Sun ONE Messaging Server 6.0 Patch 1 Release Notes

Sun™ ONE Messaging Server 6.0
Release Notes

Version 6.0 Patch 1 Update 1

Part Number 817-5035-11

February 2004

These release notes contain important information available after the time of release of Version 6.0 of Sun™ Open Net Environment (Sun ONE) Messaging Server. New features and enhancements, known limitations and problems, technical notes, and other information are addressed here. Read this document before you begin using Sun ONE Messaging Server 6.0 (Messaging Server).

The most up-to-date version of these release notes can be found at the Sun ONE documentation web site: Check the web site prior to installing and setting up your software and then periodically thereafter to view the most up-to-date release notes and manuals.

These release notes contain the following sections:


Do not use Sun ONE Messaging Server, v6.0 for production until you have installed the Sun ONE Messaging Server 6.0 patch 1. If you cannot find this patch, contact your Sun Support Representative.

Revision History

Table 1  Revision History 


Description of Changes

February 3, 2004

January 15, 2004

Initial release of Messaging Server 6.0 patch 1 release notes.

December 8, 2003

Initial release of the Messaging Server 6.0 release notes.

About Messaging Server, Version 6.0 P1

Messaging Server is a high-performance, highly secure messaging platform that can scale from thousands to millions of users. It provides extensive security features that help ensure the integrity of communications through user authentication, session encryption, and the appropriate content filtering to prevent spam and viruses. With Messaging Server, enterprises and service providers can provide secure, reliable messaging services for entire communities of employees, partners, and customers.

What’s New in Messaging Server, Version 6.0 P1

Messaging Server provides a powerful and flexible solution to the email needs of enterprises and messaging hosts of all sizes by using open Internet standards.

This section describes the following topics:

New Features

This section describes the new features added to Messaging Server in this release. The information is organized as follows:

Automatic Arabic Character Set Detection

A new auto_ef program was added to automatically detect Arabic character sets.

You can call the auto_ef program from the conversion channel to automatically detect and label most unlabeled or incorrectly labeled text messages in Arabic character sets. These unlabeled or mislabeled messages are usually sent from Yahoo or Hotmail in Arabic.

Without the correct character set labeling, many mail clients cannot display the messages correctly.

If a message has MIME content-type headers, the auto_ef program examines and processes only those with text/plain content type. If the message is not labeled with a MIME content-type header, then auto_ef adds a text/plain content-type unconditionally.

To activate or enable this program, you must:

  1. Edit your mappings file in the msg_svr_base/config directory to enable a conversion channel for the source and destination channel of your choosing. To enable a conversion channel for all mail coming in from the Internet to your local users, add a section to your mappings file similar to the following:

        IN-CHAN=tcp*;OUT-CHAN=ims-ms;CONVERT YES

    Note that the IN and OUT channels depend on your configuration. If you are deploying on a relay MTA, you must modify the channels to fit your configuration. For example,


    Or, you could turn it on for all channels as follows:


  3. Create a conversions file in the msg_svr_base/config directory that is owned and readable by the Messaging Server user, and that contains the following:
  4. !
    in-channel=*; out-channel=*;
      in-type=text; in-subtype=*;
      parameter-copy-0=*; dparameter-copy-0=*;
      original-header-file=1; override-header-file=1;

  5. Compile your MTA configuration with the following command:
  6. msg_svr_base/sbin/imsimta cnbuild

  7. Restart with the command:
  8. msg_svr_base/sbin/imsimta restart


The following books have been added to the Messaging Server documentation set:


The following new features were added to the Messaging Server installation:

Message Store and Message Store Access

The following new features were added to Message Store and Message Store Access:

Messenger Express

The following new features were added to Messenger Express:


New MMP features include:


New monitoring features include:


New MTA features include:


Messaging Server now provides:

Deprecated Features

Support for the following features may be eliminated in a future release:

MTA access to database files and the imsimta tools to manipulate MTA database files.

Direct editing of MTA or MMP configuration files.

A command line tool will be provided in a future release.

Use of the [PERIODIC_JOB=] sections in the job_controller.cnf file. (4907007)

The default entries shipped with iMS have been moved to the new scheduler process and removed from the default job_controller.cnf file. Specifically,

Customer supplied plug-ins with IMAP, POP, or Messenger Express.

The Messenger Express authentication plug-in API is supported for this release, but it is preferable to use Identity Server to configure single-sign-on. Client certificate mapping plug-ins are no longer supported.

Support for ident protocol.

Deprecated features include the MTA ident* keywords and support for ident user names in access control filters. The indentnone* keywords continue to be supported.

Delegated Administrator web command-line interfaces.

These interfaces have been replaced with new command line tools that integrate with Identity Server. The new tools do not support the previous Sun ONE Delegated Administrator for Messaging (Delegated Administrator) utilities.


The optional SECTION option for the INSTANCENAME option of the ServiceList MMP configuration parameter is deprecated and will be removed in a future release.

imsimta start and imsimta stop commands.

New start-msg and stop-msg commands have replaced imsimta start and imsimta stop. The imsimta start and imsimta stop commands will be removed in a future release.


For more information about the start-msg and stop-msg commands, refer to the Sun ONE Messaging Server Administrator’s Guide.

No Longer Available

The following features were deprecated in a previous release and are no longer supported:

Bugs Fixed in Messaging Server 6.0, 6.0 P1, and User Management Utility

The following tables describe the most important bugs fixed for Messaging Server 6.0, Messaging Server 6.0 P1, and the User Management Utility for Messaging and Collaboration.

Table 7 describes the most important bugs fixed in the Messaging Server 6.0 release.

Table 7  Fixed Bugs in Messaging Server 6.0




Cu wants Mail Filter feature in Messenger Express.


Messenger Express does not translate other languages.


Cleanup/expire function does not scale.


SSO not compatible with large companies/hosting environment.


imsbackup and imsrestore cannot handle files larger than 2 GB.


SSO does not support multiple domains.

4537344 does not handle local.snmp.enable correctly.


Server performance problems while searching for shared folders.


MMP server problems during client cert authentication if store admin credential is misconfigured.


POP3 log should output user’s mailbox statistics.


Quotacheck options are not working properly.

4538645 does not extract names from imta_tailor file.


stored reports error/warning in HA environment.


Request for imta to log more detailed information about: error status Q and smtp;250.


Installer should test the port based on IP address.


Webmail should use UTF-8 when browser supports UTF-8.


store notifyplugin peruserflag callback needs to pass the number of seen messages.


store notifyplugin peruserflag callback needs to pass the number of existing messages.


Sending attachments with long names via iMS5.0p3 or iMS5.1 with InterScan corrupts the file name.


Unable to receive mail if ims-default-quota is set to more than 2 GB.


Decrease downtime for on-demand recovery of subfolders.


mail.log_current log stops when the file reaches 2 GB file size.


RFE: Mail Quota limitation for Virtual Domain needs to be enforced.

4660299 fails for iDS 5.1 if LDAP password contains shell metacharacters.


Store notification should ignore events from admin proxyauth.


RFE: Mail filter combinations result in filter evaluation errors.


Webmail does not check the mailhost attribute if the mailboxes are present.


check_mailhost should use local.imta.hostnamealiases instead of DNS.


imsimta qm clean -min_length=0 -from=\<\> -delete deletes 0 files.


Integrate Identity Server’s policy agent into webmail for SSO practice.


store delivers multiple overquota e-mail messages.


POP3 hangs when large (2 MB) JPG files are retrieved.


return_forwarded.txt gets corrupted when it sends to the client in a Japanes environment.


Mixed-case authentication of hosted domain users causes problem.


Unable to execute the MoveUser utility, which is required for user migrate.

Table 8 describes the most important bugs fixed in the Messaging Server 6.0 P1 release.

Table 8  



No BugID

New file delivered

No BugID

Configure now copies instead of move


lscgi, msearch, mailaclbody.cgi, mailacl.cgi, and msglang.cgi files missing


Dispatcher leaks REFUSED connections and eventually stops handling new connections


SNMP subagent does not open after applying a sparse patch (6.0 P1)


Webmail does not check From line length, which corrupts data


Return_header.opt installed to wrong location; extra header lines in DSNs & MDNs


Webmail does not quote ISO-encoded addresses (Webmail fails to send mail if quoted recipient names contain commas)


lpool leaks LDAP connections and wedges under stress, regression from 4744410


Stored does not perform final checkpoint before exiting (fix Stored final checkpoint and mboxlist_init return code)


Comms SSO broken when Identity Server Services are running in SSL (allow IS SSO over SSL)


Need to install Arabic charset auto-detection program and example script


Bcc recipients become exposed in the delivered message (configuration change to imta.cnf and option.dat. #. The change will not be restored if the patch is backed out.)


Per-user sieve filters can be triggered incorrectly by autoforward (Ability to disable carryover from one user sieve to another when forwarding; also disable create/auth on fileinto)


Uninitialized variable causes erratic sieve test results


Entries are sorted incorrectly in “selecting addresses from PAB”


Pop-up message in server run-time locale is not in user’s preferred language


Vacation Start & End dates are saved one day prior to the set dates


Default LMTP native server missing USER parameter in dispatcher.cnf


Truncated messages cause immd_get_message_handle failed: 0 (Do not treat the lack of a terminating boundary in a queue file as a failure in ims-master)


Mail Recipients in BCC are visible in certain cases (prevent bcc recipients from becoming visible if there are no To or cc recipients)


$D has no effect below 99 ($Dnn is _ACCESS mappings do not work unless nn >= 100)


Java error if up is selected with no mail filters (Beta: SunIT: Mail Filters are duplicating when order is changed.)


RFE: ims-ms D records for overquota add status information


mshttpd sid range (session ID not random enough)


PMDFdequeueMessageEnd() needs to re-enqueue using source channel


autorestart fails if back-up is running


mboxutil -a LDAP timeout


Domain map leak in schema 2 mode


Updated de/es/fr return_option.opt files


Unable to get a mailhost entry after issuing a proxyauth command


During the upgrade and recovery process, Messaging Server incorrectly moves the Message Store database out of the mboxlist directory during stored start-up.


Need timeout/retry of PAB write operations (workaround LDAP server hanging during PAB operations)


mboxutil -p "<non-ascii>*" does not work


Funny white box appears next to the text in Advanced mail filter screens


Webmail mail filter java error if user does not select filter action


MM_DEBUG=3 or higher can cause unexpected shutdowns. For example, tcp_smtp_server.


Hard-coded “Server-Cert” nickname disables the SSL feature if user sets nickname to different value


Store.quotaexceededmsg values do not display in Admin Console


Security issue: MMP SMTP proxy and INTERNAL_IP mapping table


imapd leaks memory, shuts down unexpectedly


mshttpd shuts down unexpectedly if PAB DNs exceeds 16K


Mailfilter i18n: Filter Preview window shows the default folder names in English


Expire rule does not work with multiple subject headers


Webmail should read both preferredlanguage vs. preferredlocale


Webmail should have SMTP failover capability (support for multiple SMTP servers in service.http.smtphost)


Problem with accented characters in Spanish dictionary


SSO: Signing off from Webmail causes an indefinite loop with Mozilla


Using imsbackup causes unexpected shutdowns on mboxlist_close


Message Store backups perform poorly when using Legato Networker


Orion1_b10: I18N: Mail/AddressBook always open with an English GUI in zh/ja-JP/ko-KR, etc.


Mail Filter: Cannot select user’s preference items


Messaging Server, Mail Filter (l10n-ko) need to be localizable (and/or in filter preview)


Problems with Watcher during start-msg


Job_controller exits when using Ctrl-C


Watcher exits when using Ctrl-C


Beta: SunIT: Mail Filters are duplicated when user changes their order


Beta: SunIT: Mail Filter updates result in java.lang.NullPointerException


Default configuration should not have LMTP enabled (Note a configuration must be done to enable this “fix” (for example, postpatch does not perform this configuration change.)


MMP hangs in ASock_SecurityStatus


A missing store.cch file causes mailbox migration to fail.


Cannot modify vacation subject if it contains a colon


RFE: Need a configuration option to prevent mshttpd from rewriting From address.


Edit Mail Filter window shows wrong page heading (“New Mail Filter”)


Missing an ORIG_SEND_ACCESS entry to block quoted, explicit internal routing type of addresses


Webmail filter does not work unless Webmail is running on port 80


Servers restarted several times on bos-mail, no failover


Mailbox auto-recovery code not MT safe


Pop server does not shutdown when stop-msg is used


imsched produced <defunct> processes


mailaclbody.cgi causes unexpected problems


mailfromdnsverify needs to reject DNS entries that map to specific IP addresses


Vacation Message does not work in Webmail


The mboxutil option does not work


Incorrect return code logged by ims_master when attempts to read messages fails


start-msg causes HA failover when a process is already running


Watcher does not disconnect from terminal window - disappears mysteriously


"Unable to open configuration list" error in Sun ONE Server Console.


During ‘Spell Check’ process, Java Script error occurs when you click on misspelled words


Dispatcher pidfile created with file permissions 666


Stored does not expunge messages if store.exp contains dates earlier than 1/1/1970


Admin console Cert generation totally broken


For Advanced Mail Filter conditions, Message Size text field accepts characters other than numbers


Pipe channel message not on STDIN on NT


Need ability to delete orphaned users store in mboxutil


Compose window focus behavior is annoying


Mail Filter displays international characters as codepoints in Filter Preview


Webmail copies messages with multiple addresses that are not separated by commas to Sent folder


Orion1_b09: “Quota root does not exist” error when mailboxes are nonexistent


security parameter in WMAP protocol allows attacks from the same domain


Webmail inserts a “blank” improperly when a message contains both Java and ASCII characters (Messaging Server 5.2)


RFE: Remove Shared Folder from IMAP namespace if shared folders are disabled


Added partitions path missing in Messaging Server 5.2 Admin console with iDS5.1

Fixed Bugs in Messaging Server 6.0 P1

Table 9 describes the most important bugs fixed in the User Management Utility for Sun ONE Messaging and Collaboration.

Table 9  Fixed Bugs in User Management Utility for Sun ONE Messaging and Collaboration


mgrpModerator attribute is not set correctly by commadmin group create -r


Groups email address is not validated against the domain in which group is created


Configuration fails when Identity Server organization name contains embedded spaces

Hardware and Software Requirements

This section describes the hardware and software required for this release of Messaging Server as follows:

Supported Platforms

This release supports the following platforms:

Messaging Server 6.0 P1 Patches

The Messaging Server 6.0 P1 release consists of two Solaris patches:

Use the Solaris patchadd utility to apply the 6.0 P1 patches.


Consult the README file in the patch for more detailed information — in particular, you must be sure to read any special instructions in the README.

Solaris 8 Operating System

The supported Solaris 8 (SPARC Platform Edition) platforms require the following patches:

If you are installing Messaging Server in a hardened environment, the minimum packages required on a Solaris 8 operating system include Solaris Core packages as well as SUNWxwdv, SUNWxwdvx, SUNWxwmod, SUNWxwmox, SUNWxwplt, SUNWxwrtl.

Solaris 9 Operating System

The supported Solaris 9 (SPARC and x86 Platform Editions) Update 2 platforms require the following patches:

User Management Utility Patches

The User Management Utility for Sun ONE Messaging and Collaboration requires the following patches on Solaris platforms:

Use patchadd to apply these Solaris patches on the machine where you installed the User Management Utility. Consult the patch README file for further details.

Hardware Requirements

The minimum hardware requirements for Messaging Server are:

Client Software Requirements

For Messenger Express access, Messaging Server requires a JavaScript-enabled browser. For optimal performance, Sun recommends the browsers listed in Table 10:

Table 10  Messaging Server 6.0 Client Software Recommendations 


Solaris 8 for Sparc, Solaris 9 for Sparc, and X86

Windows 98

Windows 2000

Windows XP

Red Hat Linux 7.2

Macintosh OS X

Netscape™ Communicator







Internet Explorer


6.0 SP1

6.0 SP1

6.0 SP1









1.2 or later

Product Version Compatibility Requirements

Messaging Server is compatible with the product versions listed in Table 11:

Table 11  Product Version Compatibility Requirements 



Sun Cluster

3.0 U3 (Update 3), 3.1

Veritas Cluster Server

1.3, 2.0, 3.5

Sun ONE Directory Server

5.1, 5.2

Sun ONE Identity Server

6.1 (Command-line Interface Only)

Sun ONE Web Server

6.1 (but 6.0 Service Pack 5 if you are using iPlanet Delegated Admin)

New Information

This section contains the latest information that is not contained in the core product documentation, and is organized into the following topics:

Installation Notes

Review the following installation notes. Specific installation bugs are listed in "Known Issues" on page 46.

Compatibility Issues

Redistributable Files

The following redistributable files are provided with Messaging Server 6.0:

Errata and Messaging Server Documentation Updates

The following information was added to the Sun ONE Messaging Server Administrator’s Guide:

The following list describes errors or limitations in the Messaging Server documentation set:

Configuring LMTP Delivery

Configuring the LMTP delivery mechanism requires configuration on both the relay machines and on the back end stores. On the relays, the DELIVERY_OPTIONS MTA option (in option.dat) has to be changed so that messages being delivered to the stores are passed to the LMTP channel. The back end store must be configured with the dispatcher, but does not need the job controller. The dispatcher must be configured to run the LMTP server.

In a typical multi-tier deployment, users are provisioned on different backend message store machines. One or more of these backend machines may not have LMTP turned on and therefore the front-end relays need to be aware of which store machines are LMTP aware. This is achieved by using the General Database facility to explicitly name those message stores which are configured to accept LMTP delivery.

To Configure the Inbound MTA Relays with LMTP

To configure inbound MTA relays to use LMTP, do the following:

  1. Activate text databases by adding the following line to option.dat.

    In this step, the use of a flat text file for the General Database is enabled in the MTA. Note that if you already use the general database, you may want to skip this step.

  3. Create or modify the General Database text file.

    # cd /opt/SUNWmsgsr/config/

    # vi general.txt

    LMTP_CS|   lmtpcs-daemon

    LMTP_CS|  lmtpcs-daemon

    LMTP_CS|  lmtpcs-daemon



    LMTP_CN|  lmtpcs-daemon


    LMTP_CN|  lmtpcs-daemon

    # chown mailsrv general.txt

  4. As you can see, there two types of entries, one for handling user specific deliveries to the lmtpnative and one for handling store wide settings for delivery via the tcp_lmtpcs channel.

  5. Create or modify a new DELIVERY_OPTIONS variable in the options.dat file.
  6. The value of DELIVERY_OPTIONS must be changed. The current default for delivery options is:












    Change this to:












    Note the change in the pattern for the mailbox delivery option and that the autoreply delivery option is now preceded by the character # to force action on the relay machine. The $X substitution inserts the value of the mailhost attribute for the user. This generates a source routed address.

    Also note that for native, unix, file and program delivery methods to be useful, the MTA must be running on the target machine.

  7. Add an LMTP rewrite rule to imta.cnf file:
  8. # cd /opt/SUNWmsgsr/config/

    # cp imta.cnf imta.cnf.orig

    # vi imta.cnf


    ! pipe

    .pipe-daemon $U%$H.pipe-daemon@pipe-daemon


    ! tcp_local

    ! Rules for top level internet domains



    ! Do mapping lookup for internal IP addresses

    [] $E$R${INTERNAL_IP,$L}$U%[$L]@tcp_intranet-daemon


    ! Do general.txt lookup for lmtp hosts $S$U%$H$D@$(LMTP_CN|$U@$H$D) $S$U%$H$D@$(LMTP_CS|$H$D)


    ! tcp_intranet

    ! Do mapping lookup for internal IP addresses

    [] $E$R${INTERNAL_IP,$L}$U%[$L]@tcp_intranet-daemon $U%$

    In this step, a pair of rewrite rules do a tagged probe of the General Database to see if the source route portion of the address matches any entries for doing LMTP delivery. In the general.txt file, which was created in step 2, there are tagged entries to designate delivery to the backend message store via the appropriate channel. Here, the $S in the rewrite rule means that it will only apply when the address contains a source route. If there is a match to an entry in the General Database, the rewrite rule succeeds and the message is sent to the source route backend host via the tcp_lmtpX channel which does delivery via LMTP.

    If a match is not found, the rewrite process will continue until a match is found in some other rewrite rule. In most cases, if a match is not found via a probe of the General Database, then message is routed via the tcp_intranet channel which does delivery via SMTP.

  9. Add new channel blocks to imta.cnf
  10. You must also include channel definitions for the lmtp and lmtpn channels in the channel definition section of the imta.cnf file. For example:

    ! tcp_lmtpcs (LMTP client - store)

    tcp_lmtpcs defragment lmtp port 225 nomx single_sys subdirs 20 maxjobs 7 pool SMTP_POOL dequeue_removeroute



    ! tcp_lmtpcn (LMTP client - native)

    tcp_lmtpcn defragment lmtp port 226 nomx single_sys subdirs 20 maxjobs 7 pool SMTP_POOL dequeue_removeroute


  11. Commit your configuration changes.

    # cd /opt/SUNWmsgsr/bin

    # ./imsimta refresh

    Compiled configuration done

    Killing Dispatcher : 23021

    Dispatcher startup requested

    Job Controller shutdown requested

    Job Controller startup requested

  12. Note

    Be sure to use the lmtp channel keyword on LMTP channels. Do not use both smtp and lmtp channel keywords on LMTP channels. Note also that by default, the LMTP channel definitions are commented out. You must uncomment them if you want LMTP to work.

Known Issues

This section contains a list of the more important known issues at the time of the Messaging Server 6.0 release. This section contains the following subsections:

Installation and Uninstallation Problems

The following are known issues with the Messaging Server installation and uninstallation programs and processes:

MS 6.0 requires HP-UX 11.11 patch PHSS_28871 (4937616)

Without this patch, the MTA cannot be started on HP machines.

Messaging Server does not start under Sun™ Cluster 3.0 Update 3 (4947465)

Messaging Server cluster agents dump core due to a bug in Sun Cluster 3.0 u\Udate 3. Use Sun Cluster 3.1 to solve this problem.

Patch Fails on Inactive Node of a Cluster Which Was Configured with useconfig (4979135)

If you configured messaging server using useconfig (typically for a cluster), and you attempt to patch the node, the patch will hang.

The work around is to copy the install/configure_YYYYMMHHMMSS/ that was passed to useconfig to the msg_svr_base/install directory before running the patch.

User Calendar Service Not Updated During This Patch Process (4974063)

UserCalendarService definition can only be reverted manually to previous state after the patch is applied. To revert manually, do the following:

# cd /opt/SUNWcomm/lib/services/
# /opt/SUNWam/bin/amadmin -u
admin_login -w password -t deletecaluserAttributes.xml

admin_login - Identity Server admin user

password - Identity Server admin password

Note that you have to provide the full path to the amadmin command from the Identity Server bin directory.

If you don’t revert the UserCalendarService definition manually and you run the patch twice an error will be logged the second time because the change was already made.

Patch Install Does Not Update Messaging Server’s Version Number in Admin Console (4967598)

These are the LDAP entries (in LDIF format) that need to change msgadmin60.jar to msgadmin60p1.jar.

Substitute for the following variables:

msg.product.Name - Sun ONE Messaging Suite, msg.GroupName, msg.ServerHostName, msg.AdminDomain, AdminServer_sie

These variables are defined in msg_svr_base/lib/config-templates/ Here are some sample entries from

# used for DNs in config dir
# the "Server Group" RDN for the Admin Server
set msg.GroupName=Server Group (1)
# the Admin Domain
# the AdminServer sie in the config directory
set AdminServer_sie=cn=admin-serv-ketu, cn=Administration Server, cn=Server Group (1),,, o=NetscapeRoot

=== Start of ldif file===

dn: cn=configuration, cn=msg-config, cn=<msg.product.Name>,
 cn=<msg.GroupName>, cn=<msg.ServerHostName>,
 ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=inetorgPerson, cn=ResourceEditorExtension, ou=4.0, ou=Admin,
 ou=Global Preferences, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsadminaccountinfo
nsadminaccountinfo: [<AdminServer_sie>]

dn: cn=groupofuniquenames, cn=ResourceEditorExtension, ou=4.0, ou=Admin,
 ou=Global Preferences, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsadminaccountinfo
nsadminaccountinfo: [<AdminServer_sie>]

dn: cn=inetMailUser, cn=ResourceEditorExtension, ou=4.0, ou=Admin,
 ou=Global Preferences, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=inetMailGroup, cn=ResourceEditorExtension, ou=4.0, ou=Admin,
 ou=Global Preferences, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=processcontrol, cn=operation, cn=tasks, cn=msg-config,
 cn=<msg.product.Name>, cn=<msg.GroupName>,
 cn=<msg.ServerHostName>, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=viewimaplog, cn=operation, cn=tasks, cn=msg-config,
 cn=<msg.product.Name>, cn=<msg.GroupName>,
 cn=<msg.ServerHostName>, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=viewpoplog, cn=operation, cn=tasks, cn=msg-config,
 cn=<msg.product.Name>, cn=<msg.GroupName>,
 cn=<msg.ServerHostName>, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=viewhttplog, cn=operation, cn=tasks, cn=msg-config,
 cn=<msg.product.Name>, cn=<msg.GroupName>,
 cn=<msg.ServerHostName>, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=viewadminlog, cn=operation, cn=tasks, cn=msg-config,
 cn=<msg.product.Name>, cn=<msg.GroupName>,
 cn=<msg.ServerHostName>, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

dn: cn=viewdefaultlog, cn=operation, cn=tasks, cn=msg-config,
 cn=<msg.product.Name>, cn=<msg.GroupName>,
 cn=<msg.ServerHostName>, ou=<msg.AdminDomain>, o=NetscapeRoot
changetype: modify
replace: nsclassname

See "Installation Notes" on page 39 for additional installation issues.

Upgrade Problems

This section describes known issues when upgrading from Messaging Server 5.2 to Messaging Server 6.0 P1.

Administrators cannot migrate from Sun ONE LDAP Schema, v.1 to Sun ONE LDAP Schema, v.2.
(no bugid)

Sun ONE Messaging Server 6.0 will ship without a migration tool that enables administrators to migrate from Sun ONE LDAP Schema, v.1 to Sun ONE LDAP Schema, v.2. A migration tool will be forthcoming.

If you refresh your Messaging Server 6.0 product binary with updated versions of the product, the MTA compile configuration must be rebuilt. (no bugid)

If you do not rebuild your MTA compile configuration, you will see a compile configuration mismatch error.

On a stand-alone system:

  1. Apply the Messaging Server 6.0 P1 patch to upgrade your mail system.
  2. Run the imsimta cnbuild command.
  3. Manually copy the new configuration files (generated by the patch) into your “live” configuration area.

On a clustered system:

  1. Apply the Messaging Server 6.0 P1 patch to upgrade an inactive node.
  2. On a node that has not been upgraded, run the imsimta cnbuild -remove command to clear the configuration.
  3. Failover your system to the upgraded node.
  4. Immediately run the imsimta cnbuild command on the upgraded node.
  5. Manually copy the new configuration files (generated by the patch) into your “live” configuration area.
  6. Upgrade the node that has not yet been upgraded.

Do not run the upgrade script provided with Messaging Server 6.0 (no bugid)

Do not run the (Perl) upgrade script shipped with 6.0.
You must wait for Messaging Server 6.0 patch 1 to upgrade.

Netscape Directory Server 4.16 PAB entries with multi-valued mail attributes cannot be migrated to Directory Server 5.1 because it only accepts single-valued mail attributes. (4869706)

Objectclass violations occur if you try to add these entries.

Turn off schema checking if you are porting PAB entries from Netscape Directory Server 4.16 to Directory Server 5.1.

End users cannot manage their mailing lists in Messaging Server 6.0. (4904736)

Sun ONE Messaging Server 6.0 will ship without a web-based tool that allows end users to manage their own mailing lists (a regression relative to iPlanet Messaging Server 5.2).


Messaging Server Problems

This section describes known issues in the Messaging Server product.

Cannot Create a User Through the Administration Console (4852026 & 4852004)

Messaging Server no longer supports user or group creation using the Admin Console. User and group entries should be created uisng the User Management Utilities. The following error messages may appear when logging in as, or sending mail to, a user created using Admin Console:

Quota root does not exist

4.0.0 temporary error returned by alias expansion: . . ."

In option.dat, lines starting with #, !, or ; symbols are treated as comment lines. (no bugid)

In option.dat files, Messaging Server treats lines beginning with pound sign (#), exclamation point (!), or semicolon (;) characters as comment lines — even if the preceding line has a trailing backslash (\), which means the line is being continued. Consequently, you must be careful when working with long options (particularly delivery options) containing these characters.

There is a workaround for delivery options in which a natural layout could lead to continuation lines starting with a # or !.

In delivery options, Messaging Server ignores spaces following the commas that separate individual delivery option types.

For example, instead of:


You can workaround the problem by adding spaces as follows:


DOMAIN_UPLEVEL has been modified. (no bugid)

The DOMAIN_UPLEVEL default value has changed from 1 to 0.

The following characters cannot be used in the User ID: $ ~ = # * + % ! @ , { } ( ) /  < > ; : " ‘ [ ] & ? (no bugid)

This constraint is enforced by MTA when operating in direct LDAP mode. Allowing these characters in the User ID can cause problems in the message store. If you want to change the list of characters forbidden by the MTA, set the following option by listing a comma-separated string of the characters’ ASCII values:


in the msg_svr_base/config/options.dat file. Note that you are strongly advised against relaxing this constraint.

NFS is not supported for mail stores. (no bugid)

NFS is not supported for several reasons, including: open with O_EXCL is non-atomic. This technique is used for synchronizing deferred handling between various threads.

When using the MTA direct LDAP operation, you should run the imsimta restart command to immediately implement newly modified alias cache sizes or timeout values, or to immediately clear the alias cache. (no bugid)

If the name service cache daemon (nscd) is not running in a Solaris operating environment, the services can fail. (4353836)

This is a known Solaris bug. To avoid this problem, be sure to run the nscd(1M) service. In addition, you must enable the cache for host lookups or the mshttpd service will not work.

If you enable Sun Cluster 3.0 Update 3, you may encounter a harmless error message. (4490877)

The following harmless error message appears in the Sun Cluster console and also in /var/adm/messages, when starting High Availability (HA) services or when switching HA services from one node to another:

Cluster.PMF.pmfd: Error opening procfs control file </proc/20700/ctl> for tag <falcon,habanero_msg,4.svc>: No such file or directory

The ldapsearch command fails in the ko locale on Solaris platforms. (4533913)

The Messaging Server installation fails if it is installed in the ko locale as a result of this problem.

This problem no longer occurs with Sun ONE Directory Server 5.2. However, if you are using earlier versions of Directory Server, run on Directory Server, using the default C locale instead of the ko locale.

Alternatively, you can install Messaging Server using another Korean locale, such as ko_KR.EUC, ko.UTF-8, or ko_KR.UTF-8.

LDAP search performance is slightly impacted by ACIs in Directory Server version 5.x. (4534356)

This issue affects many searches performed by Messaging Server. For faster searches, use directory manager credentials with the following commands to access the directory:

msg_svr_base/sbin/configutil -o local.ugldapbinddn -v "rootdn" -l
msg_svr_base/sbin/configutil -o local.ugldapbindcred -v "rootdn_passwd" -l

where rootdn and rootdn_passwd are the credentials of Directory Server’s administrator.

The MMP BadGuy configuration parameter, BGExcluded, does not work. (4538273)

Deploy separate MMP servers to handle the clients that are excluded from bad guy rules. These servers must have BadGuy turned off.

To take effect, changes made using configutil often require a restart of the affected server or servers. (4538366)

Admin Server access control host names are case-sensitive. (4541448)

When you configure “Host Names to allow” for the Admin Server, the access control list is case-sensitive. If the DNS server uses mixed-case host names in the IN-ADDR records (used when translating from an IP address to a domain name), the access control list must use the same case. For example, if your host is test.Sesta.Com, then the access control list must include *.Sesta.Com. Due to this bug, * will not suffice.

For example, if the user/group base suffix is o=isp, then the DN of the service administrator group is cn=Service Administrators,ou=groups,o=isp. To designate the account uid=ofanning,, o=isp as a service administrator, you should add the account’s DN to the group. In the following modify record, the designated user is added as a group member in the LDIF:

dn: cn=Service Administrators,ou=groups,o=isp
changetype: modify
add: uniquemember
uniquemember: uid=ofanning,, o=isp

Furthermore, for users to have service administrator privileges, the attribute memberof must be added to the user entry and set to the Service Administrator Group, for example:

dn: uid=ofanning,, o=isp
changetype: modify
add: memberof
memberof: cn=Service Administrators, ou=groups, o=isp

If you use Microsoft Outlook Express as your IMAP mail client, the read and unread flags might not work properly. This is a known problem with the Microsoft Outlook Express client. (4543930)

To enable the workaround, set the following configuration variable:

configutil -o local.imap.immediateflagupdate -v yes

If, while using the workaround, you experience performance issues, it is recommended that you discontinue using the workaround.

Connections aborted with TCP_IOC_ABORT_CONN in syslog. (4616287)

If a failover occurs for an HA configuration running Sun Cluster 3.1 on the Solaris 8 U7 or Solaris 9 Operating System and active TCP connections are aborted with the TCP_IOC_ABORT_CONN ioctl, messages such as the following are logged on the console and to system logs.

Jul 24 16:41:15 shemp ip: TCP_IOC_ABORT_CONN: local =,
remote =, start = -2, end = 6
Jul 24 16:41:15 shemp ip: TCP_IOC_ABORT_CONN: aborted 0 connection

These messages are informational only and should not show up in non-debug mode.

Access control filters do not work if the short form domain in used in the /etc/hosts file. (4629001)

If there is a short form version of a domain name in the /etc/hosts file, there will be problems if you use a host name in an access control filter. When the IP address lookup returns a short form version of the domain name, the match will fail. Therefore, you should make sure you use a fully qualified domain name in the /etc/hosts file.

MoveUser utility does not work on a mailbox that contains over 25,000 subfolders. (4737262)

It has been reported that the MoveUser utility stops when attempting to move a user’s account that has a mailbox containing over 25,000 subfolders.

Messenger Express Multiplexor (MEM) does not have a configuration option to make use of the OS resolver as well as NSCD. (4823042)

Configure system as a caching-only DNS server in order to gain the benefit of caching MX and A records.

If indirect dependencies already exist between Sun Cluster resources, scds_hasp_check() may prevent HAStoragePlus from being supported with those existing configurations. (4827911)

This behavior is observed in Sun Cluster 3.0 Update 3.

Create a weak dependency for the existing resources on the HAStoragePlus resource.

Searching for a home phone number does not work in the Personal Address Book. (4877800)

A Personal Address Book search based on “Phone #” searches for the work phone number attribute only. You cannot use “Phone #” to search for home or mobile phone numbers.

New autoreply function has limitations with language tags. (4896231 and 4898193)

If you are using Delegated Administrator and Sun ONE LDAP Schema v1, and you need to enable multi-language support when provisioning vacation messages, use the old autoreply channel described in the iPlanet Messaging Server 5.2 Administrator’s Guide.

The XSTA, XADR commands are enabled by default. (4910371)

After installation, the SMTP extension commands XSTA and XADR are enabled by default, which may enable remote and local users to retrieve sensitive information.

Add the following lines to the imta/config/tcp_local_options file (create this file if necessary) to disable the XSTA and XADR commands:


Selecting MS in Admin Console displays “ERR cannot setuid or setgid.” (4916259)

The Messaging Server console will not start and an ERR cannot setuid or setgid error message will result if you run the Admin Server as a user other than root.

You must install and run the Admin Server as root.

If Admin Server is already installed, change the User parameter in admin-serv/config/magnus.conf and change the ownership of admin-serv/tmp.

imsimta start doesn’t start disp and job controller. (4916996)

The imsimta start, imsimta restart, and imsimta refresh commands work only when the watcher process is running.


New start-msg and stop-msg commands have replaced imsimta start and imsimta stop, which are deprecated and will be removed in a future release.

For more information about the start-msg and stop-msg commands, refer to the Sun ONE Messaging Server Administrator’s Guide.

New Watcher log file not managed by the logging system—no rollover or purging. (4929765)

A new Watcher log file is available in default_log_path/watcher. This log file is not managed by the logging system (no rollover or purging).

Webmail’s default behavior for Arabic/Hebrew users has changed since version 5.2. (4933096)

When you log in as a user with preferredlanguage=ar, the user interface displays left-to-right instead of right-to-left.


  1. Create a /var/msg_svr_base/config/html/ar directory by copying /var/msg_svr_base/config/html/en.
  2. Edit /var/msg_svr_base/config/html/ar/i18n.js to include
  3. i18n[’dir’] = ’rtl’ (just above i18n[’fontface’] = ’PrimaSans BT,Verdana,sans-serif’)

User create -c option creates an invalid calendar identifier. (4937705)

When you use the -S cal option the -c suboption becomes available, which is the calendar identifier. Specifying commadmin .... -d -l test1 -S cal -c defaultCalendar results in the following entry:

icscalendar: defaultCalendar

However, the entry should be:


Do not use the -c option when creating a user.

Manage Certificate wizard not creating Secure Sockets Layer (SSL) certifications under Messaging Server/Configuration. (4939810)

When you use the Manage Certificate option (Admin Server->Messaging Server->
Configuration->Manage Certificate) to create an SSL certification request, the Manage Certificate wizard should create a certificate and key database in the Messaging_Server_Base/config area and not in the Directory_Server_Root/alias area. In addition, the file prefixes should change from the msg-config value (msg-config-cert7.db and msg-config-key3.db) to NULL (cert7.db and key3.db).


Korean PAB text corrupt in Internet Explorer 6.0 when auto-select encoding is enabled. (4951813)

Using Internet Explorer 6.0, if you create a user with preferredlanguage=ko, select View ->
Encoding -> Auto-Select, and log into Webmail as the ko user, when you open the Addresses page the text display will be corrupted.

Disable Auto-Select and reopen the Addresses page. The text will display appropriately.


Chinese and Japanese localization’s behave properly with Auto-Select enabled.

Output from return_debug=1 missing. (4957856)

In previous releases, the output from return_debug=1 was logged to job_controller.log.
In Messaging Server 6.0, the scheduler program runs the return job, but does not send the output to any log file.

LMTP does not work with conversions. (4963632)

You must not perform conversions on relays before LMTP delivery. If conversions are required, use SMTP delivery to the backend store.

Add an entry to the CONVERSIONS mapping so conversions are not performed if out-chan=tcp_lmtpcs. For example:


   IN-CHAN=*;OUT-CHAN=tcp_lmtpcs;CONVERT No

imsimata cache -walk -debug=15 issues an error message. (4964696)

The imsimata cache -walk -debug=15 command works as intended, but issues an “Unknown command specified” error message.

Will not see channel is stopped if jobc was recently started. (4965338)

In Messaging Server 5.2, if you issued a #imsimta qm summarize command you could view the channels that had been stopped with the imsimta qm stop <chan> command.

This behavior changed in 6.0. If you have not used a channel yet, you will not get the 0 lines and you will not see the stopped channels. Messages could be logged without you being aware of it.

Correct certmap.conf file content required for client-based SSL. (4967344)

The certmap.conf configuration file specifies how to map a certificate to an entry in the LDAP directory. By default, the certificate subject (with two lines commented out) contains the exact DN of the LDAP directory entry.

However, a very common alternative behavior is to extract a particular attribute from the subject of the certificate and to search the directory for that attribute.

To achieve this alternative behavior, change:

certmap default default
#default:FilterComps e, uid


certmap default default
default:FilterComps e


For a complete description of certmap.conf, please refer to the Sun ONE Server Console 5.2 Server Management Guide.

Messenger Express Problems

This section describes known issues in the Messenger Express product.

With Directory Server 5.1 or later, you will not be able to enter multiple email IDs for a single contact in the Personal Address Book. (4633171)

Note that Directory Server is exhibiting correct behavior. Due to a bug in Netscape Directory Server 4.x, you are able to enter multiple email IDs.

If you create groups within an existing group, you may encounter the following error: pab::PAB_ModifyAttribute: ldap error (No Such object). (4883651)

Feature removed from the Advanced Mail Filter Conditions window. (4908625)

The ability to specify a time frame for your filters has been removed from the Advanced Mail Filter Conditions window (of the Mail Filters user interface) for the Messaging Server 6.0 Patch 1 release. The feature was removed because the underlying support is not available.

User Management Utility

This section describes known issues in User Management Utility for Sun ONE Messaging and Collaboration.

User create -c option creates an invalid calendar identifier. (4937705)

When you use the -S cal option the -c suboption becomes available, which is the calendar identifier. Specifying commadmin .... -d -l test1 -S cal -c defaultCalendar results in the following entry:

icscalendar: defaultCalendar

However, the entry should be:


Do not use the -c option when creating a user.

Cannot modify non-ASCII groups. (4934768)

If a group is created with a group name that contains non-ASCII characters, it cannot be modified with the commadmin group modify command.

For example, if a group with the non-ASCII characters XYZ is specified with the -G option in the commadmin group create command, an email address of XYZ is automatically added to the group’s LDAP entry. Since non-ASCII characters are not allowed in email addresses, modifying the group with commadmin group modfiy fails.

Use the -E email option when creating a group. This option will specify the group’s email address. For example: commadmin group create -D admin -w password -d -G XYZ -S mail \ -E

Creating a group with multiple -f options adds only one attribute. (4931958)

If you specify multiple -f options for creating dynamic groups in the commadmin group create command, only the value specified with the last -f option is added to the LDAP entry. The other values are not added.

Do not specify the -f option multiple times when using the commadmin group create command.

Group’s email address is not validated against the domain in which group is created. (4931802)

When creating a group with the commadmin group create command, the group’s email address (specified with the -E option) is not validated against the domain of the group (specified with the -d option).

Verify that value specified with the -E option is a valid email address for the group’s domain.

mgrpModerator attribute is not set correctly by commadmin group create -r command. (4931765)

Specifying the -r option for the commadmin group create command should create a moderator for the group. The -r option requires the moderator’s email address. When this option is specified, the mgrpModerator attribute is not correctly set. For example, if the option is specified as -r moderator, the mgrpModerator attribute should be set to where is the default domain. However, in this case, the mgrpModerator attribute is set only to moderator.

Verify that the value entered with the -r option is a complete email address, for example -r

Need to specify -M with -S option for commadmin group create. (4930618)

For the commadmin group create and commadmin group modify commands, the -M option must be specified with the -S option.

Localization Issues

The following items are not necessarily il8n or l10n specific.

(i18n) Intermittent Javascript errors may be seen in Japanese Webmail (Internet Explorer 6 only) when proxy server is used. (4925995)

Enable or disable “auto-detection” option in Internet Explorer’s encoding menu. Use direct connection or switch to different proxy server.

(i18n) Webmail composer sometimes folds Japanese sentences that contain certain characters. (4923143)

No workaround exists.

(i18n/l10n) Localized Webmail does not merge some of the folders created by Outlook Express. (4653960)

It is sometimes desired that default “Sent” folder in Webmail can be replaced with “Sent Items” folder created by Outlook Express, hence all the messages sent by both client is copied to “Sent Items” folder. This operation is difficult, particularly in Japanese.

Workaround (in two parts):

  1. Edit Japanese i18n.js to match Outlook Express’ “Sent Items” translation
  2. i18n[’sent folder IE’] = ’soushinzumiaitemu’
    fldr[’Sent Items’] = ’soushinzumiaitemu’

  3. End users must log onto Messaging Server using Outlook Express first.

How to Report Problems and Provide Feedback

If you have problems with Messaging Server, contact Sun customer support using one of the following mechanisms:

So that we can best assist you in resolving problems, please have the following information available when you contact support:

You might also find it useful to subscribe to the following interest group, where Messaging Server topics are discussed:

Sun Welcomes Your Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions. Email your comments to Sun at this address:

Please include the part number (817-5035-11) of the document in the subject line and the book title (Sun ONE Messaging Server 6.0 Release Notes) in the body of your email.

Additional Sun Resources

Useful Sun ONE information can be found at the following Internet locations:

Copyright � 2004 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun logo, Solaris, Java and the Java Coffee Cup logo are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. Use of Messaging Server is subject to the terms described in the license agreement accompanying it.

This product includes software developed by Computing Services at Carnegie Mellon University (