Table of Contents
This chapter presents important information you need to consider before installing the Messaging Server:
We recommend that you consider the following factors before installing the Messaging Server. Doing so will allow you to administer the Messaging Server more efficiently and better accommodate the changing needs of your system:
We recommend installing the Messaging Server on a clean, freshly-installed system that is dedicated for mail server use.
Estimate the number of mail clients your system must service for a reasonable period of time into the future. This will help you determining licensing and system hardware needs. Based on these decisions, you might also want to set mail quotas for client users.
If you are deploying CorporateTime Server, estimate the number of calendar users as well; see Chapter 6 “Calendar Configuration” for more information.
The Volution platform includes powerful system management and administration products that can be used effectively with the Messaging Server. For more information on planning an installation with these products, see “Using Volution System Management Services” in the Administrator's Guide for more information.
The Messaging Server allows you to set quota limits on the size of users' mailstores, which include their inboxes and folders. Default quotas can be assigned such that each new user's account is created with the same quota; to do so, set the DefaultQuotaLimit ACL (Access Control List) attribute as described in the msgaclset(8) manual page. Individual user mail quotas can be managed with the Server Manager as described in “Managing Mail Users”. Because there are no global controls for mail quotas, we recommend that you set quota policy before creating Messaging Server users.
The Messaging Server provides protection against junk mail (unsolicited email or spam). Because filtering can be implemented globally or per user, we recommend that you set junk mail policies before creating mail client users.
The following mail filters can be controlled from administrative interfaces:
This simple filter diverts any mail not directly addressed to a Messaging Server user or alias. Diverted mail can be sent to a folder or destroyed. This eliminates messages without a To: or CC: line; doing so prevents the delivery of Blind CC (bcc) messages, a major vehicle for unsolicited email. This filter is intended to be managed by individual users; when global access permissions are granted, users can turn the filter on and off, and can modify the behavior of the filter with exception lists. This filter acts when mail is delivered to individual mailboxes.
There are two levels of administrative control for this filter:
At the command line, a default value can be set using the msgaclset(8) --spamfilterenabled option, which turns it on or off at user creation. That is, if the default is set on, all users have filtering enabled when their accounts are created. Initial default settings can be modified using the msgaclset(8) utility; these settings cannot be managed globally.
In the Server Manager, users can be globally granted or denied permission to change their own junk mail settings. If granted, client users can use the Preferences Manager to turn filtering on or off and manage exception lists, as described in Chapter 5 “Avoiding Junk Mail”. The administrator can also manage individual client junk mail preferences manually with the msgusermod(8) utility.
This subscription service provided by Mail Abuse Prevention System LLC (MAPSSM) creates intentional network outages (blackholes) for the purpose of limiting the transport of known unsolicited mass email. RBL filtering takes place as mail is received by the Messaging Server.
RBL access can be controlled in the Server Manager (in the System menu under Junk Mail) although you must subscribe to the service before mail is filtered. For more information, see the MAPS RBL website:
http://mail-abuse.org/rbl/
You can also configure Postfix manually to use RBL. For more information, see "Postfix Configuration - UCE Controls" in the Wietse's Postfix Project documentation.
RBL provides comprehensive and strict protection that is not appropriate for all mail systems. After initial RBL configuration, it is very likely that some legitimate messages will not be delivered to your Messaging Server system until it is fully configured. You should familiarize yourself thoroughly with the RBL service before implementing it.
RBL and the BCC filter can be used together, because they are applied at different points in the mail delivery cycle. However, RBL is applied first and it is the stricter filter. Therefore, individual user's exception lists could only remove messages already filtered by RBL, not admit messages already excluded by RBL.
Many modern mail clients include their own junk mail filtering. These can also be used in conjunction with RBL and BCC filters, although mail client filtering takes place last in the mail delivery cycle and therefore exerts least control in a multi-filter environment.
You will probably want to use one of the following combinations of BCC filtering defaults and mail client user access permissions:
BCC filter default | user access | filter behavior |
---|---|---|
on | on | Filter on for all users, individual users can turn it on/off and control exception lists. |
off | on | Filter off for all users, individual users can turn it on/off and control exception lists. |
off | off | Filter off for all users, individual users cannot control filter; mail filtering must be handled by RBL or mail client software. |
The Messaging Server provides two calendar solutions:
The Messaging Server includes default support for the Microsoft Outlook "free/busy" calendar feature. When scheduling a meeting or other activity, this feature allows the person who is scheduling the meeting to see when others are free or busy.
The Caldera Volution Messaging Server includes integration support for CorporateTime Server, a full-featured, scalable calendaring product that enables networked users to manage their calendars from a Web browser or Microsoft Outlook. When installed together, Caldera Volution Messaging Server and CorporateTime Server use the same LDAP server, providing a simple and easily manageable integration of mail and calendar services. CorporateTime Server must be installed and licensed separately.
When mail client users configure their Outlook software for the Messaging Server using the Outlook Configuration Tool, calendar configuration information is downloaded automatically, including:
free/busy configuration.
Steltor Outlook Connector configuration (if CorporateTime Server is installed on the Messaging Server system).
Before installing and deploying a calendaring solution, we recommend that you consider these points:
Identify which client users are appropriate for the available solutions:
Outlook Free/Busy; Outlook only
Steltor CorporateTime Outlook Connector; Outlook only
Steltor Web Interface to Calendar; any networked client with a web browser
If you are deploying a new Messaging Server installation, note that Outlook 2000 and Outlook 98 clients must be configured in Internet Email Only mode for Outlook free/busy calendaring and in Corporate/Workgroup mode to use the CorporateTime Outlook Connector.
If you are upgrading to Messaging Server Release 1.1 and you have installed CorporateTime Server, any existing Outlook 2000 or 98 clients must be reconfigured from Internet Email Only mode to Corporate/Workgroup mod. Then the Outlook Configuration Tool must be rerun to download CorporateTime Outlook Connector configuration information. If you do not want to reconfigure these clients, client users can continue to use Outlook free/busy calendaring or access their CorporateTime Server calendar using a web browser.
Outlook 2002 (XP) clients automatically detect mode requirements, and do not have to be reconfigured.
If you require multiple calendar nodes, we recommend that you estimate the number of calendar users, group them logically, and create the nodes before creating Messaging Server users. Otherwise, user accounts must be upated manually with calendar information.
For more information on Messaging Server calendar solutions, see Chapter 6 “Calendar Configuration”.
Determine whether the LDAP server component of the Messaging Server will be located on the same host system as other Messaging Server components or on a different system. For example, you might locate the LDAP server on a different system if you manage the Messaging Server system with Volution Manager, which is also LDAP-based. LDAP is the only Messaging Server component that can be located on a remote system. See “Configuring a Remote OpenLDAP Server” in the Administrator's Guide for more information.
This is an advanced configuration procedure that requires extensive LDAP knowledge and experience.
Messaging Server components are installed in default locations. They can be moved, but doing so after the Messaging Server is serving mail will cause a disruption in mail services. See Chapter 6 “Managing Messaging Server Components” in the Administrator's Guide for more information.
When you install the system that will host the Messaging Server, you have the opportunity to create system user accounts, each of which has a user ID and associated login name. The Messaging Server also uses its own mail User ID for IMAP authentication and other purposes. However, the Messaging Server will not allow mail accounts to be created that have the same mail User ID as a system login name. If you attempt to do so, you will receive an error such as:
ERROR:6:--uid=username exists as a system user
During installation of the system on which you will run the Messaging Server, we recommend that you not create accounts for any user for whom you intend a Messaging Server account.
In particular, do not configure a local system account named "admin". Doing so will prevent the Messaging Server administrator from receiving email.
However, you can create system users with different IDs from those used by the Messaging Server. For example, you could safely create a system account with login name susans, a corresponding Messaging Server account with a User ID susan, and a Messaging Server email address such as susans@my_company.com. Note that the User ID is distinct from the first element of the email address and that they can be different from each other.
The EXT3 journalling filesystem is supplied as an optional filesystem with Caldera OpenLinux Server 3.1.1. Filesystem journalling protects against data loss when a system unexpectedly loses power without the appropriate shutdown procedure.
In a Messaging Server environment, filesystem journalling affords the greatest protection to the Postfix queue directory (/var/spool/postfix), which contains email content. In addition, because most files do not remain long in the volatile mail queue, they are usually written only to the journal and deleted from there, with negligible performance overhead.
To take full advantage of journalling filesystem high availability, you will probably want the Postfix queue directory on a separate partition. If so, you must configure this partition before installing the Messaging Server.
To implement filesystem journalling on a Messaging Server system, we recommend that you:
Use data=journal journalling mode for the $queue_directory (usually /var/spool/postfix)
Mount the $queue_directory using the noatime option. Postfix disregards inode access times, so there is a small performance gain by setting this option.
Use the chattr(1) command to set the filesystem for synchronous updates:
chattr -R -S /var/spool/postfix
Do not use data=journal journalling mode for the /var/log directory. The default mode affords the same protections for appended files, and it is faster. This usually means separate partitions for /var/log and /var/spool/postfix.
Disable the write-cache for your drive:
hdparm -W0 /dev/hda
Use the elvtune(8) utility to tune disk performance and interactiveness:
elvtune -r 4096 -w 8192On soft-RAID devices, you need to use elvtune on each physical drive.
For example, after following these guidelines the mount(8) command would show a configuration similar to the following:
/dev/hda3 on / type auto (rw,errors=remount-ro) /dev/hda1 on /boot type ext3 (rw) /dev/hda6 on /var/spool type ext3 (rw,data=journal,noatime) /dev/hda7 on /var/log type ext3 (rw)
For more information about onfiguring journalling filesystems with Postfix, see:
http://www.stahl.bau.tu-bs.de/~hildeb/postfix/ext3.shtml
Platform: | Any of the following:
- Caldera OpenLinux Server 3.1 |
RAM: | minimum 64Mb system + 1Mb per user, 512Mb recommended (in addition to platform requirements) |
Disk space: | minimum 40Mb system + appropriate mailbox allocation per user (in addition to platform requirements) |
Networking: | TCP/IP networking with DNS name resolution configured |
Installation profile: | OpenLinux: Web Server |
LKP: Web Server | |
Language support: | English, French, German, and Spanish |
We recommend installing the Messaging Server on a clean, freshly-installed system that is dedicated for mail server use.
Compatible software products (such as calendar and backup solutions) may have additional RAM and disk space requirements.
Your designated Messaging Server system must also satisfy basic system requirements. In particular:
Caldera OpenLinux 3.1 and greater includes the 2.4 kernel compiled to support up to 64GB of RAM. As a result, the kernel and Caldera OpenLinux (and hence the Messaging Server) will only function on systems that support the PAE (Physical Address Extensions) standard. Such CPUs include the following:
Intel Celeron | Intel Pentium II | Intel Pentium 4 | AMD Duron |
Intel Pentium Pro | Intel Pentium III | AMD Athlon | AMD Thunderbird |
Although Open UNIX 8 runs on the following CPUs, Caldera OpenLinux does not run on them or on anything earlier:
Intel Pentium | Intel Pentium MMX | AMD K6 and K6 2 |
For more information, see:
Caldera OpenLinux 3.1 Installation Guide
Open UNIX 8 Getting Started Guide
Do not attempt to install the Messaging Server on a system with an MS Windows operating system already installed. The installation will fail in unpredictable ways. The autorun.inf facility is included on the media distribution only for the purpose of displaying release documentation.
To ensure that RPM packages required by the Messaging Server are already on your system, select the webserver installation profile (or All Packages). Other profiles do not contain the full set of RPM packages required by the Messaging Server. This is required for both native and LKP installations.
The following RPM packages are required by the Messaging Server and should not be removed from your system:
apache
apache-devel
apache-doc
libpam
libpam-devel
openldap
openldap-devel
openssl
openssl-devel
openssl-devel-static
pam_ldap
perl-modules
php
php-doc
The Messaging Server reconfigures these packages. Do not recompile or update them except as documented for product upgrades; doing so might disable the Messaging Server.
We recommend that you use one of the following browsers for both administrative and client use:
Internet Explorer Version 5 or greater
Netscape Communicator 6 or greater
We recommend that you download and install the following supplement and patch before installing the Messaging Server on your Open UNIX 8 system:
Fixes several performance and security problems. You must install the Maintenance Pack after installing LKP to ensure that the LKP fixes in the Maintenance Pack are installed.
Fixes Open UNIX 8 logging problems.
They are available from the:
Enter ftp -p ftp.caldera.com and change directories (cd) to pub/openunix8.
You must invoke ftp in passive mode (that is, with the -p option).
Before installation, familarize yourself with their respective cover letters. We recommend first installing ou800pk2, then ptf8003. If you have already installed the Messaging Server on your Open UNIX 8 system, the supplement and patch can be safely installed to correct performance and logging problems after the Messaging Server has been installed and configured.
After installing ptf8003, use the following procedure to enable Linux syslog logging on your Open UNIX 8 system:
As root, edit the file /unixware/etc/init.d/linuxrc and remove all occurences of the string K99syslog and S01syslog. This will enable Linux syslog to be started at boot time.
Run the linux command to enter the LKP environment, then enter:
cd /etc/rc.d/init.d
./syslog stop
./syslog start
By default, Postfix logging will now be saved in the file /var/log/mail and Cyrus logging in the file /var/log/imap.
The Enhanced Event Logging System (EELS) should not be installed on an Open UNIX 8 system with the Messaging Server. EELS blocks port access for the mysql database, upon which the IMP webmail system depends. If you intend to implement IMP webmail on an Open UNIX 8 Messaging Server, EELS must not be present on your system.
The Messaging Server installs on :
Caldera OpenLinux natively
Caldera OpenLinux under Linux Kernel Personality (LKP) for Open UNIX 8
Messaging Server operation and performance are equivalent on these platforms with comparable hardware and networking.
Messaging Server Release 1.1 can also be installed:
Messaging Server Release 1.1 will detect your previously installed Messaging Server release and upgrade it to the current version. It is not necessary to install or remove Messaging Server maintenance packs before upgrading your system. For more information, see Chapter 3 “Installation and Removal”.
Messaging Server Release 1.1 can be installed in non-graphical mode from the command line using the install.sh -c option. For more information, see “Non-Graphical Installation and Upgrade”.
In addition to conventional installation on a local system, the Messaging Server can be installed using Volution Manager, provided that a Volution Manager Client is installed on the target system.
Volution Manager Server Release 1.1 can be installed on a system with the Messaging Server, although the Manager Server must be installed first. The Messaging Server cannot be used with Volution Manager Server Release 1.0.
For more information, see “Remote Installation With Volution Manager”.
The Messaging Server adds the following RPM packages to your system:
volutionmsg | Messaging Server framework |
volutionmsg-doc | Messaging Server documentation |
cyrus-imapd | Cyrus IMAP server |
cyrus-sasl | Cyrus SASL (Simple Authentication and Security Layer) |
db3 | Berkeley DB programmatic toolkit |
db3-devel | Berkeley DB header files, libraries, and documentation |
drac | Dynamic Relay Authorization Control |
gq | GQ graphical browser for LDAP |
perl-Convert-ASN | ASN.1 Encode/Decode library for perl |
perl-IMAP-Admin | IMAP-Admin module for perl |
perl-ldap | perl interface modules for LDAP servers |
postfix | Postfix Mail Transport Agent (MTA) |
Messaging Server components install by default on a single system. If you want to configure the Messaging Server to use a remote LDAP server, see “Advanced OpenLDAP Configuration” in the Administrator's Guide.
The open source software packages listed here have been adapted for use on a Messaging Server system. They should only be updated by Messaging Server releases. Installing them from other sources, including non-Messaging Server Linux distributions, might disable the Messaging Server.
The Messaging Server removes the following components from your system during installation:
Including the sendmail, sendmail-cf, and sendmail-doc packages. Configuration parameters of this and other MTAs will conflict with those of the Messaging Server Postfix MTA. In addition to sendmail, conflicts have also been noted with qmail.
Including the imap and imap-devel packages. Configuration parameters of this and other IMAP or POP servers will conflict with those of the Messaging Server Cyrus server.
Reinstalling any of these packages or installing new versions of them from other distributions will disable the Messaging Server.
The Messaging Server installation on Open UNIX 8 sets the following kernel tunable parameters for the components specified:
SHMMAX 655576064
SHMSEG 15
SDATLIM 0x7FFFFFFF
HDATLIM 0x7FFFFFFF
SFNOLIM 2048
HFNOLIM 2048
SVMMLIM 0x7FFFFFFF
HVMMLIM 0x7FFFFFFF
SHMMNI 1000
ARG_MAX 1048576
SFSZLIM 0x7FFFFFFF
HFSZLIM 0x7FFFFFFF
MAXULWP 65000
SSTKLIM 0x3FFFFFF
HSTKLIM 0x3FFFFFF
MAXLINK 32767
NBUF 128
NHBUF 32
MAXUP 5000
NPROC 12500
In /etc/conf/sdevice.d/ticots:
ticots Y 2048 0 0 0 0 0 0 0 -1
The installation log records this tuning activity as errors; these errors can be safely ignored.
Additional kernel tuning might be required on your Open UNIX 8 system. For more information, see the Open UNIX 8 Getting Started Guide and the Messaging Server Late News.
The Messaging Server provides SSL (Secure Socket Layer) configuration by default using demonstration keys. Existing demonstration keys are backed up during the Release 1.1 installation and upgrade.
We recommend that you acquire a signed certificate and key before bringing your Messaging Server into production. For more information, see “Enabling SSL” in the Administrator's Guide.
The basic steps to install and configure the Messaging Server are:
Plan your Messaging Server deployment and review the “System Requirements” discussed in this chapter.
Install the base platform using the web server profile as described in your platform documentation.
If desired on Linux platforms, install Volution Manager Server before installing the Messaging Server.
Install the Messaging Server as described in Chapter 3 “Installation and Removal”.
If desired, install compatible software components.
Point your web browser at https://hostname/msg to access the Server Manager interface, as described in Chapter 4 “Administering the Messaging Server”.
Log in to the Server Manager as admin with the password admin and change the password for this administrative account, as described in Chapter 4 “Administering the Messaging Server”.
If desired, use the msgaclset(8) utility to set default mail quotas and junk mail filtering before adding user accounts.
If compatible software products are installed, configure them as desired before adding user accounts.
Use the Server Manager to configure and administer your Messaging Server mail system, adding user accounts, aliases, and domain arrangements as desired, as described in Chapter 4 “Administering the Messaging Server”.
Configure users' mail client software by instructing them to connect to https://hostname/msg from their desktop computers using personal user accounts and passwords, as described in Chapter 5 “Administering Mail Client Users”.
Consult the remainder of this document and the Administrator's Guide for more detailed instructions.