Novell GROUPWISE 8 Message Transfer Agent

Download

Message Transfer Agent

 Chapter 40, “Understanding Message Transfer between Domains and Post Offices,” on

page 619

 Chapter 41, “Configuring the MTA,” on page 627

 Chapter 42, “Monitoring the MTA,” on page 661

 Chapter 43, “Optimizing the MTA,” on page 689

 Chapter 44, “Using MTA Startup Switches,” on page 697

novdocx (en) 22 June 2009

Message Transfer Agent

617

novdocx (en) 22 June 2009

618 GroupWise 8 Administration Guide

Understanding Message Transfer

novdocx (en) 22 June 2009

between Domains and Post Offices

A domain organizes post offices into a logical grouping for addressing, routing, and administration purposes in your GroupWise by the Message Transfer Agent (MTA). The following topics help you understand domains and the functions of the MTA:

 Section 40.1, “Domain Representation in ConsoleOne,” on page 619

 Section 40.2, “Domain Directory Structure,” on page 620

 Section 40.3, “Information Stored in the Domain,” on page 620

 Section 40.4, “Role of the Message Transfer Agent,” on page 622

 Section 40.5, “Link Configuration between Domains and Post Offices,” on page 622

 Section 40.6, “Message Flow between Domains and Post Offices,” on page 622

 Section 40.7, “Cross-Platform Issues between Domains and Post Offices,” on page 623

40.1 Domain Representation in ConsoleOne

system. Messages are transferred between post offices and domains

In ConsoleOne®, domains are container objects that contain an MTA object, as well as other domain-related objects, as shown below:

Figure 40-1 ConsoleOne View Showing the MTA Object

Although each post office is linked to a domain, it does not display as subordinate to the domain in the Console View. However, using the GroupWise View, you can display post offices as subordinate to the domains to which they are linked in your GroupWise system.

Understanding Message Transfer between Domains and Post Offices

619

Figure 40-2 GroupWise View Showing Post Offices in Relationship to Domains

40.2 Domain Directory Structure

Physically, a domain consists of a set of directories that house all the information stored in the domain. See “Domain Directory” in GroupWise 8 Troubleshooting 3: Message Flow and Directory

Structure.

novdocx (en) 22 June 2009

40.3 Information Stored in the Domain

The following types of information are stored in the domain:

 Section 40.3.1, “Domain Database,” on page 620

 Section 40.3.2, “Agent Input/Output Queues in the Domain,” on page 621

 Section 40.3.3, “Gateways,” on page 621

No messages are stored in the domain, so GroupWise client users do not need access to the domain directory. The only person who needs file access to the domain directory is the GroupWise administrator.

40.3.1 Domain Database

The domain database ( including:

 Address information about all GroupWise objects (such as users, resources, post offices, and

gateways in the domain)

 System configuration and linking information for the domain’s MTA

 Address and message routing information to other domains

The first domain you create is the primary domain. In the primary domain, the contains all administrative information for your entire GroupWise system (all its domains, post offices, users, and so on). Because the should back it up regularly and keep it secure. See Section 31.1, “Backing Up a Domain,” on

page 423.

wpdomain.db

) contains all administrative information for the domain,

wpdomain.db

file in the primary domain is so crucial, you

file

620 GroupWise 8 Administration Guide

novdocx (en) 22 June 2009

You can re-create your entire GroupWise system from the primary domain however, if the primary domain

wpdomain.db

file becomes unusable, you can no longer make

wpdomain.db

file;

administrative updates to your GroupWise system.

Secondary domains are automatically synchronized to match the primary domain.

40.3.2 Agent Input/Output Queues in the Domain

Each domain contains agent input/output queues where messages are deposited and picked up for processing by the MTA.

For a mapped or UNC link between domains, the MTA requires read/write access rights to its input/ output queues in the other domains. For a TCP/IP link, no access rights are required because messages are communicated by way of TCP/IP.

For illustrations of the processes presented below, see Section 40.6, “Message Flow between

Domains and Post Offices,” on page 622.

MTA Input Queue in the Domain

The MTA input queue in the local domain (

domain\wpcsin

deposit user messages for the local MTA to route to local post offices or to route to other domains. Thus the MTA input queue in the local domain is the output queue for the MTAs in many other domains.

) is where MTAs for other domains

The MTA does not have an output queue for user messages in the local domain. Because its primary task is routing messages, the local MTA has output queues in all post offices in the domain. See

“POA Input Queue in the Post Office” on page 479. The local MTA also has output queues in all

domains to which it is directly linked.

MTA Output Queue in the Domain

The MTA output queue in the local domain (

domain\wpcsout\ads

) is where the MTA deposits

administrative messages from other domains for the MTA admin thread to pick up.

MTA Admin Thread Input Queue in the Domain

The MTA admin thread input queue (

domain\wpcsout\ads

) is, of course, the same as the MTA output queue in the local domain. The MTA admin thread picks up administrative messages deposited in the queue by the MTA and updates the domain database.

MTA Admin Thread Output Queue in the Domain

The MTA admin thread output queue (

domain\wpcsin

) is the same as the MTA input queue in the local domain. The MTA admin thread deposits administrative messages in the queue for replication to other domains.

40.3.3 Gateways

Gateways are installed and configured at the domain level of your GroupWise system. For a list of gateways, see the GroupWise Gateways Documentation Web site (http://www.novell.com/

documentation/gwgateways).

Understanding Message Transfer between Domains and Post Offices 621

40.4 Role of the Message Transfer Agent

You must run an MTA for each domain. The MTA:

 Routes messages between post offices in the local domain.

 Routes messages between domains.

 Routes messages to and from gateways installed in the local domain.

 Routes messages between GroupWise systems across the Internet if appropriate DNS lookup

capabilities have been set up. See “Using Dynamic Internet Links” in “Connecting to Other

GroupWise Systems” in the GroupWise 8 Multi-System Administration Guide.

 Schedules routing of messages across expensive links. See Section 41.3.2, “Scheduling Direct

Domain Links,” on page 648.

 Controls the size of messages that can pass across links. See Section 41.2.1, “Restricting

Message Size between Domains,” on page 642.

 Updates the domain database (

offices, or other GroupWise objects are added, modified, or deleted.

 Replicates updates to all domains and post offices throughout your GroupWise system. This

keeps the Address Book up to date for all GroupWise users.

 Synchronizes GroupWise user information with Novell

handles updates made in ConsoleOne without the GroupWise Administrator snap-in running. See Section 41.4.1, “Using eDirectory User Synchronization,” on page 653.

 Synchronizes GroupWise object information throughout your GroupWise system as needed.

wpdomain.db

) whenever GroupWise users, resources, post

eDirectoryTM user information. This

novdocx (en) 22 June 2009

 Detects and repairs invalid information in the domain database (

 Provides improved performance for GroupWise Remote client users. See Section 41.2.2,

“Enabling Live Remote,” on page 643.

 Provides logging and statistics about GroupWise message flow. See Section 41.4.2, “Enabling

MTA Message Logging,” on page 658.

wpdomain.db

40.5 Link Configuration between Domains and Post Offices

In GroupWise, a link is defined as the information required to route messages between domains, post offices, and gateways in a GroupWise system. Links are created and configured when new domains, post offices, and gateways are created.

For more specific information about how domains are linked to each other, and about how domains and post offices are linked, see Chapter 10, “Managing the Links between Domains and Post

Offices,” on page 145.

40.6 Message Flow between Domains and Post Offices

 Section 40.6.1, “Message Flow between Post Offices in the Same Domain,” on page 623

 Section 40.6.2, “Message Flow between Different Domains,” on page 623

622 GroupWise 8 Administration Guide

40.6.1 Message Flow between Post Offices in the Same Domain

To see what happens to message flow within the domain when the domain is closed, view the following message flow diagrams:

 “TCP/IP Link Open: Transfer between Post Offices Successful”

 “TCP/IP Link Closed: Transfer between Post Offices Delayed”

These diagrams are found in “Message Delivery to a Different Post Office” in GroupWise 8

Troubleshooting 3: Message Flow and Directory Structure. If you are using mapped/UNC links,

refer to GroupWise 6.5 Troubleshooting 3: Message Flow and Directory Structure.

40.6.2 Message Flow between Different Domains

To see what happens to message flow when the destination domain is closed, view the following message flow diagrams:

 “TCP/IP Link Open: Transfer between Domains Successful”

 “TCP/IP Link Closed: Transfer between Domains Delayed”

novdocx (en) 22 June 2009

These diagrams are found in “Message Delivery to a Different Domain” in GroupWise 8

Troubleshooting 3: Message Flow and Directory Structure. If you are using mapped/UNC links,

refer to GroupWise 6.5 Troubleshooting 3: Message Flow and Directory Structure.

40.7 Cross-Platform Issues between Domains and Post Offices

Domains can be located on the following platforms:

 Novell NetWare

 Windows Server

 Linux

The GroupWise agents can run on the following platforms:

 Novell NetWare

 Windows Server

 Linux

In general, GroupWise is most efficient if you match the agent platform with the network operating system. Ideally, the MTA as well as the domain and post offices should be on the same platform. However, those with mixed networks may wonder what combinations are possible. You have several alternatives.

 Section 40.7.1, “MTA Platform Dependencies Because of Direct Access Requirements to Post

Offices,” on page 624

 Section 40.7.2, “MTA/Post Office Platform Independence through TCP/IP Links,” on page 624

 Section 40.7.3, “MTA Platform Dependencies Because of Direct Access Requirements to the

Domain,” on page 624

Understanding Message Transfer between Domains and Post Offices 623

 Section 40.7.4, “MTA/Domain Platform Independence through TCP/IP Links,” on page 625

 Section 40.7.5, “MTA/Domain Platform Independence through the Transfer Pull

Configuration,” on page 625

40.7.1 MTA Platform Dependencies Because of Direct Access Requirements to Post Offices

The MTA must always have direct access to the domain directory. In addition, if using mapped or UNC links to post offices, the MTA must have direct access to each post office directory as well. If the MTA is installed on a remote server, it must be able to log in to servers where the post offices are located.

The table below summarizes the various combinations of MTA and post office platforms, and indicates which combinations work for direct access and which ones do not:

Table 40-1 MTA Platforms and Post Office Platforms

NetWare MTA Linux MTA Windows MTA

novdocx (en) 22 June 2009

Yes

Post Office on NetWare Yes No

Post Office on Linux No

Post Office on Windows No

Post Office on Macintosh

TCP/IP links are required between the MTA and the POA on Linux. Direct access to post offices is

not available.

The NetWare MTA cannot service a domain or post office on a Windows server because Windows

does not support the required cross-platform connection.

Domains and post offices cannot be created on Macintosh computers.

40.7.2 MTA/Post Office Platform Independence through TCP/IP Links

To overcome platform dependencies for post offices, create a TCP/IP link for any post office located on a platform where the domain MTA cannot gain direct access. See “Using TCP/IP Links between

a Domain and its Post Offices” on page 637.

40.7.3 MTA Platform Dependencies Because of Direct Access Requirements to the Domain

If using mapped or UNC links between domains, the source domain MTA must have direct access to its input queues in the destination domain directory. If the MTA is installed on a remote server, it must be able to log in to the server where its domain located.

624 GroupWise 8 Administration Guide

The table below summarizes the various combinations of the platform of MTA for the source domain and the platform where the destination domain is located, and indicates which combinations work for direct access and which ones do not:

Table 40-2 MTA Platforms and Domain Platforms

novdocx (en) 22 June 2009

NetWare MTA for Source Domain

Destination Domain on NetWare

Destination Domain on Linux

Destination Domain on Windows

Destination Domain on Macintosh

TCP/IP links are required between MTAs in GroupWise 7 and later. Direct access to other domains

Yes No

Linux MTA for Source Domain

Windows MTA for Source Domain

Yes

is not available.

The NetWare MTA cannot write message files into its output queue in a destination domain on a

Windows server because Windows does not support the required cross-platform connection.

Domains cannot be created on Macintosh computers.

40.7.4 MTA/Domain Platform Independence through TCP/IP Links

To overcome platform dependencies between domains, use TCP/IP links between domains. See

“Using TCP/IP Links between Domains” on page 632.

40.7.5 MTA/Domain Platform Independence through the Transfer Pull Configuration

If TCP/IP is not available, another alternative for overcoming platform dependencies is a transfer pull configuration.

By default the MTA “pushes” message files out to destination domains by writing them into its output queue in each destination domain. One situation where this method does not work is for the NetWare MTA on a NetWare server to write message files to its input queue in a destination domain located on a Windows server.

As an alternative, you can have the Windows MTA for the destination domain “pull” the message files from the source domain on the NetWare server. This is called a transfer pull configuration. See

Section 41.3.3, “Using a Transfer Pull Configuration,” on page 651 for setup instructions.

Understanding Message Transfer between Domains and Post Offices 625

novdocx (en) 22 June 2009

626 GroupWise 8 Administration Guide

Configuring the MTA

For detailed instructions about installing and starting the MTA for the first time, see “Installing

GroupWise Agents” in the GroupWise 8 Installation Guide.

As your GroupWise configuration to meet changing system needs. The following topics help you configure the MTA:

system grows and evolves, you will probably need to modify MTA

novdocx (en) 22 June 2009

 Section 41.1, “Performing

Basic MTA Configuration,” on page 627

 Section 41.2, “Configuring

User Access through the Domain,” on page 642

 Section 41.3, “Configuring

Specialized Routing,” on page 645

 Section 41.4, “Configuring

Domain Maintenance,” on page 652

Creating an MTA Object in eDirectory Configuring the MTA in ConsoleOne Changing the Link Protocol between Domains Changing the Link Protocol between a Domain and Its Post Offices Binding the MTA to a Specific IP Address Moving the MTA to a Different Server Adjusting the MTA for a New Location of a Domain or Post Office Adjusting the MTA Logging Level and Other Log Settings

Restricting Message Size between Domains Enabling Live Remote Securing the Domain with SSL Connections to the MTA

Using Routing Domains Scheduling Direct Domain Links Using a Transfer Pull Configuration

Using eDirectory User Synchronization Enabling MTA Message Logging

41.1 Performing Basic MTA Configuration

MTA configuration information is stored as properties of its MTA object in eDirectoryTM. The following topics help you modify the MTA object in ConsoleOne to meet changing system configurations:

and change MTA configuration

 Section 41.1.1, “Creating an MTA Object in eDirectory,” on page 628

 Section 41.1.2, “Configuring the MTA in ConsoleOne,” on page 629

 Section 41.1.3, “Changing the Link Protocol between Domains,” on page 632

 Section 41.1.4, “Changing the Link Protocol between a Domain and Its Post Offices,” on

page 636

 Section 41.1.5, “Binding the MTA to a Specific IP Address,” on page 639

 Section 41.1.6, “Moving the MTA to a Different Server,” on page 640

 Section 41.1.7, “Adjusting the MTA for a New Location of a Domain or Post Office,” on

page 640

 Section 41.1.8, “Adjusting the MTA Logging Level and Other Log Settings,” on page 641

Configuring the MTA

627

41.1.1 Creating an MTA Object in eDirectory

When you create a new domain, an MTA object is automatically created for it. If the original MTA object for a domain gets accidently deleted, you can create a new one for it. Do not attempt to create more than one MTA object for a domain.

To create a new MTA object in Novell

1 In ConsoleOne, browse to and right-click the Domain object for which you need to create an

MTA object, then click New.

2 Double-click GroupWise Agent to display the Create GroupWise Agent dialog box.

eDirectory:

novdocx (en) 22 June 2009

3 Type a unique name for the new MTA. The name can include as many as 8 characters. Do not

use any of the following invalid characters in the name:

ASCII characters 0-31 Comma ,

Asterisk * Double quote "

At sign @ Extended ASCII characters that are graphical or typographical

symbols; accented characters in the extended range can be used

Backslash \ Parentheses ( )

Braces { } Period .

Colon :

The Type field is automatically set to Message Transfer.

4 Select Define Additional Properties.

5 Click OK.

The MTA object is automatically placed within the Domain object.

6 Review the information displayed for the first four fields on the Identification page to ensure

that you are creating the correct type of Agent object in the correct location.

628 GroupWise 8 Administration Guide

7 In the Description field, type one or more lines of text describing the MTA. This description

displays on the MTA server console as the MTA runs.

novdocx (en) 22 June 2009

If multiple administrators work at the server where the MTA will run, the description includes a note about who to contact before stopping the MTA. When running multiple MTAs on the same server, the description should uniquely identify each one. See Chapter 42, “Monitoring the

MTA,” on page 661.

8 In the Platform field, select the platform (NetWare, Linux, or Windows) where the MTA will

run.

9 Continue with Section 41.1.2, “Configuring the MTA in ConsoleOne,” on page 629.

41.1.2 Configuring the MTA in ConsoleOne

The advantage to configuring the MTA in ConsoleOne, as opposed to using startup switches in an MTA startup file, is that the MTA configuration settings are stored in eDirectory.

1 In ConsoleOne, expand the eDirectory container where the Domain object is located.

2 Expand the Domain object.

Configuring the MTA 629

3 Right-click the MTA object, then click Properties.

novdocx (en) 22 June 2009

The table below summarizes the MTA configuration settings in the MTA object properties pages and how they correspond to MTA startup switches (as described in Chapter 44, “Using MTA Startup

Switches,” on page 697):

Table 41-1 MTA Configuration Settings

ConsoleOne Properties Pages and Settings

Information Page

Domain Distinguished Name Name Agent Type Description Platform

Agent Settings Page

Scan Cycle Scan High

Attach Retry See Section 43.4, “Adjusting MTA Polling of Closed Locations,” on

Corresponding Tasks and Startup Switches

See Section 41.1.1, “Creating an MTA Object in eDirectory,” on

page 628.

See Section 43.2.2, “Adjusting MTA Polling of Input Queues in the

Domain, Post Offices, and Gateways,” on page 690.

41.1.3 Changing the Link Protocol between Domains

How MTAs for different domains communicate with each other is determined by the link protocol in use between the domains. Typically, inbound and outbound links for a domain use the same link protocol, but this is not required. For a review of link protocols, see Section 10.1.3, “Link Protocols

for Direct Links,” on page 149.

If you originally set up an MTA using one link protocol and need to change to a different one, some reconfiguration of the MTA is necessary.

 “Using TCP/IP Links between Domains” on page 632

 “Using Mapped or UNC Links between Domains” on page 635

 “Using Gateway Links between Domains” on page 636

NOTE: The Linux MTA does not support mapped or UNC links between domains. TCP/IP links are required.

Using TCP/IP Links between Domains

To set up TCP/IP links between domains, you must perform the following two tasks:

 “Configuring the MTA for TCP/IP” on page 632

 “Changing the Link Protocol between Domains to TCP/IP” on page 634

Configuring the MTA for TCP/IP

1 Make sure TCP/IP is properly set up on the server where the MTA is running.

2 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

3 Click GroupWise > Network Address to display the Network Address page.

632 GroupWise 8 Administration Guide

4 On the Network Address page, click the pencil icon for the TCP/IP Address field to display the

Edit Network Address dialog box.

novdocx (en) 22 June 2009

5 Select IP Address, then provide the IP address, in dotted decimal format, of the server where

the MTA is running.

Select DNS Host Name, then provide the DNS hostname of the server where the MTA is running.

IMPORTANT: The MTA must run on a server that has a static IP address. DHCP cannot be used to dynamically assign an IP address for it.

Specifying the DNS hostname rather than the IP address makes it easier to move the MTA from one server to another, should the need arise at a later time. You can assign a new IP address to the hostname in DNS, without changing the MTA configuration information in ConsoleOne.

6 Click OK.

7 To use a TCP port number other than the default port of 7100, type the port number in the

Message Transfer Port field.

If multiple MTAs will run on the same server, each MTA must have a unique TCP port number.

8 For optimum security, select Enabled in the SSL drop-down list for the message transfer port.

For more information, see Section 41.2.3, “Securing the Domain with SSL Connections to the

MTA,” on page 643.

9 Click OK to save the network address and return to the main ConsoleOne window.

ConsoleOne then notifies the MTA to restart enabled for TCP/IP.

Configuring the MTA 633

Corresponding Startup Switches You can also use the /ip and /tcpport switches in the MTA startup file to provide the IP address and the message transfer port number.

MTA Web Console You can view the MTA TCP/IP information on the Configuration page under the TCP/IP Settings heading.

Changing the Link Protocol between Domains to TCP/IP

Make sure you have configured the MTA for TCP/IP at both ends of each link.

To change the link between the domains from mapped or UNC to TCP/IP:

1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.

2 Click Vie w > D o main L i nks to display domain links.

novdocx (en) 22 June 2009

3 Select the MTA’s local domain in the drop-down list.

Outbound and inbound links for the selected domain are listed.

4 Double-click a domain in the Outbound Links list.

5 Set Link Type to Direct.

6 Set Protocol to TCP/IP.

Make sure the information displayed in the IP Address and MT Port fields matches the information for the MTA for the domain to which you are linking.

7 Click OK.

634 GroupWise 8 Administration Guide

8 Repeat Step 4 through Step 7 for each domain in the Outbound Links list where you want the

MTA to use a TCP/IP link.

Selecting multiple domains is also allowed.

9 Double-click a domain in the Inbound Links list.

10 Set Link Type to Direct.

11 Set Protocol to TCP/IP.

Make sure the information displayed in the IP Address and MT Port fields matches the information you supplied in “Configuring the MTA for TCP/IP” on page 632.

12 Click OK.

13 Repeat Step 9 through Step 12 for each domain in the Inbound Links list where you want the

MTA to use a TCP/IP link.

Selecting multiple domains is also allowed.

14 Click File > Exit > Yes to save the link changes.

ConsoleOne then notifies the MTA to restart with the new link configuration.

For a sample message flow for this configuration, see “TCP/IP Link Open: Transfer between

Domains Successful” in “Message Delivery to a Different Domain” in GroupWise 8

Troubleshooting 3: Message Flow and Directory Structure.

novdocx (en) 22 June 2009

Using Mapped or UNC Links between Domains

To change to a mapped or UNC link between domains:

1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.

2 Click Vie w > D o main L i nks to display domain links.

3 Select the MTA’s local domain in the drop-down list.

Outbound and inbound links for the selected domain are listed.

4 Double-click a domain in the Outbound Links list.

5 Set Link Type to Direct.

6 Set Protocol to Mapped or UNC.

7 Enter the full path, in the appropriate format, of the directory where the other domain is

located.

8 Click OK.

9 Repeat Step 4

through Step 8 for each domain in the Outbound Links list where you want the

MTA to use a mapped or UNC link.

Selecting multiple domains is also allowed.

10 Double-click a domain in the Inbound Links list.

11 Set Link Type to Direct.

12 Set Protocol to Mapped or UNC.

13 Enter the full path, in the appropriate format, of the directory where the local domain is located.

14 Click OK.

15 Repeat Step 10 through Step 14 for each domain in the Inbound Links list where you want the

MTA to use a mapped link.

Configuring the MTA 635

Selecting multiple domains is also allowed.

16 Click File > Exit > Yes to save the link changes.

ConsoleOne then notifies the MTA to restart with the new link configuration.

Using Gateway Links between Domains

You can use GroupWise gateways to link domains within your GroupWise system.

 “Using the Async Gateway to Link Domains” on page 636

 “Using the Internet Agent to Link Domains” on page 636

Using the Async Gateway to Link Domains

You can use the Async Gateway to link a domain into your GroupWise system using a modem. For setup instructions, see the Async Gateway documentation at the GroupWise Gateway

Documentation Web site (http://www.novell.com/documentation/gwgateways).

Using the Internet Agent to Link Domains

novdocx (en) 22 June 2009

You can use the Internet Agent to link a domain into your GroupWise system across the Internet. When you use the Internet Agent as the transport mechanism between domains, it encapsulates GroupWise messages (both e-mail messages and administrative messages) within SMTP messages in order to transport them across the Internet. For setup instructions, see Section 51.2, “Linking

Domains,” on page 828

NOTE: A simpler alternative to a gateway link for spanning the Internet is to use MTA to MTA links, as described for linking separate GroupWise systems in “Using Dynamic Internet Links” in the GroupWise 8 Multi-System Administration Guide. The same configuration that can link two separate GroupWise systems can be employed to link a domain within the same GroupWise system.

41.1.4 Changing the Link Protocol between a Domain and Its Post Offices

How messages are transferred between the MTA for the domain and the POA for each post office is determined by the link protocol in use between the domain and each post office. For a review of link protocols, see Section 10.1.3, “Link Protocols for Direct Links,” on page 149.

If you need to change from one link protocol to another, some reconfiguration of the MTA and its link to each post office is necessary.

 “Using TCP/IP Links between a Domain and its Post Offices” on page 637

 “Using Mapped or UNC Links between a Domain and its Post Offices” on page 639

NOTE: The Linux MTA requires TCP/IP links between a domain and its post offices.

636 GroupWise 8 Administration Guide

Using TCP/IP Links between a Domain and its Post Offices

To change from mapped or UNC links to TCP/IP links between a domain and its post offices, you must perform the following two tasks:

 “Configuring the Agents for TCP/IP” on page 637

 “Changing the Link Protocol between a Domain and its Post Offices to TCP/IP” on page 638

Configuring the Agents for TCP/IP

1 If the MTA for the domain is not yet set up for TCP/IP communication, see “Configuring the

MTA for TCP/IP” on page 632.

2 If any post offices do not yet have a POA set up for TCP/IP communication, see Section 36.2.1,

“Using Client/Server Access to the Post Office,” on page 498 to set up the initial TCP/IP

information.

3 In ConsoleOne, expand the Post Office object to display the POA object(s) in the post office.

Only one POA per post office needs to communicate with the MTA. If the post office has multiple POAs, have a POA that performs message file processing communicate with the MTA for best performance. For information about message file processing, see Section 35.5, “Role

of the Post Office Agent,” on page 481.

novdocx (en) 22 June 2009

4 Right-click the POA object, then click Properties.

5 Click GroupWise > Network Address to display the Network Address page.

6 On the Network Address page, click the pencil icon for the TCP/IP Address field to display the

Edit Network Address dialog box.

Configuring the MTA 637

7 In the Message Transfer Port field, specify a unique TCP port on which the POA will listen for

incoming messages from the MTA.

The default is 7101.

8 For optimum security, select Enabled in the SSL drop-down list for the message transfer port.

For more information, see Section 41.2.3, “Securing the Domain with SSL Connections to the

MTA,” on page 643.

9 Click OK to save the TCP/IP information and return to the main ConsoleOne window.

ConsoleOne then notifies the POA to restart with message transfer processing enabled.

Changing the Link Protocol between a Domain and its Post Offices to TCP/IP

1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.

novdocx (en) 22 June 2009

2 In the drop-down list, select the domain where you want TCP/IP links to post offices.

3 Click View > Post Office Links to display post office links.

4 Double-click a Post Office object.

5 In the Protocol field, select TCP/IP.

638 GroupWise 8 Administration Guide

6 Make sure the information displayed in the Edit Post Office Link dialog box matches the

information provided in the Edit Network Address dialog box in “Configuring the Agents for

TCP/IP” on page 637.

7 Click OK.

8 Repeat Step 4 through Step 7 for each post office in the domain where you want to use TCP/IP

links.

9 To exit the Link Configuration tool and save your changes, click File > Exit > Yes.

ConsoleOne then notifies the MTA and POAs to restart using the new link protocol.

For a sample message flow for this configuration, see “TCP/IP Link Open: Transfer between Post

Offices Successful” in “Message Delivery to a Different Post Office” in GroupWise 8

Troubleshooting 3: Message Flow and Directory Structure.

Using Mapped or UNC Links between a Domain and its Post Offices

To change from a TCP/IP link to a mapped or UNC link between a domain and its post offices:

1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.

2 In the drop-down list, select the domain where the post offices reside.

3 Click View Post Office Links to display post office links.

novdocx (en) 22 June 2009

4 Double-click a Post Office object.

5 In the Protocol field, select Mapped or UNC.

6 Provide the location of the post office in the format appropriate to the selected protocol.

7 Click OK.

8 Repeat Step 4 through Step 7 for each post office in the domain.

9 To exit the Link Configuration tool and save your changes, click File > Exit > Yes.

ConsoleOne then notifies the POA and MTA to restart using the new link protocol.

41.1.5 Binding the MTA to a Specific IP Address

If the MTA runs on a server that has multiple IP addresses, you can cause the MTA to bind to a specific IP address. The specified IP address is associated with all ports used by the MTA. Without an exclusive bind, the MTA binds to all IP addresses available on the server.

1 In ConsoleOne, expand the Domain object to display the MTA object in the post office.

2 Right-click the MTA object, then click Properties.

3 Click GroupWise > Network Address to display the Network Address page.

4 If the TCP/IP Address field does not yet display the IP address you want the MTA to use:

4a Click the pencil icon for the TCP/IP Address field to display the Edit Network Address

dialog box.

4b Specify the IP address for the MTA, then click OK.

5 Select Bind Exclusively to TCP/IP Address, then click OK to save the IP address setting.

Corresponding Startup Switches You can also use the /ip switch in the MTA startup file to bind the MTA to a specific IP address.

Configuring the MTA 639

41.1.6 Moving the MTA to a Different Server

As your GroupWise system grows and evolves, you might need to move an MTA from one server to another. For example, you might decide to run the MTA on a different platform, or perhaps you want to move it to a server that has more disk space for the mslocal directory.

1 Stop the existing MTA.

novdocx (en) 22 June 2009

2 Copy the entire

might contain messages that have not yet been delivered.

3 When moving the MTA, pay special attention to the following details:

 In the MTA startup file, set the /work switch to the location of the mslocal directory on the

new server.

 If the original MTA was configured for TCP/IP links between domains, you must

reconfigure the MTA object with the IP address and port number for the MTA on the new server. See “Using TCP/IP Links between Domains” on page 632.

 For the NetWare

offices are located and you are moving it to a different server, you must add the /dn switch or the /user and /password switches to the MTA startup file to give the NetWare MTA access to the server where the domain and post offices are located.

4 Install the MTA on the new server. See “Installing GroupWise Agents” in the GroupWise 8

Installation Guide.

5 Start the new MTA, as described in the following sections in the GroupWise 8 Installation

Guide:

 “Starting the NetWare GroupWise Agents”

 “Starting the Linux Agents with a User Interface”

 “Starting the Windows GroupWise Agents”

6 Observe the new MTA to see that it is running smoothly. See Chapter 42, “Monitoring the

MTA,” on page 661.

mslocal

subdirectory structure to wherever you want it on the new server. It

MTA, if it was originally on the same server where its domain and post

7 If you are no longer using the old server for any GroupWise agents, you can remove the agents

to reclaim the disk space, as described in the following sections in the GroupWise 8 Installation

Guide:

 “Uninstalling the NetWare GroupWise Agents”

 “Uninstalling the Linux GroupWise Agents”

 “Uninstalling the Windows GroupWise Agents”

41.1.7 Adjusting the MTA for a New Location of a Domain or Post Office

MTA configuration must be adjusted if you make the following changes to your GroupWise system configuration:

 “New Domain Location” on page 641

 “New Post Office Location” on page 641

640 GroupWise 8 Administration Guide

New Domain Location

If you move a domain from one server to another, you need to edit the MTA startup file to provide the new location of the domain directory.

1 Stop the MTA for the old domain location if it is still running.

2 Use an ASCII text editor to edit the MTA startup file.

novdocx (en) 22 June 2009

NetWare and Windows:

Linux: The full domain name is used in the filename. However, all letters are lowercase and

Only the first 8 characters of the domain name are used in the filename. The startup file is typically located in the directory where the MTA software is installed.

any spaces in the domain name are removed. The startup file is located in the /opt/ novell/groupwise/agents/share directory.

3 Adjust the setting of the /home switch to point to the new location of the domain directory.

4 Save the MTA startup file.

5 Start the MTA for the new domain location, as described in the following sections in the

GroupWise 8 Installation Guide:

 “Starting the NetWare GroupWise Agents”

 “Starting the Linux Agents with a User Interface”

 “Starting the Windows GroupWise Agents”

New Post Office Location

If you move a post office, you need to adjust the link information for that post office.

1 Click Tools > GroupWise Utilities > Link Configuration.

2 In the drop-down list, select the domain where a post office has moved.

3 Click View > Post Office Links to display post office links.

4 Double-click the post office that has been moved.

5 Provide its new location in the appropriate format.

6 Click OK.

7 Click File > Exit > Yes to save the link changes.

ConsoleOne then notifies the MTA to restart with the new link configuration.

41.1.8 Adjusting the MTA Logging Level and Other Log Settings

When installing or troubleshooting the MTA, a logging level of Verbose can be useful. However, when the MTA is running smoothly, you can set the logging level down to Normal to conserve disk space occupied by log files. See Section 42.3, “Using MTA Log Files,” on page 681.

Configuring the MTA 641

41.2 Configuring User Access through the Domain

Although users do not access the domain as they use the GroupWise client, their messages often pass through domains while traveling from one post office to another.

 Section 41.2.1, “Restricting Message Size between Domains,” on page 642

 Section 41.2.2, “Enabling Live Remote,” on page 643

 Section 41.2.3, “Securing the Domain with SSL Connections to the MTA,” on page 643

41.2.1 Restricting Message Size between Domains

You can configure the MTA to restrict the size of messages that users are permitted to send outside the domain.

1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.

novdocx (en) 22 June 2009

2 Double-click the domain where you want to restrict message size.

3 In the Maximum Send Message Size field, specify in megabytes the size of the largest message

you want users to be able to send outside the post office.

4 If you want to delay large messages, specify the size in megabytes for message files the MTA

can process immediately in the Delay Message Size field.

642 GroupWise 8 Administration Guide

If a message file exceeds the delay message size, the message file is moved into the low priority (6) message queue, where only one MTA thread is allocated to process very large messages. This arrangement allows typical messages to be processed promptly, while delaying large messages that exceed the specified size. The result is that large messages do not slow down processing of typical messages. Message size restrictions override message priority, meaning that even high priority messages are delayed if they exceed the size restrictions.

5 Click OK.

6 To exit the Link Configuration Tool and save your changes, click File > Exit > Yes.

ConsoleOne then notifies the MTA to restart using the new message size limits.

If a user’s message is not sent out of the domain because of this restriction, the user receives an email message providing the following information:

Delivery disallowed - Transfer limit is nn MB

However, the message is delivered to recipients in the sender’s own domain.

There are additional ways to restrict the size of messages that users can send, as described in

Section 12.3.5, “Restricting the Size of Messages That Users Can Send,” on page 195.

novdocx (en) 22 June 2009

41.2.2 Enabling Live Remote

You can configure the MTA to redirect GroupWise Remote client requests to other MTAs and POAs. The GroupWise client can establish a client/server connection to an MTA across the Internet, eliminating the queuing and polling process used by earlier Remote clients. The result is improved performance for Remote client users. To configure the MTA to redirect Remote client requests, add the /liveremote, /lrconn and /lrwaitdata switches to the MTA startup file. You can monitor the live remote connections from the MTA server console. See “Displaying Live Remote Status” on

page 669.

IMPORTANT: Live remote connections are still supported in GroupWise, but are not recommended. Superior functionality is currently available by using proxy servers for POAs, so that client users in Remote mode connect to their mailboxes through the proxy servers rather than through MTAs. Full SSL security is provided through the proxy servers and POAs. See

Section 36.3.1, “Securing Client/Server Access through an External Proxy Server,” on page 509.

41.2.3 Securing the Domain with SSL Connections to the MTA

Secure Sockets Layer (SSL) ensures secure communication between the MTA and other programs by encrypting the complete communication flow between the programs. For background information about SSL and how to set it up on your system, see Section 75.2, “Server Certificates

and SSL Encryption,” on page 1161.

To configure the MTA to use SSL:

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Network Address to display the Network Address page.

Configuring the MTA 643

3 To use SSL connections between the MTA and the POAs for its post offices, which provides

optimum security, select Enabled in the Message Transfer SSL drop-down list.

novdocx (en) 22 June 2009

The MTA must use a TCP/IP connection to each POA in order to enable SSL for the connection. See “Using TCP/IP Links between a Domain and its Post Offices” on page 637.

Each POA must also have SSL enabled for the connection to be secure. See Section 36.3.3,

“Securing the Post Office with SSL Connections to the POA,” on page 511.

4 To use SSL connections between the MTA and the MTA Web console displayed in your Web

browser, which provides optimum security, select Enabled in the HTTP SSL drop-down list.

To set up the MTA Web console, see Section 42.2.1, “Setting Up the MTA Web Console,” on

page 673.

5 Click Apply to save the settings on the Network Address page.

You are prompted the supply the SSL certificate and key files. The key file must be password protected in order for SSL to function correctly.

6 Click Ye s to display the SSL Settings page.

644 GroupWise 8 Administration Guide

For background information about certificate files and SSL key files, see Section 75.2, “Server

Certificates and SSL Encryption,” on page 1161.

novdocx (en) 22 June 2009

7 In the Certificate File field, browse to and select the public certificate file provided to you by

your CA.

8 In the SSL Key File field:

8a Browse to and select your private key file.

8b Click Set Password.

8c Provide the password that was used to encrypt the private key file when it was created.

8d Click Set Password.

9 Click OK to save the SSL settings.

ConsoleOne then notifies the MTA to restart using the new message size limits.

Corresponding Startup Switches You can also use the /certfile, /keyfile, /keypassword, /httpssl, and /msgtranssl switches in the MTA startup file to configure the MTA to use SSL.

MTA Web Console You can list which connections the MTA is using SSL for from the Links page. Click View TCP/IP Connections to display the list if TCP/IP links.

41.3 Configuring Specialized Routing

As you create each new domain in your GroupWise system, you link it to another domain. You can view and modify the links between domains using the Link Configuration Tool. See Chapter 10,

“Managing the Links between Domains and Post Offices,” on page 145. The following topics help

you configure the MTA to customize routing through your GroupWise system:

 Section 41.3.1, “Using Routing Domains,” on page 646

 Section 41.3.2, “Scheduling Direct Domain Links,” on page 648

 Section 41.3.3, “Using a Transfer Pull Configuration,” on page 651

Configuring the MTA 645

41.3.1 Using Routing Domains

As an alternative to configuring individual links between individual domains throughout your GroupWise system, you can establish a system of one or more routing domains under the following circumstances.

 Domains must connect to the routing domains with TCP/IP links.

 GroupWise 5.5 and later domains can be part of the routing domain system. Domains and

MTAs that are still at a 5.2 or earlier version cannot participate and must use links as provided in the Link Configuration Tool.

A routing domain can serve as a hub in the following situations:

 Messages that are otherwise undeliverable can be automatically sent to a single routing domain.

This routing domain can be set up to perform DNS lookups and route messages out across the Internet. See “Using Dynamic Internet Links” in “Connecting to Other GroupWise Systems” in the GroupWise 8 Multi-System Administration Guide.

 All messages from a domain can be automatically routed through another domain, regardless of

the final destination of the messages. This provides additional control of message flow through your GroupWise system.

novdocx (en) 22 June 2009

You can set up routing domains on two levels:

 “Selecting a System Default Routing Domain” on page 646

 “Selecting a Specific Routing Domain for an Individual Domain” on page 647

Selecting a System Default Routing Domain

You can establish a single default routing domain for your entire GroupWise system. This provides a centralized routing point for all messages. It takes precedence over specific links established when domains were created or links modified with the Link Configuration Tool.

To set up a system default routing domain:

1 In ConsoleOne, click Tools > GroupWise System Operations > System Preferences > Routing

Options to display the Routing Options tab.

2 In the Default Routing Domain field, browse to and select the domain you want to serve as the

default routing domain for your entire GroupWise system.

3 If you want all GroupWise messages to pass through the default routing domain regardless of

the destination of the message, select Force All Messages to This Domain.

646 GroupWise 8 Administration Guide

If you want only undeliverable GroupWise messages to be routed to the default routing domain, deselect Force All Messages to This Domain.

If you do not force all messages to the system default routing domain, then you have the option of allowing selected MTAs to provide routing domain services in addition to the system default routing domain.

4 Select MTAs Send Directly to Other GroupWise Systems if you want all MTAs in your

GroupWise system to perform DNS lookups and route messages out across the Internet.

Deselect MTAs Send Directly to Other GroupWise Systems if you want to individually designate which MTAs should perform eDirectory lookups and route messages out across the Internet.

5 Click OK to save the routing options you have specified for the system default routing domain.

Selecting a Specific Routing Domain for an Individual Domain

As long as you are not forcing all messages to the system default routing domain, you can override the system default routing information for an individual domain.

novdocx (en) 22 June 2009

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Routing Options to display the Routing Options page.

System default routing information displays if it has been set up. See “Selecting a System

Default Routing Domain” on page 646.

3 Select Override beside the default information you want to change for the selected domain.

4 Set the routing options as needed for the selected domain.

5 Click OK to save the specialized routing information for the selected domain.

ConsoleOne then notifies the MTA to restart so the routing information can be put into effect.

Configuring the MTA 647

MTA Web Console You can check routing information on the Configuration page under the

General Settings heading.

41.3.2 Scheduling Direct Domain Links

When domains link across an expensive medium such as long-distance phone lines, you can reduce the cost of the link by controlling when it is open. You can choose to have some types of messages wait in the message queues for the lowest phone rate. You can collect messages in the message queues until a specified time or size limit is reached, then open the link, rather than opening the link for each message as it arrives in the queue. You can design as many link profiles as you need, to schedule the transfer of various types of GroupWise messages in the most efficient and costeffective manner.

To create a schedule for a link between domains:

1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.

2 In the drop-down list, select the domain to schedule a link for.

3 Click Vie w > D o main L i nks to display domain links.

novdocx (en) 22 June 2009

4 Double-click the domain you want to create a link schedule for.

Only direct links can be scheduled.

5 Click Scheduling.

648 GroupWise 8 Administration Guide

The link schedule grid displays the current schedule for the selected direct link. The grid consists of half-hour time slots showing the link profile assigned to each time slot. Available link profiles are listed below the link schedule grid.

Each link profile defines the following values to set the conditions under which the link opens:

 Which message queues to monitor

novdocx (en) 22 June 2009

 Maximum wait time for any message in any monitored queue

 Maximum number of waiting messages allowed in all monitored queues

 Maximum total size of waiting messages allowed in all monitored queues

The default profile shows as white in the link schedule grid. The default profile is in effect at all times when no other profile has been selected. Any other defined profiles show as gray. The currently selected link profile shows as green.

6 To create a new link profile, click Create.

To edit an existing link profile, select it in the profile list, then click Edit.

To edit the default link profile, click Default.

7 If you are creating a new link profile, provide a unique name for the link profile in the Name

field.

If you are editing an existing link profile, you cannot change the name.

Configuring the MTA 649

8 In the Description field, provide whatever additional information is necessary to describe the

purpose of the link profile.

9 Use the scroll bar in the Time Thre shold box to select which queues to monitor and process

when this link profile is in effect.

Queue Purpose

0 Busy Search requests

1 Requests from GroupWise Remote users

2 High priority user messages; administrative messages

3 High priority status messages

4 Normal priority user messages

5 Normal priority status messages

6 Low priority user messages

7 Low priority status messages

novdocx (en) 22 June 2009

The contents of deselected queues are not monitored but are processed when the link opens.

10 For each selected queue, specify the maximum number of minutes a message must wait in each

queue before the link opens.

If you want the link to open immediately when a message arrives in the queue, specify 0 (zero).

11 In the Messages field, specify the total number of messages waiting in all selected queues that

will trigger the link to open.

12 In the KBytes field, specify the total size in kilobytes of all messages waiting in all selected

queues that will trigger the link to open.

13 Click OK to save the link profile and return to the Link Scheduling dialog box.

14 Select the new or modified link profile in the profile list.

15 Click a time slot or drag to select a range of time slots.

Time slots assigned to the selected link profile display as green.

16 Select all the time slots you want governed by the selected link profile.

17 Select a different link profile to assign to time slots.

Create or edit another link profile.

Click OK to save the schedule for the current link.

18 When the schedule is saved, click OK to close the Edit Domain Link dialog box.

19 To exit the Link Configuration Tool, click File > Exit > Yes.

ConsoleOne then notifies the MTA to restart using the new link schedule.

650 GroupWise 8 Administration Guide

41.3.3 Using a Transfer Pull Configuration

Typically for a mapped or UNC link, the MTA for the sending domain writes (or “pushes”) message files into the input queue subdirectories of the receiving domain. However, it is possible to change this configuration so the MTA for the receiving domain picks up (or “pulls”) message files from the sending domain.

The transfer pull directory is a location in the sending domain where the MTA for the receiving domain can pick up message files (that is, “pull” them from the sending domain). It represents the only configuration where an MTA processes messages outside its own domain directory structure.

NOTE: The transfer pull configuration does not apply to the Linux MTA because the Linux MTA does not use mapped or UNC links.

To set up a transfer pull configuration between domains:

1 Manually create a transfer directory with input queue subdirectories from which outgoing

message files are pulled.

The transfer directory must contain a subdirectories beneath. The transfer directory must be placed where both the sending and receiving MTAs have rights.

2 In ConsoleOne, modify the outgoing link from the sending domain so the MTA for the sending

domain writes message files to the transfer directory, rather than directly to the receiving domain. See “Modifying the Outgoing Transfer Pull Link” on page 651.

3 In ConsoleOne, modify the incoming link to the receiving domain so the MTA for the receiving

domain actively pulls message files from the transfer directory, rather than waiting for them to be delivered. See “Modifying the Incoming Transfer Pull Link” on page 652.

4 Stop and restart the MTAs for both domains.

wpcsin

subdirectory, with standard priority 0 through 7

novdocx (en) 22 June 2009

Modifying the Outgoing Transfer Pull Link

1 In ConsoleOne, connect to the sending domain:

1a Click Tools > GroupWise System Operations > Select Domain.

1b Browse to and select the domain database (

1c Click Open.

1d Click OK.

2 Click Tools > GroupWise Utilities > Link Configuration.

3 In the drop-down list, select the sending domain.

4 Click View > D o m ain L i nks to view outbound and inbound links for the sending domain.

5 In the Outbound Links from sending_domain_name list box, double-click the receiving domain.

6 If you are using a UNC path, click Override to display the Path field.

7 In the Path or UNC Override field (depending on the selected protocol), specify the full path to

the transfer directory you created.

You can use a UNC path for the NetWare and Windows MTA; you can use a mapped drive path for the Windows MTA only.

8 Click OK.

wpdomain.db

) in the sending domain.

Configuring the MTA 651

9 Click File > Exit > Yes to save the link changes for the sending domain and return to the main

ConsoleOne window.

10 Continue with “Modifying the Incoming Transfer Pull Link” on page 652.

Modifying the Incoming Transfer Pull Link

1 In ConsoleOne, connect to the receiving domain:

1a Click Tools > GroupWise System Operations > Select Domain

1b Browse to and select the domain database (

1c Click Open.

1d Click OK.

2 Click Tools > GroupWise Utilities > Link Configuration.

3 In the drop-down list, select the receiving domain.

4 Click View Domain Links to view outbound and inbound links for the receiving domain.

5 In the Outbound Links from receiving_domain_name list box, double-click the sending domain.

6 Verify that the information displayed in the Edit Domain Link dialog box is correct.

wpdomain.db

) in the receiving domain.

novdocx (en) 22 June 2009

7 Click Tra nsfer Pull In fo.

8 Specify the full path to the transfer directory you created.

You can use a UNC path for the NetWare and Windows MTA; you can use a mapped drive path for the Windows MTA only.

9 Specify the number of seconds after which the MTA checks the transfer directory for message

files to pull.

10 Specify the command needed to reestablish the connection with the transfer directory, if that

connection should be broken for any reason.

11 Click OK until you return to the Link Configuration dialog box.

12 Click File > Exit > Yes to save the link changes for the receiving domain and return to the main

ConsoleOne window.

13 Stop and restart the MTAs for both domains.

41.4 Configuring Domain Maintenance

You can configure the MTA to synchronize user information in the GroupWise Address Book with user information in eDirectory. You can also configure it to gather information about all messages that pass through the domain for tracking purposes.

 Section 41.4.1, “Using eDirectory User Synchronization,” on page 653

 Section 41.4.2, “Enabling MTA Message Logging,” on page 658

652 GroupWise 8 Administration Guide

41.4.1 Using eDirectory User Synchronization

As long as GroupWise administration is performed with the GroupWise Administrator snap-in to ConsoleOne running, user information is automatically synchronized between GroupWise and eDirectory. However, four situations can cause this automatic synchronization to be insufficient:

 An administrator modifies user information in ConsoleOne without having the GroupWise

Administrator snap-in running.

 The user information was changed using NetWare

Administrator snap-in running.

 The user information was changed using Novell iManager.

 The user information was changed using Novell eGuide and the GroupWise Identity Manager

driver is not in use

In these situations, user information in eDirectory no longer matches corresponding user information in GroupWise. (User objects are the only GroupWise objects that can be modified without the GroupWise Administrator snap-in running. Modification of all other GroupWise objects requires the presence of the GroupWise Administrator snap-in.)

Administrator without the GroupWise

novdocx (en) 22 June 2009

This section covers the following aspects of eDirectory user synchronization:

 “Enabling eDirectory User Synchronization” on page 653

 “Assigning an eDirectory-Enabled MTA to Synchronize Other Domains” on page 656

 “Scheduling eDirectory User Synchronization” on page 657

Enabling eDirectory User Synchronization

By default, eDirectory user synchronization is disabled. The MTA still performs all its other functions, but any changes made to user information in eDirectory without the GroupWise Administrator snap-in running do not appear in GroupWise until eDirectory user synchronization has been performed.

Although all MTAs can be enabled to perform eDirectory user synchronization, the minimum requirement is that at least one MTA be configured that way. If your GroupWise system spans multiple trees, at least one MTA in each tree must be configured to perform eDirectory user synchronization. The MTA server should have a local eDirectory replica for the MTA to access.

1 In ConsoleOne, click Tools > GroupWise System Operations > eDirectory User

Synchronization to display the eDirectory User Synchronization Configuration dialog box.

Configuring the MTA 653

The eDirectory User Synchronization Configuration dialog box lists all domains in your GroupWise system, the MTA currently assigned to provide eDirectory user synchronization for each domain, and the current status of that agent’s ability to perform eDirectory user synchronization.

2 Click Configure Agents.

novdocx (en) 22 June 2009

3 Select a NetWare MTA that you want to perform eDirectory user synchronization.

4 If the eDirectory Access column for the NetWare MTA displays Ye s, click Enable.

If the eDirectory Access column for the NetWare MTA displays No:

4a Click Set Up eDirectory Access.

4b Browse to and select the server where the NetWare MTA runs.

4c Click OK.

The eDirectory Access column for the NetWare MTA should now display Ye s so that you can enable it.

5 Select a Linux or Windows MTA that you want to perform eDirectory user synchronization.

6 If the eDirectory Access column for the Linux or Windows MTA displays Ye s, click Enable.

If the eDirectory Access column for the Linux or Windows MTA displays No:

6a Click Set Up eDirectory Access.

654 GroupWise 8 Administration Guide

6b Fill in the following fields:

Available LDAP Servers: Select the LDAP server that you want the Linux or Windows MTA to log into in order to gain access to eDirectory, then click Set Preferred.

LDAP User Name: Browse to and select the user that the Linux or Windows MTA can use to log in as. The selected user must have rights to browse properties of User objects.

novdocx (en) 22 June 2009

Click Set Password, provide the password associated with the user selected above, then click Set Password.

LDAP Group: Browse to and select the LDAP Group object for the server where the MTA runs. The LDAP Group object provides a table of attribute mappings between eDirectory and LDAP that the MTA needs in order to perform eDirectory user synchronization on Linux or Windows.

6c Click OK to save the LDAP information.

The eDirectory Access column for that Linux or Windows MTA should now display Yes so that you can enable it.

7 If your GroupWise system spans multiple trees, repeat Step 3 through Step 6 as needed to

enable eDirectory user synchronization for at least one MTA in each tree.

8 Click OK to return to the eDirectory User Synchronization Configuration dialog box.

Each domain for which you have configured the MTA for eDirectory user synchronization should now display Enabled in the Status column.

9 If all domains are now enabled, click OK to return to main ConsoleOne window, then continue

with “Scheduling eDirectory User Synchronization” on page 657.

Configuring the MTA 655

If some domains are still disabled, continue with “Assigning an eDirectory-Enabled MTA to

Synchronize Other Domains” on page 656.

Assigning an eDirectory-Enabled MTA to Synchronize Other Domains

After at least one MTA is performing eDirectory user synchronization, other MTAs not performing eDirectory user synchronization themselves can have an eDirectory-enabled MTA gather the eDirectory information for them.

In the eDirectory User Synchronization Configuration dialog box,

1 Click a domain that still displays Disabled in the Status column.

novdocx (en) 22 June 2009

2 Select an MTA, then click Change Assignment.

3 Select the MTA you want to perform eDirectory user synchronization for the selected domain,

then click OK.

The domain should now display Enabled in the Status column of the eDirectory User Synchronization Configuration dialog box.

4 Repeat Step 1 through Step 3 until all domains in your GroupWise system are enabled for

eDirectory user synchronization.

5 Click OK to return to the main ConsoleOne window.

656 GroupWise 8 Administration Guide

Performing eDirectory User Synchronization Manually

After eDirectory user synchronization is enabled, you can perform eDirectory user synchronization at any time from the NetWare MTA server console. See “Performing eDirectory User

Synchronization” on page 671. This manual option is not available for Linux or Windows MTAs.

Scheduling eDirectory User Synchronization

By default, one eDirectory user synchronization event is scheduled at 1:00 a.m. daily for each MTA where eDirectory user synchronization is enabled.

You can edit the default event, or you can create one or more additional eDirectory user synchronization events to perform eDirectory user synchronization more frequently.

To schedule an eDirectory user synchronization event:

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Scheduled Events to display the Scheduled Events page.

novdocx (en) 22 June 2009

The Scheduled Events page lists a pool of MTA events available to all MTAs in your GroupWise system if any events have already been created.

3 Select the default event, then click Edit.

Click Create, then type a name for the event.

Configuring the MTA 657

4 Set Type to eDirectory User Synchronization.

5 In the Trigger box, specify when you want the eDirectory user synchronization event to take

place.

You can have the synchronization event take place once a week, once a day, or at any other regular interval, at whatever time you choose.

6 Specify the time of day when you want eDirectory user synchronization to take place.

7 Click OK twice to close the scheduled event dialog boxes and save the eDirectory user

synchronization event.

ConsoleOne then notifies the MTA to restart so the eDirectory user synchronization event can be put into effect.

41.4.2 Enabling MTA Message Logging

Message logging is turned off by default, because it causes the MTA to use additional CPU and disk resources. However, gathering information about message traffic on your GroupWise system lets you perform many valuable tasks, including:

novdocx (en) 22 June 2009

 Tracking messages

 Gathering statistics to help optimize your GroupWise system

 Billing customers for messages delivered

 Tracking messages from the MTA Web console and from GroupWise Monitor

When you enable MTA message logging, the MTA stores data about GroupWise message traffic as it processes messages. The stored data is then available for use by the MTA Web console Message Tracking feature and by the GroupWise Monitor Message Tracking Report option. In addition, thirdparty programs can produce customized billing, tracking, and statistical reports based on the information stored in the database.

To enable MTA message logging:

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Message Log Settings.

658 GroupWise 8 Administration Guide

3 In the Message Logging field, select a logging level to turn message logging on.

4 In the Message Log Path field, specify the full path of the file where the MTA will record the

logging information.

5 Select the types of information you want to track:

Correlate Delivery Status Reports: Select this option to maintain the relationship between user messages and their corresponding delivery status reports in the logged information.

Collect Delivery Status Reports: Select this option to log delivery status reports as well as user messages.

novdocx (en) 22 June 2009

Collect Other Status Reports: Select this option to log user-requested information about messages sent, such as indicating that messages have been opened or deleted by the recipients.

Track Administrative Messages: Select this option to log administrative messages such as database updates.

6 In the Delete Reports After field, specify the number of days to retain reports on disk. Reports

are automatically deleted after the specified time has passed.

7 Click OK to save the MTA message log settings.

ConsoleOne then notifies the MTA to restart so the new settings can be put into effect.

8 For instructions about using the data that the MTA collects, see “Tracking Messages” on

page 679 and Section 65.3.7, “Message Tracking Report,” on page 1050.

Corresponding Startup Switches You can also use the /messagelogsettings, /messagelogpath, /

messagelogdays, and /messagelogmaxsize switches in the MTA startup file to configure MTA

message logging.

Configuring the MTA 659

novdocx (en) 22 June 2009

660 GroupWise 8 Administration Guide

Monitoring the MTA

novdocx (en) 22 June 2009

By monitoring the MTA, you can determine whether or not its current configuration is meeting the needs of your GroupWise operation of the MTA:

 Section 42.1, “Using the MTA Server Console,” on page 661

 Section 42.2, “Using the MTA Web Console,” on page 673

 Section 42.3, “Using MTA Log Files,” on page 681

 Section 42.4, “Using GroupWise Monitor,” on page 682

 Section 42.5, “Using Novell Remote Manager,” on page 683

 Section 42.6, “Using an SNMP Management Console,” on page 683

 Section 42.7, “Notifying the Domain Administrator,” on page 687

 Section 42.8, “Using the MTA Error Message Documentation,” on page 688

 Section 42.9, “Employing MTA Troubleshooting Techniques,” on page 688

 Section 42.10, “Using Platform-Specific MTA Monitoring Tools,” on page 688

 Section 42.11, “Using MTA Message Logging,” on page 688

system. You have a variety of resources to help you monitor the

42.1 Using the MTA Server Console

The following topics help you monitor and control the MTA from the MTA server console:

 Section 42.1.1, “Monitoring the MTA from the MTA Server Console,” on page 661

 Section 42.1.2, “Controlling the MTA from the MTA Server Console,” on page 664

42.1.1 Monitoring the MTA from the MTA Server Console

The MTA server console provides information, status, and message statistics about the MTA to help you assess its current functioning.

Figure 42-1 MTA Server Console

Monitoring the MTA

661

NetWare: The MTA server console always displays on the NetWare server console.

Linux: You must use the --show startup switch in order to display the Linux MTA server console.

See “Starting the Linux Agents with a User Interface” in “Installing GroupWise Agents” in the GroupWise 8 Installation Guide.

Windows: You can suppress the Windows MTA server console by running the Windows MTA as a

service. See “Starting the Windows GroupWise Agents” in “Installing GroupWise Agents” in the GroupWise 8 Installation Guide.

The MTA server console consists of several components:

 “MTA Information Box” on page 662

 “MTA Status Box” on page 662

 “MTA Statistics Box” on page 663

 “MTA Alert Box” on page 663

 “MTA Admin Thread Status Box” on page 664

novdocx (en) 22 June 2009

Do not exit the MTA server console unless you want to stop the MTA.

NetWare: At a NetWare

console window, you can use Alt+F1 to select a screen to view. Use these keystrokes to change screens without stopping the MTA. You can use these keystrokes to display the MTA server console if it is not immediately visible on the NetWare console.

Linux: You can minimize the MTA server console, but do not close it unless you want to stop the

MTA.

Windows: You can minimize the MTA server console window, but do not close it unless you want to

stop the MTA.

server console, you can use Alt+Esc to change screens. In a remote

MTA Information Box

The MTA Information box identifies the MTA whose MTA server console you are viewing, which is especially helpful when multiple MTAs are running on the same server.

Domain: Displays the name of the domain serviced by this MTA.

Description: Displays the description provided in the Description field in the MTA Information

page in ConsoleOne

. If multiple administrators work at the server where the MTA runs, the

description can include a note about who to contact before stopping the MTA.

Up Time: Displays the length of time the MTA has been running.

MTA Web Console The Status page also displays this information.

MTA Status Box

The MTA Status box displays the current status of the MTA and its backlog.

Processing: Displays a rotating bar when the MTA is running. If the bar is not rotating, the MTA has stopped. For assistance, see “Message Transfer Agent Problems” in GroupWise 8

Troubleshooting 2: Solutions to Common Problems.

662 GroupWise 8 Administration Guide

Domains: Displays the total number of domains the MTA links to and the number that are currently closed.

Post Offices: Displays the total number of post offices in the domain and the number that are currently closed.

Gateways: Displays the total number of gateways in the domain and the number that are currently closed.

If you have closed domains, post offices, or gateways, see “MTA Status Box Shows a Closed

Location” in “Message Transfer Agent Problems” in GroupWise 8 Troubleshooting 2: Solutions to

Common Problems for assistance.

MTA Web Console The Status page also displays this information. In addition, you can display detailed information about specific queue contents.

MTA Statistics Box

The MTA Statistics box displays the total statistics for the current up time, and 10-minute statistics for all messages the MTA has routed.

novdocx (en) 22 June 2009

Routed: Displays the number of messages successfully routed to the domains, post offices, and gateways serviced by the MTA.

Undeliverable: Displays the number of messages that could not be delivered to a domain, post office, or gateway. For assistance, see “MTA Statistics Box Shows Undeliverable Messages” in “Message Transfer Agent Problems” in GroupWise 8 Troubleshooting 2: Solutions to Common

Problems.

Errors: Displays the number of errors the MTA encounters while processing messages in its input queues. For assistance, see “MTA Statistics Box Shows Errors” n “Message Transfer Agent

Problems” in GroupWise 8 Troubleshooting 2: Solutions to Common Problems.

MTA Web Console The Status page also displays this information.

MTA Alert Box

The MTA Alert box displays important messages that could require an administrator’s attention.

Informational Status Messages

When you first start the MTA, you typically see a message informing you the MTA configuration has been loaded.

Error Messages

If the MTA encounters a problem that disrupts the flow of GroupWise messages, it displays an error message in the alert box. For assistance, see “Message Transfer Agent Error Messages” in

GroupWise 8 Troubleshooting 1: Error Messages.

MTA Web Console The Status page also displays this information. In addition, you can view and search MTA log files on the Log Files page.

Monitoring the MTA 663

MTA Admin Thread Status Box

The MTA admin thread updates the domain database (wpdomain.db) when domains, post offices, users, and other types of object information are added, modified, or removed, and repairs it when damage is detected.

To display the MTA Admin Thread Status box from the MTA server console, click Configuration > Admin Status.

NetWare Note: Use Options (F10) > Admin Status.

Figure 42-2 Admin Status Dialog Box

novdocx (en) 22 June 2009

The following tasks pertain specifically to the MTA admin thread:

 “Suspending/Resuming the MTA Admin Thread” on page 667

 “Displaying MTA Admin Thread Status” on page 669

 “Recovering the Domain Database Automatically or Immediately” on page 670

 “Performing eDirectory User Synchronization” on page 671

MTA Web Console You can display MTA admin thread status on the Configuration page. Under the General Settings heading, click Admin Task Processing. You can also change the admin settings for the current MTA session.

42.1.2 Controlling the MTA from the MTA Server Console

You can perform the following tasks to monitor and control the MTA from the MTA server console at the server where the MTA is running:

 “Stopping the MTA” on page 665

 “Restarting the MTA” on page 666

 “Suspending/Resuming MTA Processing for a Location” on page 666

 “Suspending/Resuming the MTA Admin Thread” on page 667

 “Displaying the MTA Software Date” on page 667

 “Displaying the Current MTA Settings” on page 667

 “Displaying MTA Status Information” on page 668

 “Displaying Live Remote Status” on page 669

664 GroupWise 8 Administration Guide

 “Displaying MTA Admin Thread Status” on page 669

 “Recovering the Domain Database Automatically or Immediately” on page 670

 “Performing eDirectory User Synchronization” on page 671

 “Browsing the Current MTA Log File” on page 671

 “Viewing a Selected MTA Log File” on page 671

 “Cycling the MTA Log File” on page 672

 “Adjusting MTA Log Settings” on page 672

 “Editing the MTA Startup File” on page 672

 “Accessing Online Help for the MTA” on page 672

Stopping the MTA

You might need to stop and restart the MTA for the following reasons:

 Updating the agent software

 Troubleshooting message flow problems

 Backing up the domain database

 Rebuilding the domain database

novdocx (en) 22 June 2009

To stop the MTA from the MTA server console:

1 Click File > Exit > Yes to stop the MTA.

NetWare: Use Exit (F7). If the MTA does not respond to Exit, you can use the unload command

to stop the MTA. However, this might not allow the MTA to shut down gracefully. In addition, the unload command stops all MTAs running on the server.

Linux: If the Linux MTA does not respond to Exit, you can kill the MTA process, as described

below, but include the -9 option.

Windows: If the Windows MTA does not respond to Exit, you can close the MTA server console

to stop the MTA or use the Task Manager to terminate the MTA task.

2 Restart the MTA, as described in the following sections in the GroupWise 8 Installation Guide:

 “Starting the NetWare GroupWise Agents”

 “Starting the Linux GroupWise Agents as Daemons”

 “Starting the Windows GroupWise Agents”

Stopping the Linux MTA When It Is Running as a Daemon

To stop the Linux MTA when it is running in the background as a daemon and you started it using the grpwise script:

1 Make sure you are logged in as

root

2 Change to the /etc/init.d directory.

3 Enter the following command:

./grpwise stop

Monitoring the MTA 665

4 Use the following command to verify that the MTA has stopped.

./grpwise status

To stop the Linux MTA when it is running in the background as a daemon and you started it manually (not using the grpwise script):

root

1 Make sure you are logged in as

2 Determine the process IDs (PIDs) of the MTA:

ps -eaf | grep gwmta

The PIDs for all gwmta processes are listed.

You can also obtain this information from the Environment page of the MTA Web console.

3 Kill the first MTA process listed:

Syntax:

kill PID

novdocx (en) 22 June 2009

Example:

kill 1483

It might take a few seconds for all MTA processes to terminate.

4 Use the ps command to verify that the MTA has stopped.

ps -eaf | grep gwmta

Restarting the MTA

Restarting the MTA from the MTA server console causes it to reread the configuration information provided in ConsoleOne. However, the MTA does not reread its startup file when you restart it from the MTA server console.

1 At the server where the MTA is running, display the MTA server console.

2 Click File > Restart > Yes to restart the MTA.

NetWare Note: Use Restart (F6).

If you want the MTA to reread its startup file, you must stop it, then restart it.

MTA Web Console You can restart the MTA from the Status page. Click Restart MTA in the upper right corner of the page.

Suspending/Resuming MTA Processing for a Location

You can cause the MTA to stop processing messages for a location without stopping the MTA completely. For example, you could suspend message processing for a post office while backing up the post office.

To suspend the MTA for a location:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Status.

3 Click the location (or multiple locations) to suspend, then click Suspend.

NetWare Note: Use Options (F10) > Configuration Status. Select the location, then click Suspend.

Routing of all messages to and from the location remains suspended until you resume processing.

666 GroupWise 8 Administration Guide

To resume the MTA for a location:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Status.

3 Click the location (or multiple locations) to resume, then click Resume.

NetWare Note: Use Options (F10) > Configuration Status. Select the location, then click Resume.

MTA Web Console You can suspend and resume processing for a specific location on the Links page. Select one or more locations, then click Suspend or Resume as needed.

Suspending/Resuming the MTA Admin Thread

novdocx (en) 22 June 2009

You can cause the MTA to stop updating the domain database (

wpdomain.db

) without stopping the MTA completely. For example, you could suspend the MTA admin thread while backing up the domain database.

To suspend the MTA admin thread:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Admin Status > Suspend.

NetWare Note: Use Options > Admin Status > Suspend.

The MTA admin thread no longer accesses the domain database until you resume processing.

To resume the MTA admin thread:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Admin Status > Resume.

NetWare Note: Use Options (F10) > Admin Status > Resume.

MTA Web Console You can suspend and resume the MTA admin thread from the Configuration page. Under the General Settings heading, click Admin Task Processing > Suspend or Resume > Submit.

Displaying the MTA Software Date

It is important to keep the MTA software up-to-date. You can display the date of the MTA software from the MTA server console.

1 At the server where the MTA is running, display the MTA server console.

2 Click Help > About MTA.

NetWare Note: To check the date of the MTA NLM installation directory (typically, the

sys:\system directory

, you can list the

) or use the

gwmta.nlm

modules gwmta.nlm

file in the agent

command at the server console prompt.

MTA Web Console You also check the MTA software date on the Environment page.

Displaying the Current MTA Settings

You can list the current configuration settings of the MTA at the MTA server console.

Monitoring the MTA 667

To display the current MTA settings:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Agent Settings.

NetWare Note: Use View Log File (F9) to check the MTA settings recorded at the top of the log file.

For information about the MTA settings, see Chapter 44, “Using MTA Startup Switches,” on

page 697.

MTA Web Console You check the current MTA settings on the Configuration page.

Displaying MTA Status Information

The MTA server console displays essential information about the functioning of the MTA. More detailed information is also available.

To display detailed MTA configuration information:

1 At the server where the MTA is running, display the MTA server console.

novdocx (en) 22 June 2009

2 Click Configuration > Status to display a list of the locations to which the MTA is connected.

NetWare Note: Use Options (F10) > Configuration Status.

The following information is provided:

Location Name: Displays the name of the location serviced by the MTA.

Location Type: Indicates whether the location is a domain, post office, or gateway.

Connection Status: Indicates whether the MTA has been successful in locating and opening

the database in the location.

 Open: The MTA can access the database or communicate with the agent at the location.

 Closed: The MTA cannot access the database or communicate with the agent at the

location. For assistance, see “MTA Configuration Status Isn’t Open” in “Message Transfer

Agent Problems” in GroupWise 8 Troubleshooting 2: Solutions to Common Problems.

 Suspended: The MTA is not processing messages for the location because it has been

suspended. See “Suspending/Resuming MTA Processing for a Location” on page 666.

 Open Pending: Post offices in the domain are in the process of opening and the MTA is

clearing its holding queues. After this is accomplished, the MTA begins processing current messages and the status changes to Open.

Home: Displays the full path to the database that the MTA services in the listed location. For a TCP/IP connection, it displays the IP address of the server that the MTA connects to in order to service the database.

3 Select a location, then click Details to display the above information plus the following

additional details:

Hold: Displays the full path to the location of the MTA to hold messages for closed locations.

Pull: Displays the transfer pull directory, if any. See Section 41.3.3, “Using a Transfer Pull

Configuration,” on page 651.

Ve rs io n : Provides the version (8.0/7.0/6.x/5.x/4.x) of the database at the location.

668 GroupWise 8 Administration Guide

mslocal

directory structure used by the

Last Closed/Opened: Provides the date and time when the location was last closed and opened.

Last Closure Reason: Indicates why a closed location is closed. To look up last closure reasons, see “Message Transfer Agent Error Messages” in GroupWise 8 Troubleshooting 1:

Error Messages.

Messages Written/Read: Provides statistics about throughput since the MTA was last started.

Applications: Displays the programs the MTA can deliver messages to. Depending on the

configuration of your GroupWise system, you might see GroupWise agents or GroupWise 4.1 servers listed.

TCP/IP: Lists the IP port the MTA listens on.

MTA Web Console You can check the current MTA status on the Links page at the MTA Web

console. Click a direct link to view its message queues.

Displaying Live Remote Status

You can monitor the live remote connections the MTA is servicing for Remote client users. For information about live remote processing, see Section 41.2.2, “Enabling Live Remote,” on

page 643.

novdocx (en) 22 June 2009

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Live Remote Status.

NetWare Note: Use Options (F10) > Live Remote Status.

The status information lists the GroupWise Remote client users who are connected to the MTA, along with the post offices and domains the MTA communicates with.

Displaying MTA Admin Thread Status

Status information for the MTA admin thread is displayed in a separate dialog box, rather than on the main MTA server console.

To display MTA admin thread status information:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Admin Status.

NetWare Note: Use Options (F10) > Admin Status.

The following status information is displayed:

Admin Message Box The Admin Message box provides the following information about the workload of the MTA admin thread:

Completed: Number of administrative message successfully processed.

Errors: Number of administrative messages not processed because of errors.

In Queue: Number of administrative messages waiting in the queue to be processed.

Send Admin Mail: Select this option to send a message to the administrator whenever a

critical error occurs. See Section 42.7, “Notifying the Domain Administrator,” on page 687.

Admin Database Box The Admin Database box provides the following information about the domain database:

Monitoring the MTA 669

Status: Displays one of the following statuses:

 Normal: The MTA admin thread is able to access the domain database normally.

 Recovering: The MTA admin thread is recovering the domain database.

 DB Error: The MTA admin thread has detected a critical database error. The domain

database (

wpdomain.db

) cannot be recovered. Rebuild the domain database in ConsoleOne. See Section 26.3, “Rebuilding Domain or Post Office Databases,” on

page 397.

The MTA admin thread does not process any more administrative messages until the database status has returned to Normal.

 Unknown: The MTA admin thread cannot determine the status of the domain database.

Exit the MTA, then restart it, checking for errors on startup.

DB Sort Language: Displays the language code for the language that determines the sort order of lists displayed in ConsoleOne and the GroupWise Address Book.

Recovery Count: Displays the number of recoveries performed on the domain database for the current MTA session.

Admin Thread Box The Admin Thread box provides the following information about the MTA admin thread:

Status: Displays one of the following statuses:

novdocx (en) 22 June 2009

 Running: The MTA admin thread is active.

 Suspended: The MTA admin thread is not processing administrative messages.

 Starting: The MTA admin thread is initializing.

 Terminated: The MTA admin thread is not running.

MTA Web Console You can display MTA admin thread status from the Configuration page. Under the General Settings heading, click Admin Task Processing.

Recovering the Domain Database Automatically or Immediately

The MTA admin thread can recover the domain database (

wpdomain.db

) when it detects a problem.

To enable/disable automatic domain database recovery:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Admin Status > Automatic Recovery to toggle this feature on or off for

the current MTA session.

NetWare Note: Use Options (F10) > Admin Status > Automatic Recovery.

To recover the domain database immediately:

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Admin Status > Perform DB Recovery.

NetWare Note: Use Options (F10) > Admin Status > Perform DB Recovery.

For additional database repair procedures, see Chapter 26, “Maintaining Domain and Post Office

Databases,” on page 393.

670 GroupWise 8 Administration Guide

MTA Web Console You can recover the post office database from the Configuration page. Under the General Settings heading, click Admin Task Processing. Select Automatic Recovery or Perform DB Recovery as needed.

Performing eDirectory User Synchronization

You can configure the MTA to perform Novell

eDirectoryTM user synchronization at regular intervals. See Section 41.4.1, “Using eDirectory User Synchronization,” on page 653. You can also force eDirectory user synchronization to start immediately from the NetWare MTA server console.

To start eDirectory user synchronization manually:

1 At the server where the NetWare MTA is running, display the MTA server console.

2 Press F4.

MTA Web Console You can see when the next eDirectory user synchronization even will occur at the bottom of the Configuration page.

Browsing the Current MTA Log File

novdocx (en) 22 June 2009

The MTA displays only the most urgent messages in the alert box. Additional information is written to the MTA log file. The amount of information depends on the current log settings for the MTA. See Section 42.3, “Using MTA Log Files,” on page 681.

The information automatically scrolls up the screen as additional information is written. You can stop the automatic scrolling so you can manually scroll back through earlier information.

To browse the current MTA log file and control scrolling:

1 At the server where the MTA is running, display the MTA server console.

2 Click Log > Active Log.

NetWare Note: Use View Log File (F9).

3 Deselect Automatic Scrolling to manually scroll back through parts of the log that have already

scrolled out of the box.

4 Click Freeze to stop the MTA from logging information to the active log box.

5 Click Thaw when you want the MTA to resume logging information to the active log box.

For explanations of messages in the MTA log file, see “Message Transfer Agent Error Messages” in

GroupWise 8 Troubleshooting 1: Error Messages.

MTA Web Console You can browse and search MTA log files on the Log Files page.

Viewing a Selected MTA Log File

Reviewing log files is an important way to monitor the functioning of the MTA.

1 At the server where the MTA is running, display the MTA server console.

2 Click Log > View Log Files.

3 Select a log file, then click View .

NetWare Note: Use Options (F10) > View Log Files.

Monitoring the MTA 671

For explanations of messages in the MTA log file, see “Message Transfer Agent Error Messages” in

GroupWise 8 Troubleshooting 1: Error Messages.

MTA Web Console You can view and search MTA log files on the Log Files page.

Cycling the MTA Log File

You can have the MTA start a new log file as needed.

1 At the server where the MTA is running, display the MTA server console.

2 Click Log > Cycle Log.

NetWare Note: Use Options (F10) > Cycle Log File.

Adjusting MTA Log Settings

Default log settings are established when you start the MTA. However, they can be adjusted for the current MTA session from the MTA server console.

1 At the server where the MTA is running, display the MTA server console.

2 Click Log > Log Settings.

novdocx (en) 22 June 2009

NetWare Note: Use Options (F10) > Log Settings.

3 Adjust the values as needed for the current MTA session.

See Section 42.3, “Using MTA Log Files,” on page 681.

MTA Web Console You can adjust MTA log settings from the Configuration page. Click the Event Log Settings heading.

Editing the MTA Startup File

You can change the configuration of the MTA by editing the MTA startup file from the MTA server console.

1 At the server where the MTA is running, display the MTA server console.

2 Click Configuration > Edit Startup File.

NetWare Note: Use Options > Actions > Edit Startup File.

3 Make the necessary changes, then save and exit the startup file.

4 Stop and restart the MTA.

Accessing Online Help for the MTA

Click Help on the menu bar for information about the MTA server console. Click the Help button in any dialog box for additional information.

NetWare Note: Press F1 for information in any dialog box or menu.

672 GroupWise 8 Administration Guide

42.2 Using the MTA Web Console

The MTA Web console enables you to monitor the MTA from any location where you have access to a Web browser and the Internet. This provides substantially more flexible access than the MTA server console, which can only be accessed from the server where the MTA is running.

 Section 42.2.1, “Setting Up the MTA Web Console,” on page 673

 Section 42.2.2, “Accessing the MTA Web Console,” on page 675

 Section 42.2.3, “Monitoring the MTA from the MTA Web Console,” on page 675

 Section 42.2.4, “Controlling the MTA from the MTA Web Console,” on page 679

42.2.1 Setting Up the MTA Web Console

The default HTTP port for the MTA Web console is established during MTA installation. You can change the port number and increase security after installation.

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Network Address to display the Network Address page.

novdocx (en) 22 June 2009

If you configured the MTA for TCP/IP links during installation, the TCP/IP Address field should display the MTA server’s network address. If it does not, follow the instructions in

“Using TCP/IP Links between Domains” on page 632. The MTA must be configured for TCP/

IP in order to provide the MTA Web console.

3 Make a note of the IP address or DNS hostname in the TCP/IP Address field. You need this

information to access the MTA Web console.

The HTTP Port field displays the default port number of 7180.

4 If the default HTTP port number is already in use on the MTA server, specify a unique port

number.

5 Make a note of the HTTP port number. You will need this information to access the MTA Web

console.

Monitoring the MTA 673

6 If you want to use an SSL connection for the MTA Web console, which provides optimum

security, select Enabled in the HTTP SSL drop-down list.

For additional instructions about using SSL connections, see Section 75.2, “Server Certificates

and SSL Encryption,” on page 1161.

7 Click Apply to save your changes on the Network Address page.

If you want to limit access to the MTA Web console, you can provide a username and password.

8 Click GroupWise > Agent Settings to display the Agent Settings page.

novdocx (en) 22 June 2009

9 In the HTTP Settings box:

9a In the HTTP User Name field, specify a unique username.

9b Click Set Password.

9c Type the password twice for verification.

9d Click Set Password.

Unless you are using an SSL connection, do not use an eDirectory username and password because the information passes over the non-secure connection between your Web browser and the MTA.

For convenience, use the same username and password for all agents that you plan to monitor from GroupWise Monitor. This saves you from having to provide the username and password information as Monitor accesses each agent.

10 Click OK to save the MTA Web console settings.

ConsoleOne then notifies the MTA to restart so the new settings can be put into effect.

Corresponding Startup Switches You can also use the /httpport, /httpuser, and /httppassword startup switches in the MTA startup file to enable the MTA Web console. In addition, you can use the /httprefresh switch to control how often the MTA refreshes the information provided to your Web browser.

674 GroupWise 8 Administration Guide

42.2.2 Accessing the MTA Web Console

To monitor the MTA from your Web browser, view the URL where the MTA is located by supplying the network address and port number as provided in ConsoleOne. For example:

http://172.16.5.18:7100 http://172.16.5.18:7180 http://server1:7100 https://server2:7180

When viewing the MTA Web console, you can specify either the message transfer port or the HTTP port.

Figure 42-3 MTA Web Console

novdocx (en) 22 June 2009

42.2.3 Monitoring the MTA from the MTA Web Console

The MTA Web console provides several pages of information to help you monitor the performance of the MTA. The bar at the top of the MTA Web console displays the name of the MTA and its domain. Below this bar appears the MTA Web console menu that lists the pages of information available in the MTA Web console. Online help throughout the MTA Web console helps you interpret the information being displayed and use the links provided.

 “Monitoring MTA Status” on page 675

 “Checking the MTA Operating System Environment” on page 676

 “Viewing and Searching MTA Log Files” on page 677

 “Monitoring the Routing Queue” on page 678

 “Monitoring Links” on page 678

 “Tracking Messages” on page 679

Monitoring MTA Status

When you first access the MTA Web console, the Status page is displayed. Online help throughout the MTA Web console helps you interpret the information being displayed and use the links provided.

Monitoring the MTA 675

Figure 42-4 MTA Web Console with the Status Page Displayed

novdocx (en) 22 June 2009

Click the Router link to display details about the MTA routing queue (

gwinprog

). You can quickly determine how many messages are awaiting processing, how large they are, and how long they have been waiting in the routing queue.

Click a closed location to display its holding queue to see how many messages are waiting for transfer.

Checking the MTA Operating System Environment

On the MTA Web console menu, click Environment to display information about the operating system where the MTA is running. On a NetWare server, the following information is displayed:

Figure 42-5 MTA Web Console with the Environment Page Displayed for a NetWare Server

On a Linux server, the following information is displayed:

Figure 42-6 MTA Web Console with the Environment Page Displayed for a Linux Server

676 GroupWise 8 Administration Guide

On a Windows server, the following information is displayed:

Figure 42-7 MTA Web Console with the Environment Page Displayed for a Windows Server

Viewing and Searching MTA Log Files

On the MTA Web console menu, click Log Files to display and search MTA log files.

Figure 42-8 MTA Web Console with the Event Log Filter Page Displayed

novdocx (en) 22 June 2009

To view a particular log file, select the log file, then click View E v e nts.

To search all log files for a particular string, type the string in the Events Containing field, select Select All, then click View Even t s. You can also manually select multiple log files to search.

In the Message Type list, you can select one or more types of MTA processing to search for:

 Message Logging (MLG): The message logging threads write information into the message

log file if message logging has been turned on. See Section 41.4.2, “Enabling MTA Message

Logging,” on page 658.

 Event Logging (LOG): The event logging thread writes information into the event log files

that you can search on this page. See Section 42.3, “Using MTA Log Files,” on page 681.

 Dispatcher (DIS): The dispatcher thread starts other MTA threads as needed to meet the

demands being put on the MTA at any given time.

Monitoring the MTA 677

 Message Transfer (MTP): The message transfer threads communicate with other MTAs and

with POAs in the local domain to transfer messages to domains and post offices to which the local MTA is linked by way of TCP/IP. See “Using TCP/IP Links between Domains” on

page 632 and “Using TCP/IP Links between a Domain and its Post Offices” on page 637.

 Router (RTR): The router threads process messages in the routing queue and prepare them

for transfer to the next hop in the link path to their destinations. See Section 43.3, “Optimizing

the Routing Queue,” on page 694.

 Admin (ADM): The admin thread updates the domain database (wpdomain.db) whenever

administrative information changes. See “MTA Admin Thread Status Box” on page 664.

 Scanner (SCA): The scanner threads check for incoming messages when UNC or mapped

links are in use. See Section 43.2.3, “Adjusting the Number of MTA Scanner Threads for the

Domain and Post Offices,” on page 692.

The results of the search are displayed on a separate page which can be printed.

Monitoring the Routing Queue

On the MTA Web console menu, click Status, then click Router to display the contents of the routing queue. Typically, no message files are waiting unless the MTA is down or backlogged.

novdocx (en) 22 June 2009

Figure 42-9 MTA Web Console with the Router Queue Page Displayed

You can click any queue to view the message files it contains.

Monitoring Links

On the MTA Web console menu, click Links to monitor the direct links between the MTA and other locations.

Figure 42-10 MTA Web Console with the Links Page Displayed

678 GroupWise 8 Administration Guide

Click a location to view its holding queue. Click View Link Configuration to determine the address of each location and access the agent Web consoles of other domains and of post offices that belong to the local domain. Click View TCP/IP Connections to view incoming and outgoing TCP/IP links. Click View Gateways to restrict the list to just gateways.

Tracking Messages

Before you can track messages at the MTA Web console, you must enable message logging for MTAs throughout your system. See Section 41.4.2, “Enabling MTA Message Logging,” on

page 658. When you enable MTA message logging, the MTA stores data about GroupWise message

traffic as it processes messages. The stored data is then available for use from the MTA Web console.

To track a specific message, have the sender check the Sent Item Properties for the message in the GroupWise client. The Mail Envelope Properties field displays the message ID of the message; for example, 3AD5EDEB.31D : 3 : 12763. To track all messages sent by a particular user, make a note of the user’s GroupWise user ID.

On the MTA Web console menu, click Message Tracking.

novdocx (en) 22 June 2009

Figure 42-11 MTA Web Console with the Message Tracking Page Displayed

Fill in one of the fields, depending on what you want to track, then click Submit. The results of the search are displayed on a separate page which can be printed.

42.2.4 Controlling the MTA from the MTA Web Console

At the MTA Web console, you can change some MTA log settings for the current MTA session. You can also stop and start some specific MTA threads.

 “Changing MTA Configuration Settings” on page 679

 “Controlling the MTA Admin Thread” on page 680

 “Controlling Links to Other Locations” on page 680

Changing MTA Configuration Settings

On the MTA Web console menu, click Configuration. Online help on the Configuration page helps you interpret the configuration information being displayed.

Monitoring the MTA 679

Figure 42-12 MTA Web Console with the Configuration Page Displayed

novdocx (en) 22 June 2009

Click the Event Log Settings heading to change the MTA log settings for the current MTA session.

Controlling the MTA Admin Thread

On the Configuration page, click Admin Task Processing.

Figure 42-13 MTA Web Console with the Admin Task Status Page Displayed

Modify the functioning of the MTA admin thread as needed, then click Submit. The changes remain in effect for the current MTA session.

Controlling Links to Other Locations

On the MTA Web console menu, click Links.

680 GroupWise 8 Administration Guide

Figure 42-14 MTA Web Console with the Links Page Displayed

Select one or more locations, then click Suspend or Resume as needed.

42.3 Using MTA Log Files

Error messages and other information about MTA functioning are written to log files as well as displaying on the MTA server console. Log files can provide a wealth of information for resolving problems with MTA functioning or message flow. This section covers the following subjects to help you get the most from MTA log files:

novdocx (en) 22 June 2009

 Section 42.3.1, “Configuring MTA Log Settings and Switches,” on page 681

 Section 42.3.2, “Viewing MTA Log Files,” on page 682

 Section 42.3.3, “Interpreting MTA Log File Information,” on page 682

42.3.1 Configuring MTA Log Settings and Switches

The following aspects of logging are configurable:

 Log File Path (/log)

 Disk Logging (/logdiskoff)

 Logging Level (/loglevel)

 Maximum Log File Age (/logdays)

 Maximum Log File Size (/logmax)

You can configure the log settings in the following ways:

 Using ConsoleOne to establish defaults (Section 41.1.8, “Adjusting the MTA Logging Level

and Other Log Settings,” on page 641)

 Using startup switches to override ConsoleOne settings (Section 44, “Using MTA Startup

Switches,” on page 697)

 Using the MTA server console to override log MTA settings for the current session (“Adjusting

MTA Log Settings” on page 672)

 Using the MTA Web console to override other MTA settings for the current MTA session

(Section 42.2.4, “Controlling the MTA from the MTA Web Console,” on page 679)

Monitoring the MTA 681

42.3.2 Viewing MTA Log Files

You can view the contents of the MTA log file from the MTA server console and Web console. See the following tasks:

 “Browsing the Current MTA Log File” on page 671

 “Viewing a Selected MTA Log File” on page 671

 “Cycling the MTA Log File” on page 672

 “Viewing and Searching MTA Log Files” on page 677

42.3.3 Interpreting MTA Log File Information

On startup, the MTA records the MTA settings currently in effect. Thereafter, it logs events that take place, including errors. To look up error messages that appear in MTA log files, see “Message

Transfer Agent Error Messages” in GroupWise 8 Troubleshooting 1: Error Messages.

Because the MTA consists of multiple threads, you might find it useful to retrieve the log file into an editor and sort it on the thread ID that follows the date and time information. Sorting will group all messages together for the same MTA thread. At the MTA Web console, you can search through multiple log files. See “Viewing and Searching MTA Log Files” on page 677. You can also use the search capability of the MTA Web console to gather information about a specific MTA thread. See

“Viewing and Searching MTA Log Files” on page 677.

novdocx (en) 22 June 2009

42.4 Using GroupWise Monitor

GroupWise Monitor is a monitoring and management tool that allows you to monitor GroupWise agents and gateways from any location where you are connected to the Internet and have access to a Web browser. The MTA Web console can be accessed from GroupWise Monitor, enabling you to monitor all MTAs in your GroupWise system from one convenient location. In addition, GroupWise Monitor can notify you when agent problems arise.

Figure 42-15 GroupWise Monitor Web Console

For installation and setup instructions, see “Installing GroupWise Monitor” in the GroupWise 8

Installation Guide. For usage instructions, see Part XIV, “Monitor,” on page 1001.

682 GroupWise 8 Administration Guide

42.5 Using Novell Remote Manager

If the MTA is running on NetWare 6.5 or on Novell Open Enterprise Server (OES), you can use the IP Address Management feature in Novell Remote Manager (Manage Server > IP Address Management) to view the IP address and port configuration for the MTA. This is also true for other GroupWise agents (POA, Internet Agent, and WebAccess Agent) running on NetWare 6.5/OES servers.

IMPORTANT: If the MTA is running in protected mode on NetWare, it will not display in Novell Remote Manager.

You access Novell Remote Manager by entering the following URL in a Web browser:

http://server_address:8008

For example:

http://172.16.5.18:8008

For more information about using Novell Remote Manager, see the Novell Open Enterprise Server

Documentation Web site (http://www.novell.com/documentation/oes).

novdocx (en) 22 June 2009

42.6 Using an SNMP Management Console

You can monitor the MTA from the Management and Monitoring component of Novell ZENworks® for Servers or another SNMP management and monitoring program. When properly configured, the MTA sends SNMP traps to network management consoles for display along with other SNMP monitored programs.

Although the MTA is SNMP-enabled by default, the server where the MTA is installed must be properly configured to support SNMP, and the MTA object in eDirectory must be properly configured as well. To set up SNMP services for your server, complete the following tasks:

 Section 42.6.1, “Setting Up SNMP Services for the MTA,” on page 683

 Section 42.6.2, “Copying and Compiling the MTA MIB File,” on page 686

 Section 42.6.3, “Configuring the MTA for SNMP Monitoring,” on page 687

42.6.1 Setting Up SNMP Services for the MTA

Select the instructions for the platform where the MTA runs:

 “Setting Up SNMP Services for the NetWare MTA” on page 683

 “Setting Up SNMP Services for the Linux MTA” on page 684

 “Setting Up SNMP Services for the Windows MTA” on page 685

Setting Up SNMP Services for the NetWare MTA

The NetWare MTA supports SNMP through the SNMP services loaded on the NetWare server. SNMP services are provided through the SNMP NLMTM. The SNMP NLM initiates and responds to requests for monitoring information and generates trap messages.

Monitoring the MTA 683

If the SNMP NLM is not loaded before the NetWare MTA, the MTA still loads and functions normally, but SNMP support is disabled. The MTA does not attempt to auto-load snmp.nlm.

To load the SNMP NLM manually:

1 Go to the console of each NetWare server where you want to implement SNMP services.

These servers should already have the GroupWise agents installed.

2 Type the command to load the SNMP NLM:

Syntax

load snmp v control=x monitor=y trap=z

where v represents Verbose, meaning to display informational messages, and x, y and z are replaced with your system SNMP community strings for SNMP SETs, GETs and TRAPs).

Example:

load snmp v control=private monitor=public trap=all

The configuration for the SNMP NLM is found in snmp.cfg and traptarg.cfg in the sys:\etc directory. View the contents of these files for more information.

The TCP/IP NLM automatically loads snmp.nlm, using default values for the community strings. If your system uses different community string values, load snmp.nlm before tcpip.nlm.

3 If the SNMP NLM is already loaded, you can add the control and trap parameters by typing the

following at the console prompt:

novdocx (en) 22 June 2009

snmp control= trap=

To automatically load these commands, include them in the autoexec.ncf file.

For more information about implementing SNMP services, see your NetWare documentation.

4 Skip to Section 42.6.2, “Copying and Compiling the MTA MIB File,” on page 686.

Setting Up SNMP Services for the Linux MTA

The Linux MTA is compatible with NET-SNMP. An older version of SNMP called UCD-SNMP cannot be used with the Linux MTA. NET-SNMP comes standard with OES Linux, but it does not come standard with SLES 9. If you are using SLES 9, you must update to NET-SNMP in order to use SNMP to monitor the Linux MTA.

1 Make sure you are logged in as root.

2 If NET-SNMP is not already set up on your Linux server, use the following command to

configure SNMP:

snmpconf -g basic_setup

The snmpconf command creates the

snmpd.conf

file in one of the following directories,

depending on your version of Linux:

/usr/share/snmp /usr/local/share/snmp ~/.snmp

3 Locate the

4 In a text editor, open the

snmpd.conf

file on your Linux server.

snmpd.conf

file and add the following line:

dlmod Gwsnmp /opt/novell/groupwise/agents/lib/libgwsnmp.so

5 Save the

684 GroupWise 8 Administration Guide

snmpd.conf

file and exit the text editor.

6 Restart the SNMP daemon (snmpd) to put the changes into effect.

IMPORTANT: Make sure that the SNMP daemon always starts before the MTA starts.

7 Skip to Section 42.6.2, “Copying and Compiling the MTA MIB File,” on page 686.

Setting Up SNMP Services for the Windows MTA

SNMP support is provided for up to eight Windows MTAs on the same Windows server. Upon startup, each instance of the MTA is dynamically assigned a row in its SNMP table. View the contents of the MTA MIB for a description of the SNMP variables in the table.

To set up SNMP services for the Windows MTA, complete the following tasks:

 “Installing Windows SNMP Support” on page 685

 “Installing GroupWise Agent SNMP Support” on page 685

Installing Windows SNMP Support

For Windows, the SNMP Trap Service is usually not included during the initial operating system installation. The SNMP Trap Service can be easily added at any time. To add or configure the SNMP Trap Service, you must be logged in as a member of the Administrator group.

novdocx (en) 22 June 2009

For example, to add the SNMP Trap Service to Windows Server 2003:

1 Click Start > Control Panel > Add or Remove Programs.

2 Click Add/Remove Windows Components.

3 Select Management and Monitoring Tools.

4 Click Details, then select Simple Network Management Protocol.

5 Follow the on-screen instructions to install the SNMP Trap Service.

Continue with “Installing GroupWise Agent SNMP Support” on page 685.

Installing GroupWise Agent SNMP Support

The GroupWise Agent Installation program includes an option for installing SNMP support. However, if the server where you installed the agents did not yet have SNMP set up, that installation option was not available. Now that you have set up SNMP, you can install GroupWise agent SNMP support.

At the Windows server where you want to install the GroupWise agent SNMP support:

1 Run

setup.exe

at the root of the GroupWise 8 DVD or downloaded GroupWise 8 image, then

click Install Products > GroupWise Agents > Install GroupWise Agents.

Run

install.exe

from the agents subdirectory on the GroupWise 8 DVD or downloaded

GroupWise 8 image, or in your software distribution directory if you have updated it with the

latest GroupWise software.

2 In the Installation Path dialog box, browse to and select the path where the agent software is

installed, then select Install and Configure SNMP for GroupWise Agents.

3 To shorten the install time, deselect Install GroupWise Agent Software.

Monitoring the MTA 685

4 Continue through the rest of the installation process as prompted by the Agent Installation

program.

The Agent Installation program copies the SNMP support files to the agent installation directory, makes the appropriate Windows registry entries, and restarts the Windows SNMP service.

5 Continue with Section 42.6.2, “Copying and Compiling the MTA MIB File,” on page 686.

42.6.2 Copying and Compiling the MTA MIB File

An SNMP-enabled MTA returns information contained in a Management Information Base (MIB). The MIB is an ASCII data structure that defines the information gathered. It also defines the properties that can be monitored and managed on the SNMP-enabled MTA.

Before you can monitor an SNMP-enabled MTA, you must compile the gwmta.mib file using your SNMP management program.

novdocx (en) 22 June 2009

NetWare and Windows:

Linux: The GroupWise MIBs are located on the GroupWise 8 DVD or downloaded GroupWise 8

1 Copy the

The GroupWise MIBs are located on the GroupWise 8 DVD or downloaded GroupWise 8 image in the

software_distribution_directory\agents\snmp

it with the latest GroupWise software.

image in the

gwmta.mib

\agents\snmp

/agents/snmp directory

file from the

directory or in the

\agents\snmp

directory if you have updated

directory to the location required by your

SNMP management program.

ZENworks Server Management users can access the gwmta.mib file in the software distribution directory.

2 Compile or import the

gwmta.mib

file as required by your SNMP management program.

For example, to compile the gwmta.mib file for ZENworks Server Management:

2a In ConsoleOne, right-click the Site Server object, then click Properties > MIB Pool.

2b Click Modify Pool > Add.

2c Browse to and select the

gwmta.mib

file, then click OK.

2d Click Compile.

2e Make sure that the server where the MTA is running is configured to send SNMP traps to

the ZENworks Server Management Site Server.

NetWare: Add the IP address or hostname of the ZENworks Server Management Site

Server to the traptarg.cfg file in the

Windows: Add the IP address or hostname of the ZENworks Server Management Site

Server to the list of trap destinations. For example, in Windows Server 2003, click Start > Control Panel > Administrative Tools > Services. Right-click SNMP Trap Service, then click Properties. On the Tr a ps tab, add the IP address or hostname of the ZENworks Server Management Site Server.

Refer to your SNMP management program documentation for further instructions.

3 Continue with Configuring the MTA for SNMP Monitoring.

686 GroupWise 8 Administration Guide

sys:\etc

directory.

42.6.3 Configuring the MTA for SNMP Monitoring

In order for SNMP monitoring programs to monitor the MTA, the MTA must be configured with a network address and SNMP community string.

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Network Address to display the Network Address page.

3 Click the pencil icon to provide the TCP/IP address or IPX

where the MTA runs, then click Apply.

4 Click GroupWise > Agent Settings.

5 Provide your system SNMP community GET string, then click OK.

ConsoleOne then notifies the POA to restart so the new settings can be put into effect.

The MTA should now be visible to your SNMP monitoring program.

/SPXTM address of the server

42.7 Notifying the Domain Administrator

If you want to be notified with an e-mail message whenever the MTA encounters a critical error, you can designate yourself as an administrator of the domain for which the MTA is running.

novdocx (en) 22 June 2009

1 In ConsoleOne, browse to and right-click the Domain object, then click Properties to display

the Identification page.

2 In the Administrator field, browse to and select your GroupWise user ID.

A domain can have a single administrator, or you can create a group to function as administrators.

3 Click OK to save the administrator information.

The selected user or group then begins receiving e-mail messages whenever the MTA for the domain encounters a critical error.

Corresponding Startup Switches By default, the MTA generates error mail if an administrator has been assigned for the domain. Error mail can be turned off using the /noerrormail switch.

Monitoring the MTA 687

MTA Web Console Another way to receive e-mail notification of MTA problems is to use GroupWise Monitor to access the MTA Web console. See Section 63.5.1, “Configuring E-Mail

Notification,” on page 1018.

42.8 Using the MTA Error Message Documentation

MTA error messages are documented with the source and explanation of the error, possible causes of the error, and actions to take to resolve the error. See “Message Transfer Agent Error Messages” in

GroupWise 8 Troubleshooting 1: Error Messages.

42.9 Employing MTA Troubleshooting Techniques

If you are having a problem with the MTA but not receiving a specific error message, or if the suggested actions for the specific error did not resolve the problem, you can review more general troubleshooting strategies for dealing with MTA problems. See “Message Transfer Agent Problems” in “Strategies for Agent Problems” in GroupWise 8 Troubleshooting 2: Solutions to Common

Problems.

novdocx (en) 22 June 2009

You can also use GroupWise Monitor to troubleshoot message transfer problems. See Part XIV,

“Monitor,” on page 1001.

42.10 Using Platform-Specific MTA Monitoring Tools

Each operating system where the MTA runs provides tools for monitoring programs.

NetWare: You can use the NetWare Monitor NLM to monitor the effects of the MTA on the NetWare

server. NetWare 6.5/OES NetWare provides monitoring tools that you can use from your Web browser. Processor, resource, and memory utilization can be compared to other nonGroupWise NLM programs to determine if the MTA NLM program is monopolizing resources. See your NetWare documentation for additional monitoring suggestions.

Linux: You can use SNMP tools like snmpget and snmpwalk that allow you to retrieve the data

about all the services registered with the SNMP service. These tools are part of the NETSNMP package. See your Linux documentation for additional monitoring suggestions.

Windows: You can use the Performance Monitor in Windows Administrator Tools to gather similar

information. See your Windows documentation for additional monitoring suggestions.

42.11 Using MTA Message Logging

For extremely detailed monitoring of message flow, you can configure the MTA to gather a variety of statistics. See Section 41.4.2, “Enabling MTA Message Logging,” on page 658.

688 GroupWise 8 Administration Guide

Optimizing the MTA

You can adjust how the MTA functions to optimize its performance. Before attempting optimization, you should run the MTA long enough to observe its efficiency and its impact on other network applications running on the same server. See Chapter 42, “Monitoring the MTA,” on page 661.

Also, remember that optimizing your network hardware and operating system can make a difference in MTA performance.

The following topics help you optimize the MTA:

 Section 43.1, “Optimizing TCP/IP Links,” on page 689

 Section 43.2, “Optimizing Mapped/UNC Links,” on page 690

 Section 43.3, “Optimizing the Routing Queue,” on page 694

 Section 43.4, “Adjusting MTA Polling of Closed Locations,” on page 694

novdocx (en) 22 June 2009

43.1 Optimizing TCP/IP Links

Using startup switches in the MTA startup file, you can fine-tune the performance of TCP/IP links.

 Section 43.1.1, “Adjusting the Number of MTA TCP/IP Connections,” on page 689

 Section 43.1.2, “Adjusting the MTA Wait Intervals for Slow TCP/IP Connections,” on

page 689

43.1.1 Adjusting the Number of MTA TCP/IP Connections

When using TCP/IP links between domains, you can control the number of inbound connections the MTA can establish for receiving messages.

Use the /tcpinbound switch in the MTA startup file to increase the maximum number of inbound connections the MTA can establish from the default of 40 to whatever setting meets the needs of your system. There is no maximum setting.

If the MTA is receiving more requests than it can accept, the sending MTAs must wait until a connection becomes available, which slows down message transfer. Each connection requires only about 20 KB. For example, if you configure the MTA to accept 600 connections, it would require approximately 12 MB of RAM. Although there is no maximum setting for inbound connections, this setting is adequate to handle very heavy usage. Use lower settings to conserve RAM or for lighter usage.

MTA Web Console You can check the maximum number of TCP/IP connections that the MTA can start on the Configuration page under the TCP/IP Settings heading.

43.1.2 Adjusting the MTA Wait Intervals for Slow TCP/IP Connections

When using TCP/IP links, you can control how long the MTA waits for responses.

Optimizing the MTA

689

By default, the MTA waits 5 seconds for a response when trying to contact another MTA or a POA across a TCP/IP link. If no response is received from the other MTA or the POA, the sending MTA tries again three more times. If all four attempts fail, the MTA reports an error, then waits 10 minutes before it tries again.

When the MTA attempts to send messages to another MTA or a POA across a TCP/IP link, the sending MTA tries for 20 seconds before reporting an error.

On some networks, these wait intervals might not be sufficient, and the MTA might report an error when, by waiting longer, the needed connection or data transfer would be able to take place.

Use the /tcpwaitconnect switch in the MTA startup file to increase the number of seconds the MTA waits for a response from another MTA or a POA across a TCP/IP link.

Use the /tcpwaitdata switch in the MTA startup file to increase the number of seconds the MTA attempts to send messages to another MTA or a POA across a TCP/IP link.

MTA Web Console You can check the current wait intervals on the Configuration page under the TCP/IP Settings heading.

novdocx (en) 22 June 2009

43.2 Optimizing Mapped/UNC Links

If you must use mapped or UNC links, you can fine-tune how the MTA polls its input queues.

 Section 43.2.1, “Using TCP/IP Links between Locations,” on page 690

 Section 43.2.2, “Adjusting MTA Polling of Input Queues in the Domain, Post Offices, and

Gateways,” on page 690

 Section 43.2.3, “Adjusting the Number of MTA Scanner Threads for the Domain and Post

Offices,” on page 692

NOTE: The Linux MTA does not use mapped or UNC links.

43.2.1 Using TCP/IP Links between Locations

TCP/IP links between domains or between a domain and its post offices are faster than mapped or UNC links because the MTA is immediately notified whenever a new message arrives. This eliminates the latency involved in scanning input directories for messages to process. To change from mapped or UNC links to TCP/IP links, see “Using TCP/IP Links between Domains” on

page 632 and “Using TCP/IP Links between a Domain and its Post Offices” on page 637

43.2.2 Adjusting MTA Polling of Input Queues in the Domain, Post Offices, and Gateways

When using mapped or UNC links between the local domain and its post offices and other domains, the MTA can create a lot of network traffic just scanning its input queues, especially if the message load is light. This can be minimized by setting the scan cycle to a higher number. On the other hand, if the scan cycle is set too high, important messages might have to wait in the input queues to be picked up by the MTA. The MTA’s scan cycle settings also control how often it communicates with gateways installed in the domain.

690 GroupWise 8 Administration Guide

By default, when using mapped or UNC links, the MTA scans its high priority queues every 5 seconds and its regular and low priority queues every 15 seconds. You can adjust the scan cycle

settings to meet the needs of your GroupWise

system.

1 In ConsoleOne®, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Agent Settings to display the Agent Settings page.

novdocx (en) 22 June 2009

3 Decrease the number of seconds in the Scan Cycle field if you want the MTA to scan the

regular and low priority queues (2-7) more often.

Increase the number of seconds in Scan Cycle field if you want the MTA to scan the regular and low priority queues (2-7) less often.

4 Decrease the number of seconds in the Scan High field if you want the MTA to scan the high

priority queues (0-1) more often.

Increase the number of seconds in the Scan High field if you want the MTA to scan high priority queues (0-1) less often.

For the locations and specific uses of the MTA input queues, see “Message Transfer/Storage

Directories” in GroupWise 8 Troubleshooting 3: Message Flow and Directory Structure.

5 Click OK to save the new scan cycle settings.

ConsoleOne then notifies the MTA to restart so the new settings can be put into effect.

Corresponding Startup Switches You can also use the /cylo and /cyhi switches in the MTA startup file to adjust the MTA scan cycle.

MTA Web Console You can check the current MTA scan cycle on the Configuration page under the Performance Settings heading.

Optimizing the MTA 691

43.2.3 Adjusting the Number of MTA Scanner Threads for the Domain and Post Offices

When using mapped or UNC links, the MTA automatically starts four scanner threads, one for each of the following subdirectories of its input queues:

novdocx (en) 22 June 2009

Priority Subdirectory

0 Busy Search requests from GroupWise client users

1 GroupWise Remote user requests

2 Administrative messages and high priority user messages

3-7 regular and low priority messages and status messages

Used For

For the locations of the MTA input queues, see “Message Transfer/Storage Directories” in

GroupWise 8 Troubleshooting 3: Message Flow and Directory Structure.

To conserve server resources, you can reduce the number of scanner threads that the POA starts, but this is not recommended.

IMPORTANT: Do not try to run more than one MTA for the same domain.

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Agent Settings to display the Agent Settings page.

Use 2nd High Priority Scanner is selected by default to provide separate MTA scanner threads for Busy Searches and GroupWise Remote users.

Use 2nd Mail Priority Scanner is selected by default to provide separate MTA scanner threads for administrative messages and high priority user messages vs. regular and low priority messages.

692 GroupWise 8 Administration Guide

With these default settings, the MTA always starts four scanner threads. You can deselect either option so that the MTA starts fewer scanner threads

3 Deselect scanner thread options to allocate threads to priority subdirectories as shown in the

table below.

novdocx (en) 22 June 2009

Primary Use

Busy searches wpcsin\0 High priority

GroupWise Remote user requests

Administrative requests and high priority messages

High priority statuses

Normal priority messages

Normal priority statuses

Low priority messages

Priority Directory

wpcsin\1 High priority

wpcsin\2 Mail priority

wpcsin\3

wpcsin\4 Mail priority

wpcsin\5

wpcsin\6

Two Scanner Threads

scanner thread

Two H igh Priority Scanners

High priority scanner thread one

scanner thread two

Mail priority scanner thread

Two Mail Priority Scanners

High priority scanner thread

Mail priority scanner thread one

scanner thread two

Default Operation

High priority scanner thread one

High priority scanner thread two

Mail priority scanner thread one

Mail priority scanner thread two

Low priority statuses

Total Scanner Threads in Use:

wpcsin\7

2334

4 Click OK to save the new scanner thread settings.

ConsoleOne then notifies the MTA to restart so the new setting can be put into effect.

Corresponding Startup Switches You can also use the /fast0 and /fast4 switches in the MTA startup file to adjust the allocation of MTA scanner threads.

MTA Web Console You can check the current MTA scan cycle on the Configuration page under the Performance Settings heading.

Optimizing the MTA 693

43.3 Optimizing the Routing Queue

Using startup switches in the MTA startup file, you can fine-turn MTA processing in of the routing queue. When the MTA starts, it starts one or more router threads to process its routing queue

gwinprog

( parameters you can set.

 Section 43.3.1, “Adjusting the Maximum Number of Active Router Threads,” on page 694

 Section 43.3.2, “Adjusting the Maximum Number of Idle Router Threads,” on page 694

MTA Web Console You can view the current contents of the routing queue from the Status page. Click Router under the Queue Information heading.

43.3.1 Adjusting the Maximum Number of Active Router Threads

By default, the MTA continues to start additional router threads to processes messages in the routing queue as long as message traffic demands it, until as many as 16 router threads are running. Use the

/maxrouters switch in the MTA startup file to control the number of router threads the MTA can

start.

). As messages arrive in the routing queue, it starts additional routers as needed, within

novdocx (en) 22 June 2009

Set /maxrouters to a lower number to conserve resources and keep the MTA from starting more than the specified maximum number of router threads.

43.3.2 Adjusting the Maximum Number of Idle Router Threads

By default, after the MTA starts a router thread, it keeps it running, up to the maximum number specified by the /maxrouters switch. In a system where short bursts of heavy message traffic are followed by extended lulls, idle router threads could be consuming resources that would be better used by other processes. Use the /maxidlerouters switch in the MTA startup file to determine how many idle router threads are allowed to remain running. The default is 16 idle router threads.

Set /maxidlerouters to a lower number if you want the MTA to terminate idle router threads more quickly. Set /maxidlerouters to a higher number if you want the MTA to keep more idle router threads ready to process incoming message traffic.

43.4 Adjusting MTA Polling of Closed Locations

When a location becomes closed (unavailable), the MTA waits before attempting to recontact that location. If the MTA waits only a short period of time, the MTA can waste time and create network traffic by trying to reestablish a connection with a closed location. On the other hand, you do not want the MTA to ignore an available location by waiting too long.

By default, the MTA waits 600 seconds (10 minutes) between its attempts to contact a closed location. You can adjust the time interval the MTA waits to meet the needs of your GroupWise system.

1 In ConsoleOne, browse to and right-click the MTA object, then click Properties.

2 Click GroupWise > Agent Settings to display the Agent Settings page.

694 GroupWise 8 Administration Guide

3 Decrease the number of seconds in the Attach Retry field if you want the MTA to try to contact

closed locations more often.

novdocx (en) 22 June 2009

Increase the number of seconds in Attach Retry field if you want the MTA to try to contact closed locations less often.

4 Click OK to save the new Attach Retry setting.

ConsoleOne then notifies the MTA to restart so the new setting can be put into effect.

For a TCP/IP link, a location is considered open if the MTA receives a response from the receiving agent within the currently configured wait intervals. See Section 43.1.2, “Adjusting the MTA Wait

Intervals for Slow TCP/IP Connections,” on page 689. Otherwise, the location is considered closed.

For a mapped or UNC link, a location is considered open if the MTA can perform the following actions:

 Create a temporary directory in the MTA input queue (

post_office\wpcsin

 Create a temporary file in that new directory

 Delete the temporary file

 Delete the temporary directory

directories)

domain\wpcsin

and

For more information about the MTA input queues, see “Message Transfer/Storage Directories” in

GroupWise 8 Troubleshooting 3: Message Flow and Directory Structure.

Optimizing the MTA 695

novdocx (en) 22 June 2009

696 GroupWise 8 Administration Guide

Using MTA Startup Switches

You can override settings provided in ConsoleOne® by using startup switches in the MTA startup file. When you run the Agent Installation program, an initial MTA startup file is created in the agent

.mta

installation directory. It is named using the first 8 characters of the domain name with a extension. This initial startup file includes the /home startup switch set to the location of the domain directory.

Startup switches specified on the command line override those in the startup file. Startup switches in the startup file override corresponding settings in ConsoleOne. You can view the MTA startup file from the Configuration page of the MTA Web console.

The table below summarizes MTA startup switches for all platforms and how they correspond to configuration settings in ConsoleOne.

Switch starts with: a b c d e f g h i j k l m n o p q r s t u v w x y z

novdocx (en) 22 June 2009

Table 44-1 MTA Startup Switches

NetWare MTA Linux MTA Windows MTA ConsoleOne Settings

@filename @filename @filename

N/A --activelog /activelog N/A

/certfile --certfile /certfile Certificate File

/cluster --cluster /cluster N/A

/cyhi --cyhi /cyhi Scan High

/cylo --cylo /cylo Scan Cycle

/defaultroutingdomain --defaultroutingdomain /defaultroutingdomain Default Routing Domain

/dn N/A N/A N/A

/fast0 --fast0 /fast0 Use 2nd High Priority Scanner

/fast4 --fast4 /fast4 Use 2nd Mail Priority Scanner

/help --help /help N/A

/home --home /home N/A

/httppassword --httppassword /httppassword HTTP Password

N/A

/httpport --httpport /httpport HTTP Port

/httprefresh --httprefresh /httprefresh N/A

/httpssl --httpssl /httpssl HTTP

/httpuser --httpuser /httpuser HTTP User Name

/ip --ip /ip TCP/IP Address

/keyfile --keyfile /keyfile SSL Key File

Using MTA Startup Switches

697

NetWare MTA Linux MTA Windows MTA ConsoleOne Settings

/keypassword --keypassword /keypassword SSL Key File Password

/language --language /language N/A

/liveremote --liveremote /liveremote N/A

/log --log /log Log File Path

/logdays --logdays /logdays Max Log File Age

/logdiskoff --logdiskoff /logdiskoff Logging Level

/loglevel --loglevel /loglevel Logging Level

/logmax --logmax /logmax Max Log Disk Space

/lrconn --lrconn /lrconn N/A

/lrwaitdata --lrwaitdata /lrwaitdata N/A

/maxidlerouters --maxidlerouters /maxidlerouters N/A

novdocx (en) 22 June 2009

/maxrouters --maxrouters /maxrouters N/A

/messagelogdays --messagelogdays /messagelogdays Delete Reports After

/messagelogmaxsize --messagelogmaxsize /messagelogmaxsize N/A

/messagelogpath --messagelogpath /messagelogpath Message Log File Path

/messagelogsettings --messagelogsettings /messagelogsettings Message Logging Level

/msgtranssl --msgtranssl /msgtranssl Message Transfer SSL

/noada --noada /noada N/A

/nodns --nodns /nodns N/A

/noerrormail --noerrormail /noerrormail N/A

/nondssync --nondssync /nondssync N/A

/norecover --norecover /norecover N/A

/nosnmp --nosnmp /nosnmp N/A

/password N/A N/A N/A

N/A --show N/A N/A

/tcpinbound --tcpinbound /tcpinbound N/A

/tcpport --tcpport /tcpport Network Address

/tcpwaitconnect --tcpwaitconnect /tcpwaitconnect N/A

/tcpwaitdata --tcpwaitdata /tcpwaitdata N/A

/tracelogin N/A N/A N/A

/user N/A N/A N/A

/vsnoadm --vsnoadm /vsnoadm N/A

698 GroupWise 8 Administration Guide

NetWare MTA Linux MTA Windows MTA ConsoleOne Settings

/work --work /work N/A

44.1 @filename

Specifies the location of the MTA startup file. On NetWare® and Windows, the full path must be included if the file does not reside in the same directory with the MTA program. On Linux, the startup file always resides in the

/opt/novell/groupwise/agents/share

file must reside on the same server where the MTA is installed.

NetWare MTA Linux MTA Windows MTA

Syntax: @[vol:][\dir\]file @[/dir/]file @[drive:][\dir\]file

directory. The startup

novdocx (en) 22 June 2009

Example: load gwmta @provo2.mta

load gwmta @sys:\agt\provo2.mta

./gwmta @../share/

lnxdom.mta

gwmta.exe @provo2.mta gwmta.exe @d:\agt\provo2.mta

44.2 /activelog

Displays the active log window rather than the alert box when the MTA starts. See Section 42.1.1,

“Monitoring the MTA from the MTA Server Console,” on page 661.

NetWare MTA Linux MTA Windows MTA

Syntax: N/A --activelog /activelog

44.3 /certfile

Specifies the full path to the public certificate file used to provide secure SSL communication between the MTA and other programs. See Section 41.2.3, “Securing the Domain with SSL

Connections to the MTA,” on page 643.

NetWare MTA Linux MTA Windows MTA

Syntax: /certfile-[svr\][vol:]\dir\file

/certfile-\\svr\vol\dir\file

--certfile-/dir/file /certfile-[drive:]\dir\file /certfile-\\svr\sharename\dir\file

Example: /certfile-\ssl\gw.crt

/certfile-server2\sys:\ssl\gw.crt /certfile-\\server2\sys\ssl\gw.crt

44.4 /cluster

Informs the MTA that it is running in a cluster. A clustered MTA automatically binds to the IP address configured for the MTA object even if the Bind Exclusively to TCP/IP Address option is not selected on the MTA Network Address page in ConsoleOne. This prevents unintended connections to other IP addresses, such as the loopback address or the node’s physical IP address. For information about clustering the MTA, see the GroupWise 8 Interoperability Guide.

NetWare MTA Linux MTA Windows MTA

Syntax: /cluster --cluster /cluster

44.5 /cyhi

Sets the number of seconds in the scan cycle that the MTA uses to scan its priority 0-1 input queues. The default is 5 seconds. See Section 43.2.2, “Adjusting MTA Polling of Input Queues in the

Domain, Post Offices, and Gateways,” on page 690.

novdocx (en) 22 June 2009

NetWare MTA Linux MTA Windows MTA

Syntax: /cyhi-seconds --cyhi-seconds /cyhi-seconds

Example: /cyhi-3 --cyhi 3 /cyhi-3

44.6 /cylo

Sets the number of seconds in the scan cycle that the MTA uses to scan its priority 2-7 input queues. The default is 15 seconds. See Section 43.2.2, “Adjusting MTA Polling of Input Queues in the

Domain, Post Offices, and Gateways,” on page 690.

NetWare MTA Linux MTA Windows MTA

Syntax: /cylo-seconds --cylo-seconds /cylo-seconds

Example: /cylo-10 --cylo 10 /cylo-10

44.7 /defaultroutingdomain

Identifies the domain name in your GroupWise® system to which all MTAs should send messages when they cannot resolve the available routing information to a specific user.post_office.domain GroupWise address. See Section 41.3.1, “Using Routing Domains,” on page 646.

700 GroupWise 8 Administration Guide

NetWare MTA Linux MTA Windows MTA

novdocx (en) 22 June 2009

Syntax: /defaultroutingdomain-

domain

Example: /defaultroutingdomain-

inethub

--defaultroutingdomain

domain

--defaultroutingdomain inethub

/defaultroutingdomain-domain

/defaultroutingdomain-inethub

44.8 /dn

Specifies the Novell® eDirectoryTM distinguished name of the NetWare MTA object to facilitate logging into remote servers and authenticating to eDirectory. It can be used instead of the /user and /

password switches.

NetWare MTA Linux MTA Windows MTA

Syntax: /dn-distinguished_name N/A N/A

Example: /dn-MTA.provo2.GroupWise N/A N/A

44.9 /fast0

Causes the MTA to monitor and process the priority 0 and 1 subdirectories independently with separate scanner threads, rather than in sequence with the same scanner thread. See Section 43.2.3,

“Adjusting the Number of MTA Scanner Threads for the Domain and Post Offices,” on page 692.

NetWare MTA Linux MTA Windows MTA

Syntax: /fast0 --fast0 /fast0

44.10 /fast4

Causes the MTA to monitor and process the priority 2 and 3 subdirectories with a separate scanner thread from the priority 4 through 7 subdirectories. See Section 43.2.3, “Adjusting the Number of

MTA Scanner Threads for the Domain and Post Offices,” on page 692.

NetWare MTA Linux MTA Windows MTA

Syntax: /fast4 --fast4 /fast4

44.11 /help

Displays the MTA startup switch Help information. When this switch is used, the MTA does not start.

Using MTA Startup Switches 701

NetWare MTA Linux MTA Windows MTA

Syntax: /help or /? --help or --? /help or /?

Example: load gwmta.nlm /help ./gwmta --help gwmta.exe /help

44.12 /home

Specifies the domain directory, where the MTA can access the domain database (wpdomain.db). There is no default location. You must use this switch in order to start the MTA

NetWare MTA Linux MTA Windows MTA

novdocx (en) 22 June 2009

Syntax: /home-[svr\][vol:]\dir

/home-\\svr\vol\dir

Example: /home-\provo2

/home-mail:\provo2 /home-server2\mail:\provo2 /home-\\server2\mail\provo2

--home /dir /home-[drive:]\dir /home-\\svr\sharename\dir

--home /gwsystem/provo2 /home-\provo2 /home-m:\provo2 home-\\server2\c\mail\provo2

44.13 /httppassword

Specifies the password for the MTA to prompt for before allowing MTA status information to be displayed in your Web browser. Do not use an existing eDirectory password because the information passes over the non-secure connection between your Web browser and the MTA. See Section 42.2,

“Using the MTA Web Console,” on page 673.

NetWare MTA Linux MTA Windows MTA

Syntax: /httppassword-

unique_password

Exampl e:

/httppassword-AgentWatch --httppassword AgentWatch /httppassword-AgentWatch

See also /httpuser, /httpport, /httprefresh, and /httpssl.

--httppassword

unique_password

/httppassword-

unique_password

44.14 /httpport

Sets the HTTP port number used for the MTA to communicate with your Web browser. The default is 7180; the setting must be unique. See Section 42.2, “Using the MTA Web Console,” on page 673.

NetWare MTA Linux MTA Windows MTA

Syntax: /httpport-port_number --httpport port_number /httpport-port_number

Example: /httpport-3801 --httpport 3802 /httpport-3803

See also /httpuser, /httppassword, /httprefresh, and /httpssl.

702 GroupWise 8 Administration Guide

44.15 /httprefresh

Specifies the rate at which the MTA refreshes the status information in your Web browser. The default is 60 seconds. See Section 42.2, “Using the MTA Web Console,” on page 673.

NetWare MTA Linux MTA Windows MTA

Syntax: /httprefresh-seconds --httprefresh seconds /httprefresh-seconds

Example: /httprefresh-30 --httprefresh 90 /httprefresh-120

See also /httpuser, /httppassword, /httpport, and /httpssl.

44.16 /httpssl

Enables secure SSL communication between the MTA and the MTA Web console displayed in your Web browser. See Section 41.2.3, “Securing the Domain with SSL Connections to the MTA,” on

page 643.

novdocx (en) 22 June 2009

NetWare MTA Linux MTA Windows MTA

Syntax: /httpssl --httpssl /httpssl

See also /certfile, /keyfile, and/keypassword.

44.17 /httpuser

Specifies the username for the MTA to prompt for before allowing MTA status information to be displayed in your Web browser. Providing a username is optional. Do not use an existing eDirectory username because the information passes over the non-secure connection between your Web browser and the MTA. See Section 42.2, “Using the MTA Web Console,” on page 673.

NetWare MTA Linux MTA Windows MTA

Syntax: /httpuser-unique_name --httpuser unique_name /httpuser-unique_name

Example: /httpuser-GWWebCon --httpuser GWWebCon /httpuser-GWWebCon

See also /httppassword, /httpport, and /httprefresh.

44.18 /ip

Binds the MTA to a specific IP address when the server where it runs uses multiple IP addresses. The specified IP address is associated with both ports used by the MTA (message transfer and HTTP) Without the /ip switch, the MTA binds to all available IP addresses. See Section 41.1.5,

“Binding the MTA to a Specific IP Address,” on page 639.

Using MTA Startup Switches 703

NetWare MTA Linux MTA Windows MTA

novdocx (en) 22 June 2009

Syntax: /ip-IP_address

/ip-”full_DNS_name”

Exampl e:

/ip-172.16.5.18 /ip-”mtasvr.provo.novell.com”

--ip IP_address

--ip “full_DNS_name”

--ip 172.16.5.18

--ip “mtasvr.provo.novell.com”

/ip-IP_address /ip-”full_DNS_name”

/ip-172.16.5.18 /ip-”mtasvr.provo.novell.com”

44.19 /keyfile

Specifies the full path to the private file used to provide secure SSL communication between the MTA and other programs. See Section 41.2.3, “Securing the Domain with SSL Connections to the

MTA,” on page 643.

NetWare MTA Linux MTA Windows MTA

Syntax: /keyfile-[svr\][vol:]\dir\file

/keyfile-\\svr\vol\dir\file

Example: /keyfile-\ssl\gw.key

/keyfile-server2\sys:\ssl\gw.key /keyfile-\\server2\sys\ssl\gw.key

44.20 /keypassword

Specifies the password used to encrypt the private SSL key file when it was created. See

Section 41.2.3, “Securing the Domain with SSL Connections to the MTA,” on page 643.

NetWare MTA Linux MTA Windows MTA

Syntax: /keypassword-password --keypassword password /keypassword-password

Example: /keypassword-gwssl --keypassword gwssl /keypassword-gwssl

44.21 /language

Specifies the language to run the MTA in, using a two-letter language code as listed below. You must install the MTA in the selected language in order for the MTA to display in the selected language.

The initial default is the language used in the domain. If that language has not been installed, the next default is the language used by the operating system. If that language has not been installed, the final default is English. You only need to use this switch if you need to override these defaults.

704 GroupWise 8 Administration Guide

NetWare MTA Linux MTA Windows MTA

Syntax: /language-code --language code /language-code

Example: /language-es --language de /language-fr

Contact your local Novell sales office for information about language availability.

See Chapter 7, “Multilingual GroupWise Systems,” on page 111 for a list of language codes.

44.22 /liveremote

Turns on re-direction of Remote client requests and provides the TCP port on which the MTA listens for Remote client requests. See Section 41.2.2, “Enabling Live Remote,” on page 643.

NetWare MTA Linux MTA Windows MTA

Syntax: /liveremote-port_number /liveremote-port_number /liveremote-port_number

novdocx (en) 22 June 2009

Example: /liveremote-7111 /liveremote-7112 /liveremote-7112

44.23 /log

Specifies the directory where the MTA will store its log files. The default location varies by platform.

NetWare:

Linux:

Windows:

For more information, see Section 42.3, “Using MTA Log Files,” on page 681.

Syntax: /log-[svr\][vol:]\dir

Example: /log-\agt\log

mslocal

/var/log/novell/groupwise/domain_name.mta

mslocal

NetWare MTA Linux MTA Windows MTA

/log-\\svr\vol\dir

/log-server2\mail:\agt\log /log-\\server2\mail\agt\log

subdirectory in the directory specified by the /work switch

--log /dir /log-[drive:]\dir /log-\\svr\sharename\dir

--log /gwsystem/logs /log-\agt\log /log-m:\agt\log /log-\\server2\c\mail\agt\log

Typically you would find multiple log files in the specified directory. The first 4 characters represent the date. The next 3 characters identify the agent. A three-digit extension allows for multiple log files created on the same day. For example, a log file named

0518mta.001

would indicate that it is an MTA log file, created on May 18. If you restarted the MTA on the same day, a new log file would be started, named

0518mta.002

Using MTA Startup Switches 705

See also /loglevel, /logdiskoff, /logdays, and /logmax.

44.24 /logdays

Sets the number of days you want MTA log files to remain on disk before being automatically deleted. The default log file age is 30 days. See Section 42.3, “Using MTA Log Files,” on page 681.

NetWare MTA Linux MTA Windows MTA

Syntax: /logdays-days --logdays days /logdays-days

Example: /logdays-15 --logdays 45 /logdays-60

See also /log, /loglevel, /logdiskoff, and /logmax.

44.25 /logdiskoff

Turns off disk logging for the MTA so no information about the functioning of the MTA is stored on disk. The default is for logging to be turned on. See Section 42.3, “Using MTA Log Files,” on

page 681.

novdocx (en) 22 June 2009

NetWare MTA Linux MTA Windows MTA

Syntax: /logdiskoff --logdiskoff /logdiskoff

44.26 /loglevel

Controls the amount of information logged by the MTA. Logged information is displayed in the log message box and written to the MTA log file during the current agent session. The default is Normal, which displays only the essential information suitable for a smoothly running MTA. Use Verbose to display the essential information, plus additional information helpful for troubleshooting. Verbose logging does not degrade MTA performance, but log files saved to disk consume more disk space when verbose logging is in use. See Section 42.3, “Using MTA Log Files,” on page 681.

NetWare MTA Linux MTA Windows MTA

Syntax: /loglevel-level --loglevel level /loglevel-level

Example: /loglevel-verbose --loglevel verbose /loglevel-verbose

See also /log, /logdiskoff, /logdays, and /logmax.

44.27 /logmax

Sets the maximum amount of disk space for all MTA log files. When the specified disk space is consumed, the MTA deletes existing log files, starting with the oldest. The default is 102400 KB (100 MB) of disk space for all MTA log files. See Section 42.3, “Using MTA Log Files,” on

page 681.

706 GroupWise 8 Administration Guide

NetWare MTA Linux MTA Windows MTA

Syntax: /logmax-kilobytes --logmax kilobytes /logmax-kilobytes

Example: /logmax-32000 --logmax 130000 /logmax-160000

See also /log, /loglevel, /logdiskoff, and /logdays.

44.28 /lrconn

Specifies the maximum number of simultaneously connected Remote client users the MTA can accept. The default is 25. See Section 41.2.2, “Enabling Live Remote,” on page 643.

NetWare MTA Linux MTA Windows MTA

Syntax: /lrconn-number --lrconn number /lrconn-number

Example: /lrconn-50 --lrconn 75 /lrconn-100

novdocx (en) 22 June 2009

44.29 /lrwaitdata

Specifies the number of seconds you want the MTA to wait for a response from the PO before timing out for users in Remote mode. The default is 5 minutes. See Section 41.2.2, “Enabling Live

Remote,” on page 643.

NetWare MTA Linux MTA Windows MTA

Syntax: /lrwaitdata-number --lrwaitdata number /lrwaitdata-number

Example: /lrwaitdata-7 --lrwaitdata-10 /lrwaitdata-12

44.30 /maxidlerouters

Specifies the maximum number of idle router threads the MTA can keep running. The default is 16; valid values range from 1 to 16. See Section 43.3, “Optimizing the Routing Queue,” on page 694.

NetWare MTA Linux MTA Windows MTA

Syntax: /maxidlerouters-threads --maxidlerouters threads /maxidlerouters-threads

Example: /maxidlerouters-5 --maxidlerouters 10 /maxidlerouters-12

44.31 /maxrouters

Specifies the maximum number of router threads the MTA can start. The default is 16; valid values range from 1 to 16. See Section 43.3, “Optimizing the Routing Queue,” on page 694.

NetWare MTA Linux MTA Windows MTA

Syntax: /maxrouters-threads --maxrouters threads /maxrouters-threads

Example: /maxrouters-10 --maxrouters 12 /maxrouters-14

44.32 /messagelogdays

Sets the number of days you want MTA message log files to remain on disk before being automatically deleted. The default is 30 days. See Section 41.4.2, “Enabling MTA Message

Logging,” on page 658.

novdocx (en) 22 June 2009

NetWare MTA Linux MTA Windows MTA

Syntax: /messagelogdays-days --messagelogdays days /messagelogdays-days

Example: /messagelogdays-15 --messagelogdays 45 /messagelogdays-60

See also /messagelogsettings, /messagelogpath, and /messagelogmaxsize.

44.33 /messagelogmaxsize

Sets the maximum size for MTA message log files. The default is 102400 KB (100 MB). See

Section 41.4.2, “Enabling MTA Message Logging,” on page 658.

NetWare MTA Linux MTA Windows MTA

Syntax: /messagelogmaxsize-

kilobytes

Exampl e:

See also /messagelogsettings, /messagelogpath, and /messagelogdays.

/messagelogmaxsize-32000 --messagelogmaxsize 130000 /messagelogmaxsize-160000

--messagelogmaxsize

kilobytes

/messagelogmaxsize-kilobytes

44.34 /messagelogpath

Specifies the directory for the MTA message log. The default location is mloscal\msglog. See

Section 41.4.2, “Enabling MTA Message Logging,” on page 658.

708 GroupWise 8 Administration Guide

NetWare MTA Linux MTA Windows MTA

novdocx (en) 22 June 2009

Syntax: /messagelogpath-[svr\][vol:]\dir

/messagelogpath-\\svr\vol\dir

Exampl e:

/messagelogpath-\mta\log /messagelogpath-

svr2\mail:\mta\log

/messagelogpath-

\\svr2\mail\mta\log

--messagelogpath /dir /messagelogpath-[drive:]\dir /messagelogpath-

\\svr\sharename\dir

--messagelogpath /gwsys/

logs

/messagelogpath-\mta\log /messagelogpath-m:\mta\log /messagelogpath-

\\svr2\c\mail\mta\log

See also /messagelogsettings, /messagelogdays, and /messagelogmaxsize.

44.35 /messagelogsettings

Enables MTA message logging. See Section 41.4.2, “Enabling MTA Message Logging,” on

page 658.

NetWare MTA Linux MTA Windows MTA

Syntax: /messagelogsettings-codes --messagelogsettings codes /messagelogsettings-codes

Example: /messagelogsettings-e --messagelogsettings e /messagelogsettings-e

See also /messagelogpath, /messagelogdays, and /messagelogmaxsize.

44.36 /msgtranssl

Enables secure SSL communication between the MTA and the POAs in its domain. See

Section 41.2.3, “Securing the Domain with SSL Connections to the MTA,” on page 643.

NetWare MTA Linux MTA Windows MTA

Syntax: /msgtranssl --msgtranssl /msgtranssl

See also /certfile, /keyfile, and /keypassword.

44.37 /noada

Disables the MTA admin thread. For an explanation of the MTA admin thread, see “MTA Admin

Thread Status Box” on page 664.

NetWare MTA Linux MTA Windows MTA

Syntax: /noada --noada /noada

Historical Note: In GroupWise 5.2 and earlier, a separate agent, the Administration Agent (ADA), handled the functions now consolidated into the MTA admin thread. Hence the switch name, /noada.

Using MTA Startup Switches 709

44.38 /nodns

Disables DNS lookups for the MTA. See “Using Dynamic Internet Links” in “Connecting to Other

GroupWise Systems” in the GroupWise 8 Multi-System Administration Guide.

NetWare MTA Linux MTA Windows MTA

Syntax: /nodns --nodns /nodns

44.39 /noerrormail

Prevents error files from being sent to the GroupWise administrator. The default is for error mail to be sent to the administrator. See Section 42.7, “Notifying the Domain Administrator,” on page 687.

NetWare MTA Linux MTA Windows MTA

Syntax: /noerrormail --noerrormail /noerrormail

novdocx (en) 22 June 2009

44.40 /nondssync

Disables eDirectory user synchronization. See Section 41.4.1, “Using eDirectory User

Synchronization,” on page 653.

NetWare MTA Linux MTA Windows MTA

Syntax: /nondssync --nondssync N/A

44.41 /norecover

Disables automatic database recovery. The default is for automatic database recovery to be turned on. If the MTA detects a problem with the domain database ( database recovery has been turned off, the MTA will notify the administrator, but it will not recover the problem database. See Chapter 26, “Maintaining Domain and Post Office Databases,” on

page 393.

NetWare MTA Linux MTA Windows MTA

Syntax: /norecover --norecover /norecover

wpdomain.db

) when automatic

44.42 /nosnmp

Disables SNMP for the MTA. The default is to have SNMP enabled. See Section 42.6, “Using an

SNMP Management Console,” on page 683.

NetWare MTA Linux MTA Windows MTA

Syntax: /nosnmp --nosnmp /nosnmp

710 GroupWise 8 Administration Guide

44.43 /password

Provides the password for the NetWare MTA to use when accessing domains and post offices on remote servers

NetWare MTA Linux MTA Windows MTA

Syntax: /password-NetWare_password N/A N/A

Example: /password-GWise N/A N/A

44.44 --show

Starts the Linux MTA with a server console interface similar to that provided for the NetWare and Windows MTAs. This user interface requires that the X Window System and Open Motif be running on the Linux server.

novdocx (en) 22 June 2009

The --show switch cannot be used in the MTA startup file. Therefore, the MTA never runs with a user interface if it is started automatically whenever the server restarts.

NetWare MTA Linux MTA Windows MTA

Syntax: N/A --show N/A

44.45 /tcpinbound

Sets the maximum number of inbound TCP/IP connections for the MTA. The default is 40. There is no maximum number of outbound connections. The only limit on the MTA for outbound connections is available resources. See Section 43.1.1, “Adjusting the Number of MTA TCP/IP

Connections,” on page 689.

NetWare MTA Linux MTA Windows MTA

Syntax: /tcpinbound-number --tcpinbound number /tcpinbound-number

Example: /tcpinbound-50 --tcpinbound 60 /tcpinbound-70

44.46 /tcpport

Sets the TCP port number on which the MTA listens for incoming messages. The default is 7100. See “Using TCP/IP Links between Domains” on page 632.

NetWare MTA Linux MTA Windows MTA

Syntax: /tcpport-port_number --tcpport port_number /tcpport-port_number

Example: /tcpport-7200 --tcpport 7200 /tcpport-7200

Using MTA Startup Switches 711

44.47 /tcpwaitconnect

Sets the maximum number of seconds the MTA waits for a connection to another MTA. The default is 5. See Section 43.1.2, “Adjusting the MTA Wait Intervals for Slow TCP/IP Connections,” on

page 689.

NetWare MTA Linux MTA Windows MTA

Syntax: /tcpwaitconnect-seconds --tcpwaitconnect seconds /tcpwaitconnect-seconds

Example: /tcpwaitconnect-10 --tcpwaitconnect 10 /tcpwaitconnect-10

44.48 /tcpwaitdata

Sets the maximum number of seconds the MTA attempts to send data over a TCP/IP connection to another MTA. The default is 20. See Section 43.1.2, “Adjusting the MTA Wait Intervals for Slow

TCP/IP Connections,” on page 689.

novdocx (en) 22 June 2009

NetWare MTA Linux MTA Windows MTA

Syntax: /tcpwaitdata-seconds --tcpwaitdata seconds /tcpwaitdata-seconds

Example: /tcpwaitdata-30 --tcpwaitdata 30 /tcpwaitdata-30

44.49 /tracelogin

Displays NetWare MTA login messages on the NetWare server console to help determine problems the MTA is having when logging in to a remote server.

NetWare MTA Linux MTA Windows MTA

Syntax: /tracelogin-code N/A N/A

Example: /tracelogin-1 N/A N/A

Code Description

1 2 Display login problems Display all login messages

44.50 /user

Provides the NetWare user ID for the NetWare MTA to use when accessing domains and post offices on remote servers. See “Creating a NetWare Account for Agent Access (Optional)” in the

GroupWise 8 Installation Guide.

712 GroupWise 8 Administration Guide

NetWare MTA Linux MTA Windows MTA

Syntax: /user-NetWare_user_ID N/A N/A

Example: /user-GWAgents N/A N/A

44.51 /vsnoadm

Prevents GroupWise administration messages from being processed by an integrated virus scanner. Because administration messages are created within your GroupWise system, they are not likely to contain viruses. In a GroupWise system with a large amount of administrative activity (adding users, deleting users, etc.), skipping the virus scanning of administrative messages can speed up processing of users’ e-mail messages.

NetWare MTA Linux MTA Windows MTA

novdocx (en) 22 June 2009

Syntax: /vsnoadm --vsnoadm /vsnoadm

44.52 /work

Specifies the directory where the MTA creates its local working directory ( the domain directory. However, if the domain is located on a different server from where the MTA will run, use a local directory so the MTA cannot lose its connection to its mslocal directory.

NetWare MTA Linux MTA Windows MTA

Syntax: /work-[svr\][vol:]\dir

/work-\\svr\vol\dir

Example: /work-\gwmta

/work-mail:gwmta /work-server2\mail:\gwmta /work-\\server2\mail\gwmta

--work /dir /work-[drive:]\dir

--work /gwmta /work-\gwmta

mslocal

/work-\\svr\sharename\dir

/work-m:\gwmta work-\\server2\c\mail\gwmta

). The default is

Using MTA Startup Switches 713

novdocx (en) 22 June 2009

714 GroupWise 8 Administration Guide

Novell GROUPWISE 8 Message Transfer Agent

Specifications and Main Features

Frequently Asked Questions

User Manual

40.1 Domain Representation in ConsoleOne

Understanding Message Transfer between Domains and Post Offices

40.2 Domain Directory Structure

40.3 Information Stored in the Domain

40.3.1 Domain Database

40.3.2 Agent Input/Output Queues in the Domain

40.3.3 Gateways

40.4 Role of the Message Transfer Agent

40.5 Link Configuration between Domains and Post Offices

40.6 Message Flow between Domains and Post Offices

40.6.1 Message Flow between Post Offices in the Same Domain

40.6.2 Message Flow between Different Domains

40.7 Cross-Platform Issues between Domains and Post Offices

40.7.1 MTA Platform Dependencies Because of Direct Access Requirements to Post Offices

40.7.2 MTA/Post Office Platform Independence through TCP/IP Links

40.7.3 MTA Platform Dependencies Because of Direct Access Requirements to the Domain

40.7.4 MTA/Domain Platform Independence through TCP/IP Links

40.7.5 MTA/Domain Platform Independence through the Transfer Pull Configuration

Configuring the MTA

41.1 Performing Basic MTA Configuration

41.1.1 Creating an MTA Object in eDirectory

41.1.2 Configuring the MTA in ConsoleOne

41.1.3 Changing the Link Protocol between Domains

41.1.4 Changing the Link Protocol between a Domain and Its Post Offices

41.1.5 Binding the MTA to a Specific IP Address

41.1.6 Moving the MTA to a Different Server

41.1.7 Adjusting the MTA for a New Location of a Domain or Post Office

41.1.8 Adjusting the MTA Logging Level and Other Log Settings

41.2 Configuring User Access through the Domain

41.2.1 Restricting Message Size between Domains

41.2.2 Enabling Live Remote

41.2.3 Securing the Domain with SSL Connections to the MTA

41.3 Configuring Specialized Routing

41.3.1 Using Routing Domains

41.3.2 Scheduling Direct Domain Links

41.3.3 Using a Transfer Pull Configuration

41.4 Configuring Domain Maintenance

41.4.1 Using eDirectory User Synchronization

41.4.2 Enabling MTA Message Logging

Monitoring the MTA

42.1 Using the MTA Server Console

42.1.1 Monitoring the MTA from the MTA Server Console

42.1.2 Controlling the MTA from the MTA Server Console

42.2 Using the MTA Web Console

42.2.1 Setting Up the MTA Web Console

42.2.2 Accessing the MTA Web Console

42.2.3 Monitoring the MTA from the MTA Web Console

42.2.4 Controlling the MTA from the MTA Web Console

42.3 Using MTA Log Files

42.3.1 Configuring MTA Log Settings and Switches

42.3.2 Viewing MTA Log Files

42.3.3 Interpreting MTA Log File Information

42.4 Using GroupWise Monitor

42.5 Using Novell Remote Manager

42.6 Using an SNMP Management Console

42.6.1 Setting Up SNMP Services for the MTA

42.6.2 Copying and Compiling the MTA MIB File

42.6.3 Configuring the MTA for SNMP Monitoring

42.7 Notifying the Domain Administrator

42.8 Using the MTA Error Message Documentation

42.9 Employing MTA Troubleshooting Techniques

42.10 Using Platform-Specific MTA Monitoring Tools

42.11 Using MTA Message Logging

Optimizing the MTA

43.1 Optimizing TCP/IP Links

43.1.1 Adjusting the Number of MTA TCP/IP Connections

43.1.2 Adjusting the MTA Wait Intervals for Slow TCP/IP Connections

43.2 Optimizing Mapped/UNC Links

43.2.1 Using TCP/IP Links between Locations

43.2.2 Adjusting MTA Polling of Input Queues in the Domain, Post Offices, and Gateways

43.2.3 Adjusting the Number of MTA Scanner Threads for the Domain and Post Offices

43.3 Optimizing the Routing Queue

43.3.1 Adjusting the Maximum Number of Active Router Threads

43.3.2 Adjusting the Maximum Number of Idle Router Threads

43.4 Adjusting MTA Polling of Closed Locations

Using MTA Startup Switches