Sun Java System Messaging Server 6.3 Administration Guide

Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A.Part No: 819442815 11 September 2008

Copyright 2008 Sun Microsystems, Inc.

4150 Network Circle, Santa Clara, CA 95054 U.S.A.

All rights reserved.

Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more U.S. patents or pending patent applications in the U.S. and in other countries. U.S. Government Rights Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements. This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, the Solaris logo, the Java Coffee Cup logo, docs.sun.com, Java, and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc. This product includes software developed by Computing Services at Carnegie Mellon University (http://www.cmu.edu/computing). The OPEN LOOK and SunTM Graphical User Interface was developed by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges the pioneering efforts of Xerox in researching and developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to the Xerox Graphical User Interface, which license also covers Sun's licensees who implement OPEN LOOK GUIs and otherwise comply with Sun's written license agreements. Products covered by and information contained in this publication are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries. Nuclear, missile, chemical or biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited. Export or reexport to countries subject to U.S. embargo or to entities identified on U.S. export exclusion lists, including, but not limited to, the denied persons and specially designated nationals lists is strictly prohibited. DOCUMENTATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. Copyright 2008 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, CA 95054 U.S.A. Tous droits rservs.

Sun Microsystems, Inc. dtient les droits de proprit intellectuelle relatifs la technologie incorpore dans le produit qui est dcrit dans ce document. En particulier, et ce sans limitation, ces droits de proprit intellectuelle peuvent inclure un ou plusieurs brevets amricains ou des applications de brevet en attente aux Etats-Unis et dans d'autres pays. Cette distribution peut comprendre des composants dvelopps par des tierces personnes. Certaines composants de ce produit peuvent tre drives du logiciel Berkeley BSD, licencis par l'Universit de Californie. UNIX est une marque dpose aux Etats-Unis et dans d'autres pays; elle est licencie exclusivement par X/Open Company, Ltd. Sun, Sun Microsystems, le logo Sun, le logo Solaris, le logo Java Coffee Cup, docs.sun.com, Java et Solaris sont des marques de fabrique ou des marques dposes de Sun Microsystems, Inc. aux Etats-Unis et dans d'autres pays. Toutes les marques SPARC sont utilises sous licence et sont des marques de fabrique ou des marques dposes de SPARC International, Inc. aux Etats-Unis et dans d'autres pays. Les produits portant les marques SPARC sont bass sur une architecture dveloppe par Sun Microsystems, Inc. Ce produit comprend du logiciel dvelop par Computing Services a Carnegie Mellon University (http://www.cmu.edu/computing). L'interface d'utilisation graphique OPEN LOOK et Sun a t dveloppe par Sun Microsystems, Inc. pour ses utilisateurs et licencis. Sun reconnat les efforts de pionniers de Xerox pour la recherche et le dveloppement du concept des interfaces d'utilisation visuelle ou graphique pour l'industrie de l'informatique. Sun dtient une licence non exclusive de Xerox sur l'interface d'utilisation graphique Xerox, cette licence couvrant galement les licencis de Sun qui mettent en place l'interface d'utilisation graphique OPEN LOOK et qui, en outre, se conforment aux licences crites de Sun. Les produits qui font l'objet de cette publication et les informations qu'il contient sont rgis par la legislation amricaine en matire de contrle des exportations et peuvent tre soumis au droit d'autres pays dans le domaine des exportations et importations. Les utilisations finales, ou utilisateurs finaux, pour des armes nuclaires, des missiles, des armes chimiques ou biologiques ou pour le nuclaire maritime, directement ou indirectement, sont strictement interdites. Les exportations ou rexportations vers des pays sous embargo des Etats-Unis, ou vers des entits figurant sur les listes d'exclusion d'exportation amricaines, y compris, mais de manire non exclusive, la liste de personnes qui font objet d'un ordre de ne pas participer, d'une faon directe ou indirecte, aux exportations des produits ou des services qui sont rgis par la legislation amricaine en matire de contrle des exportations et la liste de ressortissants spcifiquement designs, sont rigoureusement interdites. LA DOCUMENTATION EST FOURNIE "EN L'ETAT" ET TOUTES AUTRES CONDITIONS, DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENT EXCLUES, DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, Y COMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A L'APTITUDE A UNE UTILISATION PARTICULIERE OU A L'ABSENCE DE CONTREFACON.

080912@20795

Contents

Preface ...................................................................................................................................................37

1

Post-install Tasks and Layout ............................................................................................................ 63 1.1 Creating UNIX System Users and Groups ................................................................................. 63 To Create UNIX System Users and Groups .............................................................................. 64 1.2 To Prepare Directory Server for Messaging Server Configuration ......................................... 64 1.3 Creating the Initial Messaging Server Runtime Configuration ............................................... 65 1.3.1 Messaging Server Prerequisites ......................................................................................... 65 1.3.2 Messaging Server Configuration Checklist ..................................................................... 65 To Run the Configure Program .................................................................................................. 65 To Perform a Silent Installation ................................................................................................. 70 1.4 Installing Messaging Server Against a Directory Server Replica ............................................. 71 To Install Messaging Server Against a Directory Server Replica ............................................ 72 1.5 Installing Messaging Server Provisioning Tools ........................................................................ 72 1.5.1 Schema 1 Delegated Administrator for Messaging ......................................................... 72 1.5.2 LDAP Provisioning Tools .................................................................................................. 74 1.6 SMTP Relay Blocking ................................................................................................................... 74 1.7 Enabling Startup After a Reboot .................................................................................................. 76 To Enable Messaging Server After a Reboot ............................................................................. 76 1.8 Handling sendmail Clients ........................................................................................................... 77 To Obtain the Proper Version of the /usr/lib/sendmail on Solaris 8 ................................ 77 To Create the sendmail Configuration File on Solaris 9 Platforms ........................................ 78 1.9 Configuring Messenger Express and Communications Express Mail Filters ........................ 79 1.10 Performance and Tuning ........................................................................................................... 79 1.10.1 Java Message Queue (JMQ) Tuning ............................................................................... 79 1.11 Post-Installation Directory Layout ........................................................................................... 80 1.12 Post-Installation Port Numbers ................................................................................................. 82 To Change Port Numbers ........................................................................................................... 833

Contents

2

Upgrading from Messaging Server 5.2 to Sun Java System Messaging Server .........................85 2.1 Information Moved ....................................................................................................................... 85

3

Configuring High Availability ............................................................................................................87 3.1 Supported Versions ....................................................................................................................... 87 3.2 High Availability Models .............................................................................................................. 87 3.2.1 Asymmetric ......................................................................................................................... 88 3.2.2 Symmetric ............................................................................................................................ 89 3.2.3 N+1 (N Over 1) ................................................................................................................... 91 3.2.4 Choosing a High Availability Model ................................................................................. 93 3.2.5 System Down Time Calculations ...................................................................................... 93 3.3 Installing Messaging Server High AvailabilityOverview ...................................................... 94 3.3.1 Cluster Agent Installation .................................................................................................. 94 3.3.2 Messaging Server and High Availability Notes ................................................................ 94 3.3.3 Using the useconfig Utility ................................................................................................ 95 3.4 Sun Cluster Installation ................................................................................................................ 95 3.4.1 Sun Cluster Requirements ................................................................................................. 96 3.4.2 About HAStoragePlus ........................................................................................................ 96 3.4.3 Configuring Messaging Server with Sun Cluster HAStorage or HAStoragePlus ........ 97 3.4.4 Binding IP Addresses on a Server ................................................................................... 114 3.4.5 Helpful Sun Cluster Commands to Manage Messaging HA ....................................... 115 3.5 Veritas Cluster Server Agent Installation ................................................................................. 116 3.5.1 Veritas Cluster Server Requirements ............................................................................. 116 3.5.2 VCS Installation and Configuration Notes .................................................................... 116 3.5.3 MsgSrv Attributes and Arguments ................................................................................. 119 3.6 Unconfiguring High Availability ............................................................................................... 119 To Unconfigure the Veritas Cluster Server ............................................................................. 120

4

Configuring General Messaging Capabilities ...............................................................................121 4.1 To Modify Your Passwords ........................................................................................................ 121 4.2 Managing Mail Users, Mailing Lists and Domains ................................................................. 122 To Remove a User from Messaging Server ............................................................................. 123 To Remove a Domain from Messaging Server ....................................................................... 123 4.3 Managing Messaging Server with Sun ONE Console ............................................................. 124 4.4 Starting and Stopping Services .................................................................................................. 124Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

4

Contents

4.4.1 To Start and Stop Services in an HA Environment ....................................................... 124 4.4.2 To Start and Stop Services in a non-HA Environment ................................................. 125 4.4.3 Starting and Stopping a Messaging Server Running in MTA-only Mode .................. 126 4.5 Automatic Restart of Failed or Unresponsive Services ........................................................... 127 4.5.1 Automatic Restart in High Availability Deployments .................................................. 129 4.6 To Schedule Automatic Tasks .................................................................................................... 129 4.6.1 Scheduler Examples .......................................................................................................... 130 4.6.2 Pre-defined Automatic Tasks .......................................................................................... 130 4.7 To Configure a Greeting Message ............................................................................................. 131 To Create a New User Greeting ................................................................................................ 131 4.7.1 To Set a Per-Domain Greeting Message ......................................................................... 131 4.8 To Set a User-Preferred Language ............................................................................................. 133 4.8.1 To Set a Domain Preferred Language ............................................................................. 133 To Specify a Site Language ........................................................................................................ 134 4.9 To Customize Directory Lookups ............................................................................................. 134 To Modify the Messaging Server LDAP User-lookup Settings ............................................ 134 4.10 Encryption Settings ................................................................................................................... 135 4.11 Setting a Failover LDAP Server ................................................................................................ 136 To Set a Failover LDAP Server .................................................................................................. 136 4.12 Email Security Concerns .......................................................................................................... 136

5

Configuring POP, IMAP, and HTTP Services ................................................................................... 137 5.1 General Configuration ................................................................................................................ 137 5.1.1 Enabling and Disabling Services ..................................................................................... 138 5.1.2 Specifying Port Numbers ................................................................................................. 138 5.1.3 Ports for Encrypted Communications ........................................................................... 139 5.1.4 Service Banner ................................................................................................................... 139 5.2 Login Requirements .................................................................................................................... 140 To Set the Login Separator for POP Clients ............................................................................ 140 5.2.1 To Allow Log In without Using the Domain Name ...................................................... 140 5.2.2 Password-Based Login ..................................................................................................... 141 5.2.3 Certificate-Based Login .................................................................................................... 141 5.3 Performance Parameters ............................................................................................................ 142 5.3.1 Number of Processes ........................................................................................................ 142 5.3.2 Number of Connections per Process .............................................................................. 1435

Contents

5.3.3 Number of Threads per Process ...................................................................................... 144 5.3.4 Dropping Idle Connections ............................................................................................. 144 5.3.5 Logging Out HTTP Clients ............................................................................................. 145 5.4 Client Access Controls ................................................................................................................ 145 5.5 To Configure POP Services ........................................................................................................ 145 5.6 To Configure IMAP Services ..................................................................................................... 146 5.6.1 Configuring IMAP IDLE ................................................................................................. 148 5.7 To Configure HTTP Services ..................................................................................................... 151 5.7.1 Configuring Your HTTP Service .................................................................................... 152

6

Enabling Single Sign-On (SSO) ........................................................................................................157 6.1 Access Manager SSO for Sun Java System Servers ................................................................... 157 6.1.1 SSO Limitations and Notices ........................................................................................... 158 6.1.2 Configuring Messaging Server to Support SSO ............................................................ 158 6.1.3 Troubleshooting SSO ....................................................................................................... 159 6.2 Trusted Circle SSO (Legacy) ...................................................................................................... 160 6.2.1 Trusted Circle SSO Overview and Definitions .............................................................. 160 6.2.2 Trusted Circle SSO Applications .................................................................................... 161 6.2.3 Trusted Circle SSO Limitations ...................................................................................... 161 6.2.4 Example Trusted Circle SSO Deployment Scenarios ................................................... 161 6.2.5 Setting Up Trusted Circle SSO ........................................................................................ 163 6.2.6 Messenger Express Trusted SSO Configuration Parameters ....................................... 167

7

Configuring and Administering Multiplexor Services ................................................................ 171 7.1 Multiplexor Services .................................................................................................................... 171 7.1.1 Multiplexor Benefits ......................................................................................................... 171 7.2 About Messaging Multiplexor ................................................................................................... 173 7.2.1 How the Messaging Multiplexor Works ........................................................................ 173 7.2.2 Encryption (SSL) Option ................................................................................................. 175 7.2.3 Certificate-Based Client Authentication ........................................................................ 175 7.2.4 User Pre-Authentication .................................................................................................. 176 7.2.5 MMP Virtual Domains .................................................................................................... 176 7.2.6 About SMTP Proxy ........................................................................................................... 178 7.3 Setting Up the Messaging Multiplexor ...................................................................................... 178 7.3.1 Before You Configure MMP ........................................................................................... 179Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

6

Contents

7.3.2 Multiplexor Configuration .............................................................................................. 179 7.3.3 Multiplexor Files ............................................................................................................... 180 7.3.4 Starting the Multiplexor ................................................................................................... 181 7.3.5 Modifying an Existing MMP ........................................................................................... 181 7.4 Configuring MMP with SSL ....................................................................................................... 181 To Configure MMP with SSL ................................................................................................... 181 To Configure MMP with Client Certificate-based Login ..................................................... 182 7.4.1 A Sample Topology .......................................................................................................... 183 7.5 MMP Tasks .................................................................................................................................. 186 7.5.1 To Configure Mail Access with MMP ............................................................................ 187 7.5.2 To Set a Failover MMP LDAP Server ............................................................................. 187

8

MTA Concepts .....................................................................................................................................189 8.1 The MTA Functionality .............................................................................................................. 189 8.2 MTA Architecture and Message Flow Overview ..................................................................... 193 8.2.1 Dispatcher and SMTP Server (Slave Program) ............................................................. 193 8.3 The Dispatcher ............................................................................................................................ 195 8.3.1 Creation and Expiration of Server Processes ................................................................. 195 8.3.2 To Start and Stop the Dispatcher .................................................................................... 196 8.4 Rewrite Rules ............................................................................................................................... 196 8.5 Channels ....................................................................................................................................... 197 8.5.1 Master and Slave Programs .............................................................................................. 197 8.5.2 Channel Message Queues ................................................................................................ 199 8.5.3 Channel Definitions ......................................................................................................... 200 8.6 The MTA Directory Information .............................................................................................. 201 8.7 The Job Controller ....................................................................................................................... 202 8.7.1 To Start and Stop the Job Controller .............................................................................. 204

9

MTA Address Translation and Routing ........................................................................................... 205 9.1 The Direct LDAP Algorithm and Implementation ................................................................. 205 9.1.1 Domain Locality Determination .................................................................................... 205 9.1.2 Alias expansion of local addresses .................................................................................. 209 9.1.3 Processing the LDAP Result ............................................................................................ 214 9.1.4 To Modify Group Membership Attribute Syntax ......................................................... 228 9.2 Address Reversal .......................................................................................................................... 2287

Contents

9.3 Asynchronous LDAP Operations .............................................................................................. 230 9.4 Settings Summary ........................................................................................................................ 231 9.5 Processing Multiple Different LDAP Attributes with the Same Semantics .......................... 232

10

About MTA Services and Configuration ......................................................................................... 233 10.1 Compiling the MTA Configuration ........................................................................................ 233 10.2 The MTA Configuration File ................................................................................................... 235 10.3 Mappings File ............................................................................................................................. 237 10.3.1 File Format in the Mappings File .................................................................................. 239 10.3.2 Mapping Operations ...................................................................................................... 241 10.4 Other MTA Configuration Files .............................................................................................. 251 10.4.1 Alias File ........................................................................................................................... 252 10.4.2 TCP/IP (SMTP) Channel Option Files ........................................................................ 253 10.4.3 Conversion File ............................................................................................................... 253 10.4.4 Dispatcher Configuration File ...................................................................................... 253 10.4.5 Mappings File .................................................................................................................. 254 10.4.6 Option File ....................................................................................................................... 255 10.4.7 Tailor File ......................................................................................................................... 255 10.4.8 Job Controller File .......................................................................................................... 256 10.5 Aliases ......................................................................................................................................... 261 10.5.1 The Alias Database ......................................................................................................... 262 10.5.2 The Alias File ................................................................................................................... 262 10.5.3 Including Other Files in the Alias File .......................................................................... 263 10.6 Command Line Utilities ........................................................................................................... 263 10.7 SMTP Security and Access Control ........................................................................................ 263 10.8 Log Files ...................................................................................................................................... 264 10.9 To Convert Addresses from an Internal Form to a Public Form ......................................... 264 10.9.1 MTA Text Databases ...................................................................................................... 265 10.9.2 To Set Address Reversal Controls ................................................................................. 266 10.9.3 The Forward Lookup Table and FORWARD Address Mapping ............................. 268 10.10 Controlling Delivery Status Notification Messages ............................................................ 271 10.10.1 To Construct and Modify Status Notifications ......................................................... 272 10.10.2 To Customize and Localize Delivery Status Notification Messages ....................... 274 10.10.3 Internationalization of Generated Notices ................................................................ 276 10.10.4 Additional Status Notification Message Features ..................................................... 277

8

Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

Contents

10.11 Controlling Message Disposition Notifications .................................................................. 284 10.11.1 To Customize and Localize Message Disposition Notification Messages .............. 284 10.12 Optimizing MTA Performance ............................................................................................. 285 10.12.1 Optimizing Authorization Checks to the LDAP Directory for Messages Addressed to Mailing Lists ........................................................................................................................... 285

11

Configuring Rewrite Rules ...............................................................................................................289 11.1 Before You Begin ....................................................................................................................... 289 11.2 Rewrite Rule Structure .............................................................................................................. 290 11.3 Rewrite Rule Patterns and Tags ............................................................................................... 291 11.3.1 A Rule to Match Percent Hacks ..................................................................................... 293 11.3.2 A Rule to Match Bang-Style (UUCP) Addresses ........................................................ 293 11.3.3 A Rule to Match Any Address ....................................................................................... 294 11.3.4 Tagged Rewrite Rule Sets ............................................................................................... 294 11.4 Rewrite Rule Templates ............................................................................................................ 294 11.4.1 Ordinary Rewriting Templates, A%B@C or A@B ...................................................... 295 11.4.2 Repeated Rewrites Template, A%B .............................................................................. 295 11.4.3 Specified Route Rewriting Templates, A@B@C@D or A@B@C .............................. 296 11.4.4 Case Sensitivity in Rewrite Rule Templates ................................................................. 296 11.5 How the MTA Applies Rewrite Rules to an Address ............................................................. 297 11.5.1 Step 1. Extract the First Host or Domain Specification .............................................. 297 11.5.2 Step 2. Scan the Rewrite Rules ....................................................................................... 299 11.5.3 Step 3. Rewrite Address According to Template ......................................................... 300 11.5.4 Step 4. Finish the Rewrite Process ................................................................................. 300 11.5.5 Rewrite Rule Failure ....................................................................................................... 301 11.5.6 Syntax Checks After Rewrite ......................................................................................... 301 11.5.7 Handling Domain Literals ............................................................................................. 301 11.6 Template Substitutions and Rewrite Rule Control Sequences ............................................ 302 11.6.1 Username and Subaddress Substitution, $U, $0U, $1U ............................................. 305 11.6.2 Host/Domain and IP Literal Substitutions, $D, $H, $nD, $nH, $L .......................... 305 11.6.3 Literal Character Substitutions, $$, $%, $@ ................................................................. 306 11.6.4 LDAP Query URL Substitutions, $]...[ ......................................................................... 306 11.6.5 General Database Substitutions, $(...) .......................................................................... 307 11.6.6 Apply Specified Mapping, ${...} ..................................................................................... 308 11.6.7 Customer-supplied Routine Substitutions, $[...] ........................................................ 3089

Contents

11.6.8 Single Field Substitutions, $&, $!, $*, $# ....................................................................... 309 11.6.9 Unique String Substitutions .......................................................................................... 310 11.6.10 Source-Channel-Specific Rewrite Rules ($M, $N) ................................................... 310 11.6.11 Destination-Channel-Specific Rewrite Rules ($C, $Q) ............................................ 310 11.6.12 Direction-and-Location-Specific Rewrite Rules ($B, $E, $F, $R) ........................... 311 11.6.13 Host-Location-Specific Rewrites ($A, $P, $S, $X) ..................................................... 312 11.6.14 Changing the Current Tag Value, $T ......................................................................... 312 11.6.15 Controlling Error Messages Associated with Rewriting ($?) .................................. 313 11.7 Handling Large Numbers of Rewrite Rules ............................................................................ 314 11.8 Testing Rewrite Rules ............................................................................................................... 314 11.9 Rewrite Rules Example ............................................................................................................. 315

12

Configuring Channel Definitions ....................................................................................................317 12.1 Configuring Channel Defaults ................................................................................................ 318 12.2 Channel Keywords Listed Alphabetically .............................................................................. 318 12.3 Channel Keywords Categorized by Function ........................................................................ 330 12.4 Configuring SMTP Channels .................................................................................................. 359 12.4.1 Configuring SMTP Channel Options .......................................................................... 360 12.4.2 SMTP Command and Protocol Support ..................................................................... 360 12.4.3 TCP/IP Connection and DNS Lookup Support ......................................................... 368 12.4.4 SMTP Authentication, SASL, and TLS ......................................................................... 376 12.4.5 Using Authenticated Addresses from SMTP AUTH in Header ................................ 377 12.4.6 Support for SMTP Chunking ........................................................................................ 378 12.4.7 Specifying Microsoft Exchange Gateway Channels ................................................... 379 12.4.8 Transport Layer Security ............................................................................................... 379 12.5 Configuring Message Processing and Delivery ..................................................................... 380 12.5.1 Setting Channel Directionality ..................................................................................... 382 12.5.2 Implementing Deferred Delivery Dates ....................................................................... 382 12.5.3 Specifying the Retry Frequency for Messages that Failed Delivery ........................... 383 12.5.4 Processing Pools for Channel Execution Jobs ............................................................. 384 12.5.5 Service Job Limits ............................................................................................................ 384 12.5.6 Setting Connection Transaction Limits ....................................................................... 386 12.5.7 Message Priority Based on Size ..................................................................................... 387 12.5.8 SMTP Channel Threads ................................................................................................. 387 12.5.9 Expansion of Multiple Addresses ................................................................................. 388

10

Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

Contents

12.5.10 Enable Service Conversions ........................................................................................ 389 12.6 Configuring Address Handling ............................................................................................... 389 12.6.1 Address Types and Conventions .................................................................................. 389 12.6.2 Interpreting Addresses that Use ! and % ...................................................................... 391 12.6.3 Adding Routing Information in Addresses ................................................................. 391 12.6.4 Disabling Rewriting of Explicit Routing Addresses ................................................... 392 12.6.5 Address Rewriting Upon Message Dequeue ............................................................... 393 12.6.6 Specifying a Host Name to Use When Correcting Incomplete Addresses .............. 393 12.6.7 Legalizing Messages Without Recipient Header Lines .............................................. 394 12.6.8 Stripping Illegal Blank Recipient Headers ................................................................... 395 12.6.9 Enabling Channel-Specific Use of the Reverse Database ........................................... 395 12.6.10 Enabling Restricted Mailbox Encoding ..................................................................... 395 12.6.11 Generating of Return-path Header Lines .................................................................. 396 12.6.12 Constructing Received Header Lines from Envelope To and From Addresses .... 396 12.6.13 Handling Comments in Address Header Lines ........................................................ 396 12.6.14 Handling Personal Names in Address Header Lines ................................................ 397 12.6.15 Specifying Alias File and Alias Database Probes ....................................................... 398 12.6.16 Subaddress Handling ................................................................................................... 398 12.6.17 Enabling Channel-specific Rewrite Rules Checks .................................................... 399 12.6.18 Removing Source Routes ............................................................................................. 399 12.6.19 Specifying Address Must be from an Alias ................................................................ 400 12.6.20 Recipient Address Handling ....................................................................................... 400 12.7 Configuring Header Handling ................................................................................................. 400 12.7.1 Rewriting Embedded Headers ...................................................................................... 401 12.7.2 Removing Selected Message Header Lines .................................................................. 401 12.7.3 Generating/Removing X-Envelope-to Header Lines ................................................. 402 12.7.4 Converting Date to Two- or Four-Digits ..................................................................... 402 12.7.5 Specifying Day of Week in Date .................................................................................... 403 12.7.6 Automatic Splitting of Long Header Lines .................................................................. 403 12.7.7 Header Alignment and Folding .................................................................................... 403 12.7.8 Specifying Maximum Length Header .......................................................................... 404 12.7.9 Sensitivity Checking ....................................................................................................... 404 12.7.10 Setting Default Language in Headers ......................................................................... 405 12.7.11 Controlling Message-hash: Headers ......................................................................... 405 12.8 Attachments and MIME Processing ....................................................................................... 405 12.8.1 Ignoring the Encoding Header Line ............................................................................. 40611

Contents

12.8.2 Automatic Defragmentation of Message/Partial Messages ....................................... 406 12.8.3 Automatic Fragmentation of Large Messages ............................................................. 408 12.8.4 Imposing Message Line Length Restrictions ............................................................... 409 12.8.5 Interpreting Content-transfer-encoding Fields on Multiparts and Message/RFC822 Parts ............................................................................................................................................. 410 12.9 Limits on Messages, Quotas, Recipients, and Authentication Attempts ............................ 410 12.9.1 Limits on Unsuccessful Authentication Attempts ...................................................... 410 12.9.2 Specifying Absolute Message Size Limits ..................................................................... 411 12.9.3 Retargeting Messages Exceeding Limit on Size or Recipients ................................... 412 12.9.4 Handling Mail Delivery to Over Quota Users ............................................................. 414 12.9.5 Handling SMTP Mail with Lines Exceeding 1000 Characters .................................. 414 12.9.6 Controlling the Length of General and Filename Content-type and Content-disposition Parameters .............................................................................................. 414 12.9.7 Limiting Message Recipients ......................................................................................... 414 12.9.8 Limiting Header Size ...................................................................................................... 415 12.10 File Creation in the MTA Queue ........................................................................................... 415 12.10.1 Controlling How Multiple Addresses on a Message are Handled .......................... 415 12.10.2 Spreading a Channel Message Queue Across Multiple Subdirectories .................. 416 12.10.3 Setting Session Limits ................................................................................................... 416 12.11 Configuring Logging and Debugging ................................................................................... 417 12.11.1 Logging Keywords ........................................................................................................ 417 12.11.2 Debugging Keywords ................................................................................................... 417 12.11.3 Setting Loopcheck ........................................................................................................ 418 12.12 Miscellaneous Keywords ........................................................................................................ 418 12.12.1 Process Channel Overrides ......................................................................................... 418 12.12.2 Channel Operation Type ............................................................................................. 419 12.12.3 Pipe Channel ................................................................................................................. 419 12.12.4 Specifying Mailbox Filter File Location ..................................................................... 419 12.12.5 Spam Filter Keywords .................................................................................................. 420 12.12.6 Routing After Address Validation But Before Expansion ....................................... 421 12.12.7 NO-SOLICIT SMTP Extension Support ................................................................... 424 12.12.8 Setting Limits on Bad RCPT TO Addresses ................................................................. 425 12.12.9 Set Channel Displays for Monitoring Framework .................................................... 425

13

Using Predefined Channels ..............................................................................................................427 13.1 Predefined Channels ................................................................................................................. 427Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

12

Contents

13.2 To Deliver Messages to Programs Using the Pipe Channel ................................................. 429 13.3 To Configure the Native (/var/mail) Channel ....................................................................... 430 13.4 To Temporarily Hold Messages Using the Hold Channel ................................................... 431 13.5 The Conversion Channel ......................................................................................................... 431 13.5.1 MIME Overview ............................................................................................................. 432 13.5.2 Selecting Traffic for Conversion Processing ................................................................ 434 13.5.3 To Control Conversion Processing .............................................................................. 435 13.5.4 To Bounce, Delete, Hold, Retry Messages Using the Conversion Channel Output 444 13.5.5 Conversion Channel Example ...................................................................................... 446 13.5.6 Automatic Arabic Character Set Detection ................................................................. 450 13.6 Character Set Conversion and Message Reformatting ......................................................... 452 13.6.1 Character Set Conversion .............................................................................................. 453 13.6.2 Message Reformatting .................................................................................................... 455 13.6.3 Service Conversions ....................................................................................................... 460

14

Integrating Spam and Virus Filtering Programs Into Messaging Server ..................................463 14.1 Integrating Spam Filtering Programs Into Messaging ServerTheory of Operations .... 464 14.2 Deploying and Configuring Third Party Spam Filtering Programs .................................... 464 14.2.1 Loading and Configuring the Spam Filtering Software Client Library .................... 465 14.2.2 Specifying the Messages to Be Filtered ......................................................................... 466 14.2.3 Specifying Actions to Perform on Spam Messages ..................................................... 471 14.3 Using Symantec Brightmail Anti-Spam ................................................................................. 476 14.3.1 How Brightmail Works .................................................................................................. 476 14.3.2 Brightmail Requirements and Performance Considerations .................................... 478 14.3.3 Deploying Brightmail ..................................................................................................... 479 14.3.4 Brightmail Configuration Options ............................................................................... 479 14.4 Using SpamAssassin ................................................................................................................. 481 14.4.1 SpamAssassin Overview ................................................................................................ 481 14.4.2 SpamAssassin/Messaging Server Theory of Operations ............................................ 481 14.4.3 SpamAssassin Requirements and Usage Considerations .......................................... 482 14.4.4 Deploying SpamAssassin ............................................................................................... 483 14.4.5 SpamAssassin Configuration Examples ...................................................................... 483 14.4.6 Testing SpamAssassin .................................................................................................... 489 14.4.7 SpamAssassin Options ................................................................................................... 491 14.5 Using Symantec Anti-Virus Scanning Engine (SAVSE) ...................................................... 49313

Contents

14.5.1 SAVSE Overview ............................................................................................................. 494 14.5.2 SAVSE Requirements and Usage Considerations ...................................................... 494 14.5.3 Deploying SAVSE ........................................................................................................... 494 14.5.4 SAVSE Configuration Example .................................................................................... 495 14.5.5 SAVSE Options ............................................................................................................... 497 14.6 Using ClamAV ........................................................................................................................... 499 14.6.1 ClamAV/Messaging Server Theory of Operations ..................................................... 499 14.6.2 ClamAV Requirements and Usage Considerations ................................................... 500 14.6.3 Deploying ClamAV ........................................................................................................ 500 To Jettison Virus or Trojan Horse Infected Email Using ClamAV ................................. 501 14.6.4 Testing ClamAV .............................................................................................................. 502 14.6.5 ClamAV Options ............................................................................................................ 503 14.7 Support for Sieve Extensions ................................................................................................... 504 14.8 Using Milter ............................................................................................................................... 506 14.8.1 Milter Overview .............................................................................................................. 506 14.8.2 Milter/Messaging Server Theory of Operations ......................................................... 506 14.8.3 Milter Requirements and Usage Considerations ........................................................ 507 To Deploy Milter ........................................................................................................................ 508 14.9 Cloudmark Anti-Abuse Client ................................................................................................ 509 14.10 Other Anti-Spam and Denial-of-Service Technologies ..................................................... 509 14.10.1 Anti-Spam Technique: Delay Sending the SMTP Banner ....................................... 510

15

Handling Forged Email Using the Sender Policy Framework .................................................... 511 15.1 Theory of Operations ................................................................................................................ 511 15.2 Limitations ................................................................................................................................. 513 15.3 Pre-Deployment Considerations ............................................................................................ 514 15.4 Setting up the Technology ........................................................................................................ 514 15.5 Reference Information .............................................................................................................. 514 15.6 Testing SPF using spfquery ...................................................................................................... 516 15.6.1 Syntax ............................................................................................................................... 516 15.6.2 Example with Debugging Enabled ............................................................................... 517 15.7 Handling Forwarded Mail in SPF Using the Sender Rewriting Scheme (SRS) .................. 518

16

LMTP Delivery ....................................................................................................................................521 16.1 LMTP Delivery Features ........................................................................................................... 522Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

14

Contents

16.2 Messaging Processing in a Two-Tier Deployment Without LMTP .................................... 522 16.3 Messaging Processing in a Two-Tier Deployment With LMTP ......................................... 524 16.4 LMTP Overview ........................................................................................................................ 525 16.5 To Configure LMTP Delivery .................................................................................................. 525 To Configure the Inbound MTA Relays with LMTP ............................................................. 526 16.5.1 To Configure Back End Stores with LMTP and a Minimal MTA ............................. 527 16.5.2 Configuring Relays for Sending Messages Via LMTP to Back End Systems with Message Stores and Full MTAs ................................................................................................. 529 16.5.3 Configuring LMTP on Back End Message Store Systems Having Full MTAs ......... 529 16.5.4 Handling 4.2.1 Mailbox Busy Error in Response to LMTP Message Data ............... 530 16.6 LMTP Protocol as Implemented ............................................................................................. 530

17

Vacation Automatic Message Reply ...............................................................................................533 17.1 Vacation Autoreply Overview ................................................................................................. 533 17.2 Configuring Autoreply ............................................................................................................. 534 17.2.1 Configuring Autoreply on the Back-end Store System .............................................. 535 To Configure Autoreply on a Relay ......................................................................................... 535 17.3 Vacation Autoreply Theory of Operation .............................................................................. 536 17.4 Vacation Autoreply Attributes ................................................................................................ 537 17.5 Other Auto Reply Tasks and Issues ......................................................................................... 539 17.5.1 To Send Autoreply Messages for Email That Have Been Automatically Forwarded from Another Mail Server ......................................................................................................... 539

18

Mail Filtering and Access Control .................................................................................................... 541 18.1 PART 1. MAPPING TABLES .................................................................................................. 541 18.2 Controlling Access with Mapping Tables .............................................................................. 542 18.2.1 Access Control Mapping TablesOperation ............................................................. 542 18.3 Access Control Mapping Table Flags ...................................................................................... 544 18.3.1 SEND_ACCESS and ORIG_SEND_ACCESS Tables ................................................ 546 18.3.2 MAIL_ACCESS and ORIG_MAIL_ACCESS Mapping Tables ................................ 548 18.3.3 FROM_ACCESS Mapping Table .................................................................................. 550 18.3.4 PORT_ACCESS Mapping Table ................................................................................... 552 18.3.5 IP_ACCESS Mapping Table .......................................................................................... 554 18.3.6 To Limit Specified IP Address Connections to the MTA .......................................... 555 18.4 When Access Controls Are Applied ........................................................................................ 55615

Contents

18.5 To Test Access Control Mappings .......................................................................................... 556 18.6 To Add SMTP Relaying ............................................................................................................ 557 18.6.1 Allowing SMTP Relaying for External Sites ................................................................ 559 18.7 Configuring SMTP Relay Blocking ......................................................................................... 560 18.7.1 How the MTA Differentiates Between Internal and External Mail .......................... 560 18.7.2 Differentiate Authenticated Users' Mail ...................................................................... 562 18.7.3 Prevent Mail Relay .......................................................................................................... 562 18.7.4 To Use DNS Lookups Including RBL Checking for SMTP Relay Blocking ............ 563 18.8 Handling Large Numbers of Access Entries ........................................................................... 566 18.9 PART 2. MAILBOX FILTERS .................................................................................................. 568 18.10 Sieve Filter Support ................................................................................................................. 568 18.11 Sieve Filtering Overview ......................................................................................................... 570 18.12 To Create User-level Filters .................................................................................................... 570 18.13 To Create Channel-level Filters ............................................................................................. 570 To Create a Channel-level Filter ............................................................................................... 572 18.14 To Create MTA-Wide Filters ................................................................................................. 573 To Create MTA-Wide Filters .................................................................................................... 573 18.14.1 Routing Discarded Messages Out the FILTER_DISCARD Channel ..................... 573 18.15 To Debug User-level Filters ................................................................................................... 574 To Debug User-level Filters ...................................................................................................... 574 18.15.1 imsimta test -exp Output ............................................................................................. 576 18.15.2 imsimta test -exp Syntax .............................................................................................. 577

19

Throttling Incoming Connections Using MeterMaid ................................................................... 579 19.1 Technical Overview .................................................................................................................. 579 19.2 Theory of Operations ................................................................................................................ 580 19.3 Configutil Parameters for MeterMaid .................................................................................... 580 19.4 Limit Excessive IP Address Connections Using MetermaidExample ............................ 583 19.4.1 Additional Useful MeterMaid Options ........................................................................ 585

20

Managing the Message Store ..........................................................................................................587 20.1 Overview .................................................................................................................................... 587 20.2 Message Store Directory Layout .............................................................................................. 589 20.2.1 Valid UIDs and Folder Names ...................................................................................... 592 20.3 How the Message Store Removes Messages ........................................................................... 593Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

16

Contents

20.4 Specifying Administrator Access to the Store ........................................................................ 594 To Add an Administrator Entry ............................................................................................... 594 To Modify an Administrator Entry .......................................................................................... 595 To Delete an Administrator Entry ........................................................................................... 595 20.4.1 To Protect Mailboxes from Deletion or Renaming Except by an Administrator ... 595 20.5 About Shared Folders ................................................................................................................ 596 20.6 Shared Folder Tasks .................................................................................................................. 598 To Specify Sharing Attributes for Private Shared Folders ..................................................... 598 To Create a Public Shared Folder ............................................................................................. 599 20.6.1 To Add Shared Folders with an Email Group ............................................................. 600 20.6.2 To Set or Change a Shared Folders Access Control Rights ....................................... 601 20.6.3 To Enable or Disable Listing of Shared Folders .......................................................... 602 20.6.4 To Set Up Distributed Shared Folders .......................................................................... 603 20.6.5 To Monitor and Maintain Shared Folder Data ........................................................... 605 20.7 Managing Message Types ......................................................................................................... 606 20.7.1 Message Type Overview ................................................................................................. 607 To Configure Message Types .................................................................................................... 608 20.7.2 Message Types in IMAP Commands ........................................................................... 610 20.7.3 Sending Notification Messages for Message Types ..................................................... 612 20.7.4 Administering Quotas by Message Type ..................................................................... 612 20.7.5 Expiring Messages by Message Type ............................................................................ 614 20.8 About Message Store Quotas ................................................................................................... 616 20.8.1 Quota Overview .............................................................................................................. 616 20.8.2 Quota Theory of Operations ......................................................................................... 617 20.8.3 Message Store Quota Attributes and Parameters ........................................................ 618 20.8.4 Configuring Message Store Quotas .............................................................................. 620 20.9 To Set the Automatic Message Removal (Expire and Purge) Feature ................................. 625 20.9.1 imexpire Theory of Operation ...................................................................................... 625 20.9.2 To Deploy the Automatic Message Removal Feature ................................................. 626 20.10 Configuring Message Store Partitions .................................................................................. 635 20.10.1 To Add a Partition ........................................................................................................ 636 20.10.2 To Move Mailboxes to a Different Disk Partition ..................................................... 636 20.10.3 Changing the Default Message Store Partition Definition ...................................... 637 20.11 Performing Message Store Maintenance Procedures ......................................................... 638 20.11.1 Adding More Physical Disks to the Message Store ................................................... 638 20.11.2 To Manage Mailboxes .................................................................................................. 63817

Contents

20.11.3 Maximum Mailbox Size ............................................................................................... 641 20.11.4 To Monitor Quota Limits ............................................................................................ 641 20.11.5 To Monitor Disk Space ................................................................................................ 642 20.11.6 The stored Daemon .................................................................................................... 642 20.11.7 Reducing Message Store Size Due to Duplicate Storage of Identical Messages ..... 643 20.12 Backing Up and Restoring the Message Store ...................................................................... 646 20.12.1 Creating a Mailbox Backup Policy .............................................................................. 647 20.12.2 To Create Backup Groups ........................................................................................... 648 20.12.3 Messaging Server Backup and Restore Utilities ........................................................ 649 20.12.4 Excluding Bulk Mail When You Perform Backups .................................................. 650 20.12.5 Considerations for Partial Restore ............................................................................. 651 20.12.6 To Use Legato Networker ............................................................................................ 653 20.12.7 To Use a Third Party Backup Software (Besides Legato) ......................................... 656 20.12.8 Troubleshooting Backup and Restore Problems ...................................................... 657 20.12.9 Message Store Disaster Backup and Recovery .......................................................... 658 20.13 Monitoring User Access ......................................................................................................... 659 20.14 Troubleshooting the Message Store ...................................................................................... 660 20.14.1 Standard Message Store Monitoring Procedures ..................................................... 661 20.14.2 Message Store Startup and Recovery .......................................................................... 664 20.14.3 Repairing Mailboxes and the Mailboxes Database ................................................... 667 20.14.4 Common Problems and Solutions ............................................................................. 671 20.15 Migrating or Moving Mailboxes to a New System .............................................................. 675 20.15.1 Migrating User Mailboxes to Another Messaging Server While Online ............... 676 To Migrate User Mailboxes from One Messaging Server to Another While Online ......... 678 To Move Mailboxes Using an IMAP client ............................................................................. 683 To Move Mailboxes Using the MoveUser Command ............................................................ 684 To Move Mailboxes Using the imsimport Command .......................................................... 685

21

Message Archiving ............................................................................................................................687 21.1 Archiving Overview .................................................................................................................. 687 21.1.1 Message Archiving Systems: Compliance and Operational ...................................... 688

22

Configuring the JMQ Notification Plug-in to Produce Messages for Message Queue ...........689 22.1 JMQ Notification Overview ..................................................................................................... 689 22.1.1 Two Notification Messaging Services ........................................................................... 689Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

18

Contents

22.1.2 Notification Plug-ins ...................................................................................................... 690 22.1.3 Benefits of Using JMQ Notification .............................................................................. 690 22.2 Configuring a JMQ Notification Service ................................................................................ 692 22.2.1 Planning for Your JMQ Notification Service .............................................................. 692 To Configure a JMQ Notification Plug-in .............................................................................. 693 To Configure Multiple Plug-ins ............................................................................................... 697 22.2.2 Specifying Notification Messages that Use More Than One configutil Parameter .................................................................................................................................... 698 22.3 JMQ Notification Messages and Properties ........................................................................... 701 22.3.1 Notification Messages .................................................................................................... 701 22.3.2 Rules and Guidelines for Notification Messages ......................................................... 703 22.3.3 Notifications for Particular Message Types ................................................................. 703 22.3.4 Default Values of the configutil Parameters ............................................................ 704 22.3.5 Notification Message Properties ................................................................................... 705

23

Configuring Security and Access Control ...................................................................................... 713 23.1 About Server Security ............................................................................................................... 713 23.2 About HTTP Security ............................................................................................................... 714 23.3 Configuring Authentication Mechanisms ............................................................................. 715 23.3.1 To Configure Access to Plaintext Passwords ............................................................... 717 23.3.2 To Transition Users ........................................................................................................ 718 23.4 User Password Login ................................................................................................................ 719 23.4.1 IMAP, POP, and HTTP Password Login ...................................................................... 719 23.4.2 SMTP Password Login ................................................................................................... 720 23.5 Configuring Encryption and Certificate-Based Authentication ......................................... 720 23.5.1 Obtaining Certificates .................................................................................................... 722 23.5.2 To Enable SSL and Selecting Ciphers ........................................................................... 731 23.5.3 To Set Up Certificate-Based Login ............................................................................... 733 23.5.4 How to Optimize SSL Performance Using the SMTP Proxy ..................................... 734 23.6 Configuring Administrator Access to Messaging Server ...................................................... 735 23.6.1 Hierarchy of Delegated Administration ...................................................................... 735 To Provide Access to the Server as a Whole ............................................................................ 736 23.6.2 To Restrict Access to Specific Tasks .............................................................................. 736 23.7 Configuring Client Access to POP, IMAP, and HTTP Services ........................................... 737 23.7.1 How Client Access Filters Work ................................................................................... 73819

Contents

23.7.2 Filter Syntax ..................................................................................................................... 739 23.7.3 Filter Examples ................................................................................................................ 743 23.7.4 To Create Access Filters for Services ............................................................................ 745 23.7.5 To Create Access Filters for HTTP Proxy Authentication ......................................... 745 23.8 Enabling POP Before SMTP .................................................................................................... 746 To Install the SMTP Proxy ........................................................................................................ 746 23.9 Configuring Client Access to SMTP Services ........................................................................ 749 23.10 User/Group Directory Lookups Over SSL ........................................................................... 749

24

Administering S/MIME for Communications Express Mail ......................................................... 751 24.1 What is S/MIME? ...................................................................................................................... 751 24.1.1 Concepts You Need to Know ........................................................................................ 752 24.2 Required Software and Hardware Components ................................................................... 753 24.3 Requirements for Using S/MIME ........................................................................................... 754 24.3.1 Private and Public Keys .................................................................................................. 754 24.3.2 Keys Stored on Smart Cards .......................................................................................... 755 24.3.3 Keys Stored on the Client Machine ............................................................................... 755 24.3.4 Publish Public Keys in LDAP Directory ....................................................................... 755 24.3.5 Give Mail Users Permission to Use S/MIME ............................................................... 756 24.3.6 Multi-language Support ................................................................................................. 756 24.4 Getting Started After Installing Messaging Server ................................................................ 756 24.4.1 The S/MIME Applet ....................................................................................................... 756 24.4.2 A Basic S/MIME Configuration .................................................................................... 758 24.4.3 Accessing LDAP for Public Keys, CA certificates and CRLs Using Credentials ..... 762 24.5 Parameters of the smime.conf File .......................................................................................... 764 24.6 Messaging Server Options ........................................................................................................ 770 To Set Messaging Server Options that Apply to S/MIME ..................................................... 770 24.7 Securing Internet Links With SSL ........................................................................................... 771 24.7.1 Securing the Link Between Messaging Server and Communications Express Mail .............................................................................................................................................. 771 24.7.2 Securing the Link Between the Messaging Server and S/MIME Applet ................... 772 24.8 Key Access Libraries for the Client Machines ........................................................................ 772 24.8.1 Example ........................................................................................................................... 773 24.9 Verifying Private and Public Keys ........................................................................................... 774 24.9.1 Finding a Users Private or Public Key .......................................................................... 775

20

Sun Java System Messaging Server 6.3 Administration Guide 11 September 2008

Contents

24.9.2 When is a Certificate Checked Against a CRL? ........................................................... 776 24.9.3 Accessing a CRL .............................................................................................................. 777 24.9.4 Proxy Server and CRL Checking ................................................................................... 778 24.9.5 Using a Stale CRL ............................................................................................................ 778 24.9.6 Determining Which Message Time to Use .................................................................. 779 24.9.7 Trouble Accessing a CRL ............................................................................................... 780 24.9.8 When a Certificate is Revoked ...................................................................................... 780 24.10 Granting Permission to Use S/MIME Features ................................................................... 781 24.10.1 S/MIME Permission Examples ................................................................................... 781 24.11 Managing Certificates ............................................................................................................. 782 24.11.1 CA Certificates in an LDAP Directory ....................................................................... 782 24.11.2 Public Keys and Certificates in an LDAP Directory ................................................. 783 24.11.3 Verifying That Keys and Certificates Exist in the LDAP Directory ........................ 784 24.11.4 Network Security Services Certificates ....................................................................... 786 24.12 Communications Express S/MIME End User Information .............................................. 786 24.12.1 Logging In for the First Time ...................................................................................... 787 24.12.2 Signature and Encryption Settings ............................................................................. 788 24.12.3 Enabling the Java Console ........................................................................................... 789

25

Managing Logging ............................................................................................................................791 25.1 Overview of Logging ................................................................................................................. 791 25.1.1 Types of Logging Data .................................................................................................... 792 25.1.2 Types of Messaging Server Log Files ............................................................................ 792 25.1.3 Tracking a Message Across the Various Log Files ....................................................... 794 25.2 Tools for Managing Logging .................................................................................................... 795 25.3 Managing MTA Message and Connection Logs ................................................................... 796 25.3.1 Understanding the MTA Log Entry Format ............................................................... 796 25.3.2 Enabling MTA Logging ................................................................................................. 800 25.3.3 Specifying Additional MTA Logging Options ............................................................ 801 25.3.4 MTA Message Logging Examples ................................................................................. 805 25.3.5 Enabling Dispatcher Debugging ................................................................................... 818 25.4 Managing Message Store, Admin, and Default Service Logs ............................................... 820 25.4.1 Understanding Service Log Characteristics ................................................................ 821 25.4.2 Understanding Service Log File Format ...................................................................... 823 25.4.3 Defining and Setting Service Logging Options ........................................................... 82421

Contents

25.4.4 Searching and Viewing Service Logs ............................................................................ 826 25.4.5 Working With Service Logs ........................................................................................... 827 25.4.6 Using Message Tracing for Message Store Logging .................................................... 830 25.4.7 Other Message Store Logging Features ........................................................................ 831 25.4.8 Message Store Logging Examples ................................................................................. 831

26

Troubleshooting the MTA .................................................................................................................835 26.1 Troubleshooting Overview ...................................................................................................... 835 26.2 Standard MTA Troubleshooting Procedures ........................................................................ 836 26.2.1 Check the MTA Configuration ..................................................................................... 836 26.2.2 Check the Message Queue Directories ......................................................................... 836 26.2.3 Check the Ownership of Critical Files .......................................................................... 837 26.2.4 Check that the Job Controller and Dispatcher are Running ...................................... 837 26.2.5 Check the Log Files ......................................................................................................... 838 26.2.6 Run a Channel Program Manually ............................................................................... 839 26.2.7 Starting and Stopping Individual Channels ................................................................ 840 26.2.8 An MTA Troubleshooting Example ............................................................................ 842 26.3 Common MTA Problems and Solutions ................................................................................ 846 26.3.1 TLS Problems .................................................................................................................. 846 26.3.2 Changes to Configuration Files or MTA Databases Do Not Take Effect ................. 847 26.3.3 The MTA Sends Outgoing Mail but Does Not Receive Incoming Mail ................... 847 26.3.4 Dispatcher (SMTP Server) Wont Start Up .........................