround suggested in the 4.01 release notes is no longer necessary.
The bug is actually fixed in 4.04. The functions PPGetHostByName() and PPGetHostByAddr() in the library file protplug.h have been updated to correct the problem. All Messaging Server 4.0 plug-ins should be recompiled after upgrading to Messaging Server 4.04.
This command with Messaging Server 4.04 will clear the SMTP banner.
This causes the number of deferred messages reported by the mailq command to be overreported. This is fixed in 4.04.
A patch bundle containing all these is available. Please contact Technical Support.
Messaging Server 4.04 uses an internal database to store information. A dedicated thread periodically checks the database for deadlocks and resolves them. local.store.deadlock.checkinterval specifies how long the dedicated thread should sleep before it resumes deadlock resolution.
This value is measured in microseconds (1/1000000 second) and can be set to any positive integer between 1 and 1000000. The default value is 1000 (so every 1/1000 of a second the database will be checked for deadlocks). Generally, for larger machines and deployments, this number should be reduced to 100-200. For a small machine (especially a single CPU machine) the value should be left at 1000 or increased.
If stored consumes more than 10% of CPU on an idle server, this value should be increased.
Messaging Server 4.04 allows the administrator to configure the number of threads per process for different services like IMAP and POP. If threads per process are set incorrectly, then stored will consume too much CPU. At peak load and when the user population on the server is still relatively small, it is appropriate for stored to consume as much as 50% of CPU. To prevent or correct stored from consuming more than 50% of CPU at peak times, configure the threads per process as outlined below.
service.imap.maxthreads has a default value of 1000. Netscape recommends setting this to 250. service.pop.maxthreads has a default value of 1000. Netscape recommends setting this to 250.
The most important thing is that the TOTAL access threads be appropriate. That number can be calculated with this equation:
The TOTAL should be below 1000 in all cases, and ideally, under 500, for all deployments. Because deployments and environments are different, if testing in your specific environment shows a TOTAL greater than 1000 to be practical, then Netscape recommends using those values.
Messaging Server 4.04 shipped with an incorrect default value for one setting. Please execute the command
./setconf local.dbtxnsync 1
The consequence of the incorrect default value is decreased performance of all services. This is bug 352305, which will be fixed in Messaging Server 4.1.
Provide the same server root as you did for the existing 4.0, 4.01 or 4.03 installation. The setup utility will determine that the server is being upgraded from a 4.0, 4.01 or 4.03 server, and will guide you through the appropriate dialogs.
As noted in the "Other Bug Fixes" section of this document, the functions PPGetHostByName() and PPGetHostByAddr() in the library file protplug.h have been updated.
Due to a change in database formats, a 4.0 or 4.01 upgrade to 4.04 must be run on a cleanly shutdown server.
Solution: When doing an upgrade or migration from Messaging Server 4.0 or 4.01 to 4.04, all server components should be shut down. Then the stored process should be started alone and shut down again. Then all log files in <server-root>/msg-<instance>/store/mboxlist/ should be deleted.
# /etc/NscpMsg stop
# /etc/NscpMsg start store
# /etc/NscpMsg stop store
# rm <server-root>/msg-<instance>/store/mboxlist/log.*
# rm <server-root>/msg-<instance>/store/mboxlist/__*
The Program Delivery option will not work with shells that are not considered valid. On HP/UX and Solaris, the /etc/shells file contains the paths for valid shells. If the file is missing or empty, the following are valid login shells for the user to which the message is addressed:
Restarting the server after changing the configuration information will refresh the configuration information.
Messaging Server 4.04 does not support Directory Server referrals. Note these requirements:
In rare instances, UBE memory leaks may continue to be seen, but at a much slower rate. If you find this situation occurs, please contact Technical Support.
If a user goes over quota and then deletes mail to get back under quota, the user account summary still reports the old quota value. To update the user's quota, send mail to the user.
In the SMTP Configuration option of the GUI, there are Alternate MTA actions available. These do not work as desired in 4.04. These do work in 4.1.
Netscape supports the XSERVER private extension for authenticating message submissions. Reconstructing a mailbox causes all of the authenticated sender information to be discarded.
Otherwise, the remaining processes may stop responding while waiting for locks held by the terminated process. It is very important that stored start up before any of the other processes.
If you wish to create both a new Messaging Server 4.04 installation and a new Directory Server 3.x or 4.0 Users and Groups LDAP server, you must manually update the MS 4.04 Users and Groups server setting after installation. The MS 4.04 install process will use the default Users and Groups LDAP server setting in the Configuration LDAP server you provide during the MS 4.04 installation.
Solution: After installing MS 4.04 with the proper Configuration LDAP server, go to the Console and reconfigure the Users and Groups LDAP server setting to point at your new Users and Groups server.
When components are selected for installation, if only the Messaging Server is selected, the installation will not verify the dependent components have also been selected.
Solution: For Messaging Server 4.04, the Core and Admin Server are required components for the installation. If this is an upgrade, the Core and Admin Server will have already been installed, and do not need to be selected.
Using 4.04 to host multiple domains, you get the following error when trying to start the server:
ERROR: The following services failed to start, or were already: SMTP daemon and the logs indicate that the postmaster was not found.
Solution: If you are hosting more than one domain, you need to set service.smtp.messagehostname to the same value that local.hostname was set to before you can start up the Messaging Server.
During the 4.04 custom migration if you choose 'yes' to migrate from the previous Messaging Server configuration, it prompts again for the mail queue and mail store paths from the previous version of the Messaging Server. The installation uses the normal default value instead of the actual Messaging Server values.
Solution: You need to find out what these values were for the previously installed server and set them during the custom installation.
Solution: Netscape Console may be used from any machine to administer your Netscape Servers remotely. To obtain the necessary version of Netscape Console for your platform and operating system, visit http://home.netscape.com/eng/server/console.
ERROR: Duplicate partition: [foo] found in checking mail store
path, [foo], [var/spool/foo2]
ERROR: Please correct it. See release notes for more details. NOTICE:
Initial User with path [foo] is [username].
When upgrading the mail store, Messaging Server 4.04 strips the begining part of the mail store path and strips non-alphanumeric characters. If the resulting paths for users are not unique, this error will occur.
Solution: If there are users who show up as duplicate partitions, upgrade their mailboxes individually with the upgrade -u option.
Solution: If something interrupts the upgrade process, the process can be resumed. The upgrade process will not attempt to upgrade mailboxes that have already been upgraded to the 4.x format. However, if the upgrade process stops, then you must run reconstruct -m before starting up the Messaging Server.
Migrating from previous versions of Messaging Server to Messaging Server 4.04, the SNMP configuration information, such as organization name, contact person, and server location, is not migrated to the newly installed Messaging Server.
Solution: Manually configure the SNMP from the Netscape Console.
The problem is caused by an incorrect 3.x MailStorePath attribute in the __up.<non-primary>.txt file. When running the upgrade utility against a non-primary 3.x mail store, the __up.<non-primary>.txt file uses the primary store path for the 3.x MailStorePath attribute instead of the non-default one.
Solution: Manually edit the file point to the correct custom defined MailStorePath value.
Currently the Messaging Server 4.04 upgrade utility won't remove the Messaging Server 3.5 messages if the -r option is specified with the -u option. Netscape recommends that you upgrade manually. For help with a manual upgrade refer to Installing the Netscape Messaging Server 4.04 at http://home.netscape.com/eng/server/messaging/4.0/relnotes/install.htm.
Solution: Specify the -r option during the folder upgrade:
# ./upgrade -s -r
# ./upgrade -u <userlist file>
If you shut down the Messaging Server while it is in the middle of migrating the messages in a folder, when you later start the server, the owner of the folder will get an invalid mailbox format error message when attempting to access that folder.
Solution: Use mboxutil -d to delete the corrupted mailbox. Then re-run upgrade -s to create the mailbox in transition state.
This is a permissions conflict caused by running the Administration Server as a user other than root.
Solution: Administration Server must be run as root.
If you install messaging server on a host that has multiple hostnames, you may have key/cert file names that do not match the server instance name.
Solution: When you enable SSL on any of the messaging services, you need to make sure that the key/cert files that you specify actually exist in the <server-root>/alias directory.
In some cases, if you highlight a string and delete the values, your configuration changes will not be saved properly.
Solution: Place the cursor at the end of the values you wish to delete and use the backspace key to remove them. When you commit the changes, the values will be reset to null.
The Send Error To field under the Mail property of a group incorrectly allows multiple email address entries.
Solution: Enter one address in the Send Error To field. Do not attempt to use comma-separated multiple addresses.
Uninstalling doesn't remove the /usr/lib/sendmail, /usr/lib/processq or /usr/bin/mailq links.
Solution: If uninstalling doesn't remove all files or directories, see the "Uninstalling Messaging Server Components" section of Installing Messaging Server 4.0 for UNIX for a complete list of manual uninstallation instructions.
All server processes must be shut down before running uninstall.
Solution: Manually run the command: /etc/NscpMsg stop
All Netscape Console Java environments must be shut down before running uninstall.
Solution: Close and exit all instances of the Netscape Console before running uninstall. Be sure there are no Netscape Console instances running on remote machines.
You may see the following error message adding store partitions:
Server error, not all attributes are saved. See logfiles for details.
Solution: You must use the configutil utility to add partitions.
Alternate message queues cannot be created via the Netscape Console. The SMTP service cannot be started after any creation of multiple alternate queues.
Solution: The workaround is to use configutil to modify service.smtp.altqueues directly. The format is <dir path>[, <dir path>]. Note that there is a space after the comma.
Solution: Click on the mail account box twice.
Solution: CGI scripts check the <server-root>/bin/msg/admin/Instances.conf configuration file to find the proper server instance. If more than one is found, the script uses the first listed. Make sure the proper CGI script server is listed first in <server-root>/bin/msg/admin/Instances.conf configuration file.
Solution: This error will only occur the first time the admin user logs in. The workaround is to log in a second time.
In the Administrator's Guide documentation for the MoveUser command-line utility, the example for moving one user from host1 to host2 based on account informationin Directory Server is inaccurate. (325370)
The example should be changed to the following:
Also the example for moving a user's mailboxes from host1 to host2 when the user ID is specified in the command line should be changed to the following: (329880)
The following paragraph should be added to the end of the description of MoveUser: (325370)
When using the configutil utility to retrieve attributes (such as store.quotaexceededmsg) that are user strings and thus may exist in more than one language, you can specify a language parameter in addition to the attribute option itself. For example, you use the command
configutil -o store.quotaexceededmsg
to retrieve the notification string that users see when they have exceeded their message quota. If the administrator has defined any language-specific strings, the above command will not retrieve them. To see the English string or the Japanese string, for example, use the following commands, respectively:
configutil -o "store.quotaexceededmsg;lang-en"
configutil -o "store.quotaexceededmsg;lang-jp"
If these language-specific strings exist, they are the strings that are seen by users whose language preference matches the language parameter. If no language-specific strings exist, all users see the default string.
On some platforms, it is not possible to use the counterutil command-line utility to list the set of counter objects in a given server's counter registry. The following list includes all counterobjects recognized by the utility: (330433)
The counterutil command in 4.0, 4.01 or 4.03 did not allow you to specify either the interval to get counter information, nor the number of iterations. These options to counterutil are now available in 4.04: (355869)
The file description in the Mailstone Utility document states that the script tools for generating LDAP entries for the test user base are installed in the following locations: (311122)
whereas the scripts to use with Messaging 4.04 are actually in these
locations:
Note also that the directory mailstone/admin/2.X contains untested scripts, originally developed for earlier versions of Mailstone and Messaging Server, that should not be used.
In the Security chapter of the Administrator's Guide under Configuring SSL Encryption and Authentication, both the text and the diagram state that the Netscape Messaging Server supports POP over the SSL layer. This is not the case (340469). MS 4.0x only supports SMTP and IMAP over SSL.
For Messaging Server 4.04 administrator documentation, see the online help that accompanies the product. The administrator's guide and related documents are also posted at the location http://home.netscape.com/eng/server/messaging.
Installation instructions and release notes for all Netscape servers are posted at the location http://home.netscape.com/eng/server.
If you can't find the information you need, please contact Technical Support.