MTA Topics
MTA List
The Message Transfer Agent (MTA) transfers messages between post offices and domains, and performs a variety of other functions in the domain.
MTAs List:
Lists all MTAs in your GroupWise system. Click the name of an MTA to edit its properties. Click Customize Columns 
to add columns to the list.
New: Click New to add a new MTA.
The initial MTA object is automatically created when you create a new Domain object. You can have only one MTA in a domain, so you typically do not need to manually create one. The MTA software is automatically installed when you set up a new GroupWise server.
Delete: Select one or more MTAs, then click Delete to remove them from the list. A domain must have a working MTA.
Deleting an MTA object does not remove the MTA software from the server.
Export:
Click Export to generate a comma-separated values (CSV) file from the list. Use Customize Columns to add and order the columns as needed before you generate the CSV file.
- See also:
Message Transfer Agent
in the GroupWise Administration Guide.
New MTA
The Message Transfer Agent (MTA) transfers messages between post offices and domains, and performs a variety of other functions in the domain.
Use this option to manually create an MTA object.
The initial MTA object is automatically created when you create a new Domain object. You can have only one MTA in a domain, so you typically do not need to manually create one. The MTA software is automatically installed when you set up a new GroupWise server.
Name: Specify the name for the MTA object. Do not use invalid characters. You cannot change the name after the MTA object has been created.
Domain: Specify or select the name of the domain for the MTA to service.
MTA > General
The Message Transfer Agent (MTA) transfers messages between post offices and domains, and performs a variety of other functions in the domain.
The MTA General tab provides basic information about the MTA and enables you to start and stop it in your web browser.
Agent Type: Displays MTA.
Description: (Optional) Provide additional helpful information about the MTA.
If multiple administrators work at the server where this MTA runs, the description could include a note about who to contact before stopping the MTA.
Platform: Select the platform where the MTA runs.
Status: Indicates whether the MTA is running.
Start Agent / Stop Agent: Lets you manage the MTA from the Admin console.
Launch MTA Console: Opens the MTA console in a new browser window.
- See also:
Using the MTA Console
in the GroupWise Administration Guide.
Routing Options
Routing options provide specific control over how messages flow through your GroupWise system, in addition to the routing provided in the Link Configuration tool.
System-wide routing options are defined using System > System Preferences. The Routing Options tab overrides the system-wide default routing options for this MTA.
Default Routing Domain: The default routing domain provides a centralized routing point for all messages. A routing domain takes precedence over specific links that were established when domains were created or modified with the Link Configuration tool.
Select Override, then select the default routing domain for this MTA.
Force All Messages to Default Routing Domain: Routes all GroupWise messages through the default routing domain regardless of the destination of the message. If you leave this box deselected, only undeliverable messages are routed to the default routing domain.
Select Override, then select whether you want this MTA to send all messages to the default routing domain regardless of the destination of the message.
Allow MTA to Send Directly to Other GroupWise Systems: Indicates whether MTAs in your GroupWise system are allowed to perform DNS lookups and route messages out across the Internet.
Select Override, then select whether you want this MTA to perform DNS lookups and route messages out across the Internet.
- See also:
Configuring a Routing Domain
in the GroupWise Administration Guide.
MTA > Agent Settings
The MTA Agent Settings tab lists the network address and ports for the MTA, along with some miscellaneous settings.
Scan Cycle: Specify in seconds the time interval for this MTA to scan its input queues. The more frequently the MTA picks up messages, the more quickly they are delivered. The default is 15 seconds.
Scan High: Specify in seconds the time interval for this MTA to scan its high-priority input queues. The more frequently the MTA picks up high-priority messages, the more quickly they are delivered. The default is 5 seconds.
Attach Retry: Specify in seconds the time interval for this MTA to attempt to contact a closed MTA, POA, or GWIA. The default is 60 seconds (1 minute), meaning the MTA will retry the closed connection every minute until the agent responds again.
Enable Automatic Database Recovery: Automatically recovers the domain database if invalid structure or information is detected. Whenever a database is recovered, the domain administrator receives a message in GroupWise.
Use 2nd High Priority Scanner: Monitors and processes the priority 0 and 1 message queues independently, rather than in sequence. Using a second high-priority scanner thread helps avoid bottlenecks in the processing of different types of service requests (such as Busy Searches and requests from Remote client users).
Use 2nd Mail Priority Scanner: Monitors and processes the priority 2 and 3 message queues separately from the priority 4 through 7 queues. Using a second mail priority scanner thread helps avoid bottlenecks in processing administrative messages (such as database updates) and high-priority user messages versus regular and low-priority user messages.
SNMP Community “Get” String: Specify the "Get" community string for the server where this MTA runs. Community strings are case sensitive. If access to MTA information is unrestricted, the "Get" community string is typically PUBLIC. When properly configured, the MTA sends SNMP traps to network management consoles for display along with other SNMP monitored programs.
- See also:
Using an SNMP Management Console
in the GroupWise Administration Guide.
Network Address
Host Name: Specify the DNS hostname or IP address of the server where the MTA runs.
If your network uses IPV6, you must specify the DNS hostname.
Admin Port: Specify the TCP port number for the Admin Service on the server. The default Admin port for a domain is 9710.
Bind Exclusively to Host Name: Binds this MTA to the specified IP address when the server where it runs uses multiple IP addresses. Without an exclusive bind, the MTA binds to all IP addresses available on the server. If this option is selected, the Admin Service is also bound to the specified host name.
- See also:
Binding the MTA to a Specific Host Name
in the GroupWise Administration Guide.
Message Transfer
The MTA uses Message Transfer Protocol (GWMTP) to communicate with the POA, other MTAs, and GWIAs
Port: Specify the port number on which the MTA listens for messages from POAs in this domain, from MTAs in other domains, and from GWIAs. The default MTP port for the MTA is 7100.
Use the default port number unless it is already in use on the server.
SSL: Select from the following options to configure this MTA's use of secure connections to POAs, MTAs, and GWIAs. In order to use an SSL connection, the other agents must also be enabled for SSL.
-
Disabled: The MTA does not support SSL connections.
-
Enabled: The MTA uses SSL if both the MTA and the other agent can handle SSL. If either side cannot handle SSL, the MTP connection is still accepted.
-
Required: The MTA accepts only SSL connections. Non-SSL connections are refused.
IMPORTANT:To prevent closed links between agents, select Enabled when you are initially configuring agents for SSL. Select Required for tighter security only after all agents are successfully using SSL.
- See also:
Securing the Domain with SSL Connections to the MTA
in the GroupWise Administration Guide.
HTTP
The MTA uses HTTP protocol to communicate with the MTA console.
HTTP User Name: To limit access to the MTA console, provide a unique user name.
Unless you are using SSL, do not use a user name that is synchronized from an LDAP directory, because the information passes over the non-secure connection between your web browser and the MTA. If you are using SSL, the user name is encrypted and therefore secure.
HTTP Password / Confirm Password: Specify the password for the HTTP user name.
HTTP Port: Specify the port number on which the MTA listens for requests for status information from the MTA console. The default HTTP port for the MTA is 7180.
HTTP SSL: Select from the following options to configure this MTA's use of secure connections to the MTA console. In order to use an SSL connection, the web browser must also be enabled for SSL.
-
Disabled: The MTA does not support SSL connections.
-
Enabled: If the MTA is configured with a valid SSL certificate, the MTA console uses SSL. If a valid SSL certificate is not available, the MTA still provides the MTA console, but without a secure SSL connection.
-
Required: The MTA does not support the MTA console unless a valid SSL certificate has been provided.
IMPORTANT:To prevent closed links between agents, select Enabled when you are initially configuring agents for SSL. Select Required for tighter security only after all agents are successfully using SSL.
- See also the following in the GroupWise Administration Guide:
-
Using the MTA Console
-
Securing the Domain with SSL Connections to the MTA
MTA > Log Settings
MTA log files can be viewed in the MTA server console and the MTA console.
Log File Path: Specify the folder where you want this MTA to store its log files, if you want to change from its default location:
-
Linux: /var/log/novell/groupwise/domain.mta
-
Windows: domain\mslocal or as specified by the /work switch
Logging Level: Select the amount of data displayed on the MTA server console and written to the MTA log file:
-
Off: Turns off logging to disk and sets the logging level for the MTA to its default. Logging information is still displayed on the MTA server console.
-
Normal (Default): Displays only the essential information suitable for a smoothly running MTA.
-
Verbose: Displays the essential information, plus additional information that can be helpful for troubleshooting.
Max Log File Age: Specify the number of days you want MTA log files to remain on disk before being automatically deleted. The default log file age is 30 days. The valid range is from 1 to 350 days.
Max Log File Disk Space: Specify the maximum amount of disk space for all MTA log files. When the specified disk space is full, the MTA overwrites existing MTA log files, starting with the oldest. The default is 100 MB of disk space for all MTA log files.
- See also:
Using MTA Log Files
in the GroupWise Administration Guide.
Message Log Settings
Message logging gathers information about message traffic on your GroupWise system. This information enables you to perform valuable tasks, including:
-
Gathering statistics to help optimize your GroupWise system
-
Tracking messages from the MTA console and from GroupWise Monitor
Message logging must be enabled in order to use the reporting features of GroupWise Monitor
Message Log Level: Select Brief or Full to enable MTA message logging and specify the amount of data to gather.
Message Log File Path: Specify the full path of the file where this MTA records the logging information.
Correlate Delivery Status Reports: Maintains the relationship between user messages and their corresponding delivery status reports in the logged information.
Collect Delivery Status Reports: Logs delivery status reports as well as user messages.
Collect Other Status Reports: Logs user-requested information about messages sent, such as indicating that messages have been opened or deleted by the recipients.
Track Administrative Messages: Logs administrative messages such as database updates.
Delete Reports After: Specify the number of days to retain reports on disk. Reports are automatically deleted after the specified time has passed.
- See also:
Enabling MTA Message Logging
in the GroupWise Administration Guide.
MTA > SSL Settings
The SSL Settings tab configures the Secure Socket Layer (SSL)/TLS protocol settings for the MTA. The MTA can use SSL to secure various types of connections, as configured on the Agent Settings tab.
For a secure GroupWise system, you should configure the server and agents to use TLS.
SSL Certificate File and SSL Key File: (Optional) If you need to generate a new GroupWise signed certificate and key for the MTA to use:
Generate Certificate: Click Generate Certificate to generate a new self-signed certificate for the server, and then click Save.
NOTE:If you are replacing existing certificate and key files, delete the entries in both the SSL Certificate File and SSL Key File fields before generating the new certificates.
The GroupWise Admin Service generates a certificate signing request (CSR) and a private key file, and then sends them to the GroupWise certificate authority (CA) on the primary domain. The CA issues the requested certificate, which is then returned to the local server.
Set Password: Click Set Password to specify the password for the key file.
To clear an existing password from the key file, click Set Password, select Clear Password, and then click Save.
To clear an existing password from the certificate, click Generate Certificate, select Clear Password, and then click Save.
- See also the following in the GroupWise Administration Guide:
-
Securing the Domain with SSL Connections to the MTA
-
Configuring Server Certificates and TLS
MTA > Scheduled Events
MTA scheduled events perform directory synchronization of users’ personal data from an LDAP directory (such as NetIQ eDirectory or Microsoft Active Directory) to the GroupWise Address Book. By default, one directory synchronization event is scheduled at 1:00 a.m. daily for each MTA in your GroupWise system.
In order for the directory synchronization event to occur, the MTA must be associated with an LDAP directory (System > LDAP Servers > directory > General tab).
MTA Scheduled Events List: Lists the directory synchronization events that have been defined for this MTA. Click the name of an event to edit it. Click the check box next to the name of the event to select or deselect it.
New: Click New to create a new directory synchronization event.
Delete: Select one or more events, then click Delete to remove them from the list.
- See also:
Configuring LDAP User Synchronization
in the GroupWise Administration Guide.
MTA > Scheduled Events > New / Edit Scheduled Event
MTA scheduled events perform directory synchronization of users’ personal data from an LDAP directory (such as NetIQ eDirectory or Microsoft Active Directory) to the GroupWise Address Book. By default, one directory synchronization event is scheduled at 1:00 a.m. daily for each MTA in your GroupWise system.
Name: If you are creating a new directory synchronization event, specify a unique and descriptive name for the event you are scheduling. You cannot edit an existing name.
Event Type: There is only one type of MTA scheduled event, a Directory Synchronization Event.
Trigger
Select the schedule for the Directory Synchronization Event:
-
Weekday: Performs directory synchronization once a week, on the specified day and time.
-
Daily: Performs directory synchronization once a day, at the specified time.
-
Interval: Performs directory synchronization at the specified interval, at the specified time.
- See also:
Configuring LDAP User Synchronization
in the GroupWise Administration Guide.
MTA > LDAP
The LDAP tab allows you to enable a read-only LDAP server interface into the GroupWise System Address Book. This allows lookups and queries via LDAP for the Outlook client and Mac Mail. The following fields are available for querying:
-
givenName
-
sn
-
cn
-
mail
Enable LDAP: Enables the LDAP server interface.
Port: Specify the port you want the LDAP server to use. The default for non-SSL is 389. The default for SSL is 636.
SSL: Specify if you want SSL enabled or disabled. If you change this setting after changing the port used, the port changes back to the defaults.
SSL Certificate
Use the MTA Certificate and Key: Allows you to use either the GroupWise generated certificate for the MTA or a certificate you have already uploaded for SSL. This is enabled by default if you are using SSL.
SSL Certificate File: (Optional) If you need to generate a new GroupWise signed certificate and key for the MTA to use. The certificate file must be in DER, PEM, PFX, CRT, B64, or CER format.
If you type the file name rather than using the Browse button to select it, specify the full path if the file is not in the certificates folder.
|
|
SSL Key File: Browse to and select the key file associated with the certificate. If the private key is included in the certificate file rather than in a separate key file, leave this field blank. If you type the file name, specify the full path if the file is not in the certificates folder.
IMPORTANT:If you use this option, you must set a password. The LDAP server requires a password in order for the key file to correctly access the certificate.
Set Password: Click Set Password to specify the password for the key file.
To clear an existing password from the key file, click Set Password, select Clear Password, then click OK.
Messenger Synchronization
These options are used for configuring LDAP synchronization between a linked GroupWise Messenger system and this GroupWise system.
Enable synchronization: Enable the linked Messenger system to connect to GroupWise to retrieve attribute updates.
Expire users not found during sync: Enable this option to expire users no longer in the GroupWise system.
Expire after XX days: Set the value here for users missing in the sync to expire after the specified number of days.
Messenger Query Settings
These options configure the Messenger to GroupWise connection for performing the sync.
Query Maximum Results: Sets how many users are processed at a time.
Query Timeout: Sets the timeout in seconds before returning for the LDAP user search.
Synchronization Trigger: Defines how often and when the Messenger system user synchronization should run.
Select the schedule for the Messenger Synchronization Event:
-
Weekday: Performs directory synchronization once a week, on the specified day and time.
-
Daily: Performs directory synchronization once a day, at the specified time.
-
Interval: Performs directory synchronization at the specified interval, at the specified time.
- See also the following in the GroupWise Administration Guide:
-
Securing the Domain with SSL Connections to the MTA
-
Configuring Server Certificates and TLS
MTA > Exchange Synchronization
Address book synchronization enables GroupWise users and Exchange users to easily select each other from their native address books.
Enable Exchange Address Book Synchronization: Enables address book synchronization between GroupWise and Exchange.
Exchange address book synchronization requires its own license. If you enable Exchange address book synchronization, your GroupWise system might be subject to additional licensing fees.
Hour to Begin Synchronization: Specify the time when you want address book synchronization to begin, for example, 3:00 a.m.
By default, address book synchronization starts at midnight (12:00 a.m.).
Interval between Synchronizations: Specify the number of hours between the start of each address book synchronization cycle. If set to 0, the synchronization does not repeat until the next day at the time specified in the Hour to Begin Synchronization.
Exchange Synchronization Profiles List: Lists the synchronization profiles that are defined in your GroupWise system. Click the name of a profile to edit its properties. The changes take effect when the next synchronization cycle starts.
New: Click New to define a new synchronization profile.
Delete: Select one or more synchronization profiles, then click Delete to remove them from the list.
MTA > Exchange Synchronization > Exchange Connection
An Exchange synchronization profile defines how user information passes back and forth between your GroupWise system and your Exchange system. The MTA performs the synchronization process.
When GroupWise information is synchronized to Exchange, it is stored in Active Directory. When Exchange information is synchronized to GroupWise, it is stored in the GroupWise Address Book.
Profile Name: Specify a unique and descriptive name for the synchronization profile.
Active Directory Connection Information
The MTA obtains address book information about Exchange users by authenticating to an Active Directory server. The MTA uses LDAP protocol to communicate with the Active Directory server.
LDAP Server Address: Specify the IP address or DNS hostname of an Active Directory server where Exchange users, groups, and resources are located.
If your network uses IPV6, you must specify the DNS hostname.
LDAP Server Port: Specify the port number on which the MTA can communicate with Active Directory.
If SSL is required, the default LDAP port number is 636. If SSL is not required, the default LDAP port number is 389.
Use SSL: Indicates that the MTA must use Secure Socket Layer (SSL) protocol when communicating with the LDAP server.
LDAP SSL Certificate: Specify the full path name of the SSL certificate for the Active Directory server.
The SSL certificate file can be exported from the certificate authority on the Active Directory server. The certificate file must then be copied from the Active Directory server to a location where the MTA can access it using the specified path and file name. The administrator of the Active Directory server should be able to provide the certificate file.
LDAP Email or DN: Specify the Active Directory user name that the MTA can use to authenticate to the LDAP server. For example:
ldapuser@yourcompanyname.com cn=ldapuser,cn=users,dc=yourcompanyname,dc=com
You should create a new, dedicated Active Directory user specifically for this purpose, rather than using an existing user. This MTA synchronization user needs sufficient rights to create objects in Active Directory. You can make the MTA synchronization user a member of the Active Directory Domain Admins group, or you can restrict the rights to fit the security needs of your system.
LDAP Password: Specify the password for the MTA synchronization user.
MTA > Exchange Synchronization > Sync to Active Directory
When the MTA synchronizes GroupWise information to Active Directory, the information is stored in a set of Active Directory contexts and Mail Contacts that represents your GroupWise system.
Active Directory Context for GroupWise Objects: Specify the Active Directory context that you want the MTA to create for Active Directory objects that represent GroupWise users, groups, and resources.
The top-level context represents your GroupWise system. Subcontexts represent GroupWise domains and post offices.
Internet Agent for Default MTA Link: On a new synchronization profile, select a GWIA to link to the GroupWise external domain that represents your Exchange system.
If email is already passing between the GroupWise and Exchange systems, you can select a GWIA that is already in use for this purpose, or you can install a new GWIA for this purpose.
If you need to change the GWIA for an existing synchronization profile, use the Link Configuration tool to select a different GWIA.
GroupWise Free/Busy Service Base URL: Specify the URL of an Exchange Client Access Server server where you have installed the GroupWise Free/Busy service. For example:
https://exchmail.yourcompanyname.com
The Exchange server requires a secure SSL connection. Therefore, you must use https in the URL.
The GroupWise Free/Busy service enables GroupWise users and Exchange users to access each other’s calendar information when scheduling appointments. During address book synchronization, each Exchange user's Internet free/busy URL (which is based on the URL of the Exchange Client Access Server server) is added to the Exchange user's External User object in the GroupWise system. Without the Internet free/busy URL for each Exchange user, GroupWise users cannot perform Busy Searches on Exchange users.
Active Directory Display Name Format: Select how you want the names of GroupWise users to be displayed (Firstname Lastname or Lastname Firstname) in Active Directory and in the Exchange Global Address List (GAL).
Synchronize GroupWise External Objects to Exchange: Synchronizes GroupWise external objects to Exchange as Mail Contacts. By default, GroupWise external objects are not synchronized to Exchange.
Limit to Members Of: By default, the MTA synchronizes to Exchange all users, groups, and resources in your GroupWise system.
To restrict which GroupWise users, groups, and resources are synchronized to Exchange, select a group that provides the GroupWise users, groups, and resources that you want to synchronize to Exchange.
MTA > Exchange Synchronization > Sync to GroupWise
When the MTA synchronizes Exchange information to GroupWise, the information is stored in a set of GroupWise External objects (External Domain, External Post Offices, and External Users) that represents your Exchange system.
GroupWise External Domain for Exchange Objects: Specify the name for the GroupWise External Domain object where you want Exchange objects to be stored.
The External Domain object represents your Exchange system. External Post Office objects represent Active Directory contexts where Exchange objects are located.
Exchange Base Contexts List: Lists all Active Directory contexts where Exchange objects are located.
New: Click New to add an Active Directory context to the list.
Delete: Select one or more Active Directory contexts, then click Delete to remove them from the list.
Synchronize Exchange Mail Contacts to GroupWise: Synchronizes Exchange Mail Contacts to GroupWise as external objects. By default, Exchange Mail Contacts are not synchronized to GroupWise.
Exchange Mail Contacts are Active Directory Contacts that have been added to the Exchange Global Address List (GAL). They have external email addresses because they exist outside of your Exchange system. Mail Contacts do not have Exchange mailboxes.
Limit to Members Of: By default, the MTA synchronizes to GroupWise all Exchange users, distribution groups, and resources in the specified Exchange base contexts.
To restrict which Exchange users, distribution groups, and resources are synchronized to GroupWise, specify the name of a distribution group that provides the Exchange users, distribution groups, and resources that you want to synchronize to GroupWise. The group must be located in one of the specified Exchange base contexts.
Exchange Global Address List DN: By default, GroupWise users, groups, and resources are added to the default Global Address List (GAL).
If your Exchange system has multiple Global Address Lists, and if you want GroupWise users, groups, and resources to be added to a Global Address List other than the default, specify the DN of the GAL that you want GroupWise address book information added to.
Use the following format to specify the GAL:
CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=Exchange Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exchmail,DC=yourcompanyname,DC=com
MTA > Exchange Synchronization > New / Edit Base Contexts for Exchange Objects
When the MTA synchronizes Exchange information to GroupWise, the information is stored in a set of GroupWise External objects (External Domain, External Post Offices, and External Users) that represents your Exchange system.
Each Active Directory context is represented by a GroupWise External Post Office object in the GroupWise Admin console.
Exchange Base Context: Specify an Active Directory context where Exchange users, distribution groups, and resources are located.
GroupWise Post Office Name: Specify the name to represent the Active Directory context as a GroupWise External Post Office object in the GroupWise Admin console.
Process Subcontexts: Searches for Exchange users, distribution groups, and resources in subcontexts of the Exchange base context. Exchange objects in subcontexts are added to the same post office as Exchange objects in the base context.
MTA Options
Breadcrumbs identify the context of the object.
Save: Edit the MTA object properties as needed, then click Save to save your changes.
Close: Click Close to return to the Message Transfer Agents list.
Customize Tab Order:
Click Customize Tab Order to reorganize the tabs on the properties page.
Delete: Deletes the MTA object from the domain. A domain must have a working MTA.
Deleting an MTA object does not remove the MTA software from the server.
Diagnostics: Displays the Display Object window with object attributes and values for the MTA object.
For trademark and copyright information, see Legal Notices.