Email Summary
Email Summary
Email Summary
E mail
iSeries
E mail
Copyright International Business Machines Corporation 1998, 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Contents
E-mail . . . . . . . . . . . . . . . . . . . . . . . . . Whats new for V5R1 . . . . . . . . . . . . . . . . . . . Print this topic . . . . . . . . . . . . . . . . . . . . . . E-mail overview . . . . . . . . . . . . . . . . . . . . . SMTP on iSeries 400 . . . . . . . . . . . . . . . . . . SMTP and DNS . . . . . . . . . . . . . . . . . . . POP on iSeries 400 . . . . . . . . . . . . . . . . . . . Protocols used in e-mail . . . . . . . . . . . . . . . . . MAPI-based mail . . . . . . . . . . . . . . . . . . . . iSeries 400 address book . . . . . . . . . . . . . . . . Address types . . . . . . . . . . . . . . . . . . . Address book cache . . . . . . . . . . . . . . . . . Setting up iSeries 400 to be an e-mail server. . . . . . . . . . . Configuring TCP/IP for e-mail . . . . . . . . . . . . . . . Configuring SMTP and POP servers for e-mail . . . . . . . . . Configuring POP for Client Access-based mail users . . . . . Enrolling e-mail users . . . . . . . . . . . . . . . . . . Starting and stopping the servers for e-mail . . . . . . . . . . Administering e-mail on the iSeries 400 . . . . . . . . . . . . Configuring a dial-up mail connection . . . . . . . . . . . . Configuring the Internet Service Provider Dial-up Connection Wizard Sending and receiving e-mail using an ISP . . . . . . . . . . Acting as an ISPs mail server . . . . . . . . . . . . . . . Removing POP e-mail users . . . . . . . . . . . . . . . Preventing large e-mail messages from splitting . . . . . . . . Supporting Delivery Status Notification. . . . . . . . . . . . Hosting a Domino and SMTP server on same system . . . . . . SMTP server performance . . . . . . . . . . . . . . . . Mail security . . . . . . . . . . . . . . . . . . . . . Sending e-mail through a router or firewall . . . . . . . . . Prerequisites for an e-mail router. . . . . . . . . . . . Restricting relays . . . . . . . . . . . . . . . . . . Restricting connections . . . . . . . . . . . . . . . . Mail filtering to prevent virus proliferation . . . . . . . . . . Sending and receiving e-mail on the iSeries 400 . . . . . . . . . Setting up POP e-mail clients . . . . . . . . . . . . . . . Using SNADS to send e-mail . . . . . . . . . . . . . . . Setting up headers to differentiate between recipients . . . . . Attaching files to an e-mail when using SNDDST . . . . . . . Converting file types to send with SNDDST . . . . . . . . Supporting Internet addressing for SNADS users . . . . . . . Using SNADS to receive e-mail . . . . . . . . . . . . . . Send MIME mail (QtmmSendMail) API. . . . . . . . . . . . Troubleshooting e-mail . . . . . . . . . . . . . . . . . . Performing SMTP problem analysis . . . . . . . . . . . . . Tracking undelivered e-mail . . . . . . . . . . . . . . . . Solving problems with QtmmSendMail API . . . . . . . . . . Checking component journals . . . . . . . . . . . . . . . Other information about e-mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 . 1 . 2 . 2 . 2 . 3 . 3 . 4 . 4 . 5 . 6 . 7 . 8 . 8 . 9 . 10 . 10 . 11 . 12 . 13 . 13 . 13 . 14 . 14 . 14 . 15 . 15 . 16 . 17 . 18 . 18 . 18 . 19 . 19 . 20 . 20 . 21 . 21 . 22 . 22 . 22 . 23 . 23 . 25 . 26 . 26 . 27 . 27 . 30
iii
iv
iSeries: E mail
E-mail
This topic provides you with concepts and procedures for configuring and administering e-mail on your iSeries server. This information assumes that you have worked on the iSeries 400 before and have a working knowledge of TCP/IP, Simple Mail Transfer Protocol (SMTP), and e-mail concepts. For more information about e-mail, see the following: v Whats new for V5R1? Find out what information is new on the Information Centers e-mail topic. v Print this topic If you would rather read this information on paper, then print the entire topic as a PDF file. v E-mail overview Find information on basic e-mail concepts. v Setting up iSeries 400 to be an e-mail server Find the basic steps for configuring your server for e-mail. v Administering e-mail on iSeries 400 Find instructions on how to work with e-mail. This topic provides information on configuring dial-up connections, using an Internet Service Provider (ISP) for e-mail delivery, securing your network, and other administrative tasks. v Sending and receiving e-mail on the iSeries 400 Find instructions on how to send and receive e-mail through a Post Office Protocol (POP) client program, like Netscape Mail, Microsoft Outlook, or Eudora, or a SNADS client, like the Send Distribution (SNDDST) command. Advanced e-mail topics: v SMTP and DNS Access information on e-mail addressing and on SMTP and Domain Name System (DNS) server configuration. v SMTP protocol Find a list of SMTP commands. v Supported POP protocol Find a listing of client commands supported by the iSeries server. v Troubleshooting e-mail Find tips and instructions on how to deal with e-mail problems. v Other information about e-mail Find references to other information about e-mail Tip: Read how to access SMTP through Operations Navigator.
v Selectable subsystems for jobs (See 17) allows you to improve system performance by running the SMTP server in its own subsystem. v Hosting a Domino and SMTP server on same system - dual stack support (bindings) allows you to run the iSeries 400 SMTP and Domino natively, and you can force the SMTP client to bind to a particular interface, for Network Address Translation (NAT) purposes. v Restricting connections is expanded to provide instructions on how to prohibit unsolicited e-mail from reaching your server. Connect your server to hosts that store addresses of known e-mail abusers, or configure your server to restrict the connection to specific IP addresses. v Mail filtering to prevent virus proliferation allows you to filter mail by subject, type/subtype, filename/extension, and originators address. v Restricting relays allows you to specify as closely as possible who may or may not use your machine for relay.
E-mail overview
You depend on electronic mail (e-mail) as an essential business tool. The iSeries 400 uses protocols, like SMTP and POP, to make your e-mail run smoothly and efficiently on the network. See the following topics to learn about basic e-mail concepts: v SMTP on iSeries 400 Find out how SMTP allows the iSeries server to send and receive mail. v POP on iSeries 400 Find out how the POP mail interface distributes mail. v Protocols used in e-mail Find out how the client and server communicate using special protocols. v MAPI-based mail Find out how the POP server works for the MAPI-based client. See Setting up iSeries 400 to be an e-mail server to set up your server for e-mail.
iSeries: E mail
SMTP on iSeries 400 supports the distribution of notes, messages, and ASCII text documents. SMTP can support formats other than plain text by using the Multipurpose Internet Mail Extensions (MIME) protocol. The MIME protocol is the data format of the message that SMTP sends. About SMTP e-mail delivery In order for e-mail to reach its destination, SMTP must be able to deliver it to both the correct host and user ID that resides on that host. First, SMTP checks to see if the e-mail addressee is a user on the local system. If SMTP determines that it is not, SMTP forwards the e-mail to the next host system. The next host may or may not be the final host. SMTP determines the name of the host from addressing information that is found in the SMTP protocol. SMTP then resolves the hosts address by using either the domain name server or the local host table. See SMTP and Domain Name System (DNS) for more information on address resolution for e-mail. For inbound e-mail, the SMTP server first converts the destination host name into an Internet Protocol (IP) address. Because of the aliasing function, the server can have several host names. Therefore, the SMTP server uses the sockets interface to determine if the IP address is one of those used by the interfaces for the local host. See Configuring your iSeries 400 for email for information on how to begin using your iSeries 400 as an SMTP server.
v Any mail that goes through the mail server framework needs to go through SMTP (through a snap-in) to be delivered to external users. The POP server serves as a temporary holding area for mail until it is retrieved by the mail client it does not provide a mail store function. When the mail client connects to the server, it queries the contents of its mailbox to see if there is any mail to retrieve. If there is, it retrieves the mail one message at a time. Once a message has been retrieved, the client normally instructs the server to mark that message for deletion when the client session is complete. The client retrieves all of the messages in the mailbox and then issues a command (in the form of a QUIT verb) that tells the server to delete all of the messages that are marked for deletion and to disconnect from the client. Multipurpose Internet Mail Extensions (MIME) is the Internet standard for sending mail with headers that describe the contents of the mail messages to the receiving client. These messages can be video, image, audio, or binary files, or text messages. POP mail clients use verbs to communicate with the POP server. Verbs supported by the iSeries 400 POP server are described in Supported POP protocol. The POP Version 3 mail interface is defined in RFC 1725. RFC stands for Request for Comments. RFCs are the vehicles that are used to define evolving Internet standards.
MAPI-based mail
The iSeries 400 POP server can act as a messaging and address book server for MAPI-based clients. With this support, all mail is sent to the POP server on the iSeries 400 by way of extensions to the standard POP client/server interface. No SMTP connection on the client is required. Client Access-based clients can send and receive mail through the POP server with any of these address types: v INTERNET (the standard Internet format, sometimes referred to as an SMTP address) v OFFICEVISION (the SNADS address itself, not an SMTP address that is converted to SNADS. This type also includes AS/400 distribution lists.) v AS400FAX (the dialing sequence as defined by the Facsimile Support for OS/400 LPP). This support also includes an address book function that provides high-performance client/server access to an address book that is periodically refreshed from the iSeries 400 system distribution directory. Finally, the following connection types are supported between the Client Access-based client and the POP server: v TCP/IP protocol v IPX/SPX protocol v SNA protocol.
iSeries: E mail
When you connect to the POP server using Client Access, you gain the benefit of secure logon - the password encryption that Client Access provides. See AS/400 Address Book for more information on the supported address types, and for information about how data is mapped from the system distribution directory to the address book cache. See Configuring POP for Client Access-Based Mail Users for information on how to configure this support.
Preferred Address User ID/Address (for individual directory entries), or List ID and List ID qualifier (for distribution lists)
Format and Description Format: <UUUUUUUU> <AAAAAAAA> This type is also called the SNADS address or DEN/DGN by some. From the system distribution directory, <UUUUUU> is the User field, and <AAAAAA> is the Address field. Both values can be a maximum of eight characters long (and can be shorter than eight characters). Neither <UUUUUU> nor <AAAAAA> can contain the blank character. They must be separated by at least one blank character. Leading and trailing blanks to the whole address should be tolerated and ignored. Examples: MANDY SYSTEM1 LISA SYSTEM5 JAMIE GRADE5 ELYSE GRADE1 CALDWELJ SYSTEM2
AS400FAX
Format: <facsimile-telephone-number> Within the system distribution directory, this is considered one of the Other address types. (Set Preferred address to 4 (Other preferred address).) The actual<facsimile-telephone-number> used as the address is found in the system distribution directory FAX telephone number. The address is a dialing sequence, including access code sequences. It is expected to follow the rules for the Facsimile Support for OS/400 LPP telephone-number.1 Leading and trailing blanks to the whole address should be tolerated or ignored. Examples: 7525421 9=16077525421 8+8525421 *70/18005551212
Notes: 1. The telephone number, made up of dialing and control codes, is described in the Facsimile Support for AS/400 Programmers Guide and Reference . See the detailed description of the SNDFAX command. Also see the for more information on creating FAX entries in the system
The entries described in MAPI Address Type Definitions (See 5) table are built into an address book cache that includes these address types and E-mail addresses as well as other information from the system distribution directory. Address types: Standard POP implementations can address mail only with Internet addresses. If an Internet address needs to be converted to a different type of address, the conversion is performed by a gateway somewhere in the network. (The gateway may be the AS/400 Mail Server Framework .) Client Access-based mail clients, in conjunction with the POP server, have another option. They can address mail with several different types of addresses. TheMAPI Address Type Definitions (See 5) table shows each type of address supported by Client Access-based mail. The MAPI interface, implemented by Client Access-based mail service providers,
iSeries: E mail
allows any mail-enabled application to address mail with any of these types of addresses. The type names shown in the table are the actual MAPI address-type strings that Client Access-based mail registers with MAPI. The table simply shows the valid address types and their corresponding formats. Address book cache: The POP server does not read the system distribution directory every time a client requests something from it. Instead, a cache is built from the system distribution directory entries and distribution lists. The POP server uses this cache to retrieve address book data for clients. The address book cache is built and maintained by the POP server when the ADRBOOK parameter is set to *YES. The Refresh interval element of the ADRBOOK parameter determines how often the address book is updated from the system distribution directory. (See Configuring POP for Client Access-based mail users for a description of the ADRBOOK parameter.) Table 4. Data mapping from System Distribution Directory to POP Server Address Book Cache
Field in Address Book Cache <display-name> Fields in the System Distribution Directory Full name or Description If Full name is not blank, it is used. If Full name is blank, Description is used. For Distribution Lists, the Description field is always used (Distribution List entries do not have a Full name field). <address-type> For individual system distribution directory entries, use Preferred address to determine the type. The cache <address-type> field is filled in using the following rules: v If Preferred address is *USRID (User ID/Address), use MAPI address type OFFICEVISION v If Preferred address is *SMTP (SMTP), use MAPI address type INTERNET v If Preferred address is FAXTELNB (considered an Other address type), use MAPI address type AS400FAX v If Preferred address is not one of the values above, the address type is not supported by iSeries MAPI service providers and the entry is not put into the address book cache. For iSeries Distribution lists, <address-type> is OFFICEVISION. <email-address> (User ID -and- Address) or (SMTP user ID -and- SMTP domain) or FAX telephone number The cache <email-address> field is filled using the following rules: v If the address book cache <address-type> is now OFFICEVISION, concatenate the following: 1. The 8-character system distribution directory User ID (including trailing blanks) for individual SDD entries, or List ID for iSeries Distribution Lists. 2. A single blank 3. The Address (trailing blanks not required) for individual system distribution directory entries, and List ID qualifier for iSeries Distribution Lists. v If the address book cache <address-type> is now INTERNET, concatenate the following: 1. SMTP user ID (without trailing blanks) 2. A single @ character 3. The SMTP domain (trailing blanks not required). v If the address book cache <address-type> is now AS400FAX, use system distribution directory FAX telephone number (trailing blanks not required). <comment> No system distribution directory data is currently being extracted for this field.
3. 4. 5. 6. 7.
v Servers to start up Once you are finished with the wizard, right-click TCP/IP and select Properties. The TCP/IP Properties dialog appears. Click the Host Table tab. Click Add. The TCP/IP Host Table Entry dialog appears. Enter the IP address and the host name you used in the New TCP/IP Interface wizard. Click OK to close the TCP/IP Host Table Entry dialog.
8. Click OK to close the TCP/IP Properties dialog. Now that you have configured TCP/IP, you need to configure the SMTP and POP servers.
iSeries: E mail
Automatic Registration
4. Click OK to accept the changes. Configuring the POP server The POP server delivers mail, to a POP client, from the user mailbox, when requested by the POP client. You must configure the POP server to completely prepare your iSeries server for e-mail. If you have Client Access-based mail users, there are different instructions for configuring the POP server. To configure the POP server for a mail program such as Netscape Mail or Eudora Pro, complete the following steps: 1. In Operations Navigator, expand iSeries 400 server > Network > Servers > TCP/IP. 2. Double-click POP. The POP Properties dialog appears. 3. Refer to the table below to set the following parameters.
Click on this tab... General General Configuration Configuration Mappings And... Select Start when TCP/IP is started. Select Allow standard POP connection. Select No maximum for the Message split size field. If POP clients are logging on through dialup lines and receiving large pieces of mail, increase the Inactivity timeout value. Select Use only when unsupported CCSID is indicated.
Now that you have configured the SMTP and POP servers, you need to enroll e-mail users.
Support SNA protocol for Client Access clients. If you are using the SNA protocol, see Setting the Number of SNA Servers. 4. If you plan to use the address book, click the Configuration tab, and select the Use address book checkbox. Specify the Refresh interval, which is the number of minutes that you would like the POP server to check to see if the address book cache is current. If not, the address book will be refreshed from the system distribution directory.
The refresh interval is a trade-off between timely availability of changes to the system distribution directory, and processor utilization. You may want to refresh large address books less frequently because of the processor time required to do a refresh. Small address books can be refreshed more frequently without greatly affecting processor utilization. The interval you choose should be based on your own situation, and the size of your address books. Regardless of what the refresh interval is set to, if there have been no changes to the system distribution directory since the last time the address book cache was refreshed, a refresh is not performed. The refresh interval specifies how often the POP server checks to see if the cache is still current; if it is not current, it is refreshed.
When you use the address book the POP server builds and maintains an address book cache. This is described in iSeries 400 address book. Stop and restart the SMTP and POP servers for the changes to take effect. If you do not have Client Access-based mail users, you should follow the instructions for Configuring the SMTP and POP servers. Now that you have configured the SMTP and POP servers, you need to enroll e-mail users.
10
iSeries: E mail
By creating a user profile for each user, you enroll the users in the system distribution directory automatically. The system distribution directory is what SMTP uses to determine where to deliver local e-mail. To create user profiles for SNADS and POP e-mail users, complete the following steps: 1. In Operations Navigator, expand your iSeries 400 server > Users and Groups. 2. Right-click All Users and select New User. The New User dialog appears. 3. Type a user name and password for the user. 4. Click the Capabilities button. 5. Click the Privileges tab. Ensure that the Privilege class is User. 6. 7. 8. 9. Click OK. Click the Personal button. Click the Mail tab. Choose the Mail Service Level. v If your user is a SNADS user, select OfficeVision or JustMail. v If your user is a POP mail user, select Lotus Mail or other POP3 client.
10. Choose the Preferred Address type. v If your user is a SNADS user, select User ID and address. v If your user is a Lotus Notes, POP3 client, or Domino user, select SMTP Name 11. Click OK. If you are enrolling a SNADS user, their enrollment is complete. If you are enrolling a POP user, continue to the next step. 12. Click the Jobs button. 13. Click the Session Startup tab. 14. For the Initial Menu field, select Sign off. With this setting, any attempt to sign on iSeries 400, other than to retrieve e-mail or change their password, automatically signs the user off. 15. Click OK. 16. Click OK. 17. Repeat these instructions until all of the e-mail users have user profiles. Now that you have enrolled e-mail users, you need to start the servers.
11
4. Open an iSeries 400 character based interface. 5. On the command line, type
STRMSF
to start the Mail Server Framework. 6. If you are enrolling SNADS users, then on the command line, type
STRSBS QSNADS
to start the QSNADS subsystem. You have started your servers, and your iSeries 400 is now an e-mail server with enrolled e-mail users. View e-mail information for more procedures and concepts about e-mail on iSeries 400. Stopping the servers for e-mail To stop the servers, follow these steps: 1. In Operations Navigator, expand your iSeries 400 server > Network > Servers > TCP/IP. If the SMTP and POP servers are started, then follow these steps to stop them: a. Right-click SMTP, and select Stop. b. Right-click POP, and select Stop. 2. Open an iSeries 400 character based interface. 3. On the command line, type
ENDMSF
to end the Mail Server Framework. 4. If you are enrolling SNADS users, then on the command line, type
ENDSBS QSNADS
12
iSeries: E mail
v Hosting a Domino and SMTP server on the same system v SMTP server performance Learn how to manage a busy SMTP server. v Mail security Learn how to secure your iSeries e-mail environment.
13
2. 3. 4. 5. 6. 7. 8. 9.
Double-click SMTP. The SMTP Properties dialog appears. Click the Scheduler tab. Select the Start scheduler when SMTP is started checkbox. Select the Point-to-point connection profile you configured with the AT&T Global Network Dialer Wizard, or select a manually configured Point-to-point connection profile. Set the Mail transfer interval to the number of minutes you want SMTP to deliver your queued e-mail. If your ISP is not with the AT&T Global Network, select the Issue ETRN when connecting to remote server checkbox. Enter the Server IP address for the incoming mail server on the ISPs network, and enter the Registered ISP host.domain for which this SMTP server will issue an ETRN. Click OK.
14
iSeries: E mail
1. 2. 3. 4.
In Operations Navigator, expand your iSeries 400 server > Network > Servers > TCP/IP. Double-click POP. The POP Properties dialog appears. Click the Configuration tab. For the Message Split Size field, select No maximum.
Turning e-mail message splitting off may cause problems when sending large e-mail to networks that cannot handle large messages.
Note:
4. Select the Support Delivery Status Notification (DSN) checkbox, and specify DSN notification Responsible Person address. 5. Click OK.
Notes: Using Delivery Status Notification takes up resources that can affect the maximum number of recipients on a piece of e-mail. You are only allowing Delivery Status Notification to be employed by your users. If a user wishes to use the Delivery Status Notification function, they must set the parameters in their mail client. The parameters vary from mail client to mail client.
To force the SMTP server to use a specific Internet address, prior to V5R1, follow these steps: 1. On the iSeries 400 command line, type: CRTDTAARA DTAARA(QUSRSYS/QTMSSBNDIP) TYPE(*CHAR) LEN(16) VALUE(Internet address) AUT(*USE) This creates a data area that contains the specific Internet address. 2. Stop and start the SMTP server. On the command line, type:
15
ENDTCPSVR *SMTP 3. On the command line, type: STRTCPSVR *SMTP To force the SMTP client to use a specific Internet address, prior to V5R1, follow these steps: 1. On the iSeries 400 command line, type: CRTDTAARA DTAARA(QUSRSYS/QTMSCBNDIP) TYPE(*CHAR) LEN(16) VALUE(Internet address) AUT(*USE) This creates a data area that contains the specific Internet address. 2. Stop and start the SMTP server. On the command line, type: ENDTCPSVR *SMTP 3. On the command line, type: STRTCPSVR *SMTP Now SMTP receives only mail that is addressed to this Internet address. Check the domain name system (DNS) server, local host table, and system distribution directory to ensure that this forced Internet address is present.
To manage a busy server, you need to change values on the SMTP server and the SMTP client. The SMTP server works with the daemon and prestart jobs: QTSMTPSRVD and QTMSMTPSRVP. The SMTP client works with the daemon and prestart jobs: QTSMTPCLTD and QTSMTPCLTP. 1. To change the values on the SMTP server, on the iSeries 400 command line, type CHGPJE (the Change Job Entries command). The Change Job Entries display appears. 2. Enter the following values at the prompt and press Enter.
Prompt Subsystem Library Program Library Start jobs Value QSYSWRK QSYS QTMSSRCP QTCP *SAME
16
iSeries: E mail
Initial number of jobs Threshold Additional number of jobs Maximum number of jobs
4 2 2 20
These values guarantee that the server will start four prestart jobs, start two additional jobs when the available jobs fall below two, and allow a maximum of twenty prestart jobs. 1. To change the values on the SMTP client, on the command line, type CHGPJE (the Change Job Entries command). The Change Job Entries display appears. 2. Enter the following values after the prompt and press Enter.
Prompt Subsystem Library Program Library Start jobs Initial number of jobs Threshold Additional number of jobs Maximum number of jobs Value QSYSWRK QSYS QTMSCLCP QTCP *SAME 4 2 2 20
These values guarantee that the SMTP client will start four prestart jobs, start two additional jobs when the available jobs fall below two, and allow twenty prestart jobs as the maximum. Selectable subsystems for jobs You can specify a separate subsystem for the SMTP server. This should increase performance, because the need to share resources is eliminated. To 1. 2. 3. 4. specify a separate subsystem, complete the following steps: In Operations Navigator, expand your iSeries 400 server > Network > Servers > TCP/IP. Right-click SMTP and select Properties. Click the Additional Parameters tab. Select the Subsystem description radio button.
5. Enter the new subsystems name and the library where the subsystem description and job queue will be created. The program will check for existence of the specified subsystem. If it does not exist, the program will create it along with routing table entries, auto-start job entries, pre-start job entries and job descriptions. Even if the subsystem does not already exist, the library for the subsystem description and job queue must already exist. When the startup job for the server is executed, it will specify the parameters for the newly created subsystem and then submit the server jobs for batch startup in that subsystem.
Mail security
It is important to promote a secure environment in your iSeries 400 SMTP server. You must protect your SMTP server and your users from internal and external hindrances.
17
The following tasks can be completed to help ensure a secure e-mail environment: v Sending e-mail through a router or firewall v Restricting relays v Restricting connections v Mail filtering to prevent virus proliferation See Administering SMTP and email on iSeries 400 for more administrative tasks.
4. Enter the Mail router name. To 1. 2. 3. route e-mail through a firewall, follow these steps: In Operations Navigator, expand your iSeries 400 server > Network > Servers > TCP/IP. Double-click SMTP. The SMTP Properties dialog appears. Click the General tab.
4. Enter the name of the firewall, for example, FWAS400.company.com in the Mail Router field. 5. Select Forward outgoing mail to router through firewall. Prerequisites for an e-mail router: Before you configure an e-mail router, consider the following: v The intermediate system does not have to be an iSeries server. The mail router only requires a host table that contains all host systems to which it needs to route e-mail. If an iSeries server is the mail router, it does not require any particular system level. v You can set up only one intermediate system for routing between the source and target systems. You cannot nest mail routers. v SMTP must be able to get an IP address for the mail router when it starts, either from the local host table or through the Domain Name System (DNS) server. If SMTP cannot get an IP address for the mail router, then SMTP runs without using a router. v The SMTP client firewall support uses the mail router to forward e-mail that is destined for a host outside the local (protected) domain. In order to deliver e-mail, the mail router must be a system that is authorized to forward e-mail through the firewall. Also, all mail recipients whose domain is not on the iSeries 400 go through the router when you turn on the SMTP firewall support. If you have met these prerequisites, see how to Send e-mail through a router.
Restricting relays
A common concern that you may face is protecting your server from people who try to use your e-mail server for spamming, or sending large amounts of bulk e-mail. To avoid these problems, use the relay restriction function to specify as closely as possible who can use your machine for relay. You have five options for allowing relay: v Allow all relay messages v Block all relay messages
18
iSeries: E mail
v Accept relay messages from only the near domains list v Accept relay messages from only the address relay list v Accept relay messages from both the near domains and address relay lists To 1. 2. 3. 4. specify users that can send e-mail to the Internet, follow these steps: In Operations Navigator, expand your iSeries 400 server > Network > Servers > TCP/IP. Right-click SMTP, and select Properties. Click the Relay Restrictions tab. Select the appropriate relay restriction from the five options offered here. Note: If you choose Accept relay messages from only the near domains list or Accept relay messages from both the near domains and address relay lists, then you will need to click the General tab to list the near domains from which you are accepting relay. 5. Click Help for more information. 6. Click OK.
See Restricting connections, as a preliminary step to preventing unsolicited mail, by not allowing known offenders to connect to your e-mail server.
Restricting connections
You can prevent the connection of users who may abuse your e-mail server. Unwanted users may connect to your server, and send unsolicited mail. This unsolicited e-mail takes a great amount of central processing unit (CPU) cycles and space. Also, if your server allows others to relay unsolicited mail, other servers might block the mail that comes from your server. You can specify IP addresses of known unwanted users, or you can connect to a host that contains a Realtime Blackhole List (RBL) server. These Realtime Blackhole Lists provide a listing of known IP website for addresses that send unsolicted mail. See the MAPS (Mail Abuse Prevention System LLC) an example of a host that contains a Realtime Blackhole List. See the Open Relay Behaviour-Modification System (ORBS) To 1. 2. 3. 4. 5. 6. 7. website for hosts that offer open relays.
specify known IP addresses or a host with a Realtime Blackhole List, complete the following steps: In Operations Navigator, expand your iSeries 400 server > Network > Servers > TCP/IP. Right-click SMTP, and select Properties. Click the Connection Restrictions page. Click Add to add host names of servers with a Realtime Blackhole List that you would like to use. Click Add to add specific IP addresses to restrict attempted connections. Click Help, for more information. Click OK.
For more information on protecting your e-mail server, see the Mail security topic.
19
4. Select Keep message or Discard message. Selecting Keep message will save a copy of the message, which will not be delivered to the recipient. 5. Click Add to specify the message criteria that identifies the potential virus. Messages matching this criteria will not be delivered to the recipient. 6. Click Help for more information. 7. Click OK. Note: In addition to these tools, you should implement supplemental anti-virus solutions.
v POP user or account name. This is the same as the iSeries 400 user profile name. v The user password. This password must be the same as the iSeries 400 user profile password. 2. Identify the user and the users preferences. In Netscape Mail, for example, the user would look for Edit > Preferences > Mail and News Groups > Identity. v User name. This is the iSeries 400 user profile name. v Users e-mail address. This is the user ID and fully qualified domain name.
20
iSeries: E mail
v Reply-to address. This can be the same as the users e-mail address that the network administrator designates, but a user profile must be on the iSeries 400 server. 3. Identify the outgoing mail (SMTP) server. You need to identify the SMTP server on the e-mail client because it is the server that allows the clients users to send mail out. In Netscape Mail, for example, the user would look for Edit > Preferences > Mail and News Groups > Mail Servers. v POP user or account name. This is the user ID on the users e-mail address; it is also the iSeries 400 user profile name. v Outgoing mail (SMTP) server. This is the iSeries 400 host name. 4. Identify the incoming mail (POP) server. In Netscape Mail, for example, the user would look for Edit > Preferences > Mail and News Groups > Mail Servers. v Incoming mail server. This is the iSeries 400 host name.
To send e-mail on the iSeries 400, open an emulation session, and complete the following steps: 1. On the iSeries 400 command line, type SNDDST and press Enter. The Send Distribution display appears. 2. Press F10 to see all the parameters. 3. At the first prompt, Information to be Sent, enter *LMSG and press Enter. 4. Enter the recipients user ID and system address or an Internet address. 5. Enter a message description at the Description prompt. 6. Press the Page Down key and type your e-mail at the Long Message prompt. 7. Press Enter to send the e-mail. See Setting up headers to differentiate between recipients to learn about working with headers. You can also attach files to the e-mail. See Using SNADS to receive e-mail, for information on receiving e-mail.
21
Converting file types to send with SNDDST: With the iSeries server playing a larger role in the Internet, a method is needed to send information easily from the OS/400 to e-mail clients. Assuming that the spoolfile is already created, and the physical file and folder already exist, you must convert the file into a sendable format. The conversions are done by using 400 commands, as shown below.
Move the spool file to a data base physical file. CPYSPLF FILE(splfile) TOFILE(dbfile) JOB(job3/job2/job1) SPLNBR(splnbr) TOMBR(mbr)
Move data base physical file to a folder. CPYTOPCD FROMFILE(lib/dbfile) TOFLR(folder) FROMMBR(mbr) REPLACE(*YES)
Send the document. SNDDST TYPE(*DOC) TOUSRID(user address) DSTD(MAIL) DOC(mbr) FLR(folder)
22
iSeries: E mail
For more information on integrating e-mail networks, view the IBM redbook, AS/400 Electronic-Mail Capabilities (SG24-4703) .
23
File name (Input Char(*)) The character string of the integrated-file-system file name of the ASCII MIME note. You must specify the entire path. After the framework finishes processing the file, it unlinks the file. If this is the last link, the framework deletes the file. This file must contain an Internet-ready MIME note that adheres to the standards that are called Request for Comment (RFC). Length of file name (Input Binary(4)) The number of bytes in the file name (the absolute path name). The maximum length is 255 bytes (no NULL that is assumed at the end). Originator address (SMTP) (Input Char(*)) The character string of an SMTP originator address; for example, [email protected]. All SMTP addresses should be in coded character set identifier (CCSID) 500. Length of originator (Input Binary(4)) The length of the originator address string (not including any NULL). The maximum length is 256 bytes. First recipient address (SMTP) (Input ADDT0100(*)) The first address structure that contains a recipient address. All SMTP addresses should be in CCSID 500. Total number of recipients (Input Binary(4)) The number of recipient address structures (there must be at least one). Error code (I/O Char(*)) The structure that returns error information. ADDTO100 Format: This table shows the layout for format ADDT0100:
Offset Dec 0 Hex 0 Type BINARY(4) Field Field description
Offset to next address The number of bytes structure from the beginning of this address structure to the beginning of the next one. It must be at least the size of the fixed part of this address structure and the recipient address length. Address length The length in bytes of the SMTP address. The maximum length is 256 bytes. This maximum length is determined by Internet standards.
BINARY(4)
24
iSeries: E mail
CHAR(8)
Address Format name The characters that identify the particular structure. (Current value ADDT0100). It is used for level control of the structure. Distribution type The type of recipient. Possible values are: v 0 Normal v 1 Carbon copy v 2 Blind carbon copy
16
10
BINARY(4)
20
14
BINARY(4) CHAR(*)
Reserved Address
This field is reserved and must be set to 0. The actual SMTP address (no NULLS included). All SMTP addresses should be in CCSID 500.
Error messages: CPFA0A9 The object was not found. CPFA0CE The path name parameter that was specified resulted in an error. CPF3C12 The length of data is not valid. CPF3C17 An error occurred with input data parameter. CPF3C21 The format name &1 is not valid. CPF3C39 The value for the reserved field is not valid. CPF3C75 An error occurred with entry lengths and offsets parameter. CPF3C88 The number of variable length records &1 is not valid. CPF3E0A The resource limits were exceeded.
Troubleshooting e-mail
Do you have common iSeries 400 e-mail problems for which you need authoritative solutions? A few tips are detailed in this topic.
E-mail
25
v Perform SMTP problem analysis View a list of steps to determine whether your SMTP is working correctly. v Track undelivered mail Use these instructions for e-mail delivery and configuration problems. v Check problems with Send MIME Mail (QtmmSendMail) API Go through this troubleshooting process to determine problems you are having with the Send MIME Mail (QtmmSendMail) API. v Check component journals Use these instructions to check error-recording journals and determine where your SMTP problems lie. You can also prevent SMTP from splitting large e-mail messages. iSeries 400 SMTP splits large e-mail messages into multiple parts. Older clients sometimes receive multiple-part text e-mail messages as separate messages. This topic includes instructions on what to do about this problem.
26
iSeries: E mail
6. Type [email protected] as the SMTP address for any POP user. This user receives a copy of the undeliverable e-mail. Note: The user ID you enter must be an actual ID so that it can effectively monitor nondelivery notices. The sender receives a copy of the nondelivery notice with a list of the recipients who did not receive the e-mail. See Performing SMTP problem analysis, for more information.
= 0
Check the MIME file. 1. Check the MIME file placement. The MIME file must be in the ROOT system and start with a /, for example, /myfile.txt, and the file name must include the path /mydirectory/myfile.mime. 2. Check the authority levels. QMSF and QTCP profiles must have the authority to read and delete the MIME file. a. On the iSeries command line, type WRKLNK (the Work with Object Links command). b. Type 9 (Display) to work with the QMST and QTCP authorities. The Work with Authority display appears. 3. Ensure that the MIME file has an end-of-header statement between the header and the body. Check the mail server framework jobs (QMSF jobs in the QSYSWRK system). 1. If the MSF stopped processing the message, check the MSF jobs for error messages. 2. If the framework job completed, the MIME file should be deleted. This means that the framework processed the MIME file. Your problem is not with the API, but in your SMTP configuration. Go through SMTP problem analysis to further investigate the problem.
27
transitions: programs to queues, queues to program. events: arrival of mail via the server, delivery of mail via the client, storage of mail on retry queues or resource busy queues. tracking and some measurement data: 822 Message ID, MSF Message ID, size of message, originator, recipients. To 1. 2. 3. 4. turn on journaling and view the journal contents, follow these steps: In Operations Navigator expand your iSeries 400 server > Network > Servers> TCP/IP. Double-click SMTP. The SMTP properties dialog appears. Select the Enable journal entries check box. Open an emulation session.
5. To convert the SMTP journal entries to a viewable form, on the command line, type: DSPJRN JRN(QZMF) OUTPUT(*OUTFILE) OUTFILE(jrnlib/zmfstuff) OUTMBR(MAR2) ENTDTALEN(512). jrnlib is the name of the library, and zmfstuff is the name of the physical file. 6. To view the SMTP journal entries, type the following on the command line: DSPPFM FILE(jrnlib/zmfstuff) MBR(MAR2). 7. Press F20 (Shift + F8) to see the journal-specific information. See Details: Reading mail server journal entries for information on deciphering your SMTP journals. Details: Reading mail server journal entries Find information on reading the component journal entries for the SMTP Client and the SMTP server in the tables below. For additional codes and comments to assist you in troubleshooting e-mail, see Mail server journal entries .
LG LG LG LG LG LG
Undeliverable mail 1st level timeout 2nd level timeout mail is ready to be retried COD being sent back to originator Cannot process, resource busy
83 8C 8D 8E 8F 87 86
28
iSeries: E mail
LG
86
LG
undeliverable
87
LG
MX query
8K
Log when mail gets put back on QTMSOUTQ because recipient status changed, ie MS record resolved ready to deliver the message. Log transfer of mail to QTMSINQ for undelivery notice, two places Log a res_send failure and errno of why if failed along with query buffer
LG
95 91 92
LG LG LG LG LG LG
passing off mail to Bridge client passing off mail to client for remote delivery 2nd level timeout mail is ready to be retried COD being sent back to originator Cannot process, resource busy
97 96 8D 8E 8F 87 86
LG
86
LG
undeliverable
87
LG
MX query
8K
29
Note: All of the journal entries documented here use the LG type, which stands for log entry.
v Lotus Domino 4.5 on the IBM Integrated PC Server . Read about how to integrate SMTP and Lotus Notes for your e-mail needs. . v Mail enabling iSeries applications with Java Learn several means of SMTP mail enabling your iSeries applications. v v Domino and Notes User Assistance Documentation Library View comprehensive information about Notes and Domino. IBM Secureway: iSeries and the Internet See this topic to secure your iSeries network. . AS/400 Technical Support Web site Download current PTFs for your system by using your workstation as a gateway to the Internet PTF page, or view iSeries solutions from the Technical Information and Databases category. .
30
iSeries: E mail
Printed in U.S.A.