Known Issues and Limitations

This section contains a list of the known issues with Messaging Server 6 2005Q4. The following product areas are covered:

• Installation, Upgrade, and Uninstallation

• Messaging Server

• Localization

• Documentation

Installation, Upgrade, and Uninstallation

This section describes known issues with installing, upgrading, and uninstalling Messaging Server.

You must use the Java Enterprise System installer to install a cluster agent for Messaging Server. (6175770)

To install Messaging Server in a Sun Cluster environment, you should take the following steps. For a fuller explanation of this procedure, see the Sun Cluster installation example in “Chapter 3: Installation Scenarios” in the Sun Java Enterprise System 6 2005Q4 Installation Guide.

1. Run the Java Enterprise System installer and select to install the Sun Cluster and Sun Cluster Agents, then choose “Configure later” in the installer.

2. Configure the Sun Cluster environment. (For details, see the Sun Cluster documentation.)

3. Run the Java Enterprise System installer again and install Messaging Server (and other component products).

4. Configure Messaging Server. For details, see the Messaging Server 6 2005Q4 Administration Guide

This version of Messaging Server does not support a staged rolling upgrade with minimum downtime in a symmetric HA environment. (4991650)

With Messaging Server 5.2, you could install the Messaging Server more than once on the same machine and patch the different installations separately. This capability enabled support for minimal-downtime staged rolling upgrades. Messaging Server 6 2004Q2 does not provide this capability.

Messaging Server does not start under Sun^TM Cluster 3.0 Update 3. (4947465)

Messaging Server cluster agents dump core due to a problem in Sun Cluster 3.0 Update 3. Use Sun Cluster 3.1 to solve this problem.

Messaging Server

This section describes known issues in the Messaging Server product.

In option.dat, lines starting with #, !, or ; symbols are treated as comment lines. (no bugid)

In option.dat files, Messaging Server treats lines beginning with pound sign (#), exclamation point (!), or semicolon (;) characters as comment lines— even if the preceding line has a trailing backslash (\), which means the line is being continued. Consequently, you must be careful when working with long options (particularly delivery options) containing these characters.

There is a workaround for delivery options in which a natural layout could lead to continuation lines starting with a # or !.

Workaround

In delivery options, Messaging Server ignores spaces following the commas that separate individual delivery option types.

For example, instead of:

		 DELIVERY_OPTIONS=\
		 #*mailbox=@$X.LMTP:$M$_+$2S%$\$2I@ims_daemon,\
		 #&members=*,\
		 *native=@$X.lmtpnative:$M,\
		 *unix=@$X.lmtpnative:$M,\
		 /hold=$L%$D@hold,\
		 *file=@$X.lmtpnative:+$F,\
		 &@members_offline=*,\
		 program=$M%$P@pipe-daemon,\
		 forward=**,\
		 *^!autoreply=$M+$D@bitbucket
		 

You can workaround the problem by adding spaces as follows:

		 DELIVERY_OPTIONS=\
		           #*mailbox=@$X.LMTP:$M$_+$2S%$\$2I@ims_daemon,\
				   #&members=*,\
				   #*native=@$X.lmtpnative:$M,\
				   #*unix=@$X.lmtpnative:$M,\
				   #/hold=$L%$D@hold,\
				   #*file=@$X.lmtpnative:+$F,\
				   #&@members_offline=*,\
				   #program=$M%$P@pipe-daemon,\
				   #forward=**,\
				   #*^!autoreply=$M+$D@bitbucket

DOMAIN_UPLEVEL has been modified. (no bugid)

The DOMAIN_UPLEVEL default value has changed from 1 to 0.

The following characters cannot be used in the User ID: $ ~ = # * + % ! @ , { } ( ) / < \> ; : " ” [ ] & ? (no bugid)

This constraint is enforced by MTA when operating in direct LDAP mode. Allowing these characters in the User ID can cause problems in the message store. If you want to change the list of characters forbidden by the MTA, set the following option by listing a comma-separated string of the characters’ ASCII values:

LDAP_UID_INVALID_CHARS=32,33,34,35,36,37,38,40,41,
42,43,44,47,58,59,60,61,62,63,64,91,92,93,96,123,125,126

in the msg_svr_base/config/options.dat file. Note that you are strongly advised against relaxing this constraint.

Messaging Server fails to start when SNMP is enabled on Solaris 10. (6299309/6290934)

Workaround:

Direct snmpwalk to snmpdx instead of snmpd and go directly to port 16161 instead of port 161.

The imsimta refresh command generates confusing error messages. (6263066)

When the watcher process is enabled, imsimta refresh command generates confusing messages.

Workaround:

Run imsimta cnbuild to compile the configuration. Then, run start-msg. The imsimta refresh command will be deprecated in a future release.

The destinationspamfilter<>X optin channel keyword doesn’t work. (6214039)

This keyword will be fixed in the upcoming Messaging Server patch release.

NSS errors in the imta logfile when SSL is not configured (6200993)

These are not harmful errors. They are caused by the system's inability to find SSL certificates in the SSL configuration.

Workaround

You can disable SSL in the MTA as well as the Message Store:

1. Edit imta.cnf file and remove the channel keyword maytlsserver from tcp_local and tcp_intranet channels.

2. Change the following configutil configuration parameters by setting service.imap.sslusessl to 'no' and service.pop.sslusessl to 'no'.

3. Recompile the MTA configuration with the imsimta cnbuild command.

4. Restart the services (stop-msg/start-msg). This will disable the support for SSL. Please make sure that, once you need to configure the server in SSL mode after having certificates, you need to revert back the changes you have made for it.

The configure program fails with non-standard organization DNs. (6194236)

The configure program does not construct intermediate RDNs between the organization DN and the User/Group suffix. This problem occurs both with Schema 1 and Schema 2.

Workaround:

Create the Organization DN prior to running the configure program (or at least to the DN above the Organization DN).

Cannot log in to Messaging Server from Internet Explorer 6.0 SP1 when using a proxy server. (5043607)

When using an HTTP proxy in Internet Explorer 6.0 SP1 on a PC as a client, you may experience difficulty in logging into Messaging Server. This problem is likely to be due to a non-standard compliant proxy server and cannot be fixed in Messaging Server.

Correct certmap.conf file content required for client certificate authentication. (4967344)

The certmap.conf configuration file specifies how to map a certificate to an entry in the LDAP directory. By default, the certificate subject (with two lines commented out) contains the exact DN of the LDAP directory entry.

However, a very common alternative behavior is to extract a particular attribute from the subject of the certificate and to search the directory for that attribute.

Workaround

To achieve this alternative behavior, change:

         certmap default         default
		 #default:DNComps
		 #default:FilterComps    e, uid
		 

to:

		 certmap default         default
		 default:DNComps
		 default:FilterComps     e
		 

For a complete description of certmap.conf, please refer to the Sun Java System Server Console 5.2 Server Management Guide.

Will not see channel is stopped if jobc was recently started. (4965338)

In Messaging Server 5.2, if you issued a #imsimta qm summarize command you could view the channels that had been stopped with the imsimta qm stop <chan> command.

This behavior changed in 6.0. If you have not used a channel yet, you will not get the 0 lines and you will not see the stopped channels.

Manage Certificate wizard not creating Secure Sockets Layer (SSL) certificates under Messaging Server/Configuration. (4939810)

When you use the Manage Certificate option (Administration Server->Messaging Server->Configuration->Manage Certificate) to create an SSL certificate request, the Manage Certificate wizard should create a certificate and key database in the Messaging_Server_Base/config area and not in the Admin_Server_Root/alias area. In addition, the file prefixes should change from the msg-config value (msg-config-cert7.db and msg-config-key3.db) to NULL (cert7.db and key3.db).

Workaround

1. Copy the msg-config-cert7.db and msg-config-key3.db files from Admin_Server_Base/alias area to Messaging_Server_Base/config area as cert7.db and key3.db with proper permissions and ownerships.

2. Create soft links for the files under Messaging_Server_Base/config area with the proper permissions and ownerships used in the Admin_Server_Base/alias area.

imsimta start doesn’t start disp and job controller. (4916996)

The imsimta start, imsimta restart, and imsimta refresh commands work only when the watcher process is running.

---

Note –

New start-msg and stop-msg commands have replaced imsimta start and imsimta stop, which are deprecated and will be removed in a future release.

For more information about the start-msg and stop-msg commands, refer to the Messaging Server Administration Guide.

---

The XSTA, XADR commands are enabled by default. (4910371)

After installation, the SMTP extension commands XSTA and XADR are enabled by default, which may enable remote and local users to retrieve sensitive information.

Workaround

Add the following lines to the imta/config/tcp_local_options file (create this file if necessary) to disable the XSTA and XADR commands:

DISABLE_ADDRESS=1
DISABLE_CIRCUIT=1
DISABLE_STATUS=1
DISABLE_GENERAL=1

Searching for a home phone number does not work in the Personal Address Book. (4877800)

A Personal Address Book search based on “Phone #” searches for the work phone number attribute only. You cannot use “Phone #” to search for home or mobile phone numbers.

If indirect dependencies already exist between Sun Cluster resources, scds_hasp_check() may prevent HAStoragePlus from being supported with those existing configurations. (4827911)

This behavior is observed in Sun Cluster 3.0 Update 3.

Workaround

Create a weak dependency for the existing resources on the HAStoragePlus resource.

Messenger Express Multiplexor (MEM) does no have a configuration option to make use of the OS resolver or NSCD (4823042)

Workaround

Configure system as a caching-only DNS server in order to gain the benefit of caching MX and A records.

MoveUser utility does not work on a mailbox that contains over 1024 subfolders. (4737262)

It has been reported that the MoveUser utility stops when attempting to move a user’s account that has a mailbox containing over 1024 subfolders.

Access control filters do not work if the short form domain in used in the /etc/hosts file. (4629001)

If there is a short form version of a domain name in the /etc/hosts file, there will be problems if you use a host name in an access control filter. When the IP address lookup returns a short form version of the domain name, the match will fail. Therefore, you should make sure you use a fully qualified domain name in the /etc/hosts file.

Connections aborted with TCP_IOC_ABORT_CONN in syslog. (4616287)

If a failover occurs for an HA configuration running Sun Cluster 3.1 on the Solaris 8 U7 or Solaris 9 Operating System and active TCP connections are aborted with the TCP_IOC_ABORT_CONN ioctl, messages such as the following are logged on the console and to system logs.

	Jul 24 16:41:15 shemp ip: TCP_IOC_ABORT_CONN: local = 192.018.076.081:0, 
	remote = 000.000.000.000:0, start = -2, end = 6
	Jul 24 16:41:15 shemp ip: TCP_IOC_ABORT_CONN: aborted 0 connection
	

These messages are informational only and should not show up in non-debug mode.

If you use Microsoft Outlook Express as your IMAP mail client, the read and unread flags might not work properly. This is a known problem with the Microsoft Outlook Express client. (4543930)

To enable the workaround, set the following configuration variable:

configutil -o local.imap.immediateflagupdate -v yes

If, while using the workaround, you experience performance issues, it is recommended that you discontinue using the workaround.

To take effect, changes made using configutil often require a restart of the affected server or servers. (4538366)

Administration Server access control host names are case-sensitive. (4541448)

When you configure “Host Names to allow” for the Administration Server, the access control list is case-sensitive. If the DNS server uses mixed-case host names in the IN-ADDR records (used when translating from an IP address to a domain name), the access control list must use the same case. For example, if your host is test.Sesta.Com, then the access control list must include *.Sesta.Com. Due to this problem, *.sesta.com will not suffice.

For example, if the user/group base suffix is o=isp, then the DN of the service administrator group is cn=Service Administrators,ou=groups,o=isp. To designate the account uid=ofanning, o=sesta.com, o=isp as a service administrator, you should add the account’s DN to the group. In the following modify record, the designated user is added as a group member in the LDIF:

dn: cn=Service Administrators,ou=groups,o=isp
changetype: modify
add: uniquemember
uniquemember: uid=ofanning, o=sesta.com, o=isp

Furthermore, for users to have service administrator privileges, the attribute memberof must be added to the user entry and set to the Service Administrator Group, for example:

dn: uid=ofanning, o=sesta.com, o=isp
changetype: modify
add: memberof
memberof: cn=Service Administrators, ou=groups, o=isp

The MMP BadGuy configuration parameter, BGExcluded, does not work. (4538273)

Workaround

Deploy separate MMP servers to handle the clients that are excluded from bad guy rules. These servers must have BadGuy turned off.

LDAP search performance is slightly impacted by ACIs in Directory Server version 5.x. (4534356)

This issue affects many searches performed by Messaging Server. For faster searches, use directory manager credentials with the following commands to access the directory:

msg_svr_base/sbin/configutil -o local.ugldapbinddn -v "rootdn" -l

msg_svr_base/sbin/configutil -o local.ugldapbindcred -v "rootdn_passwd" -l

where rootdn and rootdn_passwd are the credentials of Directory Server’s administrator.

If you enable Sun Cluster 3.0 Update 3, you may encounter a harmless error message. (4490877)

The following harmless error message appears in the Sun Cluster console and also in /var/adm/messages, when starting High Availability (HA) services or when switching HA services from one node to another:

Cluster.PMF.pmfd: Error opening procfs control file </proc/20700/ctl> for tag <falcon,habanero_msg,4.svc>: No such file or directory

Localization

The following known issues are not necessarily localization-specific issues.

Administration Console is unable to start in German, Spanish, Simplified Chinese, and Traditional Chinese locales. (6270696).

Workaround

Create the symbolic link manually:

ln -s msg_svr_base/lib/jars/msgadmin62-2_06_ lang.jar AdminServer_ServerRoot /java/jars/msgadmin62-2_06_lang.jar

On Solaris(SPARC and x86 platforms), you also need to create the correct version .jar files manually:

cp msg_svr_base/lib/jars/msgadmin62-2_03_ lang.jar msg_svr_base/lib/jars/msgadmin62-2_06_ lang.jar

Accents are poorly encoded in Messenger Express messages on Internet Explorer browsers (6268609).

This problem is not seen in Communications Express messages.

Configurator input field is too narrow to view (6192725).

Some input fields in the Messaging Server configurator (invoked by msg_svr_root/sbin/configure) are too narrow to see on some pages in non-English locales on Linux platforms.

Configurator input field is too narrow to view (6192725).

Workaround

Widen the window size to make input field larger enough to view.

Documentation

This section describes known issues in the Communications Services and Messaging Server-specific documentation.

Correction to bug 5076486 regarding imadmin user purge with iPlanet Delegated Administrator 1.2 Patch 2 (6307201).

You are able to use the imadmin user purge command with iPlanet Delegated Administrator 1.2 Patch 2 and Messaging Server 6.x. This legacy version of Delegated Administrator should not be confused with the current Delegated Administrator product documented in Chapter Chapter 4, Sun Java System Communications Services Delegated Administrator 6 2005Q4 Release Notes. To use the legacy version of Delegated Administrator, you need to follow the procedures outlined in the iPlanet Delegated Administrator installation documentation on http://docs.sun.com along with the following modification:

Change the MsgSvrN-cgipath line in the iDA_install_directory/nda/classes/netscape/nda/servlet/resource.properties file to MsgSvr0–cgipath=msg-config/Tasks/operation and restart the Web Server.

If you are running on a cluster, be sure that the Administration Server is running on the same node as Messaging Server (See bug 6306637 for more information).

No documentation available on new shared defragment database feature. (5091281)

No documentation available on a new feature whereby MTA systems can share the defragment database and thereby defragmentation can be done on MTA systems instead of the store system.