Monday Feb 11, 2008

Come Meet Us at the Communications User Group!

Come Join Us for Talks on our Future Products.. Presentations by Current Customers. Face to Face Meetings with us.. and just to Party!

We would like to invite customers of the Sun Java Communications Suite are invited to attend.

Communications User Group Meeting
When: March 20
Where: Sun Office in Itasca, IL.

To Register or For More Information, Please see the following Link

Technorati Tags: , , , , ,

Monday Dec 10, 2007

Start Thinking about Sun's New Web Communication Client!

As some of you have read on Jim Parkinson's Weblog.. As the Vice-President of Communications Software says.. we are definately going for a "Wow Factor." The exciting new AJAX-based client (code named Kendo) will be available in the first half of CY2008. While you are waiting for this product to arrive, we would like to outline some of the requirements that would be needed to allow you to deploy this new client.

Ng-Architecture-1(click to enlarge image)

The above image demonstrates the three components to the new Kendo client: the web browser, the web container, and the communications services.

Web Browser

The new web client utilizes Ajax to provide a "rich" user experience. The objective is to avoid potential complications brought in by plugins such as Flash. This means we are trying to focus on using the capabilities common within the most popular types of web browsers: Microsoft Internet Explorer, Mozilla FireFox, and Apple Safari.

Web Container

The new client is built on some of the latest in Web 2.0 technologies. These technologies require a Web Container which has Glassfish and Grizzly capabilities. The supported web container for the Kendo client will be Sun Java System Application Server 9.1. The changes would remove the Sun Java Web Server as a supported Web container.

Messaging Server

The Kendo client will require the mshttpd which is included in the Sun Java System Messaging Server 7.0. In most cases, the mshttpd will run on the same server as the Kendo Web Container. The mshttpd will evaluate WebMail requests against LDAP entries to proxy IMAP connections to the back-end Message Store servers.

The back-end Message Store servers will be required to be the equivalent to Messaging Server 6.3. Earlier 6.x versions must be at patch level 120228-25 or higher (see patch readme). Messaging Servers running on prior releases must upgrade to use the Kendo client.

Directory / Schema

Kendo will support Sun Java Systems Directory Server Enterprise Edition 6.x. The new Kendo client adds some additional attributes to the existing schema. Kendo will support both the old schema (schema 1) and the current schema (schema 2).

Technorati Tags: , , , , , ,

Wednesday Nov 28, 2007

Unified Messaging and Sun Java System Messaging Server

In general.. Sun offers an open platform for Unified Messaging services. The trend in the industry is to use open interfaces into "internet-based" email messaging platforms. As we at Sun are not actually providing voice features, we can however allow companies who have expertise leverage the successes Sun has had in providing massive scalability and manageability. We believe the the customer chooses the messaging platform, and then they choose a Unified Messaging platform to layer on top of it.


Some voice vendors still favor a "locked in" strategy which tie the customer to a proprietary storage mechanism. Today's realities make this less desirable because of the rapid development of voice features based on Web 2.0 cause these vendors to move less rapidly due to the overhead of development on these aging proprietary stores.

Sun enables features on these Voice platforms that come directly from our experience in email. Notification is a clear example of this. Many vendor solutions consist of one of three approaches to sending a notification of a new message:

\* "scan" all the mailboxes for new voicemail (IMAP polls)

\* forward a copy of the message to a notification server

\* maintain two mailboxes for each user

The worse method is the "scan". In this mechanism, a notification server will scan every mailbox of every user to identify new voice messages. The tragic consequences of this method is "timely notifications" versus "loss of performance" of your email platform.

The "copy on delivery" mechanism has a value in that it is supported on nearly every major email platform. The issue with this mechanism is that the forwarded message does not necessarily indicate the true state of the mailbox. A user who is logged into IMAP will still get a new message notification. The technical complexity of clearing a notification also makes this an unreliable mechanism.

The "notification mailbox" mechanism may have some merits. A voice mail message arrives in both the regular email inbox and the voice mail inbox. The two downsides of this approach are that first the email administrator needs to maintain two mailboxes and second that IMAP access does not take into account a message notification reset.

The example below indicates how Sun Java Messaging Server provides a "Universal Notification Service" for Mailbox changes. The notification mechanism is closely tied to the actual Message Store itself. This gives the benefit of matching the notification to the actual state of the mailbox. The new message notification is cleared no matter how the voice mail is actually retrieved; either by IMAP or by Phone.


Read more about how to configure Java Message Queue notifications in the

"Configuring a JMQ Notification Service" in the Sun Java System Messaging Server 6.3 Administration Guide

{, }
[composed and posted with ecto]

Technorati Tags: , , ,

Tuesday Sep 25, 2007

Directory Server 5.2 Patch 6 Released

Ludo's Blog is announcing the release of Patch 6 for Directory Server 5.2. I'm aware that many of our Messaging Server customers are still on this release.

Technorati Tags:

Friday Feb 23, 2007

Communication Express: Authentications Between Components

In my previous discussion, we talked about Single Sign-On. One of the responses that I received, "dk" asked..

Isn't Access Manager also required for SSO to Calendar server from Comm Express?

The answer to this question is no. SSO is not required for Calendar Server. This hasn't been required unless you are using the old Calendar Express client.

The drawing below explains much of the interfaces between Communication Express and Calendar Server. This deployment represents Communications Express version 6.2 or earlier.


The above shows that Communications Express (UWC) 6.2 its interfaces with both Messaging Server and Calendar Server. The above shows that the Messaging Express Multiplexor (MEM) sits as a peer to UWC, and the browser provides the unification between the two. In this case, SSO is required to provide authenticated sessions between the two peered web services.

The connection from UWC to Calendar is using Web Calendar Access Protocol (WCAP). The connection between UWC and the Calendar Server is using an administrative account (usually called calmaster) to provide authentication for retrieval of the Calendar data. This mechanism is called proxy-authentication (or proxy-auth) where the calmaster logs in as a super-user to retrieve data. The calmaster user is created in the installation process, and the user is registered as an LDAP user entry. The UWC servlet connects as this user, and therefore Access Manager and Messaging SSO is never required between UWC and the Calendar Server. SSO may still be needed for authenticated sessions between the Sun Java Portal Server's Calendar Portlet and Calendar Server.

The connection from the MEM to the Message Store's mshttpd is also using proxy-auth. A mail administrative user is created during the configurations steps of the MEM installation. The mail user is also created as a LDAP user entry.

The following shows what the upcoming Communications Express 6.3 will look like.


In the above authentication model, UWC and the MEM are no longer peers. The end-user browser will never again connect to the MEM, so therefore SSO is not require between UWC and MEM. As before, the Calendar Server sits behind UWC. At this point, UWC performs proxy-auth to both Calendar Server and Messaging Server.

In my next post, we will look at deployments on two tiers. Communications between front-end and back-end systems.

Please feel free to leave comments.

Technorati Tags: , , , ,

Friday Feb 16, 2007

Communications Express Deployments in 6.3

A big change that we are very excited about is coming in our upcoming Communications Express 6.3. One of the biggest features of this release is the greatly simplification of installation and configuration of Communications Express. In previous release, this has been a cumbersome installation. The main reason for this was the complexity of configuring the Single-Sign-On (SSO) correctly. In these releases, we needed to configure SSO for both authentication between Communications Components (i.e. the UWC Servlet and the Webmail mshttpd) and for authentication to 3rd party web products (such as Sun Java Portal Server). The figure below demonstrates the complexity.


In the pre-6.3 releases, the SSO between the UWC Servlet and the Messaging Express Multiplexor (MEM) required that the session information be stored on the user's web browser. This session information was stored as a cookie for that domain. This cookie was created either by Sun Java Access Manager or by Communications Express' Messaging SSO (aka Trusted Circle). This required careful configuration of the SSO information in both

1) file in UWC and 2) the configutil attributes for messaging server.

In Communications Express 6.3, things get a lot easier for SSO. We have moved the MEM behind the UWC Servlet. This prevented the user's web browser from ever connecting directly to the MEM's mshttpd process. This eliminated the need for our session cookies for our internal single-sign-on. If you want to integrate with 3rd party Web Applications, you still have the option of using Access Manager. NOTE: Access Manager will still be required for Delegated Admin.


Tuesday Oct 17, 2006

Adding a "SPAM" Button to Communications Express

Sun Java(tm) Systems Communication Express has a wonderful interface. 
One of the most requested enhancement to our web interface is to add a
"Spam" button to the Message List View Screen. 

In this case, we will demonstrate two functionalities.  First we will mark the message with an IMAP flag as a "spam".  The second would actually move the message into a "SPAM_FOLDER" and expunge it from the INBOX.

Edit one of the following files to match the release of your software:

  • mbox_fs_lr.jsp ( JES5)
  • mbox_fs_lr.jsp (JES4)

function submitSpam ( ) {

 mark(\\'+\\', \\'spam\\')"; 
 // if you want to mark spam mail with an imap flag 'spam'

 var list = selected_uids()

 main.exec('move', mboxFrame.mbox, list, 'SPAM_FOLDER', 'expunge',

 // if you want to move the emails out to a folder named SPAM_FOLDER
and make it disappeared


Next add a button to the UI file, some thing like
<input type=button value="Spam"

That's it.  Thanks and credit to Bill Wang for showing me this.

Sunday Aug 06, 2006

New Comms Suite Tech Note: Deleting Users from Sun Messanging and Calendar

In the last few weeks, we have been publishing various "Tech Notes" for our Sun Java Systems Communication Suite of Products.  The goal of these Tech Notes are to get "real" information out to our customers in the fastest possible means.

In this Blog, I'm going to try to give some of the "behind the scenes" information on the creation of these Tech Notes.  I look forward to comments from our customers and collegues.

In this first episode, I'm going to introduce our new

[Read More]

Saturday Feb 18, 2006

Closing the SMTP Spigot on Heavy Spam Traffic

Many of our customers are facing the headache of combating heavy spam sites. In many cases, these spamers might cause a denial-of-service (dos) attack by reducing the service performance of our MTA Software. End-users are impacted by reduced Service Levels on mail deliveries. <p>

Many of our customers have asked if we can deal with this problem at the MTA level. UPDATED 2/19/06 We are adding a new feature into our next release of Messaging Server. The new MeterMaid functionality will allow Email Administrators to configure MTAs to limit the traffic of messages from different domains. This will also share the information to peer MTAs.

A solution for this problem is available today. Symantec has a really cool appliance which works on the Network TCP/IP level. Many folks in the Web Services world will remember "IP Tar Pits." These would judge the way a IP connection is using network resources and adjust the network performance of that connection. If a domain or an IP Address starts to use above average amounts of connections, then the Tar Pit would add connection latencies into those types of connections. This would effectively side-line heavy spammers or even denial-of-service attacks on your network services.

The 8100 series device is set for SMTP only, but we have seen this device effectively reduce 60% of their SMTP traffic. Beyond acting like a "tar pit," the device will also block connections from heavy sites. The end-users benefit by improved SMTP services and less spam.


Symantec Whitepaper on the 8100 Series Appliance

Parsing JES Messaging Server Log Files

One of the things that really fell to the wayside has been an effect set of parsing tools for Sun's JES Messaging Server. I'm pleased to see the user community is stepping up to address this important area for Email Operations. Big thanks to Keith Clay for providing an open source project for this.. Source Forge Project: SUN JES Messaging Log Processor

Monday Nov 14, 2005

Ferris Newsletter: Sun Email #1 Largest on Planet!

Wow.. this is cool to hear

The following was taken from David's "Ferris Newsletter on Messaging & Collaboration, November 2005"

The World's Largest Email Systems. Here's our estimate of the world's largest email systems, measured in number of active mailboxes, as of 10/05. By "active" we mean: has been accessed at least once over the last 30 days:

\* Sun-150M seats !!!
\* OpenWave-100M seats
\* Hotmail-100M seats
\* Microsoft Exchange-100M seats
\* Critical Path-60M seats
\* AOL- 80M seats (including free seats)
\* Yahoo-40M seats
\* IBM Notes/Domino-25M seats
\* Google Gmail-20M seats
\* Novell GroupWise-10M seats

"It's hard to have much certainty about these figures. Almost all vendors severely exaggerate with the statistics they hand out. This is our overall sense of real deployed seats." - David Ferris

Monday Oct 17, 2005

NBC's "The West Wing" and Email Retention

Last night.. Everyone watching NBC's West Wing should have received their "wake up" call. Everything we write down is legally "on the record."

On last night's episode of "the West Wing," a Senator described a mechanism which was in place at to retain and to archive information at the White House. I'm sure the audience had a wide specrum of feelings. The "balance of government powers" folks probly stood up and cheered. The rest of us probly held a collective "uh ohhh!" Most probly felt that for their favorate "Chief of Staff" character who had earlier leaked information to the press about a "Top Secret: Military Space Shuttle." On second thought, what are they saving on me???

Since the Morgan Stanley Case (click for my previous comments), Enterprises and Government agencies can no longer claim deniability or non-responsiblity for electronic communications on their corporate resources. If a law enforcement agency appears at your company with a Court Order, you must surrender all emails and archived communication to that agency. This also means that you cannot claim non-responsiblity or denialiblity of that email ever existed.

Regulatory Compliance requires that emails be logged and retained for future purposes. How long? I don't know yet. The Sun Messaging Server is in a very good position to provide this type of logging and archive functionality for your company. As an Email Manager, you are the Data Manager for all electronic communications. You will need to provide access to this data to courts and to law enforcement in a timely fashion. It is better to start planning for it before you need it.

David Ferris': "A Concise Definition of the Benefits of Enterprise Content Management"

The concept of enterprise content management has evolved from document management. It's a shifting concept. Here's a crisp roundup of the main benefits as perceived today:

\* Broader availability of corporate knowledge
\* Lower infrastructure operating costs
\* Shared information is kept consistent
\* Ability to automate business processes
\* Provides control over the document lifecycle
\* Discovery and litigation support
\* Regulatory compliance

Source: David Ferris' Blog at

Wednesday Sep 14, 2005

SBC Yahoo Now Blocking SMTP Ports

I received the following from SBC Yahoo (my DSL ISP).

"Port 25 filtering: Port 25 filters are widely used by many ISPs to combat junk email and spam from mis-configured and virus-infected computers. On May 24, 2005, the Federal Trade Commission specifically recommended that ISPs employ Port 25 filters to combat the spread of spam and viruses. SBCIS has been pro-active in its spam prevention efforts and, as announced in the September 2004 Member newsletters, has already began filtering direct outgoing email connections using Port 25 (SMTP) to non-SBCIS/Yahoo mail servers from Members using dynamic DSL and Dialup connections."

I can only speculate.. but the reasons for this are probly more than just blocking Viruses... My guess are the following:

1. Requirements to Intercept Email Traffic for Legal and Law Enforcement Reasons
2. Too many DSL customers are becoming Spammers.
3. SBC just doesn't like home Linux users who are using DSL for their own ISP-like service.

Friday Sep 09, 2005

Slashdot visits Sun's Messaging Server at US ARMY

I'm not allowed to say much about any customer deployment, but if it is published somewhere I can point to it. I nether confirm nor deny this. It does seem like some customers are happy enough about Sun Java Systems Messaging Server to publish on Slashdot

Slash Dot Article

Tuesday Aug 30, 2005

Communications Express and WebServer Reverse Proxy

While in Taiwan.. we found a workaround to one annoying issues of Communications Express.  The problem is that Comms Express requires multiple ports for HTTP.  One of the ports is assigned to the Web Server which is the Web Container for Comms Express, the other port is assigned to Messaging Express.  As the use clicks on Communications Express, the browers needs to bounce from port to port as they switch from messaging to calendar/addressbook/options.

Documentation on Sun Java(tm) Systems Reverse Proxy for Web Server

The method of installation is the following:

1. Install Sun Java(tm) Systems Communications Express (on WebServer) and ensure it is working properly

2. Install the Reverse Proxy Plugin shared library (

3. Register the WebServer Plugin in the Magnus.conf file.

4. Create the Proxy rules in the obj.conf file for Webserver.


[root@uwc01]/jes/app/SUNWwbsvr/> more obj.conf
<Object name="default">
AuthTrans fn="match-browser" browser="\*MSIE\*" ssl-unclean-shutdown="true"
NameTrans fn="assign-name" from="/amconsole(|/\*)" name="amconsole"
NameTrans fn="assign-name" from="/amserver(|/\*)" name="amserver"
#NameTrans fn="assign-name" from="/commcli(|/\*)" name="commcli"
NameTrans fn="assign-name" from="/uwc(|/\*)" name="uwc"
NameTrans fn="assign-name" from="/\*" name="messengerXpress"
NameTrans fn="ntrans-j2ee" name="j2ee"
NameTrans fn=pfx2dir from=/mc-icons dir="/jes/app/SUNWwbsvr/ns-icons" name="es-internal"
NameTrans fn=document-root root="$docroot"
PathCheck fn=unix-uri-clean
PathCheck fn="check-acl" acl="default"
PathCheck fn=find-pathinfo
PathCheck fn=find-index index-names="index.html,home.html,index.jsp"
ObjectType fn=type-by-extension
ObjectType fn=force-type type=text/plain
Service method=(GET|HEAD) type=magnus-internal/imagemap fn=imagemap
Service method=(GET|HEAD) type=magnus-internal/directory fn=index-common
Service method=(GET|HEAD|POST) type=\*~magnus-internal/\* fn=send-file
Service method=TRACE fn=service-trace
Error fn="error-j2ee"
AddLog fn=flex-log name="access"

<Object name="j2ee">
Service fn="service-j2ee" method="\*"

<Object name="cgi">
ObjectType fn=force-type type=magnus-internal/cgi
Service fn=send-cgi user="$user" group="$group" chroot="$chroot" dir="$dir" nice="$nice"

<Object name="es-internal">
PathCheck fn="check-acl" acl="es-internal"

<Object name="send-compressed">
PathCheck fn="find-compressed"

<Object name="compress-on-demand">
Output fn="insert-filter" filter="http-compression"

<Object name="amconsole">
ObjectType fn="check-passthrough"

<Object name="amserver">
ObjectType fn="check-passthrough"

<Object name="uwc">
ObjectType fn="check-passthrough"

<Object name="messengerXpress">
Service fn="service-passthrough"


[root@uwc01]/jes/app/SUNWwbsvr/> more magnus.conf
# The NetsiteRoot, ServerName, and ServerID directives are DEPRECATED.
# They will not be supported in future releases of the Web Server.
NetsiteRoot /jes/app/SUNWwbsvr
RqThrottle 653
RqThrottleMin 10
ThreadIncrement 10
ConnQueueSize 16384
ListenQ 16384
DNS off
Security off
PidLog /jes/app/SUNWwbsvr/
User root
StackSize 1048576
TempDir /tmp/

Init fn=flex-init access="$accesslog" format.access="%Ses->client.ip% - %Req->vars.auth-user% [%SYSDATE%] \\"%Req->reqpb.clf-request%\\" %Req->srvhdrs.clf-status% %Req->srvhdrs.content-length%"

Init fn="load-modules" shlib="/jes/app/SUNWwbsvr/bin/https/lib/" shlib_flags="(global|now)"
Init fn="load-modules"shlib="/jes/app/SUNWwbsvr/plugins/passthrough/"



I'll be writing about topics that would interest users and developers of Sun Java Communication Suite.


« June 2016