| Previous | Contents | Index |
Figure 4-1 Sample PMDF Site EXAMPLE.COM
Example 4-1 is a PMDF-MTA configuration dialogue that was generated using the command line configuration utility, PMDF CONFIGURE MTA. Example 4-2 is the corresponding checklist file.
The command line configuration utility was used for this example, rather than the web-based configuration utility, because it was assumed that the sample site, EXAMPLE.COM, needs to configure DECnet MAIL-11 connectivity.
A site that does not need to configure DECnet channels might find it more convenient to use the web-based configuration utility. (They could also configure IMAP/POP servers and PMDF-LAN during the same web configuration session). |
Specifics for the sample site, EXAMPLE.COM (shown in Figure 4-1), are:
Whenever possible, the installation supplies a default (which is
enclosed in square brackets). If you want to accept the default value,
press [RETURN]. Otherwise, enter the correct value. (You can
use the backslash character, \, to clear a default answer.)
Remember that the values in this sample configuration are for purposes of example only. Make sure to use values that are appropriate for your system.
| Example 4-1 Example PMDF-MTA Configuration |
|---|
$ SET DEFAULT PMDF_TABLE:
$ PMDF CONFIGURE MTA
PMDF Configuration File Creation Utility, Version 6.2
This utility creates an initial PMDF configuration file
(PMDF_TABLE:PMDF.CNF), an initial PMDF aliases file
(PMDF_TABLE:ALIASES.), an initial PMDF security configuration file
(PMDF_TABLE:SECURITY.CNF) and an initial PMDF mappings file
(PMDF_TABLE:MAPPINGS.). Normally this is done just after
PMDF has been installed. However, it is possible to run this
procedure at any time.
For best results the various network products PMDF is going to be
attached to should be installed and operational when this procedure
is run. This is by no means required, but the defaults provided by
this procedure cannot be selected intelligently without having
various software packages available to interrogate.
Important note: No changes are made to existing PMDF configuration
information until all questions have been answered. This utility
can be aborted at any prompt by entering CTRL/C. The files
output by this utility can optionally be redirected to a different
location so they will have no impact on the existing PMDF
configuration.
Do you wish to continue [Y]? y
Do you wish to have a detailed explanation printed before each question [N]? y
Part One: TCP/IP networking.
TCP/IP networking support:
(0) No TCP/IP support
(1) Generic multithreaded TCP/IP *requiring* UCX emulation
PMDF provides support for various VMS TCP/IP packages marketed by
various vendors. Minimum supported versions are described in the
documentation. PMDF uses UCX emulation, which can be a separate
component to be enabled or installed. Answer 1 if you want support
for SMTP over TCP/IP on your system. If no TCP/IP package is
installed or if you don't want PMDF communicating with your TCP/IP
package, enter 0 and press return.
Use which TCP/IP option [1]? 1
Is your system set up to:
(1) Do host lookups with MX records (name server required)
(2) Do host lookups without MX records (name server required)
(3) No name server; use TCP/IP package for host lookups
MX (Mail eXchange) records are special entries in the TCP/IP
Domain Name Service database that redirect mail destined for
systems not directly attached to the TCP/IP network to an
intermediate gateway system that is directly attached.
If you are on the Internet, you should answer 1 as mandated by
RFC1123 (Internet Host Requirements). Otherwise if your site
has special requirements to ignore MX records then answer 2 if
you have a name server available. Answer 3 if no name server
is available.
Choose one of the above options [1]? 1
This system has one or more names it is known by on TCP/IP.
Enter the most 'official' of these names, preferably a
name the system is registered under in the Domain Name System.
Name of this system on TCP/IP [NAPLES.EXAMPLE.COM]? [RETURN]
PMDF needs to know the IP addresses for all the interfaces used
by TCP/IP on this system or homogeneous OpenVMS cluster.
These addresses are needed so that
PMDF can recognize domain literals references to this system.
Such recognition is mandated by RFC1123.
Enter each IP address separately in a.b.c.d format, pressing CR
between each one. When you've entered them all just enter a CR
by itself to end the list.
IP addresses for this system [RETURN if no more]? 12.34.56.7
IP addresses for this system [RETURN if no more]? 12.34.56.8
IP addresses for this system [RETURN if no more]? [RETURN]
Answer YES if this system is attached to the Internet via TCP/IP.
Answer YES even if you have to go through a firewall.
Answer NO if this system is not attached to the Internet in this
way. Note that a BITNET (NJE) or any other indirect connection to
the Internet is not a real connection; answer NO if this is the
only type of connection you have.
Is this system connected to the Internet via TCP/IP [N]? y
PMDF has the ability to automatically convert shortform names
appearing on the right hand side of the at sign in an address
into fully qualified domain names. These addresses are then
routed to TCP/IP automatically. This convenience is especially
appropriate when a system is only connected via TCP/IP and not
via other networks. For example, if you were to specify a default
domain of EXAMPLE.COM and the address USER@NAPLES was used, where
SIGURD has no other special meaning, this address will be rewritten
as USER@NAPLES.EXAMPLE.COM and routed via TCP/IP. Enter nothing
if you don't want to have shortform addresses handled in this way.
Default domain to attach to shortform host names []? example.com
Answer YES if this system is behind a firewall and needs to route
Internet mail to the firewall first. Answer NO if no such firewall
exists or if this PMDF system is acting as the firewall.
Does this system need to route mail to a firewall [N]? n
PMDF needs to know about internal TCP/IP usage. For instance, this
information is used to segregate incoming messages from internal vs.
external sources. Your configuration file will automatically contain
the rules necessary to reach external Internet domains, so it is not
necessary to tell PMDF about external Internet systems.
If your site satisfies any of the following conditions:
(+) POP or IMAP users,
(+) other internal TCP/IP systems,
(+) connect to non-Internet TCP/IP systems,
then you will need to answer YES. If you do answer YES, you will then
be asked for the names of these systems or domains so that they can be
added to your configuration and mappings files. Answer NO if there is
no internal TCP/IP use.
Are there any internal or non-Internet systems reachable via TCP/IP [N]? y
TCP/IP networks typically provide access to one or more systems
or entire domains. This should only include systems or domains
that are accessible via TCP/IP; systems reachable via DECnet or
NJE do not count. Enter each system or domain specification
(e.g., system names such as 'doofus.company.com' or domains such as
'.mycollege.edu') separately, pressing CR between each one. When
you've entered them all just enter a CR by itself to end the list.
Internal system or domain reachable via TCP/IP [RETURN if no more]? vax.othe rco.com
Internal system or domain reachable via TCP/IP [RETURN if no more]? [RETURN]
PMDF needs to know the IP address of each internal system or subnet.
For instance, this information is used to distinguish between
internal and external systems for doing SMTP relay blocking.
Enter each IP address separately in a.b.c.d, or a.b.0.0
or a.b.c.0 format, pressing CR between each one. When you've
entered them all just enter a CR by itself to end the list.
IP addresses for your internal systems or network [RETURN if no more]? 12.55.6.7
IP addresses for your internal systems or network [RETURN if no more]? [RETURN]
Part Two: DECnet connections
Answer YES if this system is attached to a DECnet network
containing one or more remote nodes PMDF should provide access
to. Answer NO if this host is not attached to such a network.
Is this system attached to any others using DECnet [Y]? y
Answer YES if one or more remote DECnet systems are running PMDF
and are equipped with PhoneNet over DECnet (DN_) channels. Answer
NO if no such systems exist.
Are any DECnet systems attached via PhoneNet over DECnet (DN_ channel) [N]? n
Answer YES if one or more remote DECnet systems are either
running some mailer capable of doing SMTP over DECNET or
are running PMDF and are equipped with SMTP over DECnet (DSMTP_)
channels. Answer NO if no such systems exist.
Are any DECnet systems attached via SMTP over DECnet (DSMTP_ channel) [N]? y
Enter the DECnet name for a system attached by an SMTP over
DECnet (DSMTP_) channel. This should be the name this system is
listed under in NCP. Enter a CR if you have no more systems of
this type to specify.
DECnet node name of a SMTP over DECnet system [RETURN if no more]? RABBIT
Enter the full domain name corresponding to the DECnet name
you just entered. If the system has no name other than the
DECnet name you just entered, simply enter the DECnet name
again. Remember that if this name gets out to other sites
they might not be able to reply to it if it is just a DECnet name
Domain name corresponding to previous DECnet node name []?
rabbit.example.com
DECnet node name of a SMTP over DECnet system [RETURN if no more]? [RETURN]
PMDF's default handling of mail from DECnet-only nodes (remote DECnet
systems reachable using normal MAIL-11 protocols, i.e. they are
running DECnet and VMS MAIL without PMDF) is to cause the
From: address to look like
USER%DECnetHOST@domain_name_of_system_running_PMDF
This format is repliable from both Internet and BITNET. You DO NOT
have to enter such DECnet nodes into the PMDF configuration.
If this is an acceptable solution, then answer NO.
If you want these DECNET nodes to have domain names for the outside
world to see, i.e. you want to address these systems using the format
USER@DECnetHOST.itsdomain
AND you will be entering MX records for these domain names in your
Domain Name Server, then answer YES.
Are there any DECnet systems reachable via regular MAIL-11 mail [Y]? y
Enter the DECnet name for a system attached via MAIL-11 over
DECnet (i.e. VMS MAIL). This should be the name this system is
listed under in NCP. Enter a CR if you have no more systems of
this type to specify.
DECnet node name of a DECnet MAIL-11 system [RETURN if no more]? NOPMDF
Enter the full domain name corresponding to the DECnet name
you just entered. This domain name should be entered into your
domain name server as an MX record for mail to be repliable
since this name will appear in the From: address of mail originating
from this DECnet node.
Domain name corresponding to previous DECnet node name []?
nopmdf.example.com
DECnet node name of a DECnet MAIL-11 system [RETURN if no more]? [RETURN]
Part Three: Determining local host's name(s).
Enter the 'most official' name for this system. This should be
the official domain name in most cases. This is the name that
will appear in mail addresses on this system, among other things.
Official local host name [naples.example.com]? example.com
Enter the domain or subdomain your systems are part of, if there
is one and it is consistent. For example, if your system's domain
name is HMCVAX.EXAMPLE.COM, and in general all your systems are
part of the .EXAMPLE.COM domain, enter '.EXAMPLE.COM'. If your
system is not part of a domain or if your use of domain names is
not consistent, just press CR.
Default domain or subdomain for this system/OpenVMS cluster []?
example.com
Enter the DECnet node name for the local host. This usually should
be the actual node name and not the DECnet OpenVMS cluster alias.
DECnet node name for the local host [NAPLES]? NAPLES
Enter the SCS (OpenVMS cluster) node name for the local host.
SCS (OpenVMS cluster) node name for the local host [NAPLES]? NAPLES
Enter any aliases for the local host; these names are rewritten
to the official local host name with rewrite rules.
Any other aliases for the local host [RETURN if no more]? [RETURN]
Enter YES if you want to include the other nodes in this OpenVMS cluster
in this configuration. Enter NO if you do not. YES is an appropriate
response in an entirely homogeneous OpenVMS cluster, NO can be appropriate
in a heterogeneous OpenVMS cluster.
Include other OpenVMS cluster members in configuration [Y]? y
Enter a valid user@host type of address for the local Postmaster.
This address will receive notifications of bounced or deferred
mail as well as various other types of status and error reports.
This address is also the one that will receive user queries about
electronic mail.
A user@host style address for the local Postmaster [postmaster@naples.example.com]?
system@naples.example.com
Part Four: Security Configuration.
Enter YES if you would like to check passwords against LDAP source
and NO if you do not.
Do you want to check passwords against LDAP [N]? n
Enter YES if you would like to check passwords against MessageStore/
popstore user profiles, which is the fastest, and NO if you do not.
Do you want to check passwords against MessageStore/popstore user profiles [Y]? y
Enter YES if you would like to check passwords against PMDF
password database and NO if you do not.
Do you want to check passwords against PMDF password database [Y]? y
Enter YES if you would like to check passwords against the
operating system one (SYSUAF), and NO if you do not.
Do you want to check passwords against operating system [Y]? y
Enter YES if you would like to allow unprotected passwords
for internal users and NO if you do not.
Do you want to allow unprotected password for internal users [Y]? y
Enter YES if you would like to allow unprotected passwords
for external users and NO if you do not.
Do you want to allow unprotected password for external users [N]? n
Enter YES if you would like to allow external users to submit
mail using password and NO if you do not.
Do you want to allow external users to submit mail using password [Y]? y
Enter YES if you would like to support for pre-standard unprotected
password submission used by Outlook Express and Netscape 4.0x and
NO if you do not.
Do you want to support pre-standard password submission used by Outlook Express and Netscape 4.0x [N]? n
Part Five: Process and write files
Enter the name of the configuration file you want to have
output. The default action is to produce a real configuration
file; you might want to choose another file name if you are
not sure you have properly answered all the questions in the
preceding dialogue.
Configuration file to output [PMDF_ROOT:[TABLE]PMDF.CNF]? [RETURN]
Enter the name of the aliases file you want to have output.
This file contains system-wide local address aliases PMDF will
recognize; special aliases are required for proper operation
of some channels. The default action is to produce a real alias
file; you might want to choose another file name if you are
not sure you have properly answered all the questions in the
preceding dialogue, or if you want to preserve an existing
aliases file.
Alias file to output [PMDF_ROOT:[TABLE]ALIASES.]? [RETURN]
Enter the name of the mapping file you want to have output.
The default action is to create a real mapping file;
you might want to choose another file name if you are
not sure you have properly answered all the questions in the
preceding dialogue.
Mapping file to output [PMDF_ROOT:[TABLE]MAPPINGS.]?
Enter the name of the security configuration file you want to have
output. The default action is to create a real security.cnf file;
you might want to choose another file name if you are
not sure you have properly answered all the questions in the
preceding dialogue.
Security configuration file to output [PMDF_TABLE:SECURITY.CNF]? [RETURN]
This procedure generates a checklist file that contains the list of
steps you must perform in order to complete your PMDF configuration.
This procedure does *NOT* perform these steps itself; you must do
them manually.
PMDF checklist file name [PMDF_ROOT:[TABLE]PMDF.CHECKLIST]? [RETURN]
All configuration questions have been answered.
This question gives you a last chance to change your mind
before any files are written. Answer NO if you are not sure
you want to generate the configuration you have specified. Answer
YES if you do.
Do you wish to generate the configuration files [Y]? y
Generating the PMDF configuration file...
Generating the PMDF mappings file...
Generating the PMDF aliases file...
Generating the PMDF security configuration file...
Generating the PMDF checklist...
***********************************************************************
*
* To complete your PMDF configuration, carry out the steps
* detailed in the checklist file PMDF_ROOT:[TABLE]PMDF.CHECKLIST;.
*
***********************************************************************
Enter Yes if you want to see the checklist now. You can still type
the file out later if you say No.
Do you want to see the checklist now [Y]? n
Enter YES if you would now like to configure the PMDF Dispatcher.
If you answer NO, then you can configure it later with the command
$ PMDF CONFIGURE DISPATCHER
Configure the PMDF Dispatcher [Y]? n
$
|
| Example 4-2 Example Checklist File for PMDF-MTA Configuration |
|---|
$ TYPE PMDF_TABLE:pmdf.checklist
Checklist for completing the setup of your PMDF configuration.
Written by SYSTEM, 1-NOV-2002 13:08:50
This file was created by the PMDF configuration generator V6.2
(1) If you have not already set up your MAIL$BATCH queue or added
the PMDF startup procedures to your system startup, then be sure
to do so. Setting up MAIL$BATCH is crucial to the operation of
PMDF. Modifying the system startup can, of course, be done after
you have verified the proper operation of PMDF. Refer to the
"Post-Installation tasks" section of the first chapter of the
PMDF Installation Guide & Release Notes.
(2) Setup the PMDF SMTP server. To do this consult the TCP/IP
Channels chapter of the PMDF System Manager's Guide.
To use the generic multithreaded TCP/IP, you need to disable
any other SMTP server you are currently be running and also
configure the PMDF Service Dispatcher with the command
PMDF CONFIGURE DISPATCHER
Note that all other steps outlined in the TCP/IP Channels chapter
have been taken care of for you by the configure procedure.
(3) Redefine the DECnet objects for PMDF using the new logical
names for SMTP over DECnet,
$ RUN SYS$SYSTEM:NCP
NCP> DEFINE OBJECT PMDFSMTP FILE PMDF_COM:DSMTP_SLAVE.COM -
NUMBER xxx USER pmdf_account PASSWORD password -
ACCOUNT SYSTEM PROXY NONE
NCP> SET OBJECT PMDFSMTP FILE PMDF_COM:DSMTP_SLAVE.COM -
NUMBER xxx USER pmdf_account PASSWORD password -
ACCOUNT SYSTEM PROXY NONE
where xxx is an unused number which is agreed on by all nodes,
Or for DECnet OSI, the NCL commands:
$ RUN SYS$SYSTEM:NCL
NCL> CREATE SESSION CONTROL APPLICATION PMDFSMTP
NCL> SET SESSION CONTROL APPLICATION PMDFSMTP -
ADDRESSES = {NAME = PMDFSMTP, NUMBER =xxx}, -
OUTGOING PROXY = FALSE, -
INCOMING PROXY = FALSE, -
NODE SYNONYM = TRUE, -
IMAGE NAME = PMDF_COM:DSMTP_SLAVE.COM, -
USER NAME = ""pmdf_account""
$
|
| Previous | Next | Contents | Index |