Question

How do you avoid updating /etc/aliases for VPIM every time users are added or deleted from the system?


Answer

Note: This Technote has been updated and now includes a new option (Option 2: Mailer Method) as a result of APAR IZ81497 which details a related executable dtmailin2 available since UM PTF 4.2.0.151. The original Technote only described Option 1: Aliases Method.


Option 1: Aliases Method

It is possible to configure /etc/sendmail.cf to forward all mail for e-mail addresses that have purely numeric user IDs to a single alias in /etc/aliases, which then allows IMC_Getmail to process the mail. If the user does not exist on the Unified Messaging system, IMC_Getmail rejects the mail using IMC_Returnmail. Consequently, /etc/aliases does not have to be updated every time users are added or deleted from the system.

To do this:

  1. Configure /etc/aliases to include alias_id, as shown in the Unified Messaging Administrator's Guide:
    alias_id: "| /usr/lpp/dirTalk/db/current_dir/ca/IMC_Getmail_dir/dtmailin dtuser"

  2. Define a keyed/external check routine which changes the address to alias_id, (both for those addresses ending in your system's hostname and for addresses that are completely numeric) by adding entries like the following under the DS entry or above other entries starting with K. In this example the hostname is jupiter - please change this to be the hostname of your system. Please note that you must use a tab before the regexcommand in these lines:
    Knumeric regex -aalias_id ^[0-9 <>]+@jupiter.*
    Kallnums regex -aalias_id ^[0-9]+$

  3. Add the following rules to Ruleset 98, under S98, making sure that you use Tab characters between the R$* and the rest of the line:
    R$*     $: $(numeric $1 $)
    R$*     $: $(allnums $1 $)
    Ruleset 98 is called from Ruleset 0 (used for processing all inbound addresses) to process numeric addresses and local hacks. After these rule changes are made, Ruleset 98 will modify the numeric addresses to the local alias_id.

    To activate these rules, run newaliases and refresh -s sendmail as shown in the Unified Messaging Administrator's Guide:
    newaliases
    refresh -s sendmail
    Ensure the other settings for sendmail.cf shown in the Unified Messaging Administrator's Guide are also configured. In particular, ensure that AIX sendmail is configured to keep the To: header.
    The following stanza does this:
    H?u?To: $u


Option 2: Mailer Method


Some incoming VPIM mail may not include To headers in the e-mail body - instead the AIX sendmail program can be told the recipient directly using the SMTP RCPT command. If this occurs, and IMC_Getmail is unable to process these e-mails as it does not have details of where to send the mails, the following change is required in sendmail.cf:

# action to take if there are no recipients in the message
O NoRecipientAction=add-to

(There should already be a line for NoRecipientAction, but you may need to uncomment it and change the setting to add-to.)

This will add To headers received in RCPT commands to the e-mail body for IMC_Getmail to process.


If multiple recipients (for example, a distribution list on a remote system) are given directly as SMTP RCPT commands, the Aliases Method above results in only the first recipient appearing in the e-mail body. (The original method shown in the  Administrator's Guide does not exhibit this problem.) To overcome this limitation of the use of regex in AIX sendmail it is now recommended that a unique masqueraded name be used for the system (for example, one that begins with "vpim") for vpim mail and a rule be added to sendmail.cf as follows under ruleset 0, in this example the hostname is "jupiter":

R$+< @ vpim . jupiter . uk . ibm . com >           $#vpim$:$1

Ensure there is a tab between the > and the rest of the entry. You then need to add the custom vpim mailer as follows under the mailer definitions:

#####################################
###   VPIM Mailer specification   ###
#####################################

Mvpim,               P=/home/dirTalk/current_dir/ca/IMC_Getmail_dir/dtmailin2,
                     F=lsFn, S=10, R=20, A=dtmailin2 $u $h,
                     D=/home/dirTalk/current_dir/ca/IMC_Getmail_dir, U=dtuser:staff

Again, ensure there is a tab between Mvpim and the rest of the entry as for other mailers.

This uses a new variant of the original dtmailin program called dtmailin2 which prevents duplicate mails from being received for the same message sent to multiple recipients, which is otherwise a side-effect of the new configuration. Please ensure that dtmailin2 has the same permissions as dtmailin did, for example, with:

chmod ug+s $CUR_DIR/ca/IMC_Getmail_dir/dtmailin2

Please note that a difference between Option 2 and Option 1 (and the original method shown in the Administrator's Guide) is that Option 2 does not check the user id (before the @ sign) is numeric, it instead depends on a particular form of the host name / domain (after the @ sign) of the e-mail address.