Monday Feb 05, 2007

New in Messaging Server 6.3: MeterMaid

In the current version of Messaging Server 6.x (and for that matter, 5.x), to limit email coming to the Messaging Server MTA from a particular sending host (IP address), you use the shared library, conn_throttle.so in the Port Access mapping table. Limiting connections by particular IP addresses can be useful for preventing excessive connections used in denial-of-service attacks. This technique is also referred to as "throttling" a host (or IP address).

Messaging Server 6.3 will extend this ability with MeterMaid. MeterMaid enables throttling by determining when an IP address has recently connected too often and should be turned away for awhile. MeterMaid represents the officer patrolling the streets, looking for those who have exceeded their allotted amount. It is a repository process that supplants conn_throttle.so, providing similar functionality but extending it across the Messaging Server product. In addition, MeterMaid is more configurable than conn_throttle.so. Of note: No further enhancements will be made to conn_throttle.so going forward.

Improvements

The primary improvements by MeterMaid are that it is a single repository of the throttling information that can be accessed by all systems and processes within the Messaging Server environment. It continues to maintain an in-memory database to store this data to maximize performance. Restarting MeterMaid will lose all information previously stored, but since the data is typically very short lived, the cost of such a restart (done infrequently) is very low.

Configuration

MeterMaid is accessed from the MTA through a mapping table callout using check_metermaid.so. It can be called from any of the _ACCESS tables. When called from the PORT_ACCESS table, it can be used to check limits based on the IP address of the connection which will be the most common way to implement MeterMaid as a replacement for the older conn_throttle.so. If called from other _ACCESS tables, MeterMaid can also be used to establish limits on other data such as the envelope from or envelope to addresses as well as IP addresses.

Only one entrypoint in check_metermaid.so is defined. The throttle routine contacts MeterMaid providing two subsequent arguments separated by commas. The first is the name of the table against which the data will be checked, and the second is the data to be checked. If the result from the probe is that the particular data being checked has exceeded its quota in that table, check_metermaid.so returns "success" so that the mapping engine will continue processing this entry. The remainder of the entry would then be used to handle this connection that has exceeded its quota.

Again, your definitive source of information on MeterMaid, once 6.3 is out, will be the chapter 19 in the Messaging Server 6.3 Administration Guide.

Wednesday Dec 20, 2006

Messaging Server & Communications Express: Improved Migration of Personal Address Books

As I wrote about previously on this blog, I've been working on a Sun BluePrints article on how to migrate the Messenger Express Personal Address Book to the Communications Express Address Book Store. This BluePrints article is now available here:

http://www.sun.com/blueprints/1206/820-0618.html

Synopsis:

The Messenger Express Web-based email client includes a Personal Address Book (PAB) application for storing and managing user's personal information, such as email addresses and phone numbers. Sun Java System Communications Express, the unified Web client introduced in Sun Java Enterprise System 2004Q2 supersedes Messenger Express and Calendar Express. Communications Express also includes Address Book Store (ABS) that provides all of the functionality of PAB and is better integrated with mail and calendar components.

When upgrading from Messenger Express (also known as Webmail) to Communications Express, you need to migrate users' PAB entries to ABS. (This migration does not occur automatically as part of the upgrade process.) A new tool, pab2abs.pl, has been made available that provides improved performance over the earlier migration tool, runMigrate.sh. This article describes how you can use the pab2abs.pl tool to either migrate a single or a few users, or to migrate your entire PAB database.

Friday Nov 10, 2006

Migration: It's Not Just for Caribou Anymore (Migrating Messenger Express PABs)

I'm currently working on a Sun BluePrints article, for the moment titled "Migrating Sun Java System Messenger Express Personal Address Book: Using the pab2abs.pl Utility." Some background: when you upgrade from Messenger Express, with its own personal address book (PAB) to Communications Express, you get a new address book (Address Book Store, or ABS). And of course, we make you migrate the PAB entries (that is, the migration doesn't happen automatically.) Turns out that the runMigrate.sh script provided since Communications Express 6 2004Q2 has, shall we say, some issues with large PAB databases. So one of our engineers has come up with a new tool that uses Java System Directory Server bulk export and import (as opposed to modification or creation of entries over LDAP), which much improves (speeds up) the process.

Look for this Blueprints article and new tool to appear very soon.

About

Reporting about Unified Communications Suite Documentation, including news, Comms 101, documentation updates, and tips and tricks.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today