Sun Internet Mail ServerTM 3.5 Product Update |
This product update reflects changes made to the SIMS 3.5 release introduced by the -10 revision of the SIMS product patch (106514-10 for SPARC and 106515-10 for Intel). The product update notes cover Installation, Software, and Localization bugs.The patch update process is outlined as follows:
|
|
Read through this Product Update |
|
|
Obtain the software patches from SunSolve. |
|
|
Remove any previously installed SIMS patches. |
|
|
Install the new software patch on the system running SIMS 3.5. |
Items in bold indicate items new for this Product Update. Items covered in this product update are cumulative from the initial release of SIMS 3.5.
Note - This patch is incompatible with the Solaris 2.6 /usr/bin/sendmail patch (105395/105396) and the Solaris 7 /usr/bin/sendmail patch (107684/107685).This means that all versions of the Sendmail patch must be removed. The patches must be removed in reverse order.
Before the -10 revision of the SIMS patch (106514-10 for SPARC/106515-10 for Intel) will install correctly, you may need to remove previously installed SIMS patches. Please review Table 1 for the required action.
The patches must be removed in reverse order. To remove them, first become the superuser, then individually remove the appropriate patches as follows:
| 1. | Change directories to the /var/sadm/patch directory. |
| 2. | Become root (su). |
| 3. | Type the following: |
<patch#>/backoutpatch <patch#>
where <patch#> is the patch you are removing.
| 1. | Become root (su). |
| 2. | Type the following: |
/usr/sbin/patchrm <patch#>
where <patch#> is the ID of the patch you are removing.
This section describes the software updates that enable you to run Sun Internet Mail ServerTM 3.5 on the SolarisTM 7 Operating Environment.
|
|
SIMS 3.5 is supported only for 32-bit Solaris 7 SPARC and Intel platform editions at this time. If you have a SPARC system that is configured to run the 64-bit kernel, then you must reboot the system in 32-bit mode as follows: |
| # boot kernel/unix 32 |
| For additional information, see the boot(1M) man page. This change can also be made permanently, either during the OS installation or by making the change in the OpenBoot PROM. |
| For the Intel platform, 32-bit is the only available mode for the Solaris 7 Operating Environment. |
|
|
Sun WebServerTM 1.0, which is included on the SIMS 3.5 CD, is supported only as the embedded web server for the SIMS 3.5 Administration Console. Customers may only use Sun WebServer in support of its intended usage with Sun Internet Mail Server and not on a standalone basis. |
|
|
Customers may not use the installed SunTM Directory Services 1.0 component on a stand-alone basis, or link with other applications or clients which do not support SIMS and its intended usage as a messaging product without first obtaining a separate and additional SunDS license. |
|
|
The Veritas Filesystem, VxFS 3.2.5, that is recommended for use with SIMS 3.5 is currently not available on Solaris 7 SPARC or Intel platform editions. VxFS 3.3.3 is available for use with the Solaris 7 Operating Environment. |
|
|
The High Availability option for SIMS 3.5, SunTM Cluster 2.1, will not be available on Solaris 7 SPARC or Intel platform editions. |
|
|
These patches will work on a SIMS 3.5 system running the Solaris 2.5.1 or 2.6 Operating Environment. |
The following software and patches are required for this software update:
|
|
The Solaris 7 Operating Environment must be installed on the target system |
|
|
Sun Internet Mail Server (SIMS) 3.5 must be installed on the target system |
|
|
The following software patches: |
|
|
SIMS-10-- 106514-10 for SPARC and 106515-10 for Intel. This contains many fixes for SIMS 3.5. |
|
|
SKI/SSL-01-- patches 107386-01 for SPARC and 107387-01 for Intel. This enables the SKI/SSL security functionality to work on Solaris 7. |
|
|
SIMS CLI--patches 107182-01 for SPARC and 107183-01 for Intel. This contains the administrative command-line utilities for SIMS 3.5. |
If you purchased SIMS 3.5 with the optional Sun Messaging Connectivity Services (SMCS) software, you will also need the SMCS patch, patches 107352-01 for SPARC and 107353-01 for Intel. This enables SMCS to work on Solaris 7.
If you are using SunCluster 2.1, we recommend that you install the latest version of the SunCluster patches, which include 105458 and 105459.
If you are running VxFS, use version 3.2.5 at minimum. You can find this version at http://sunsolve2.sun.com/beta/vxfs. If your mail server is running the Solaris 7 Operating Environment, use VxFS 3.3.3.
If you have installed the SIMS patch (106514 all versions for SPARC/106515 all versions for Intel), then you installed software from the SIMS 3.5 CD, you will need to reinstall the SIMS patch. The SIMS 3.5 CD software installation removed the SIMS patch and installed the -01 version.
SunDS 1.0 patch 10 (105266-10/105272-10) fixes a number of bugs. This patch has been tested with SIMS 3.5. Refer to the SunDS 1.0 patch README for a listing of the bug fixes.
Refer to the SIMS 3.5 patch README file for instructions on upgrading from the SIMS 3.5 Beta release to the FCS release.
If you install Solstice Backup (Legato Networker 5.0) after you install SIMS, you need to manually create the following symbolic link: /usr/lib/nsr/imsasm -> /opt/SUNWmail/ims/lib/imsasm. As root, type the following command:
# ln -s /opt/SUNmail/ims/lib/imsasm usr/lib/nsr/imsasm
If you install with the shared volume being named one of the SIMS directories, install will fail. You need to rename your shared volume a name that is not one of the SIMS directories. The shared volume cannot be one of the following paths:
/etc/opt/SUNWmail
/opt/SUNWmail
/var/opt/SUNWmail
/etc/opt/SUNWconn
/opt/SUNWconn
/var/opt/SUNWconn
In a SIMS installation, there are three places where license files are stored for use by SIMS.
|
|
The license server uses the file /etc/opt/licenses/licenses_combined |
|
|
The SIMS product (the license server's client) uses files in the directory '/etc/opt/SUNWmail/license_dir'. These files carry names in the format, 'sims.lic,X' where 'X' is a number generally between 1 and 9. |
|
|
The Sun Directory Services product (also a license server client) uses files in the directory '/opt/SUNWconn/license_dir'. These files carry names in the format, 'slapd1.0.lic,X' where 'X' is a number generally between 1 and 9. |
When SIMS is installed in an HA environment, the packages are installed on a disk partition connected to, and shared by, all nodes in the HA cluster. As part of the SIMS installation process, symlinks are created as shown in the diagram below.
Two problems occur in this process. The first problem is that the license files, which are specific to each node in the cluster, get copied to the shared partition.
After the installation assuming node A is installed first, and node B is installed second, the license files will be in the following places:
|
|
SIMS license for Node A: <shared disk partition>/etc/opt/SUNWmail/license_dir/sims.lic,1 |
|
|
SDS license for Node A: <shared disk partition>/opt/SUNWconn/license_dir/slapd1.0.lic,1 |
|
|
SIMS license for Node B: <Node B>/etc/opt/licenses/sims.lic,1 |
|
|
SDS license for Node B: <shared disk partition>/opt/SUNWconn/license_dir/slapd1.0.lic,2 |
The second problem is that the secondary install process leaves the SIMS license file in an unusable place.
Problems will arise during a failover. When a failover happens, the following license files are always referenced, regardless of which machine is taking over:
|
|
<shared disk>:/etc/opt/SUNWmail/license_dir/sims.lic,1 |
|
|
<shared disk>:/opt/SUNWconn/license_dir/slapd1.0.lic,1 |
Because license fles are tied to the host id of each machine, sims.lic.1 and slapd1.0.lic.1 will not work for the second machine. This is the cause of the failover problem.
| 1. | Create the following directories: |
Node A:
/etc/opt/SUNWmail.local/license_dir/etc/opt/SUNWconn.local/license_dirNode B:
/etc/opt/SUNWmail.local/license_dir/etc/opt/SUNWconn.local/license_dir
| 2. | Copy all four license files from the locations the installer placed them in to the directories created in step 'a'. |
| a. | Move <shared disk>/etc/opt/SUNWmail/license_dir/sims.lic,1 to <Node A>/etc/opt/SUNWmail.local/license_dir |
| b. | Move <shared disk>/opt/SUNWconn/license_dir/slapd1.0.lic,1 to <Node A>/etc/opt/SUNWconn.local/license_dir |
| c. | Move <Node B>/etc/opt/licenses/sims.lic,1 to <Node B>/etc/opt/ SUNWmail.local/license_dir |
| d. | Move <shared disk>/opt/SUNWconn/license_dir/slapd1.0.lic,2 to <Node B>/etc/opt/SUNWconn.local/license_dir |
Note - You also should make sure that the license file contains the correct host name and hostid for the system you are copying it to.
| 3. | Copy the file '/etc/opt/licenses/sims.loc' from Node A to Node B. |
This file is used by '/etc/opt/licenses/lit' to install licenses later on.
| 4. | Create symbolic links on the shared disk |
<shared disk partition>/etc/opt/SUNWmail/license_dir ---> /etc/opt/ SUNWmail.local/license_dir
<shared disk partition>/opt/SUNWconn/license_dir ---> /etc/opt/ SUNWconn.local/license_dir
imaccessd logs many of these error messages in syslog and on the console. This may cause message store failures. To workaround it, you must enable the name service cache daemon (nscd). Refer to the nscd(1M) man page for further information.
Currently, Solstice Backup (Legato Networker 5.0) will not work with the SIMS 3.5 Message Store because it is missing the file nsrfile. If you need an SBU patch, see your Sun Support Engineer who can direct you to the appropriate web location.
|
|
Solstice Backup 5.0.1, patch 106620-01 |
|
|
Solstice Backup 5.1, patch 106637-01 |
|
|
Solstice Backup 5.1.1, patch 107570-01 |
To disable SSL for IMAP and POP, you can add or edit the following line in ims.cnf or in the Message Store Properties page in the Admin Console:
ims-bind-address:*(imaps=0:pop3s=0)
In order for SIMS 3.5/HA to work on hosts with more than one virtual IP address, you must bind the server certificate to the appropriate IP address(es). For each IP address from which this certificate is to be served, perform the following operation:
| 1. | Become root (su). |
| 2. | Type the following: |
skilogin -h -L <ip-address> <inetmail-uid>
Note - The server must have the same host name from each IP address, or the SSL handshake will fail.
Once the SIMS 3.5 patch is installed (revision -02 or later),imaccessd will support multiple LDAP hosts as directory servers. The IMAP/POP server will be able to switch over from an ldap server that is down, or not responding for some other reason, to the next server specified. The following line from an ims.cnf file demonstrates one example of how to specify this:
ims-ldap-server:host1, host2, host3where host1, host2, host3 are each an ldap server.
You may specify a port number to correspond with an ldap server. If no port is specified, the default port of 389 will get used. An example of this is:
ims-ldap-server:host1, host2:port2, host3:port3You must make sure that the slapd on each of these hosts is listening on the specified port. The general format for the ims-ldap-server in ims.cnf is:
ims-ldap-server:<host>[:port] [, <host>[:port] ]*
imdeluser requires IMAP access to the server. If imaccessd is configured to only offer POP services, imdeluser will fail with the message "Connection refused".
To use imdeluser, do not disable the IMAP port. Use a different (non-default) port for the IMAP service instead. Change the IMAP port in /etc/services or whatever is configured for services in nsswitch.conf.
importmbox adds a "DO NOT DELETE" message to /var/mail folders before importing them. So if you access your inbox through a non-SIMS POP or IMAP server after it was imported into SIMS, you will see the message which was intended to be hidden (but it only works for SIMS). If the old server rearranges this message it could even be imported in the store if import is run a second time.
If you are an administrator, import a temporary copy of folders, or switch the user to the message store immediately after import. If you are a user, delete the message.
(Fixed in SIMS patch 106514-04 for SPARC and 106515-04 for Intel) If you have more than one connection to the same mailbox at the same time, the server will not expunge the mailbox until the number of connections is down to one. It marks the deleted messages as expunged and updates the mailbox size, but does not update the user quota.
Run iminitquota to update the quota and expunge the deleted messages.
If you are an administrator, import a temporary copy of folders, or switch the user to the message store immediately after import. If you are a user, delete the message.
The admin console should prevent from creating a userid containing a forward slash (/), or equal to a dot (.) or two dots (..). The message store interprets these as directory hierarchies, and fails when attempting to create the user mailboxes.
The wait state for client-side POP connections being dropped without properly closing the connection was changed from 30 minutes to 10 minutes in patch -04. During this period the client is unable to connect to their inbox.
(Added August 1999) Chinese ISO-2022-CN searches may not work properly with SIMS 3.5 on Solaris 5.6 without patch 106556-01 installed. SIMS 3.5 does not automatically install this.
In the SIMS 3.5 FCS Release Notes, the section title should read "Charsets Supported in IMAP Searches." In Table 2-1, "Charset Names Supported in IMAP Searches," it states that both MIME-preferred and iconv names are accepted. The correct statement is that inconv names cannot be used for IMAP searches.
The CHARSET Shift_Jis is not supported in SIMS searching. A special case was added to the table lookup in patch -02 to solve this problem.
To install the Japanese localized packages for HotJava Browser version 1.1.4, perform the following steps:
# cd /cdrom/sun_internet_mail_3_5/products/sims/Image/{sparc,i386}# pkgadd -d . SUNWjdhjwhere {sparc, i386} are your choices.
The title should read "Reading SJIS, UTF-8 callog with Web Access."
Instructions for configuring Web Access for other languages are located in:
/opt/SUNWwa/doc/enable.I18N.txt