Friday Feb 16, 2007

Communications Suite - Suggestion Box

My email server was down from around 6pm last night until noon today (sendmail, not Messaging Server), and once back up, I decided to do some cleanup on my--ahem!--out of control inbox. (Afterall, a smaller inbox WILL help in times of system recovery.)

In the process of my cleanup, I came across an email thread that I thought I'd post, to see if the Comms Community cares to discuss. The topic: What information pertaining to Comms could we (Sun) provide more in-depth training/knowledge coverage on? Here are the responses. Granted, I'm only one tech writer on Comms, but the more feedback I can gather on issues such as this, the better off I can come to my SMEs and try and argue for what the customer needs. (Note: I believe this was initially a "training" request, but from where I sit, waiting for training courses to come out (no offense to our training coordinators and developers) takes too long to address the info/knowledge gaps.)

Messaging Server:

  • Practice with channel rewriting, including:
    • Special channel for outbound mail to a problematic host
    • Secure submission channels
  • How to use aliasdetourhost
General Comms Topics
  • Migrating events out of Microsoft Exchange and into Comms
  • Co-existence with Microsoft Exchange
  • Supporting large deployments of Connector for Outlook
  • Synchronizing with PDAs
  • Use of Non-Comms Express clients with Comms
  • Sizing Workshop
  • Sieve Topics
    • Vacation filters
    • System wide filters
    • Channel filters
    • Options/commands available in the Sieve scripts

Just for grins, I took a look at what some of us have been discussing about general Comms topics we "think" we should be working on in terms of Comms training/knowledge enhancement:

  • Deployment Architecture and Planning
  • Installation & Deployment Strategies
  • Planning Single Sign-On (Access Manager, Messaging SSO, Hybrid SSO)
  • Securing your Internet MTA
  • Customizing UWC
  • Migrations from Messaging Express to Comms Express
  • Deployments in Solaris 10 Zones
  • Automating Installations / Configurations for Production Deployments
  • Tuning UWC (incl. Solaris 10 DTrace and JVM Tuning)
  • Troubleshooting UWC (incl. Outlook, Calendar, Access Mgr, Directory & Messaging)
  • Transitioning Deployment Architectures to Comms Suite v5 (next release)

Now, for more data points. I did an internal survey of our field/engagement forces a few months back, with the same question, and got these responses:

  • Messaging Server Best Practices Guide
  • Configuring Communications Suite for SSL
  • Sizing a Communications Suite 25K User Deployment, including Communications Express
  • Initial Patch Levels for all Communications Suite Products (by release)
  • Gathering Debug Data for Messaging Server (data a customer needs to collect before calling Support)
  • Calendar Coexistence Using SyncML/Synchronica
  • Messaging Server Benchmark Data
  • Best Practices for Backup Up Lots of Data
  • Deployment Example: Comms Suite on T1000/T2000 and Solaris Zones
  • Deployment Example: Comms Suite in a Two-tiered Architecture

In an ideal world, we'd be working on all these topics, but unfortunately, we have to prioritize them and assign what resources we have accordingly. The good news is, some of these topics have already been addressed, or are in the process of getting addressed by documentation. Now that I have this list assembled and am looking at it in its entirety, I see that another post is in order to recap where we're at, and where we hope to go. Stay tuned for details.

And as always, drop a line if you have any suggestions on what docs/information you'd like to see us work on.

Thursday Feb 15, 2007

Calendar Server - Get Yer Appts Emailed To You

I like it when I can say, here's some new information for you. As I mentioned yesterday, we were close to getting out a cool article (and it's actually the script that is cool) for generating an automatic email to your Calendar Server users, containing that day's appointments and tasks. Have at it:

Receiving a Daily Summary of Sun Java System Calendar Server Events and Tasks by Email

Thanks to Mike d. for contributing this info.

Wednesday Feb 14, 2007

Heads Up: Cool Calendar Server Article Almost Here

As I wrote about in this previous blog entry, I've been working in conjunction with one of our Calendar Server gurus to document how to provide your Calendar Server users with a daily summary of their Calendar Server events and tasks, emailed to their inbox or mobile device each weekday morning. I've got the article on our internal staging site, and it should be pushed out this week to BigAdmin.

While were at it, for more fun with Calendar Server, see this post by a new Sun employee (formerly with SeeBeyond) and his positive experiences with Thunderbird and the Lightning extension that is part of the Sunbird Mozilla project, to access his Calendar Server data from w/i Thunderbird.

Tuesday Feb 13, 2007

Mac Users in Sync with Sun Java System Calendar Server: JSCalendarSync

I'm not a Mac user (yet)--actually, I'm thinking about making my next computer purchase a Mac, but that's another story--but for those of you who are, and are using our Sun Java System Calendar Server product, there's good news: You can use JSCalendarSync to synchronize data between Calendar Server and Mac OS X’s iCal.

JSCalendarSync uses the native synchronization framework provided by Mac OS X 10.4. Note that JSCalendarSync development is in progress, it is not to be considered as a finished product. Mac users can also benefit from Lightning, the Mozilla Thunderbird extension, created by Sun's StarOffice developers. Indeed, several Sun teams are using Thunderbird+Lightning to collaborate.

Monday Feb 12, 2007

Communications Express Browser Support

With the proliferation of browsers and versions of specific browsers, it's only natural that we get the question, and quite often, which browsers does Communications Express support? As always, start with the Release Notes to find out. For the current version, that is, Communications Express 6 2005Q4, the "supported" browsers are Netscape 7.2, IE 6.0 SP2 or later 6.x version, and Mozilla 1.4.

Though this is the "officially supported" browser list, we are always working to certify the most commonly used browsers over time.

Thursday Feb 08, 2007

Messaging and Calendar, Say Hello to Norway

Norwegian Governmental Services To Be Powered by Sun Solutions, Including Messaging Server and Calendar Server

The Norwegian government announced a deal with Sun to use the Solaris 10 Operating System, and Sun servers and software, including Messaging Server, Calendar Server, and Portal Server, to enable citizens to have secure, browser-based public access to government services through a secure and personalized portal interface. The complete end-to-end Sun solution allows the government to drive innovation and provide an online platform for citizens to vote, pay taxes, obtain social security benefits, register and manage automobiles, communicate with public officials and conduct other civic initiatives and services.

» Read the Entire Article

Wednesday Feb 07, 2007

Messaging Server and Email Disclaimers: Pros & Cons

So you want every sent email from every employee to carry a company disclaimer message. Whether because of increased awareness of confidentially, legality, or fashion, appending disclaimer messages to out-going mail is here with us.

But before asking how to do this with the Sun Java System Messaging Server MTA, step back and ask if you really need to do this. Start by reading the following:

Here's perhaps the money quote:

"In the end, I think, although I am vastly ignorant of the law here, that adding disclaimers only makes you more vulnerable. This is because without disclaimers reasonable conventions and existing law apply. But once you add the disclaimer you had better get it exactly right and on exactly the right messages, and you sacrifice reasonable convention."

Okay, let's say that in spite of this advice, you want to proceed full steam ahead anyways and get every outgoing message from the MTA to bear this disclaimer stamp. Our experts advise the following:

  1. First, be aware that there is no way to fully implement this at the server level. The only proper way to do disclaimers is to have a policy requiring users to insert them in their mail clients.
  2. The next best approach is to write a conversion channel to add the disclaimer. The conversion channel can be used to perform arbitrary processing on each message on per body part basis. In this case, you want the processing to be that of appending a disclaimer. You end up modifying the MTA configuration files so that all your mail passes through this conversion channel. At a minimum you'd want to construct one conversion to account for text/plain message body and one to account for html. You'll need to add more if the actual messages being sent have some other sort of MIME structure unique to your deployment.

For more information, see the following:

Some Troubleshooting Advice

If you configure the MTA as described above, and run into problems where the disclaimer is not appearing, you should begin by looking at your conversions file, and get a master_debug conversion channel debug log file. (The tcp_local_slave.log-\* file, and the mappings file, are just about getting the message to the conversion channel. The appending of the disclaimer would be done by the conversion channel, so you need to see what the conversion channel itself is doing.)

Friday Feb 02, 2007

Messaging Server 6.3 Spotlight: Messaging Archiving

As we get closer to releasing Messaging Server 6.3 (part of Communications Suite 5), I thought I'd provide a bit more detail on some of the major feature enhancements. This entry focuses on Message Archiving, also known as AXS-One Archiving.

What Is Message Archiving?

A message archiving system saves all or some specified subset of incoming and outgoing messages on a system separate from Messaging Server. Sent, received, deleted, and moved messages can all be saved and retrieved in an archive system. Archived messages cannot be modified or removed by email users so the integrity of incoming and outgoing is maintained.

How Is the Archiving Support Provided?

In 6.3, Messaging Server supports archiving through the AXS-One archive system.

How Is Message Archiving Useful?

There are two ways to look at archiving, compliance and operational. Compliance archiving is used when you have a legal obligation to maintain strict retrievable email record keeping. Selected email (selected by user(s), domain, channel, incoming, outgoing and so on) coming into the MTAis copied to the archive system before being delivered to the message store or the internet. Archiving can be set to occur either before or after spam and virus filtering. Operational archiving is used for mail management purposes, for example to reduce storage usage on the Messaging Server message store by moving less used (older) messages to an archiving system which uses lower cost storage (that is, an alternative for data backup). Note that compliance and operational archiving are not exclusive. That is, you can set up your system so that it does both compliance and operational archiving.

Where Can You Get More Information?

The Messaging Server 6.3 Administration Guide will have overview information on message archiving. The Message Archiving Using the AXS-One System technical note will contain detailed deployment instructions. As usual, you'll be able to get these docs through the web site, or better yet, through the Communications Suite Hub Library tab.

Note: If you have access to the Beta, you can read the AXS-One technical note now at (sorry for those who don't, it's password protected):

Thursday Feb 01, 2007

Communications Suite Products and DST: Daylight Saving Time Changes (2007)

I'm sure most of you are following this:

The Energy Policy Act of 2005 mandates that US DST will start on the second Sunday in March and end on the first Sunday in November. In 2007, the start and stop dates will be March 11 and November 4, respectively. These dates are different from previous DST start and stop dates. In 2006, the dates were the first Sunday in April (April 2, 2006) and the last Sunday in October (October 29, 2006).

In case you want to know how this affects the Communications Suite products, here's the link:

Communications Suite Documentation: Coming Attractions

Never a dull moment here in Comms Suite docs. That is, there is never any downtime, I'm always getting new requests for information deliverables. So, here's a quick update on what's in the pipeline:

  • Tech Note: Using Sun StorageTek 53xx NAS with Messaging Server Message Store
    This technical note describes how to configure the Sun StorageTek 53xx NAS for use with Sun Java System Messaging Server. (Basically, you now have two options for NAS: NetApp and Sun StorageTek.)
  • Tech Note: Using ZFS with Messaging Server Message Store
    I'm told this is a hot item right now, so we're going to try and get this out ASAP.
  • Case Study: Migrating From Critical Path to Sun Java Communications Suite
    This case study describes a real-world migration from the Critical Path email system to Sun Java Communications Suite, which includes Sun Java System Messaging Server and Sun Java System Directory Server. This case study highlights the use of the Sun Groupware Migration Toolkit and Sun Groupware Migration Methodology in migrating 1.5 million Critical Path mailboxes to the Sun platform in a project that took just four months to complete.
  • BigAdmin Tech Tip: Receiving a Daily Summary of Sun Java System Calendar Server Events and Tasks by Email
    This tech tip describes how to provide your Sun Java System Calendar Server users with a daily summary of their Sun Java System Calendar Server events and tasks, emailed to their inbox or mobile device each weekday morning. You do this by creating a Bourne shell script,, which uses Web Calendar Access Protocol (WCAP) commands. On a daily basis, this script finds all events and tasks from your users' calendars then emails them to the individual users. (Note: This is ready to be published, we're just fine tuning the script.)
  • Technical Note: Troubleshooting Sun Java System Messaging Server Message Queues
    This technical note describes how to troubleshoot the Sun Java System Messaging Server MTA, specifically message build-up in channels, including the TCP channels (tcp_local and tcp_intranet) and ims-ms channel. (I'm waiting for my SME to sign off on this one.)

As usual, I hope the Comms Suite community finds this kind of information useful and pertinent, and if you have any suggestions or doc needs, please feel free to leave a comment or drop me a line.

Tuesday Jan 30, 2007

Wanted: A Few Good Communications Suite Examples

We in documentation hear what customers want: more examples. Communications Suite examples, especially for deployment, are unfortunately far and few between. Good news is that I'm updating the single-host deployment example for the upcoming Communications Suite 5 release.

And more good news: the document itself is shrinking by a number of pages. Does this mean that the Comms Suite stack (along with the Java ES components it requires) is getting easier to install? Well, maybe. Some changes in the Communications Suite 5 release that are reflected in this doc include:

  • Portal Server is no longer installed. (That alone probably accounts for the page reduction I mentioned above.)
  • Solaris Operating System (OS) 10 is used.
  • Hosted domains are now configured.
  • Proxy auth is now the way that Single Sign-On is accomplished. As a result, Access Manager is no longer required for Communications Express and there are fewer configuration settings that you have to enter. (Sigh of relief there.)

I should have this document ready at release time, unlike in the past, where we had some lag time between getting the release bits installed to be able to test the doc and get it out.

BTW, if you are looking for current Communications Suite (aka Communications Services) examples, check them out here:

Monday Jan 22, 2007

Documentation Funhouse - Finding Communications Suite Docs on d.s.c.

Okay, over the weekend the site underwent some changes. If you're having problems finding the Communications Suite (Messaging Server, Calendar Server, Instant Messaging) doc collections, you are not alone. They have been relocated. Here are your choices to get the docs in this new taxonomy:

  1. Use the Communications Suite Hub Library tab. The way I've set up the doc links is to use the underlying IDs that should not change, regardless of what structure gets set up on d.s.c.
  2. Navigate the new d.s.c. tree as follows:

    - Click the Sun Java Enterprise System link on the front page.

    - Click the Collaboration and Communication link.

    - Click the appropriate product collection.

  3. Use the following new links to go directly to the appropriate product collections:

    - Messaging Server:

    - Calendar Server:

    - Instant Messaging:

2007 Predictions in the Mobility Market

Interesting predictions for 2007 on mobile email and backup/restore from Synchronica CEO Carsten Brinkschulte:

Friday Jan 19, 2007

Messaging Server: Security Issues with Anti-Spam and Anti-Virus Deployments

When planning to deploy anti-spam or anti-virus technology with Sun Java System Messaging Server, keep in mind that an incorrect deployment can defeat your security measures. The following figure shows an incorrect deployment of an anti-spam/anti-virus filter solution.

The next figure shows a correct deployment of an anti-spam/virus filter solution.

The Messaging Server MTA performs certain functions well, including:

  • Rejecting messages as early as possible
  • Per-user configuration and policy
  • Email security and routing policy
  • Mail queue management

The anti-spam/virus filter is good at determining if an email is spam or has a virus, but is generally not nearly as good at doing the things expected of a good MTA. Thus, do not depend on an anti-spam/virus filter to do those things. Your deployment is more "correct" when the anti-spam/virus filter is well integrated with the MTA, which is the case with Messaging Server. Messaging Server spam filter plug-in support provides all the potential reasons to reject a message early and applies all reasons at the same time.

A robust MTA, such as Messaging Server's, contains security features (SSL/TLS, traffic partitioning by IP address, early address rejection to reduce denial-of-service attacks, connection throttling by IP address/domain, and so on), which are defeated when an anti-spam/virus filter is deployed in front. Furthermore, anti-spam/virus filters that communicate by using the SMTP protocol often do not follow the robustness requirements of SMTP and thus lose email when they shouldn't. A correct deployment should have the anti-spam/virus filter working in conjunction with a robust MTA.

Tuesday Jan 16, 2007

Slicing and Dicing Communications Suite 5 - The Rest of the Story

Continuing this thread on what's new in the upcoming Sun Java Communications Suite 5 release, here's the rest of the story on Instant Messaging, Delegated Administrator, Communications Express, and Connector for Outlook.

What's New in This Release of Instant Messaging

This section includes the following topics:

  • Instant Messaging XMPP Redirect Server

  • Sun Java Enterprise System Monitoring Framework Support in Instant Messaging

  • Instant Messaging Redeploy Script Changes

Instant Messaging XMPP Redirect Server

The XMPP redirect server balances the load between servers in a server pool, increasing performance by decreasing the amount of communication required between servers in a single deployment. The XMPP redirect server increases the probability that two users who will likely share presence information and messages end up on the same node. You use a redirect service to optimize resource utilization. The redirect service directs client connections to specific hosts in the server pool.

Sun Java Enterprise System Monitoring Framework Support in Instant Messaging

This release of Instant Messaging supports version 2.0 of the monitoring framework. This monitoring framework provides information on the length of time for authentication, message delivery, the number of instant messages sent through the service, and other statistics.

Instant Messaging Redeploy Script Changes

The redeploy script used to redeploy Instant Messenger resource files has been renamed to iwadmin.

Event Notification Service (ENS) Support in Instant Messaging

In this release there are two notification services for Calendar pop-ups: Sun Java System Message Queue (JMQ) and Event Notification Service (ENS). In a future release, the Communications Services products (Instant Messaging, Calendar Server, and Messaging Server) will use JMQ exclusively and ENS will be removed. However, for this release, you can continue to use ENS.

Legacy SSL and TLS Support for Instant Messaging

TLS support was added to Instant Messaging in the previous release; however, the Sun Java System Instant Messaging 7 2006Q1 Administration Guide did not adequately cover instructions for setting up TLS. TLS is used for communication between the server and clients, other servers, and Instant Messaging components such as the XMPP/HTTP Gateway. Legacy SSL is still supported for communication between clients and the multiplexor. Legacy SSL is no longer supported by the server. The Sun Java System Instant Messaging 7.2 Administration Guide now provides detailed information about setting up security for your deployment.

As a result of the implementation of TLS in Instant Messaging, you are no longer prompted to enter an SSL port for the server when you run configure.

The following iim.conf parameters are no longer used:

  • iim_server.sslport - No separate port is required for TLS connections.

  • iim_server.usesslport - No separate SSL port.

  • iim_server.secconfigdir - No longer have NSS key and certificate database for the server.

  • iim_server.keydbprefix - No longer have NSS key and certificate database for the server.

  • iim_server.certdbprefix - No longer have NSS key and certificate database for the server.

  • iim_server.coserver1.usessl - This has been replaced with iim_server.coserver1.requiressl.

The following iim.conf parameters are new for this release:

  • iim_server.requiressl

  • iim_server.sslkeystore

  • iim_server.coserver1.requiressl

Refer to the Sun Java System Instant Messaging 7.2 Administration Guide for information about using these parameters.

The Instant Messenger client uses imssl.html and imssl.jnlp only for legacy SSL connections. Instant Messenger supports TLS automatically when it connects to a server that is configured to use TLS.

What's New in This Release of Delegated Administrator

Delegated Administrator 6.4 includes the following changes and new features:

  • Support for Calendar Groups

  • Web Server 7.x Deployment

  • Access to Instant Messaging

  • Debug Log Command for the Delegated Administrator Server

Support for Calendar Groups

Delegated Administrator supports provisioning of calendar groups.

You can use Delegated Administrator to assign calendar service to a group. When the group is first invited to an event, Calendar Server creates a group calendar shared by the users who are members of the group. Invitations to the group appear on the group calendar and on the calendars of the individual members.

The following features implement support for calendar groups:

  • In the console, you can assign service packages with calendar service to groups. In the Create Group wizard, a Calendar Service Details panel allows you to specify Calendar attributes for the group. Calendar service details can be modified in the group properties page.

  • In the command-line utility, the commadmin group create and commadmin group modify commands have been enhanced to support calendar groups.

Web Server 7.x Deployment

Delegated Administrator can be deployed to Sun Java System Web Server 7.x.

When you run the configuration program, config-commda, you can configure the Delegated Administrator server and console to be deployed to Web Server 7.x.

Access to Instant Messaging

Users created in Delegated Administrator will have access to Instant Messaging (IM) service if IM is deployed on your site. Users are automatically assigned basic IM service during user creation.

You must use the Access Manager console to set and manage IM user-access levels. In this release of Delegated Administrator, the Delegated Administrator console does not provide access to IM service and does not provide an interface for managing IM user-access levels.

Debug Log Command for the Delegated Administrator Server

In the command-line utility, the commadmin debug log command creates a Delegated Administrator server log that contains debug statements generated by the Delegated Administrator servlets installed on the Web container.

With the commadmin debug logcommand, you must create the log in the /tmp/ or /var/tmp/ directory.

The commadmin debug log command supersedes the use of the url to enable logging for the Delegated Administrator server. The url used in previous releases can no longer be used for this purpose.

What's New in This Release of Communications Express

New features in Sun Java System Communications Express 6.3 include:

Support for Attachments in Events/Tasks

The Calendar component of Communications Express allows users to include attachments to an event or task.

Next Available Free Period Button

Communications Express allows users to check availability of invitees. If the invitee is not available for the day of the event, the next available free period button displays the availability of the invitee in the subsequent six days.

Address Book Sharing

The Address book component of Communications Express allows users to share their address book globally as well as to specific users. You can also assign specific permissions to users who subscribe to your address book. You can also subscribe to other shared address books.

Support for Multiple Address Book

Communications Express allows users to create and maintain more than one address books.

Preserving Customization

Starting this release, the Communications Express upgrade script will preserve all customizations that have been made in the product. This was not possible in earlier releases and all customizations were lost on a patch upgrade.

Password Encryption

Starting this release Communications Express configurator tool enctyps passwords during configuration. This is done transparently by the configuration tool. Communications Express now has a tool to encrypt and manage passwords. Administrators can change passwords by running this script.

LDAP Failover Mechanism

The LDAP failover mechanism in Communications Express balances load between a number of configured master and slave LDAP servers. This increasing performance by decreases the response time. Communications Express contains an LDAP failover Manager module that is responsible to retrieve connections from the master or slave servers. Each load balancing server maintains a pool of available free connections. Whenever a Communications Express component requires a connection to the LDAP server, the LDAP failover manager provides the component with a connection based on the load balancing strategy employed.

Mail Integration into Communications Express

Starting this release, the Webmail related user interface components have been moved to Communications Express. In the earlier releases of Communications Express, the mail related files were resident in the Messaging Server. Also, in previous releases of Communications Express, the webmail and the web container ports had to be available for it to work. As a result of this change, only the web container port needs to be available for Communications Express to work.

Removal of Access Manager SDK Dependency for Schema 2 Deployment

In previous releases, Communications Express used the following APIs and libraries to establish connections and fetch information from an LDAP store:

  • Domain MAP API (which a part of Communications Express) if Communications Express was deployed using Schema 1 mode.

  • Access Manager SDK if Communications Express was deployed using Schema 2

This made Communications Express dependent on Access Manager in Schema 2 mode even though Access Manager is not mandatory for it to work apart from just connecting and fetching information from the LDAP store. Starting this release, this dependency on Access Manager for Schema 2 has been removed. Communications Express is now shipped with a new Domain MAP API for Schema 2.

Note - As a result of this, users who log in to Communications Express cannot log on to Access Manager Console.

What's New in This Release of Connector for Microsoft Outlook

New features in Sun Java System Connector for Microsoft Outlook 7.2 include:

  • Polling multiple folders.

    A new option in the Deployment Configuration Program allows multiple mail folders, including Inbox to be checked for new unread messages. This option can be useful if message filters have been set up to automatically move incoming messages to specific folders other than Inbox, or if the direct delivery to a specific folder option has been enabled.

  • Creating and sharing multiple calendars and tasks.

  • Creating and sharing multiple address books.

  • Adding attachments to calendar events. Attachments are saved on server.

  • Viewing group memberships within contact details (applies only to the corporate directory).


Reporting about Unified Communications Suite Documentation, including news, Comms 101, documentation updates, and tips and tricks.


« July 2016