Chapter 5   Messaging Multiplexor


This chapter provides concepts about iPlanet Messaging Multiplexor. This chapter contains the following sections:

• About Messaging Multiplexor

• Configuring Multiplexor

• Starting Multiplexor

• A Sample Topology

For information about installing Multiplexor, see the Messaging Server Installation Guide. For details about Multiplexor configuration parameters, see the Messaging Server Reference Manual.

About Messaging Multiplexor

---

The iPlanet Messaging Multiplexor (MMP) is a specialized messaging server that acts as a single point of connection to multiple messaging servers. With the Multiplexor, large-scale messaging-service providers can distribute POP and IMAP user mailboxes across many machines to increase messaging capacity. All users connect to the single Multiplexor server, which redirects each connection to the appropriate messaging server.

If you provide electronic mail service to many users, you can install and configure the MMP so that an entire array of messaging servers will appear to your mail users to be a single host.

The Messaging Multiplexor is provided as part of iPlanet Messaging Server. You can install the MMP at the same time you install the Messaging Server or other iPlanet servers, or you can install the MMP separately at a later time.

The MMP supports:

• Both unencrypted and encrypted (SSL) communications with mail clients.

• Client certificate-based authentication, described in Certificate-Based Client Authentication.

• User pre-authentication, described in User Pre-Authentication.

• Virtual domains that listen on different IP addresses and automatically append domain names to user IDs, described in Virtual Domains.

• Multiple installations of the MMP on different machines (one installation per machine). See the Messaging Server Installation Guide.

• Multiple instances of Multiplexor on a server machine, described in Multiple Multiplexor Instances. Multiple instances can be used for alternate configurations such as SSL or the listen port that cannot be handled through virtual domains.

• Enhanced LDAP searching.

Multiplexor Benefits

Message stores on heavily used messaging servers can grow quite large. Spreading user mailboxes and user connections across multiple servers can therefore improve capacity and performance. In addition, it may be more cost-effective to use several small server machines than one large, high-capacity, multiprocessor machine.

If the size of your mail-server installation requires the use of multiple messaging servers, your organization can benefit in several ways from using the MMP. The indirect connection between users and their message stores, coupled with the ease of reconfiguration of user accounts among messaging servers allows for the following benefits:

• Simplified User Management

  Because all users connect to one server (or two, if you have separate Multiplexors for POP and IMAP), you can preconfigure email clients and distribute uniform login information to all users. This simplifies your administrative tasks and reduces the possibility of distributing erroneous login information.

  For especially high-load situations, you can run multiple Multiplexor servers and manage connections to them by DNS round robin or by using a load-balancing program, such as LocalDirector from Cisco Systems.

  Because the MMP uses information stored in the LDAP directory to locate each user's Messaging Server, moving a user to a new server is simple for the system administrator and transparent to the user. The administrator can move a user's mailbox from one Messaging Server to another, and then update the user's entry in the LDAP directory. The user's mail address, mailbox access, and other client preferences need not change.

• Improved Performance

  If a message store grows prohibitively large for a single machine, you can balance the load by moving some of the message store to another machine.

  You can assign different classes of users to different machines. For example, you can choose to locate premium users on a larger and more powerful machine.

  The MMP performs some buffering so that slow client connections (through a modem, for example) do not slow down the Messaging Server.

• Decreased Cost

  Because you can efficiently manage multiple Messaging Servers with the MMP, you can decrease overall costs by purchasing several small server machines that together cost less than one very large machine.

• Better Scalability

  With the MMP, your configuration can expand easily. You can incrementally add machines as your performance or storage-capacity needs grow, without replacing your existing investment.

• Minimum User Downtime

  Using the MMP to spread a large user base over many small store machines isolates user downtime. When an individual server fails, only its users are affected.

• Increased Security

  You can use the server machine on which the MMP is installed as a firewall machine. By routing all client connections through this machine, you can restrict access to the internal message store machines by outside computers. The MMP supports both unencrypted and encrypted communications with clients.

How Multiplexor Works

The iPlanet MMP is a multithreaded server that facilitates distributing mail users across multiple server machines. the MMP handles incoming client connections destined for other server machines (the machines on which user mailboxes reside). Clients connect to the MMP itself, which then redirects the session to the server with the correct mailbox. This capability allows Internet service providers and other large installations to spread message stores across multiple machines (to increase capacity) while providing the appearance of a single mail host for users (to increase efficiency) and for external clients (to increase security).

Figure 5-1 shows how servers and clients relate to each other in an MMP installation.

Figure 5-1    Clients and Servers in an MMP Installation

All POP and IMAP clients work with the Messaging Multiplexor. The MMP accepts connections, performs LDAP directory lookups, and routes the connections appropriately. As is typical with other mail server installations, each user is assigned a specific address and mailbox on a specific Messaging Server. However, all connections are routed through the MMP.

In more detail, these are the steps involved in establishing a user connection:

1. A user's client connects to the MMP, which accepts preliminary authentication information (user name).

2. The MMP queries the Directory Server to determine which Messaging Server contains that user's mailbox.

3. The MMP connects to the proper Messaging Server, replays authentication, then acts as a pass-through pipe for the duration of the connection.

Encryption (SSL) Option

The iPlanet Messaging Multiplexor supports both unencrypted and encrypted (SSL) communications between the Messaging Server(s) and their mail clients.

In SSL mode, the MMP listens by default on port 993. When SSL is enabled, the MMP IMAP supports STARTTLS and the MMP can also be configured to listen on additional ports for SSL IMAP and POP connections.

To enable SSL encryption for your IMAP and POP services, edit the ImapProxyAService.cfg and PopProxyAService.cfg files, respectively. You must also edit the default:ServiceList option in the AService.cfg file to include the list of all IMAP and POP server ports regardless of whether or not they are secure.

By default, SSL is not enabled since the SSL configuration parameters are commented out. To enable SSL, you must un-comment and set the SSL parameters. For a list of the SSL parameters, see the Messaging Server Reference Manual.

Certificate-Based Client Authentication

The MMP can use certmap to match a client's certificate to the correct user in the Users/Groups Directory Server.

In order to use certificate-based client authentication, you must also enable SSL encryption as described in Encryption (SSL) Option.

You also have to configure a store administrator. You can use the mail administrator, but it is recommended that you create a unique user ID, such as mmpstore for this purpose so that you can set permissions as needed.

Note that the MMP does not support certmap plug-ins. Instead, the MMP accepts enhanced DNComps and FilterComps property value entries in the certmap.conf file. These enhanced format entries use the form:

mapname:DNComps FROMATTR=TOATTR
mapname:FilterComps FROMATTR=TOATTR

So that a FROMATTR value in a certificate's subjectDN can be used to form an LDAP query with the TOATTR=value element. For example, a certificate with a subjectDN of "cn=Pilar Lorca, ou=pilar o=siroe.com" could be mapped to an LDAP query of "(uid=pilar)" with the line:

mapname:FilterComps ou=uid

To enable certificate-based authentication for your IMAP service:

1. Decide on the user ID you intend to use as store administrator.

   While you can use the mail administrator for this purpose, it is recommended that you create a unique user ID for store administrator (for example, mmpstore).

2. Make sure that SSL encryption is (or will be) enabled as described in Encryption (SSL) Option.

3. Configure the MMP to use certificate-based client authentication by specifying the location of the certmap.conf file in your configuration files.

User Pre-Authentication

The MMP provides you with the option of pre-authenticating users by binding to the directory as the incoming user and logging the result.

---

Note	Enabling user pre-authentication will reduce server performance

---

The log entries are in the format:

date time (sid 0x%p) user name pre-authenticated - client IP address

Where date is in the format yyyymmdd, time is in the format hhmmss, sid is the session object, the user name includes the virtual domain (if any), and the IP address is in dot-quad format.

Virtual Domains

Virtual domains listen on different IP addresses and automatically append domain names to user IDs. They can also be used to specify alternate configurations.

The MMP can map IP addresses to domain names for searching an LDAP directory and for logging in to the store server. When a connection is accepted from a client, if the server's IP address is in the virtual domain mapping file, the domain is appended to the user ID and used for the LDAP search and for subsequent replay of authentication. This capability is useful for hosting multiple domains with overlapping user ID name spaces.

To enable virtual domains, edit the ImapProxyAService.cfg and/or PopProxyAService.cfg file(s) in the instance directory to point to the virtual domain mapping file.

Each entry of a virtual domain file has the following syntax:

vdmap name IPaddr
name:parameter value

Where name is whatever name you choose to use, IPaddr is in dot-quad format, and parameter and value pairs configure the virtual domain. When set, virtual domain configuration parameter values override global configuration parameter values.

Listed below are the configuration parameters you can specify for a virtual domain:

AuthCacheSize and AuthCacheSizeTTL
AuthService
BindDN and BindPass
CanonicalVirtual
CertMap
CRAMs
DomainDelim
HostedDomains
LdapCacheSize and LdapCacheTTL
LdapURL
MailHostAttrs
PreAuth
ReplayFormat
StoreAdmin and StoreAdminPass
SearchFormat
TCPAccess
VDomain

For detailed descriptions of these configuration parameters, see the Messaging Server Reference Manual.

Multiple Multiplexor Instances

You can create multiple instances of the MMP, all of which must be on the same server. In other words, you can have multiple installations of the MMP on different servers, and on any given machine you can have multiple instances.

Using multiple instances of the MMP allows you to create alternate configurations, such as SSL or the listen port, that cannot be handled through virtual domains.

You can configure a single instance of the MMP to support both POP and IMAP protocols (as shown in Figure 5-1), or you can create separate MMP instances for each protocol, as shown in Figure 5-2. By splitting messaging services across different machines, you can tune the resources on each computer for maximum performance.

Figure 5-2    Separate MMP Instances for Each Protocol

For instructions on creating multiple instances of the MMP, see the Messaging Server Installation Guide.

Configuring Multiplexor

---

To configure the Multiplexor, you must manually edit the configuration parameters in the Multiplexor configuration files listed in Table 5-1.

Table 5-1 Messaging Multiplexor Configuration Files 

File	Description
PopProxyAService.cfg	Configuration file specifying environment variables used for POP services.
ImapProxyAService.cfg	Configuration file specifying environment variables used for IMAP services.
AService.cfg	Configuration file specifying which services to start and a few options shared by both POP and IMAP services.

The Multiplexor configuration files are stored in the server-root/mmp-hostname directory, where server-root is the directory where you installed the Messaging Server and mmp-hostname is the subdirectory named after the MMP instance. For example, if you installed the MMP on a machine named tarpit and accepted the default installation location, the configuration files would be located in /usr/iplanet/server5/mmp-tarpit.

As an example, the LogDir and LogLevel parameters can be found in all three configuration files. In ImapProxyAService.cfg, they are used to specify logging parameters for IMAP-related events; similarly, these parameters in PopProxyAService.cfg are used to configure logging parameters for POP-related events. In AService.cfg, however, LogDir and LogLevel are used for logging MMP-wide failures, such as the failure to start a POP or IMAP service.

For a complete description of all MMP configuration parameters, see the Messaging Server Reference Manual.

Starting Multiplexor

---

To start an instance of the Messaging Multiplexor, run the AService.rc script in the server-root/mmp-hostname directory as follows:

./AService.rc [options]

Optional parameters for the AService.rc script are described in Table 5-2.

Table 5-2 Optional Parameters for the AService.rc Script

Option	Description
start	Start the MMP (even if one is already running).
stop	Stop the most recently started MMP.
restart	Stop the most recently started MMP, then start an MMP.
reload	Causes an MMP that is already running to reload its configuration without disrupting any active connections.

A Sample Topology

---

The fictional Siroe Corporation has two Multiplexors on separate machines, each supporting several Messaging Servers. POP and IMAP user mailboxes are split across the Messaging Server machines, with each server dedicated exclusively to POP or exclusively to IMAP. (You can restrict client access to POP services alone by removing the IMAP-server binary; likewise, you can restrict client access to IMAP services alone by removing the POP-server binary.) Each Multiplexor also supports only POP or only IMAP. The LDAP directory service is on a separate, dedicated machine.

This topology is illustrated below in Figure 5-3.

Figure 5-3    Multiple MMPs Supporting Multiple Messaging Servers

IMAP Configuration Example

The IMAP Multiplexor in Figure 5-3 is installed on sandpit, a machine with two processors. This Multiplexor is listening to the standard port for IMAP connections (143). Multiplexor communicates with the LDAP server on the host phonebook for user mailbox information, and it routes the connection to the appropriate IMAP server. It overrides the IMAP capability string, provides a virtual domain file, and supports SSL communications.

This is its ImapProxyAService.cfg configuration file:

default:LdapUrl             ldap://phonebook/o=Siroe.com default:LogDir              /usr/iplanet/server5/mmp-sandpit/log default:LogLevel            5 default:BindDN              "cn=Directory Manager" default:BindPass            secret default:BacksidePort        143 default:Timeout             1800 default:Capability          "IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS CHILDREN LANGUAGE XSENDER X-NETSCAPE XSERVERINFO AUTH=PLAIN" default:SearchFormat        (uid=%s) default:SSLEnable           yes default:SSLPorts            993 default:SSLSecmodFile       /usr/iplanet/server5/mmp-sandpit/secmod.db default:SSLCertFile         /usr/iplanet/server5/mmp-sandpit/cert7.db default:SSLKeyFile          /usr/iplanet/server5/mmp-sandpit/key3.db default:SSLKeyPasswdFile    "" default:SSLCipherSpecs      all default:SSLCertNicknames    Siroe.com Server-Cert default:SSLCacheDir         /usr/iplanet/server5/mmp-sandpit default:SSLBacksidePort     993 default:VirtualDomainFile   /usr/iplanet/server5/mmp-sandpit/vdmap.cfg default:VirtualDomainDelim  @ default:ServerDownAlert     "your IMAP server appears to be temporarily out of service" default:MailHostAttrs       mailHost default:PreAuth             no default:CRAMs               no default:AuthCacheSize       10000 default:AuthCacheTTL        900 default:AuthService         no default:AuthServiceTTL      0 default:BGMax               10000 default:BGPenalty           2 default:BGMaxBadness        60 default:BGDecay             900 default:BGLinear            no default:BGExcluded          /usr/iplanet/server5/mmp-sandpit/bgexcl.cfg default:ConnLimits          0.0.0.0|0.0.0.0:20 default:LdapCacheSize       10000 default:LdapCacheTTL        900 default:HostedDomains       yes default:DefaultDomain       Siroe.com

POP Configuration Example

The POP Multiplexor example in Figure 5-3 is installed on tarpit, a machine with four processors. This Multiplexor is listening to the standard port for POP connections (110). Multiplexor communicates with the LDAP server on the host phonebook for user mailbox information, and it routes the connection to the appropriate POP server. It also provides a spoof message file.

This is its PopProxyAService.cfg configuration file:

default:LdapUrl             ldap://phonebook/o=Siroe.com default:LogDir              /usr/iplanet/server5/mmp-tarpit/log default:LogLevel            5 default:BindDN              "cn=Directory Manager" default:BindPass            password default:BacksidePort        110 default:Timeout             1800 default:Capability          "IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS CHILDREN LANGUAGE XSENDER X-NETSCAPE XSERVERINFO AUTH=PLAIN" default:SearchFormat        (uid=%s) default:SSLEnable           no default:VirtualDomainFile   /usr/iplanet/server5/mmp-tarpit/vdmap.cfg default:VirtualDomainDelim  @ default:MailHostAttrs       mailHost default:PreAuth             no default:CRAMs               no default:AuthCacheSize       10000 default:AuthCacheTTL        900 default:AuthService         no default:AuthServiceTTL      0 default:BGMax               10000 default:BGPenalty           2 default:BGMaxBadness        60 default:BGDecay             900 default:BGLinear            no default:BGExcluded          /usr/iplanet/server5/mmp-tarpit/bgexcl.cfg default:ConnLimits          0.0.0.0|0.0.0.0:20 default:LdapCacheSize       10000 default:LdapCacheTTL        900 default:HostedDomains       yes default:DefaultDomain       Siroe.com