Table of Contents
This chapter presents important information you need to consider before installing the SCOoffice Mail Server:
We recommend that you consider the following factors before installing the SCOoffice Mail Server. Doing so will allow you to administer the SCOoffice Mail Server more efficiently and better accommodate the changing needs of your system:
We recommend installing the SCOoffice Mail Server on a clean, freshly-installed system that is dedicated for mail server use.
Estimate the number of mail clients your system must service for a reasonable period of time into the future. This will help you determining licensing and system hardware needs. Based on these decisions, you might also want to set mail quotas for client users.
The SCOoffice Mail Server allows you to set quota limits on the size of users' mailstores, which include their inboxes and folders. Default quotas can be assigned such that each new user's account is created with the same quota; to do so, set the DefaultQuotaLimit ACL (Access Control List) attribute as described in the msgaclset(8) manual page. Individual user mail quotas can be managed with the Server Manager as described in “Managing Mail Users”. Because there are no global controls for mail quotas, we recommend that you set quota policy before creating SCOoffice Mail Server users.
The SCOoffice Mail Server provides protection against junk mail (unsolicited email or spam). Because filtering can be implemented globally or per user, we recommend that you set junk mail policies before creating mail client users.
The following mail filters can be controlled from administrative interfaces:
This simple filter diverts any mail not directly addressed to a SCOoffice Mail Server user or alias. Diverted mail can be sent to a folder or destroyed. This eliminates messages without a To: or CC: line; doing so prevents the delivery of Blind CC (bcc) messages, a major vehicle for unsolicited email. This filter is intended to be managed by individual users; when global access permissions are granted, users can turn the filter on and off, and can modify the behavior of the filter with exception lists. This filter acts when mail is delivered to individual mailboxes.
There are two levels of administrative control for this filter:
At the command line, a default value can be set using the msgaclset(8) --spamfilterenabled option, which turns it on or off at user creation. That is, if the default is set on, all users have filtering enabled when their accounts are created. Initial default settings can be modified using the msgaclset(8) utility; these settings cannot be managed globally.
In the Server Manager, users can be globally granted or denied permission to change their own junk mail settings. If granted, client users can use the Preferences Manager to turn filtering on or off and manage exception lists, as described in Chapter 5 “Avoiding Junk Mail”. The administrator can also manage individual client junk mail preferences manually with the msgusermod(8) utility.
This subscription service provided by Mail Abuse Prevention System LLC (MAPSSM) creates intentional network outages (blackholes) for the purpose of limiting the transport of known unsolicited mass email. RBL filtering takes place as mail is received by the SCOoffice Mail Server.
RBL access can be controlled in the Server Manager (in the System menu under Junk Mail) although you must subscribe to the service before mail is filtered. For more information, see the MAPS RBL website:
http://mail-abuse.org/rbl/
You can also configure Postfix manually to use RBL. For more information, see "Postfix Configuration - UCE Controls" in the Wietse's Postfix Project documentation.
RBL provides comprehensive and strict protection that is not appropriate for all mail systems. After initial RBL configuration, it is very likely that some legitimate messages will not be delivered to your SCOoffice Mail Server system until it is fully configured. You should familiarize yourself thoroughly with the RBL service before implementing it.
RBL and the BCC filter can be used together, because they are applied at different points in the mail delivery cycle. However, RBL is applied first and it is the stricter filter. Therefore, individual user's exception lists could only remove messages already filtered by RBL, not admit messages already excluded by RBL.
Many modern mail clients include their own junk mail filtering. These can also be used in conjunction with RBL and BCC filters, although mail client filtering takes place last in the mail delivery cycle and therefore exerts least control in a multi-filter environment.
You will probably want to use one of the following combinations of BCC filtering defaults and mail client user access permissions:
BCC filter default | user access | filter behavior |
---|---|---|
on | on | Filter on for all users, individual users can turn it on/off and control exception lists. |
off | on | Filter off for all users, individual users can turn it on/off and control exception lists. |
off | off | Filter off for all users, individual users cannot control filter; mail filtering must be handled by RBL or mail client software. |
SCOoffice Mail Connector for Microsoft Outlook provides access to advanced features of Microsoft Outlook. SCOoffice™ Mail Connector provides complete mapping and synchronization of the user's mail and special folders to the Cyrus IMAP server using the IMAP protocol. MAPI is not used. This feature enables the sharing of the special folders such as calendar, contacts, journal, notes, and tasks. The sharing of the special folders marks the introduction of meaningful collaboration with Outlook on an IMAP based messaging platform. The collaborative features of Outlook that were once available only with Exchange are now available to SCOoffice Mail Server.
SCOoffice Mail Connector for Microsoft Outlook is a separately licensed product provided on a separate CD with the SCOoffice Mail Server product. See the documentation on that CD for more information.
The SCOoffice Mail Server provides two calendar solutions:
The SCOoffice Mail Server includes default support for the Microsoft Outlook "free/busy" calendar feature. When scheduling a meeting or other activity, this feature allows the person who is scheduling the meeting to see when others are free or busy.
The calendar and other special folders in Microsoft Outlook can be shared using the optional SCOoffice Mail Connector for Microsoft Outlook. This feature permits users to access and update shared calendars. See “Optional SCOoffice Mail Connector for Microsoft Outlook” for more information.
When mail client users configure their Outlook software for the SCOoffice Mail Server using the Outlook Configuration Tool, calendar configuration information is downloaded automatically, including:
free/busy configuration.
Before installing and deploying a calendaring solution, we recommend that you consider these points:
Identify which client users are appropriate for the available solutions:
Outlook Free/Busy; Outlook only.
SCOoffice Mail Connector for Microsoft Outlook; Outlook only.
If you are deploying a new SCOoffice Mail Server installation, note that Outlook 2000 and Outlook 98 clients must be configured in Internet Email Only mode for Outlook free/busy calendaring, and in Corporate/Workgroup mode to use in the SCOoffice Mail Connector for Microsoft Outlook.
Outlook 2002 (XP) clients automatically detect mode requirements, and do not have to be reconfigured.
If you require multiple calendar nodes, we recommend that you estimate the number of calendar users, group them logically, and create the nodes before creating SCOoffice Mail Server users. Otherwise, user accounts must be upated manually with calendar information.
For more information on SCOoffice Mail Server calendar solutions, see Chapter 6 “Calendar Configuration”.
Determine whether the LDAP server component of the SCOoffice Mail Server will be located on the same host system as other SCOoffice Mail Server components or on a different system. LDAP is the only SCOoffice Mail Server component that can be located on a remote system. See “Configuring a Remote OpenLDAP Server” in the Administrator's Guide for more information.
This is an advanced configuration procedure that requires extensive LDAP knowledge and experience.
SCOoffice Mail Server components are installed in default locations. They can be moved, but doing so after the SCOoffice Mail Server is serving mail will cause a disruption in mail services. See Chapter 6 “Managing SCOoffice Mail Server Components” in the Administrator's Guide for more information.
When you install the system that will host the SCOoffice Mail Server, you have the opportunity to create system user accounts, each of which has a user ID and associated login name. The SCOoffice Mail Server also uses its own mail User ID for IMAP authentication and other purposes.
During installation of the system on which you will run the SCOoffice Mail Server, we recommend that you not create accounts for any user for whom you intend a SCOoffice Mail Server account.
You can create system users with the same IDs as those used by the SCOoffice Mail Server. By default, email sent to the address username@hostname.domain.com will be delivered on the system to the file /var/mail/username. Email sent to user@domain.com will be sent to the SCOoffice Mail Server mail store. Note that the User ID is distinct from the first element of the email address and that they can be different from each other.
Filesystem journalling protects against data loss when a system unexpectedly loses power without the appropriate shutdown procedure. The EXT3 journalling filesystem is supplied as an optional filesystem with Caldera OpenLinux Server 3.1.1. The default filesystem on SCO Linux and UnitedLinux is the Reiser filesystem, which is also a journaling filesystem. The EXT3 journaling filesystem is optional on SCO Linux and UnitedLinux.
In a SCOoffice Mail Server environment, filesystem journalling affords the greatest protection to the Postfix queue directory (/var/spool/postfix), which contains email content. In addition, because most files do not remain long in the volatile mail queue, they are usually written only to the journal and deleted from there, with negligible performance overhead.
To take full advantage of journalling filesystem high availability, you will probably want the Postfix queue directory on a separate partition. If so, you must configure this partition before installing the SCOoffice Mail Server.
To implement filesystem journalling on a SCOoffice Mail Server system, we recommend that you:
Use data=journal journalling mode for the $queue_directory (usually /var/spool/postfix)
Mount the $queue_directory using the noatime option. Postfix disregards inode access times, so there is a small performance gain by setting this option.
Use the chattr(1) command to set the filesystem for synchronous updates:
chattr -R -S /var/spool/postfix
Do not use data=journal journalling mode for the /var/log directory. The default mode affords the same protections for appended files, and it is faster. This usually means separate partitions for /var/log and /var/spool/postfix.
Disable the write-cache for your drive:
hdparm -W0 /dev/hda
Use the elvtune(8) utility to tune disk performance and interactiveness:
elvtune -r 4096 -w 8192On soft-RAID devices, you need to use elvtune on each physical drive.
For example, after following these guidelines the mount(8) command would show a configuration similar to the following:
/dev/hda3 on / type auto (rw,errors=remount-ro) /dev/hda1 on /boot type ext3 (rw) /dev/hda6 on /var/spool type ext3 (rw,data=journal,noatime) /dev/hda7 on /var/log type ext3 (rw)
For more information about onfiguring journalling filesystems with Postfix, see:
http://www.stahl.bau.tu-bs.de/~hildeb/postfix/ext3.shtml
Platform: | Any of the following:
- SCO Linux |
RAM: | minimum 64Mb system + 1Mb per user, |
Disk space: | minimum 40Mb system + appropriate |
Networking: | TCP/IP networking with DNS name |
Installation profile: | OpenLinux or LKP: ‘Web Server’ or |
SCO Linux: ‘Default System for SCO Linux’ or | |
Language support: | English, French, German, Italian, Polish, and Spanish |
We recommend installing the SCOoffice Mail Server on a clean, freshly-installed system that is dedicated for mail server use.
Compatible software products (such as calendar and backup solutions) may have additional RAM and disk space requirements.
Your designated SCOoffice Mail Server system must also satisfy basic system requirements. In particular:
Caldera OpenLinux 3.1 and greater includes the 2.4 kernel compiled to support up to 64GB of RAM. As a result, the kernel and Caldera OpenLinux (and hence the SCOoffice Mail Server) will only function on systems that support the PAE (Physical Address Extensions) standard. Such CPUs include the following:
Intel Celeron |
Intel Pentium Pro |
Intel Pentium II |
Intel Pentium III |
Intel Pentium 4 |
AMD Athlon |
AMD Duron |
AMD Thunderbird |
Although UnixWare 7 and SCO Linux run on the following CPUs, Caldera OpenLinux running under LKP does not run on them or on anything earlier:
Intel Pentium |
Intel Pentium MMX |
AMD K6 and K6 2 |
For more information, see:
Caldera OpenLinux 3.1 Installation Guide
Getting Started Guide for UnixWare 7.
Do not attempt to install the SCOoffice Mail Server on a system with a Microsoft Windows® operating system already installed. The installation will fail in unpredictable ways. The autorun.inf facility is included on the media distribution only for the purpose of displaying release documentation.
To ensure that RPM packages required by the SCOoffice Mail Server are already on your system, select the webserver installation profile (or All Packages). Other profiles do not contain the full set of RPM packages required by the SCOoffice Mail Server. This is required for both native and LKP installations. On SCO Linux, simply accept the default package selection during installation. If you choose to alter the package selection, select one of the Default System configurations.
The following RPM packages are required by the SCOoffice Mail Server and should not be removed from your system:
apache
apache-devel
apache-doc
libpam
libpam-devel
openldap
openldap-devel
openssl
openssl-devel
openssl-devel-static
pam_ldap
perl-modules
php
php-doc
The SCOoffice Mail Server reconfigures these packages. Do not recompile or update them except as documented for product upgrades; doing so might disable the SCOoffice Mail Server.
We recommend that you use one of the following browsers for both administrative and client use:
Internet Explorer Version 5 or greater
Netscape Communicator 6 or greater
We recommend that you download and install the following supplement before installing the SCOoffice Mail Server on your Open UNIX 8 system:
Fixes several performance and security problems. You must install the Maintenance Pack after installing LKP to ensure that the LKP fixes in the Maintenance Pack are installed.
It is available from the:
Enter ftp -p ftp.sco.com and change directories (cd) to pub/openunix8.
You must invoke ftp in passive mode (that is, with the -p option).
Before installation, familarize yourself its cover letter. If you have already installed the SCOoffice Mail Server on your Open UNIX 8 system, the supplement can be safely installed to correct performance and logging problems after the SCOoffice Mail Server has been installed and configured.
After installing ou800pk4, use the following procedure to enable Linux syslog logging on your Open UNIX 8 system:
As root, edit the file /unixware/etc/init.d/linuxrc and remove all occurences of the string K99syslog and S01syslog. This will enable Linux syslog to be started at boot time.
Run the linux command to enter the LKP environment, then enter:
cd /etc/rc.d/init.d
./syslog stop
./syslog start
By default, Postfix logging will now be saved in the file /var/log/mail and Cyrus logging in the file /var/log/imap.
The Enhanced Event Logging System (EELS) should not be installed on an Open UNIX 8 system with the SCOoffice Mail Server. EELS blocks port access for the mysql database, upon which the IMP webmail system depends. If you intend to implement IMP webmail on an Open UNIX 8 SCOoffice Mail Server, EELS must not be present on your system.
The SCOoffice Mail Server installs on :
SCO Linux and UnitedLinux natively
Caldera OpenLinux natively
Caldera OpenLinux under Linux Kernel Personality (LKP) for UnixWare 7 (including Open UNIX 8).
SCOoffice Mail Server operation and performance are equivalent on these platforms with comparable hardware and networking.
SCOoffice Mail Server Release 2.0 can also be installed:
SCOoffice Mail Server Release 2.0 will detect your previously installed SCOoffice Mail Server release and upgrade it to the current version. It is not necessary to install or remove SCOoffice Mail Server maintenance packs before upgrading your system. For more information, see Chapter 3 “Installation and Removal”.
SCOoffice Mail Server Release 2.0 can be installed in non-graphical mode from the command line using the install.sh -c option. For more information, see “Non-Graphical Installation and Upgrade”.
The SCOoffice Mail Server adds the following RPM packages to your system:
Package | Description |
---|---|
msg | SCOoffice Mail Server framework |
msg-doc | SCOoffice Mail Server documentation |
cyrus-imapd | Cyrus IMAP server |
cyrus-sasl | Cyrus SASL (Simple Authentication and Security Layer) |
db3 (OpenLinux and UnixWare only) | Berkeley DB programmatic toolkit |
db3-devel (openLinux and UnixWare only) | Berkeley DB header files, libraries, and documentation |
drac | Dynamic Relay Authorization Control |
gq | GQ graphical browser for LDAP |
horde (SCO Linux only) | Horde PHP application framework |
imp (SCO Linux only) | Internet Messaging Program web mail |
perl-Convert-ASN | ASN.1 Encode/Decode library for perl |
perl-IMAP-Admin | IMAP-Admin module for perl |
perl-ldap | perl interface modules for LDAP servers |
postfix (OpenLinux and UnixWare only) | Postfix Mail Transport Agent (MTA) |
SCOoffice Mail Server components install by default on a single system. If you want to configure the SCOoffice Mail Server to use a remote LDAP server, see “Advanced OpenLDAP Configuration” in the Administrator's Guide.
The open source software packages listed here have been adapted for use on a SCOoffice Mail Server system. They should only be updated by SCOoffice Mail Server releases. Installing them from other sources, including non-SCOoffice Mail Server Linux distributions, might disable the SCOoffice Mail Server.
The SCOoffice Mail Server removes the following components from your system during installation:
Including the sendmail, sendmail-cf, and sendmail-doc packages. Configuration parameters of this and other MTAs will conflict with those of the SCOoffice Mail Server Postfix MTA. In addition to sendmail, conflicts have also been noted with qmail.
Including the imap and imap-devel packages. Configuration parameters of this and other IMAP or POP servers will conflict with those of the SCOoffice Mail Server Cyrus server.
Reinstalling any of these packages or installing new versions of them from other distributions will disable the SCOoffice Mail Server.
The SCOoffice Mail Server installation on UnixWare 7 sets the following kernel tunable parameters for the components specified:
SHMMAX 655576064
SHMSEG 15
SDATLIM 0x7FFFFFFF
HDATLIM 0x7FFFFFFF
SFNOLIM 2048
HFNOLIM 2048
SVMMLIM 0x7FFFFFFF
HVMMLIM 0x7FFFFFFF
SHMMNI 1000
ARG_MAX 1048576
SFSZLIM 0x7FFFFFFF
HFSZLIM 0x7FFFFFFF
MAXULWP 65000
SSTKLIM 0x3FFFFFF
HSTKLIM 0x3FFFFFF
MAXLINK 32767
NBUF 128
NHBUF 32
MAXUP 5000
NPROC 12500
In /etc/conf/sdevice.d/ticots:
ticots Y 2048 0 0 0 0 \
0 0 0 -1
The installation log records this tuning activity as errors; these errors can be safely ignored.
Additional kernel tuning might be required on your UnixWare 7 system. For more information, see the Getting Started Guide in UnixWare 7 and the SCOoffice Mail Server Late News.
The SCOoffice Mail Server provides SSL (Secure Socket Layer) configuration by default using demonstration keys. Existing demonstration keys are backed up during the Release 2.0 installation and upgrade.
We recommend that you acquire a signed certificate and key before bringing your SCOoffice Mail Server into production. For more information, see “Enabling SSL” in the Administrator's Guide.
The basic steps to install and configure the SCOoffice Mail Server are:
Plan your SCOoffice Mail Server deployment and review the “System Requirements” discussed in this chapter.
Install the base platform using the web server profile as described in your platform documentation.
Install the SCOoffice Mail Server as described in Chapter 3 “Installation and Removal”.
If desired, install compatible software components.
Point your web browser at https://hostname/msg to access the Server Manager interface, as described in Chapter 4 “Administering the SCOoffice Mail Server”.
Log in to the Server Manager as admin with the password admin and change the password for this administrative account, as described in Chapter 4 “Administering the SCOoffice Mail Server”.
If desired, use the msgaclset(8) utility to set default mail quotas and junk mail filtering before adding user accounts.
If compatible software products are installed, configure them as desired before adding user accounts.
Use the Server Manager to configure and administer your SCOoffice Mail Server mail system, adding user accounts, aliases, and domain arrangements as desired, as described in Chapter 4 “Administering the SCOoffice Mail Server”.
Configure users' mail client software by instructing them to connect to https://hostname/msg from their desktop computers using personal user accounts and passwords, as described in Chapter 5 “Administering Mail Client Users”.
Consult the remainder of this document and the Administrator's Guide for more detailed instructions.