m-switch mixer evaluation guide - isode: messaging ... · this guide covers everything you will...

M-Switch MIXER Evaluation Guide of 46

M-Switch MIXER Evaluation Guide

Configuring M-Switch as a MIXER (SMTP/X.400) Gateway


ObjectivesThe purpose of this guide is to give the reader the tools to create an X.400 Messaging configuration thatmatches their requirements. For the purposes of this evaluation we have assumed that this is a 'clean'installation of R16.3 M-Switch, M-Box and M-Vault. There are five typical X.400 Messaging deploymentsthat will be covered in this guide:

Local Internet Mail Server to External X.400 Server(s) - MIXER Configuration

Local Internet Mail Server to Local X.400 Server - MIXER Configuration

External Internet Mail Server to External X.400 Server(s) - MIXER Configuration

Local X.400 Server to External X.400 Server(s) - X.400 Configuration


Local Internet Mail Server to External SMTP Server(s) - Internet Configuration

You'll use 2 Isode management tools to achieve the objectives of this guide (these are installed as part ofM-Switch and M-Vault)

MConsole is a graphical user interface for managing M-Switch, M-Store X.400 and M-Box It can beused to create and manage a Messaging Configuration as well as to view live status information ofthe Messaging System.Secure Open Data, Identity and User Manager (Sodium) is used to manage user information in theM-Vault Directory server (such as entries for Users and Mappings for External X.400 Users toInternet Addresses).

Prerequisites

This guide covers everything you will need to do to setup your evaluation server, previous experience ofusing Isode's GUI Management Tools especially MConsole would be beneficial.

Installation Requirements

You should visit [ ] to discover which operating systemswww.isode.com/products/supported-platforms.html

are supported for Isode evaluations. Evaluation downloads (excluding documentation) are held in apassword-protected section of the Isode website. If you have not already done so you should apply for

password access by filling in the form located at [ ]. www.isode.com/evaluate/evalrequest.html

Obtain Isode Server Products

Many Isode management tools are written in Java. You should install Java before installing the Isodepackages, on Linux platforms you will need to add Java to the $PATH. You can obtain the requiredpackages (Java SE 8 - JRE) from .[ www.oracle.com/technetwork/j ava/j avase/downloads/index.html ]

After obtaining password access to the Isode binary files you should download and install M-Vault andM-Switch, following the instructions on the download page for your platform. The number of packagesrequired will vary depending on platform.

Note for Windows Users

If you're running Windows 7/8 or 10 you will need to run Isode Management tools (like MConsole and IsodeServices Configuration) as an Administrator. You can do this by right-clicking on the program icons andchoosing 'Run as administrator' from the pop-up.

http://www.isode.com/products/supported-platforms.html

http://www.isode.com/evaluate/evalrequest.html

http://www.oracle.com/technetwork/java/javase/downloads/index.html




Evaluation License File

Isode server products require a valid license from Isode before they will run correctly. Licenses are issued byIsode Customer Service. If you haven't already been sent a license when requesting access to the evaluationfiles, please send a message to request a license to [ ] remembering to specify [email protected] server products you need a license file for.

Planning your Configuration

Before you start you should plan your configuration and the most important part of this is deciding whatDomains both Internet and X.400. The diagram below shows what domains we will be using in this guide.

Note for Linux Users

On Linux platforms you should create an M-Switch runtime user account 'pp' and an M-Box runtime useraccount 'mbox'. After installation you should change the ownership of the /var/isode/ms directory to mbox andthe group to bin.


Creating Messaging Configurations using MConsoleYour messaging configuration will be held in a Directory Server (DSA). In this section we are going to useMConsole to set up the DSA and your messaging configuration.

Starting MConsole (Windows)

From the Windows Programs menu, select .Isode 1X.X > MConsole (Message Switch Console)

Starting MConsole (Linux)

Type in the following command:

% /opt/isode/bin/mconsole

Setting a Bind Profile Passphrase

When asked if you wish to encrypt your bind profile, click .[Yes]

Enter a passphrase, you must remember this passphrase as you will be prompted for it each time you runMConsole.

Click and then click again on the confirmation screen.[OK] [OK]

Creating the DSA

After setting your bind profile passphrase a welcome screen will prompt you with a range of options. Select . Choose a User name that you wish to be the DirectoryCreate a new DSA and Messaging Configuration

Server Administrator, for the purposes of this evaluation this will also be the user that configures theMessaging Configuration. Click .[OK]


At this point you could change the Directory Information Tree (DIT) structure but it is not necessary, so

click to accept the defaults. Make sure to note down the password created in the 'Passwords[Next] configuration' screen that follows or fill in your own.

Click on and MConsole will create and display Bind profile name and filesystem location for the[Next]Directory. Accept the defaults in the two fields and click . In the 'Confirm Details' screen that follows[Next]you'll see that have MIXER as the hostname and 19999, 19389 as the Port Numbers.

At the end of the Wizard click on to create and start the DSA and then connect to the DSA in the[Finish]'Bind Profile Management' screen.

Creating the Messaging Configuration

After creating the DSA in the last section, MConsole will prompt you to create a new messagingconfiguration.


Click and select the option from the table below for the configuration you are creating.[Next]

Messaging Configuration Option

1) Local Internet Mail Server to External X.400 Server(s). X.400 and SMTP (M-Switch MIXER)

2) Local Internet Mail Server to Local X.400 Server. X.400 and SMTP (M-Switch MIXER)

3) External Internet Mail Server to External X.400 Server(s). X.400 and SMTP (M-Switch MIXER)

4) Local X.400 Server to External X.400 Server(s). X.400 MTA (M-Switch X.400)

5) Local Internet Mail Server to External SMTP Server(s). SMTP (M-Switch SMTP)


For the purposes of this Guide we are covering option 2 aLocal Internet Mail Server to Local X.400 Server,

nd we will then create External X.400 Connections. So, select MIXER as the configuration type and click [N. In the Market Segment selection screen that follows, select the default "General Purpose" optionext]

and click .[Next]

Click .[Next]

For the Internet Domain unless you have created DNS and MX records for your chosen Local "MIXER"Domain check the Radio Button. If you are creating an Internet only Mail server then youDon't use DNSshould enter your local Mail Domain here.

In MIXER configurations you would typically use a "mixer" sub-domain of you mail domain e.g.mixer.headquarters.net. If you are not having and local Internet Mail Users then uncheck the Create an

checkbox, click .Internet Message Store for Local POP3 and IMAP Users [Next]


Click .[Next]

Enter your X.400 Domain and if you are not having any local X.400 Message Store Users then uncheck the checkbox, click , enter None as theCreate an X.400 Message Store for local P3 or P7 users [Next]

Anti-Virus configuration and click again.[Next]


Click . [Finish]

Always check the M-Switch Checkbox, if you have local Internet Users also check the M-Box Checkbox, ifyou have local X.400 Users check the M-Store X.400 Checkbox. Click and when the next Windows[Next]conforms that the services have been created, click .[OK]

You have now successfully created the core Messaging Configuration.

Creating Local Internet Domains and Mailboxes

If you created a MIXER Configuration you will need to change the "Local Domain Site" of the InternetMessage Store from to . You can do this in MConsole, as below.mixer.headquarters.net headquarters.netWhen done, click .[Apply]


Now you will need to add some domains as local to M-Switch so navigate to the "domain" table and click [+.Add]

Enter your Local Internet Domain for the "Key" and "local" for the "Value", click . [OK]


Repeat this process for any other domains that will be "local" to this Configuration, the screenshot thatfollows shows the ones we will be using.

Creating Local Internet Users

From the Menu select .View > Configuration > Internet Mailbox Management

Click the button and in the screen that follows, select the radio buttonAdd M-Box User M-Box: Personand click .[Next]


Enter the details for the Internet User you wish to create and click .[Finish]

If you are configuring an Internet Only config then skip this section, otherwise select the Tab.MIXER

Click next to the "X.400 Address".[Edit]


Enter the X.400 Address you would like this Internet Address Mapped to when being converted, click .[OK]

Click to commit this change. Repeat the above process for any other Internet Users you wish to[Apply]create.

Creating X.400 Users

From the Main Menu in MConsole Select . ThenView > Configuration > X.400 Mailbox Managementexpand the routing tree to where you want to create the mailboxes.


Click on "Add P7 Mailbox".

Select the Addressing Format that you want, click .[Next]

Complete the form, click and then click again to confirm the O/R address. You'll then be[Next] [Next]prompted to create a new White Pages entry.


Select the , click and then click again to bringCreate a new White Pages entry radio button [Next] [Next]up the Passwords screen.

Enter P3 and P7 Passwords (they can be the same) and click .[Finish]

Back in the main MConsole screen select the "White Pages" tab for this user. Select the "Email and Jid"sub-tab and enter the Email Address you wish to map this X.400 Address to.


Click to commit these changes. Repeat this process for any other X.400 Users you wish to create.[Apply]

You have now created a Messaging System where you can exchange messages between Internet Users andX.400 Users. You can now either proceed to creating External X.400 P1 connections, Creating ExternalSMTP Connections or Testing the configuration.


Configuring External X.400 P1 ConnectionsIn order to connect to an external X.400 Server over X.400 P1 you need to exchange connection informationwith the owner of that X.400 Server. Both parties need to know the following information about the remoteX.400 server.

Information Example

IP Address e.g. 192.168.0.1

Port Number e.g. 102

Transport Selector 591

Presentation Selector

Session Selector

Address Space e.g. /PRMD=X400/ADMD=External/C=GB/

MTA Name e.g. ExternalMTAName

MTA Password e.g. secret

Configuring the Local P1 Connection Details

From the MConsole Switch Configuration screen expand the Switch and Channels, navigate to the "x400p1"Channel and select the Tab.Inbound

Here the MTA Name has been set as the Hostname by default and can be changed if required. Click the"Edit" button next to the presentation address. This shows the hostname of the Local Machine, if you have a


NAT at your firewall that connects to this server on Port 102 then you will need to provide the Remote Partwith the IP Address of the Firewall not this IP Address. Click the "Selectors" button to see and change thesevalues.

Click on both screens to return to the main MConsole display.[OK]

Now select the "Auth" Tab and click the "Edit" Button next to the "Initiator RTS Credentials".


You can set the MTA Name and Password here. Click . Repeat this process for the "Responder RTS[OK]Credentials".

Configuring the Remote P1 Connection Details

First you need to create the X.400 Address Space of the remote Server in the Routing Tree. Right Click onthe "Routing Trees" in the Messaging Configuration screen of MConsole and select "Add nodes".

Ensure only "Create Routing Tree entries representing and X.400 O/R Hierarchy" is checked, click .[Next]

Fill in the details for the Remote MTA and click . Now create the External MTA, right click on the[Next]"Message Transfer Agents" in the Messaging Configuration Screen of MConsole and select "New MTA".


Select "External X.400 MTA". Click .[Next]

Enter the details for the External X.400 MTA that you have been provided with. Click . Expand the[Next]Routing Tree until you find their X.400 Address Space. Click .[Next]


Enter their "MTA Name" and Password that you have been provided with. Click .[Finish]

If you need to change the "Port" or "Selectors" of this MTA you can do this by selecting the "x400p1"Channel of this MTA and follow the same process as you did for the Local MTA


Adding Mappings for External X.400 UsersIf there are no mappings for an X.400 sender or recipient then the X.400 Address will be converted byadding the X.400 Address as the "name" part of the internet address and the MIXER domain as the "domain"part of the internet Address, for example without any mapping:

/G=Firstname/S=Lastname/P=MyPRMD/A=MyADMD/C=GB/

would get mapped to:

/G=Firstname/S=Lastname/P=MyPRMD/A=MyADMD/C=GB/@mixer.headquarters.net

This does not look particularly nice and is open to typographical errors when sending messages. So unlessyou have too many senders to make creating mappings for each one then you should create mappings usingthe process below.

You will need to start the Isode LDAP GUI Sodium:

In Windows select Start > All Programs > Isode R16.3 > Sodium (Secure Open Data, Identity and User, in Linux run . When Sodium starts it will ask you for a passphrase, use theManager) /opt/isode/bin/sodium

same one as you use for MConsole. You will see a bind displayed for your Directory Server, click Connect.Expand the Directory Tree and navigate to "cn=Messaging Configuration".

Right Click and select "Add below...". In the template screen, select the "Container" template, click .[Next]


Enter a Name (we've used "External X.400 Mappings" and click .[Next]

Click . Select the newly created "Container" and right click Add below...[Add]

Select "Person" and click .[Next]


Check Organizational Person, Internet Organizational Person and X.400 Messaging, click .[Next]

Enter a name for the External X.400 User and click .[Finish]


On the Personal tab Enter Values for "Surname" and "E-mail" where email is the address you want theExternal X.400 Address mapped to, then select the "Messaging" tab.

Click the "Edit" Button next to O/R Addresses:

Enter the External X.400 Address you want to Map, you may need to use the "Name Form" drop down at thetop to display an X.400 Address format that matches what you require. Click .[OK]


Click . Repeat this process for any other External X.400 Users you wish to Map. You can also use this[Add]process to Map External SMTP Users to External X.400 Users in a MIXER Gateway deployment with nolocal users.


Configuring External SMTP ServersIf you wish to connect an External SMTP Server that has no DNS or MX records, for example and EDIApplication, then follow the procedure below. Right click on the "Message Transfer Agents" in theMessaging Configuration Screen of MConsole and select "New MTA".

Select "External MTA", "Internet". Click .[Next]

The "Directory Name" can be anything you want that will it make it easy to identify the server. Enter an IPAddress or Hostname. Click .[Finish]


Now you need to create the "Routing Tree" information for the domain that you want this server to support.Right Click on the "Main Routing Tree" and select "Add nodes".

Check the "Create Routing Tree entries representing and Internet domain. Click .[Next]

Enter the required Internet Domain and click . Now expand the Routing Tree to your Internet[Finish]Domain.


Click the "Add" button next to the MTA Information Frame.

Select your newly created External SMTP MTA from the drop down list. Click .[OK]

Click . Repeat this process for any other External SMTP servers you may need.[Apply]


Configure the Address Conversion RuleIn this configuration we are using "Per User" Address Conversion where each mapping between an X.400Address and an Internet Address is stored in the directory. An alternative approach, that is not covered inthis guide is to use "Algorithmic" Address Conversion where and X.400 Address Space e.g./PRMD=MyPRMD/ADMD=MyADMD/C=MyC/ is mapped to an Internet domain e.g. mydomain.com suchthat:

/G=MyFirstname/S=MyLastname/PRMD=MyPRMD/ADMD=MyADMD/C=MyC/ maps to MyFirst, [email protected]

/CN=MyCommonName/PRMD=MyPRMD/ADMD=MyADMD/C=MyC/ maps to MyCommonNam

, [email protected]/S=MyLastname/PRMD=MyPRMD/ADMD=MyADMD/C=MyC/ maps to [email protected]

If you want to use this Address Conversion method it is fairly intuitive or you can consult the M-Switch

.X.400 Administration Guide

To configure "Per User" Mapping for all addresses Right Click on the Main Address Conversion Table andselect "Add address mapping".

Select "Per User" and .[Next]


Select "Any Internet Domain" and "Any X.400 Domain" and Click .[Finish]


Starting the ServicesThe M-Vault (DSA) Services was started while running the configuration wizard. All other services shouldnow be started so that you can test the system.

Starting the Services (Windows)

You need to start the Isode Services Configuration GUI. Start > All Programs > Isode R16.3 > IsodeServices Configuration (Right Click "Run as Administrator).

All Services that you need should be set to "Startup" Automatic. The table that follows shows what servicesshould be installed and started for each type of configuration.

Services Local InternetMailServer &Local X.400Mailboxes

Local InternetMailServer &External X.400Server(s)

Local X.400Mailboxes &ExternalSMTP Servers

Local InternetMailServer, noX.400Functionality

Local X.400Mailboxes,no SMTPFunctionality

MIXERGateway, noLocal Internetor X.400Mailboxes

DSA Yes Yes Yes Yes Yes Yes

M-SwitchOSI Listener

Yes Yes Yes Yes Yes

M-Box IMAPServer

Yes Yes Yes

M-Box LMTPServer

Yes Yes Yes

M-BoxManagementServer

Yes Yes Yes

Event Server Yes Yes Yes

M-Box POP3Server

Yes Yes Yes

M-SwitchQueueManager

Yes Yes Yes Yes Yes Yes


M-SwitchSMTPServer

Yes Yes Yes Yes

M-StoreX.400 Server

Yes Yes Yes

To change the "Startup type" of a Service select it and Right Click > Edit.

Select the Startup Type from the drop down list. Click . Repeat this for All services you need to[OK]change. Click the button.[Start All]


Starting the Services (Linux)

To start the services on Linux do the following:

# cd /etc/init.d

To Start the configured M-Switch Services:

# ./pp start

To Start the M-Box Service (If Required):

# ./mbox start

To Start the M-Store X.400 Service (If Required):

# ./pumice start


Testing the SystemThe easiest way to test the system is to send a message from an Internet User to an X.400 User, howeverbefore you do that it is always a good idea to check the routing using MConsole.

Checking the Routing with MConsole

Firstly you need to connect to the MTA from the main menu select View > Live Operations > Switch.Operations

Click to dismiss the Error message. You will now need to modify the Switch Connection details, right[OK]click on the MTA and select "Modify".

Then enter the password you entered when originally creating the DSA, and set the AuthenticationMechanism to DIGEST-MD5


Click . Then right click on the MTA and select "Connect". You should now be successfully connect to[OK]the MTA. From the Switch Configuration Menu select Messaging > Check Address Routing...

Then Enter an Internet User Address to Test and Click "Check Address".


This tells you that the Message will be delivered to the LMTP Channel and so into M-Box for reading by anInternet Mail Client. It also shows the equivalent X.400 Address that you entered. Repeat the process for anX.400 User.

This tells you that the Message will be delivered to the P3 Channel and so into M-Store X.400 for reading byan X.400 User Agent. It also shows the equivalent Internet Address that you entered. Repeat the process foran External X.400 User.


This tells you that the Message will be delivered to the P1 Channel and the External X.400 MTA it will besent to. It also shows the equivalent Internet Address that you entered. Repeat the process for an ExternalSMTP User.

This tells you that the Message will be delivered to the smtp-external Channel and the IP Address of theExternal SMTP server it will be sent to. It also shows the equivalent X.400 Address that you entered. Youare now ready to test with your Favourite Internet Mail Client (We will use the one provided with Windows10) and the Isode Demonstration X.400 User Agent (XUXA).

Sending Messages between Internet and X.400 Mail Clients

For the Internet Mail Client the settings you will need to know are:

Incoming Server The IP address that the system is running on


Protocol IMAP

Port 143

TLS No

Username As configured

Password As configured. Passwords will be encrypted (Thunderbird setting)

Outgoing Server The IP address that the system is running on

Port 587

TLS No

Authentication Required

Username Full email address

Password As configured. Passwords will be encrypted (Thunderbird setting)

You should run the Isode Demonstration User Agent Locally on the MTA server as it will "AutoConfigure".

To Start XUXA on Windows select ,Programs >Isode R1X.X > XUXA (X.400 Demo User Agent)right-click and select Run as Administrator.

To Start XUXA on Linux use the command % /opt/isode/bin/xuxa

Expand the Directory Tree until you Find the User you Created in the "White Pages" branch of the

Tree, Click .[OK]


Enter the Password you chose when creating the User. Click . XUXA will now display the empty[OK]Inbox. Start your configured Internet Mail Client and select "Compose". Create a simple test email to theEmail Address that you entered when creating the X.400 User.

Click and Go to XUXA.[Send]


You can now see the Message as received by the X.400 User. Click .[Reply]

Click .[Send]


Click . Return to the Internet Mail Client.[OK]

You can see the reply to the message and the Delivery Report in XUXA.


Congratulations your MIXER System is now working and you are ready to test with External X.400/InternetUsers.


What next/other resources

Help us improve our Evaluation Guides

Producing evaluation guides that are easy to follow and that help evaluators get started with our products isimportant to us. Please help us improve this guide by emailing us at [email protected]

Product Information

While following this guide you have used M-Switch, M-Store X.400 and M-Vault (LDAP/X.500 DirectoryServer) and associated management tools. For more information on these server products, follow the linksbelow:

M-Switch: [ ]www.isode.com/products/m-switch.htmlM-Store X.400: [ ]www.isode.com/products/x400-store.htmlM-Vault: [ ]www.isode.com/products/m-vault-directory.html

You have also used Isode's MConsole (messaging configuration and operational management for internet &X.400 messaging). For more on MConsole see [ ].www.isode.com/products/mconsole.html

Exploring Product Capabilities

This guide has covered only the basic setup of an MIXER system. To extend your system and explore thecapabilities of Isode's management tools further you can read the Administration Guides available from theIsode website in PDF format.

Administration Guides, together with all other Isode documentation is available from [www.isode.com/supp].ort/docs.html

Whitepapers

Isode regularly publishes whitepapers relevant to Internet and X.400 messaging. All whitepapers can besearched from the whitepaper index page on the Isode website at [ ].www.isode.com/whitepapers/index.html

You can browse whitepapers relevant to your particular area of interest by following the links on thesub-menu on the left hand side of that page.

http://www.isode.com/products/m-switch.html

http://www.isode.com/products/x400-store.html

http://www.isode.com/products/m-vault-directory.html

http://www.isode.com/products/mconsole.html

http://www.isode.com/support/docs.html

http://www.isode.com/support/docs.html

http://ww.isode.com/whitepapers/index.html


CopyrightThe Isode Logo and Isode are trade and service marks of Isode Limited.

All products and services mentioned in this document are identified by the trademarks or service marks oftheir respective companies or organizations, and Isode Limited disclaims any responsibility for specifyingwhich marks are owned by which companies or organizations.

Isode software is © copyright Isode Limited 2002-2016, All rights reserved.

Isode software is a compilation of software of which Isode Limited is either the copyright holder or licensee.Acquisition and use of this software and related materials for any purpose requires a written licenceagreement from Isode Limited, or a written licence from an organization licensed by Isode Limited to grantsuch a licence.

This manual is © copyright Isode Limited 2016.

m-switch mixer evaluation guide - isode: messaging ... · this guide covers everything you will...

Documents