An Overview of Novell's Internet Messaging System (NIMS)
Articles and Tips: article
Consultant
Novell Philadelphia
akatana@novell.com
01 Mar 2000
In a world where information is becoming the predominant economic good, effective communication is the key to business success. Good communication is not only a prerequisite for growth and profitability, it is the foundation for e-business. If you can't communicate, you can't compete. E-mail makes up the majority of Internet usage; an estimated 15 billion e-mail messages will be generated in the year 2000 alone. And, according to the Aberdeen Group, external e-mail between companies is increasing at a rate of 100 to 150 percent per year. Arguably, then, Internet messaging has become the critical application for today's business environment.
Novell Internet Messaging System (NIMS) is a flexible e-mail service based on widely-used open standards. Built on Novell's industry-leading NDS eDirectory technology, NIMS provides the scalability, reliability, security, and cost-effectiveness in a messaging system that today's service providers and enterprises require. Although NIMS was designed with ISPs and ASPs in mind, it will handle the messaging needs of any organization, large or small.
NIMS provides single-point, Windows- and browser-based administration for the entire system, saving significantly on IT costs. And NIMS provides secure transport so users can securely access mail anytime, anywhere, and through any client the user chooses.
This AppNote provides an overview of NIMS and its various components. It then takes a brief look at different ways to configure NIMS to meet the needs of both large and small organizations.
For additional information about NIMS, see the product Web site at:
http://www.novell.com/products/nims/
Introducing NIMS
NIMS is a standards-based messaging server that runs on NetWare 4 and NetWare 5. (Linux and Solaris versions have been announced and are available through early access release.) NIMS is a server-based application designed to provide fast messaging services to large number of users with minimal hardware. NIMS distinguishes itself from other messaging products by leveraging the scalability and extensibility of NDS eDirectory. NIMS can provide mail services to thousands of users within minutes of installation by using information already stored in the directory.
Seamless NDS eDirectory Integration
NIMS was designed with platform independence in mind and it is built tightly around NDS eDirectory. This allows for seamless NIMS and NDS eDirectory integration. The following list highlights several examples of this integration:
Supports NDS User and Group objects
Supports NDS Aliases (for login and addressing)
Supports NDS Organizational Roles
Allows the disabling or temporary suspension of NIMS functionality for NDS User objects
Automatically creates mailboxes for NDS User objects when an account is first accessed through a NIMS agent
Changes in user-specific information (for example, forwarding configuration or quota changes) take effect immediately
In addition to its ease of administration, NIMS offers high performance, message transport security on all protocols, and the ability to be distributed over heterogeneous platforms. With support for POP3 and IMAP4, NIMS can be used with the mail client of your choice, including Eudora, Pine, Outlook, Netscape Communicator, Pegasus Mail, GroupWise, or Microsoft Exchange. NIMS mailboxes can also be accessed through a browser- based client included with the product.
Browser- or Client-Based Administration
NIMS includes WebAdmin for browser-based administration. This allows the administrator to maintain and configure NDS eDirectory and NIMS specific information from any Internet browser. All administration activity can be performed via secure SSL connections. Because of the SSL support, it is possible to maintain a NIMS system remotely via the public Internet.
Users familiar with Novell's NetWare Administrator (NWAdmin) utility can maintain and configure NIMS via the provided NWAdmin snap-in.
NIMS Components
Whether you are looking for a single-server solution or a more complex distributed system, it is important to understand what NIMS is and what it can do for your business.
NIMS provides the general features one would expect in an Internet Messaging server: agents for SMTP (Simple Mail Access Protocol), POP3 (Post Office Protocol version 3), and IMAP4 (Internet Mail Access Protocol version 4). It extends services far beyond these protocols to include AntiSpam, Aliasing, AutoReply, Forwarding, and LDAP services. Additional custom services can easily be added using an IP-based protocol called NMAP.
NMAP Protocol
The acronym NMAP stands for Networked Messaging Application Protocol. This is a text-based IP protocol, registered with the Internet Assigned Numbers Authority (IANA) at port 689, that NIMS agents use to communicate. When combined with the distributed nature of NDS eDirectory, the protocol allows NIMS agents running on different servers (even different platforms) to operate as if they were on the same server. Instead of replacing a server with a bigger server when the demand for messaging services increase, NMAP allows additional servers to be added to the "cluster." RFC-style documentation of the NMAP protocol is provided with every version of NIMS.
NMAP Agent
The heart of NIMS is the NMAP Agent (as distinguished from the NMAP Protocol described above). The NMAP Agent is responsible for the physical mailboxes and message queues and is the only NIMS agent which performs file access. All other NIMS agents gain access to mailboxes and message queues through the NMAP Agent using the NMAP protocol.
The NMAP Agent is responsible for many tasks including:
Providing mailbox access to agents
Moving messages through the queuing system
Notifying agents when they need to take action on a message
Enforcing disk quotas (configurable globally or at the user level)
Maintaining only a single copy of a message sent to multiple users (thereby conserving disk space)
A system running NIMS must have at least one NMAP Agent. Additional NMAP Agents can be added to any server in the NDS eDirectory tree. This is usually done to distribute mailboxes over multiple servers or to move the mailboxes closer to remote users.
SMTP Agent
The SMTP agent is responsible for receiving mail and sending mail to remote mail systems. Standards-based mail clients also use it to drop off messages. The SMTP Agent streams incoming messages to the NMAP Agent. The NMAP Agent notifies the SMTP Agent when queued messages are ready to be sent to remote systems. One SMTP Agent can be used to pick up outbound messages from several NMAP Agents.
The SMTP Agent has several features that administrators can use to prevent unsolicited bulk e-mail (spam). It will refuse messages from IP address that are:
Found in ranges configured by the administrator
Found in the Realtime Blackhole List (see http://maps.vix.com/)
Not resolvable via DNS
It will only relay messages if:
The sender's IP address is on a list configured by the administrator, or
The sender has authenticated through ESMTP, or
The sender has recently authenticated through POP3 or IMAP4, or
The message has less than a specified number of recipients.
POP and IMAP Agents
The POP3 and IMAP4 Agents provide support for users to access their mailboxes. With these standards-based agents, users are not restricted to any particular client to access messages. Rather, a user is given the flexibility of using any one of a number of messaging clients, such as Eudora, Pine, Microsoft Outlook, Netscape Communicator, Pegasus Mail, GroupWise, or Microsoft Exchange.
WebMail Agent
In addition to POP3 and IMAP4 access, NIMS includes a WebMail Agent which provides HTTP access to a user's mailbox. Users can use any web browser such as Netscape Navigator or Microsoft Internet Explorer to access their mailboxes.
The WebMail Agent provides two distinct services to the end user. First, it allows users to access their mailboxes as though they were using a regular e-mail client. These features include:
Reading and sending of messages
Attachment support (sending and receiving)
Personal Address Book
LDAP address lookup
Mailbox folder management
Quota monitoring
Integrated help system
Support for single and double byte language encoding
User interface in multiple languages
Second, the WebMail Agent provides a self-administration interface to the user for all user-related aspects of NIMS. These features are focused on ease of use and reduced burden on the network administrator. They include:
Changing the user's NDS eDirectory password (the NIMS and NDS eDirectory password are one and the same)
WebMail user interface configuration (colors, character sets, and so on)
Configuration of automatic messaging forwarding and custom message reply
Proxy configuration to pull messages from other accounts
A network administrator has the option of limiting the scope of a users access to WebMail. The user can be limited to only reading and sending messages or to customize the preferences (forwarding, auto-reply, proxy, and so on) or both. WebMail is customizable to provide maximum flexibility to the user and network administrator.
Proxy Agent
The Proxy Agent provides users with the ability to configure their accounts such that messages from up to three external POP3 or IMAP4 messaging systems are consolidated into their NIMS mailbox. These messages are placed in the NIMS mailbox with no change to the header so NIMS mailbox appears as the final destination (unlike some other messaging systems where messages are received as attachments). Configuring what hosts/accounts the Proxy Agent accesses may be done by the network administrator or the user as part of the WebMail preferences. Besides consolidating a user's messages into one mailbox, the Proxy Agent can easily be used to facilitate the transition from an old messaging system to NIMS.
Aliasing Agent
NIMS also provides an Aliasing Agent which allows a network administrator to configure one or more user aliases for a single NDS eDirectory User object. With NIMS, the user account information is pulled directly from NDS and the aliases are generated automatically.
For example, when an administrator sets up a system, the Alias Agent can be used to generate names in the form "FirstName.LastName". To the outside world, e-mail addresses for users within your entire organization appear as FirstName.LastName@YourDomain.com. Of course, NDSLogin@YourDomain.com is also a valid address. However, users still authenticate to the messaging system using their regular NDS login names. There is no confusion to the end-user and, more importantly, no additional work for the administrator in creating a manual alias for every user.
The formats automatically provided by the Aliasing Agent are:
FirstName_LastName@domain.com (bob_smith@domain.com)
FirstInitialLastName@domain.com (bsmith@domain.com)
FirstName.LastName@domain.com (bob.smith@domain.com)
FirstName.MI.LastName@domain.com (bob.w.smith@domain.com)
FirstName_MI_LastName@domain.com (bob_w_smith@domain.com)
In addition to these automatic alias formats, an administrator may also manually create e-mail aliases for any user. For example, feedback@domain.com can be an alias of any particular NDS User or supported object.
Address Book Agent
The Address Book Agent provides an LDAP server for resolving address lookups against NDS eDirectory. It runs a lookup against NDS, searching for users matching the LDAP search criteria. The agent is capable of answering requests at such a high rate that it is possible to use it with the address type-ahead feature of many popular e-mail clients.
The agent can also be configured to automatically create a publicly accessible LDIF file of all user information (except information or accounts protected by the NIMS privacy settings).
AntiSpam Agent
The AntiSpam Agent allows blocking and returning of unwanted e-mail. The agent can be configured to reject all e-mail from given domains and specified e-mail addresses.
Forward/AutoReply Agent
The Forward/AutoReply Agent allows e-mail to be automatically forwarded to other e-mail addresses, as well as providing automatic reply to all incoming e-mail. A user may specify a custom auto-reply message that is returned to senders of all incoming e-mail, and one or more addresses to which messages should be forwarded. The forwarding feature can also deliver SMS messages to cellular phones and pagers, while still delivering the same message to a user's mailbox.
Custom Agents
For customers requiring customization beyond what is already provided for WebMail, Novell Consulting Services offers services to modify WebMail to fill these needs.
One popular service that has already been developed for NIMS is an automatic sign-up agent to create NDS eDirectory user accounts. Due to the many considerations involved with sign-up agent usage (for example, credit card authorization methods, amount of personal data required, NDS eDirectory structure, and so on), a custom sign-up agent is available only via Novell Consulting Services.
Distributing NIMS Across Multiple Systems
Traditional e-mail systems are bound to a single server, running all services required for a messaging system on that server. For basic installations, NIMS can be installed and operated in this mode (see Figure 1).
Figure 1: A simple installation of NIMS.
NIMS shows its full power when operating in "distributed" mode. In this mode, various NIMS agents are running on various servers and NMAP becomes the means to communicate between agents distributed across the various servers (see Figure 2).
Figure 2: NIMS installed as a distributed system.
Advantages of the Distributed System
There are several advantages to running NIMS in a distributed configuration. It allows for redundancy by providing certain services on multiple servers. If a particular server goes down, users can still use the alternate server(s). Also, it is possible to provide round-robin DNS entries for redundant servers in order to distribute the workload evenly between servers.
The distributed design allows a NIMS installation to grow with the customer's requirements, starting out as a single server installation and later, when the workload increases, going distributed without reinstalling or losing any of the configuration information.
Licensing and Platform Issues
NIMS is licensed on a per-mailbox basis rather than on a CPU or platform basis. When moving from single to distributed mode, you need not purchase additional licenses or copies of NIMS, as long as you do not exceed the total number of licensed mailboxes.
It is also permissible to configure NIMS in a mixed environment as a single distributed system, running some agents on NetWare and some on Solaris and Linux. There is no need to purchase a NIMS version for any particular operating system or combination of operating systems. NIMS ships with versions for all supported operating systems on the same medium.
Conclusion
This AppNote has introduced NIMS and highlighted some of the features and benefits of using this powerful e-mail package from Novell. If you are considering an Internet standards-based messaging system, NIMS should be at the top of your list.
For Further Information
For up-to-date information about enhancements and updates, check TID 2951356 at http://support.novell.com/.
There is also a third-party site at http://www.nimsinfo.com/ which provides a FAQ and several NIMS-related mailing lists.
Supported Standards
The table on the following page lists the standards that are supported by NIMS.
|
RFC Number
|
Title
|
Applies To
|
|
821 |
Simple Mail Transfer Protocol (SMTP) |
SMTP Agent |
|
822 |
ARPA Message Format |
All agents |
|
1123 |
Requirements for Internet Hosts |
All agents |
|
1157 |
Simple Network Management Protocol (SNMP) |
All agents |
|
1213 |
SNMP Management Information Base (MIB) |
All agents |
|
1215 |
SNMP Trap Conventions |
All agents |
|
1426 |
8-bit SMTP Transport |
SMTP Agent |
|
1456 |
Vietnamese Character Message Encoding |
WebMail Agent |
|
1468 |
Japanese Character Message Encoding |
WebMail Agent |
|
1777 |
Lightweight Directory Access Protocol (LDAP) |
Address Book Agent |
|
1869 |
SMTP Extension Syntax |
SMTP Agent |
|
1870 |
SMTP Size Extension |
SMTP Agent |
|
1891 |
SMTP Delivery Status Notifications |
SMTP Agent |
|
1922 |
Chinese Character Message Encoding |
WebMail Agent |
|
1939 |
Post Office Protocol Version 3 (POP3) |
POP Agent |
|
1985 |
SMTP Remote Message Queue Starting |
SMTP Agent |
|
2045 |
Multipurpose Internet Mail Extensions (MIME) |
All agents |
|
2046 |
MIME Part II |
All agents |
|
2047 |
MIME Part III |
All agents |
|
2060 |
Internet Message Access Protocol (IMAP4 rev 1) |
IMAP Agent |
|
2195 |
POP3/IMAP4 Authentication Command |
POP Agent, IMAP Agent |
|
2197 |
SMTP Command Pipelining |
SMTP Agent |
|
2231 |
MIME Charsets, Languages, and Continuations |
All agents |
|
2279 |
Unicode Transformation Format (UTF-8) |
WebMail Agent |
|
2311 |
Secure MIME (S/MIME) |
SMTP Agent, POP Agent, IMAP Agent |
|
2449 |
POP3 Extension Mechanism |
POP Agent |
|
SSL |
Secure Sockets Layer |
SMTP Agent, POP Agent, IMAP Agent,WebMail Agent, WebAdmin |
|
PKCS 1-12 |
Public-Key Cryptography Standards |
SMTP Agent, POP Agent, IMAP Agent,WebMail Agent, WebAdmin |
|
X.509 v3 |
Client Certificates |
SMTP Agent, POP Agent, IMAP Agent,WebMail Agent, WebAdmin |
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.