IBM Support

Configuring MSF/SMTP on the IBM i

Technote (troubleshooting)


Problem(Abstract)

This document explains how to configure MSF/SMTP on the IBM i for sending e-mails. It also includes configuring the IBM i to use the native command SNDDST to send to Internet addresses.

Resolving the problem

This document explains how to configure MSF/SMTP on the IBM i for sending e-mails. It also includes configuring the IBM i to use the native command SNDDST to send to Internet addresses.

Refer to the IBM Redbooks publication, AS/400 Electronic-Mail Capabilities (SG24-4703-00), for information on IBM i SMTP Server e-mail.

Forwarding Internet Mail

Refer to pages 188 and 189 of the AS/400 Electronic-Mail Capabilities Redbooks publication.

For additional rules for the SNDDST subject line, refer to page 198.

Restricting Mail Relay and Spamming

Refer to the online Help Text for Mail Relay settings with IBM iSeries Navigator SMTP properties. It is not recommended that you leave this setting at *ALL, but instead should consider your environment and set this accordingly so that your system cannot be used for relaying by anyone not within your company.


Configuring SMTP

The following information is required to configure SMTP/POP on the operating system:

1. Are you using a filtering firewall or a mail relay? If so, what is the TCP/IP address of the firewall or mail relay?

Examples:

o Filtering Firewall Example:

Linux Firewall or Cisco PIX with SMTP Port 25 TCP Open and DNS Port 53 UDP/TCP Open. NAT is being used.

o Mail Relay Firewall Example:

IBM SecureWay Firewall. The SMTP and DNS conversations are made directly with the mail relay on the firewall.

The firewall or mail server makes a separate connection to an SMTP Server on the Internet.
2. Do you manage your own DNS Servers or does your ISP manage your DNS?

What are the TCP/IP Addresses of the DNS Servers?

Example:

192.168.1.254
192.168.2.154
If you are not specifying a mailrouter or forwarding mailhub (in versions 61 and 71) you must provide DNS servers if sending mail to domains not included in your local host table on the iSeries.
3. What is the SMTP Domain Name that the operating system will service mail for?

Note: You may receive mail if you attempt to send mail because your undeliverables may be returned to the originator.

Example:

company.com
4. What interface and associated TCP/IP address will be used to receive mail on the operating system? If you are not going to be receiving mail on this iSeries, you will not have to determine this TCP/IP address.

Example:

192.168.1.5
To configure SMTP, you should do the following:

Step 1: Configure the Mail Domain.
a. From an operating system command line, type the following:

CFGTCP

Press the Enter key.
b. Select Option 12.
c. Fill in the following parameters for your system. As an example:

Host name server1
Domain name company.com
Host name search priority *LOCAL
Domain name server:
Internet Address 192.168.1.254
192.168.2.154

This is a picture of the CHGTCPDMN screen where you will input the above data.

Step 2: If you are going to receive mail for an SMTP Domain, do the following steps. If you are not going to be receiving mail on the iSeries, you can bypass these steps.

The IBM Power Systems will receive mail for SMTP Domains that are associated with a Power Systems TCP/IP Interface; for example, you want to have the Power Systems accept mail for the SMTP Domain company.com.
a. From an operating system command line, type the following:

CFGTCP

Press the Enter key.
b. If you are going to resolve the receiving mail domain from the local host table select Option 10.
c. Select Option 1=Add to add the 192.168.1.5 TCP/IP address.
d. Define the SMTP Domain that the SMTP Mail Server will accept mail for. For example, the SMTP Domain equals company.com. Define the fully-qualified Domain Name of the Mail Server. Associate both the SMTP Domain and the fully-qualified Domain Name (type CFGTCP and select Option 12; the Domain Name is concatenated onto the Host Name).

Note: If you want to receive mail for a second SMTP Domain that is named mail2.company.com, then mail2.company.com would also be associated with the Interface 192.168.1.5.

This picture contains the CFGTCP Option 10 screen to add the local host table entries.

Step 3: If you are going to use SNDDST to send mail to an Internet address, you must add a context addressing directory entry ( WRKDIRE) of INTERNET SMTPRTE.
a. Does the following directory entry exist?

User ID: INTERNET
Address: SMTPRTE

To determine if the directory entry INTERNET SMTPRTE exists, do the following:

1. Issue the WRKDIRE command.
2. Press F19 (Shift F7).
3. The Position to parameter appears.
4. Type INTERNET.
5. Press the Enter key.

If an entry exists for INTERNET SMTPRTE with the USRID(INTERNET SMTPRTE), USRD('UserID to send to Internet'), SYSNAME(INTERNET)USER, and PREFADR(NETUSRID *IBM ATCONTXT), skip to Step 4. Otherwise, if INTERNET SMTPRTE is not an entry in the System Distribution Directory (WRKDIRE), go to Step 3b.
b. Add the directory entry INTERNET SMTPRTE EXACTLY as below.
Issue the following command with the parameters shown:

ADDDIRE USRID(INTERNET SMTPRTE) USRD('UserID to send to Internet') USER(*NONE) SYSNAME(INTERNET) PREFADR(NETUSRID *IBM ATCONTXT)

This is an example of the ADDDIRE command,

Step 4: Configure the route to SMTP gateway parameters named User ID and Address.
a. On an operating system command line, type the following:

CHGDSTA

Press F4 to prompt.
b. Fill in the User ID and Address parameters under Route to SMTP gateway.


This is a picture of the CHGDSTA screen.

Step 5: Configuring or not configuring a mail relay -- you must determine if you are going to use a mail relay.
*note Starting at 720 and above there is a new parameter for Directory Type, this document describes the legacy SMTP *SDD. Be sure you have this setting by issuing the command CHGSMTPA DIRTYPE(*SDD)

The Power Systems is configured in CFGTCP Option 10 to accept mail for company.com. What happens with mail destined for all other domains that are not company.com? Two scenarios exist:

Scenario 1: Filtering Firewall

Example:

Linux Firewall
Cisco PIX Firewall
IBM Nways Router

A filtering firewall allows Port 25 SMTP Traffic to pass through the firewall. Typically, some form of NAT (Network Address Translation) is also configured.

Scenario 2: Mail Relay Firewall

Example:

IBM AIX Secure Way Firewall
Check Point Firewall

A mail relay firewall has SMTP code that listens for inbound mail and accepts the mail. This inbound connection is closed and then the SMTP code on the firewall makes a new connection with the destination Internet mail server or firewall.

Power Systems => connection 1 => AIX Secure Way Firewall => connection 2 => Internet Mail Server

Two separate SMTP connections are made. The initial connection (connection 1) is between the Power Systems SMTP and the SMTP code residing on the AIX secure way firewall. After the AIX firewall receives the e-mail, the SMTP connection is closed. Then the SMTP code on the AIX secure way firewall opens a separate SMTP conversation (connection 2) to the Internet mail server.
a. Configure the parameters for retries by minute, retries by day, and retries by hour by issuing the following command:

CHGSMTPA

Press F4 to prompt.
b. Retries by minute:
Number of retries 3
Time interval 1
Retries by day:
Number of retries 0
Time interval 0
Retries by hour:
Number of retries 0
Time interval 0

This is a picture of the CHGSMTPA screen.
c. Page down.

If a mail relay firewall is being used, proceed to Step 6.
If a filtering firewall is being used, do not perform Step 6. Instead, proceed to Step 7.

Step 6: Using a Mail Relay Firewall (Scenario 2: Mail Relay Firewall)

Configuring the Mail Router parameter and the Firewall parameter to *Yes tells the SMTP server to send all mail that is not for domain company.com to the mail relay named mailrelay.
a. Configure the Mail Router = mailrelay and set Firewall to *YES.
b. If you are on version V6R1M0 or above, ALSO configure the Forwarding mailhub server = mailrelay

This is an example of adding a mail router to SMTP attributes.
c. If you are on release 6.1 or above the mailhub or mailrelay address will be resolved first with MX records within a DNS. If you do not have DNS with this information you must add a local host table entry for that name (the following steps describe what is needed if
that is necessary).
On an operating system command line, type the following:

CFGTCP

Press the Enter key.
Select Option 10.

This is an example of the local host table setting of the mail router address.

Step 7: If you do not want to use a mail relay (mailhub) when sending mail:

SMTP (Port 25) TCP traffic is allowed inbound and outbound must be allowed through the firewall if one exists. The SMTP code on the Power Systems performs DNS lookups to the DNS server for the ISP. DNS (Port 53) UDP/TCP traffic is allowed to flow inbound and outbound to the DNS Server for the ISP.
a. Configure the Mail router parameter.
Mail router = *NONE
b. Configure the Firewall parameters.
Firewall = *NO

This picture shows the SMTP properties.
c. Press the Enter key.

Step 8: If you are RECEIVING mail configure the Mail Accounts for a user.

Create a mailbox for user1.

Note: User1 must already have user profile ( CRTUSRPRF).
a. On an operating system command line, type the following:

DSPNETA

Press the Enter key. Look at the system name defined in the Current system name parameter. For illustration purposes, assume that the system name is SystemA.
b. On an operating system command line, type the following:

WRKDIRE

Press the Enter key.
c. Select 1=Add to create a directory entry as shown below:

Work with Directory Entries

Type options, press Enter.
1=Add 2=Change 4=Remove 5=Display details 6=Print details
7=Rename 8=Assign different ID to description 9=Add another description

Opt User ID Address Description
1 USER1 SYSTEMA
d. Press the Enter key.
e. Fill in the following:
User ID/Address: USER1 SYSTEMA
Description: This is the Directory Entry for User1
System name/Group: SYSTEMA

This is an example of a directory entry for pop user.
f. Page down three times to the parameters Mail service level and Preferred address.
g. For a POP Mailbox, configure Mail service level = 2.
h. Specify Preferred address = 3.


This is an example of the directory settings for the pop mail user.
i. Press F19. F19 takes you to the CHGSMTPA screen, where the SMTP address is configured for user1.
j. SMTP user ID = user1
k. SMTP domain = company.com

This is an SMTP alias example.

Step 9: Ensure that MSF and the SMTP servers are active.
a. Issue the WRKACTJOB SBS(QSYSWRK) command.
b. Ensure that the MSF jobs are active.

This picture shows the QMSF jobs in QSYSWRK.
c. The MSF job logs should not contain diagnostic or escape messages.

This picture shows the QMSF job log.
d. Ensure that the SMTP servers are active in subsystem QSYSWRK. Issue the following command:

NETSTAT

Select Option 3. If the SMTP server started correctly you will see the SMTP server in LISTEN status.
Step 10: Use SNDDST to send an e-mail to user1@company.com.

This is a SNDDST example of sending e-mail.

a. Page down.

This is a SNDDST example of sending e-mail.
b. Press the Enter key.

Note: Send distribution completed successfully only means that the SNDDST command passed the e-mail to MSF. This has nothing to do with whether the recipient received the message.


Step 11: The mail message should reside in '/qtcptmm/mail/user1' if the domain resolves to the iSeries IP. If you are sending mail to an outside e-mail server, you will not find the mail on the iSeries.
a. Issue the WRKLNK '/QTCPTMM/MAIL' command.
b. Press the Enter key.
c. Type 5 Display next to the MAIL Object Link.

This picture shows the pop mailboxes.
d. Type 5 next to USER1 Object Link to look at the messages in the mailbox of USER1.

This is an example of pop mailboxes for users.

Step 12: View the e-mail. Type the following EDTF command to view the message:

EDTF '/QTCPTMM/MAIL/USER1/JW175980.NOT'

This is an example of items in users pop mailbox.


Helpful Hints:
o If you have two separate mail server platforms that are not serviced by a common global address book, for example, OS/400 SMTP on one system and SendMail on an IBM RISC System/6000, the mail domains should be different, meaning that CFGTCP Option 12 Domain should be different if you have two separate mail servers handling SMTP Mail. Two mail servers cannot be serviced by a single MX record if no global name and address book (like in IBM Domino) exists to correlate which mail server the mail user resides on. IBM would be able to assist with this scenario under a consulting agreement.
o IBM i family SMTP will receive mail for any domains that are associated with an active interface on the i family Platform. These domains are associated with the i family Server TCP/IP Interfaces in CFGTCP Option 10.

10.10.10.1 company.com
secondcompany.com
thirdcompany.com

i family SMTP will receive mail for Domains company.com, secondcompany.com, and thirdcompany.com.

Note: When i family SMTP is configured correctly and the latest SMTP code is applied for MSF, SMTP, and POP, inbound e-mail issues will most likely be related to issues external to i family SMTP. Issues can exist with either the firewall configuration or DNS MX and A Record configuration. IBM can assist with this complex mail scenario under a consulting agreement.
o Support provides assistance to specific SMTP Questions.


Cross reference information
Segment Product Component Platform Version Edition
Operating System IBM i 7.1
Operating System IBM i 6.1
Operating System IBM i 7.3
Operating System IBM i 7.2

Historical Number

21111802

Document information

More support for: IBM i
Communications-TCP

Software version: 6.1, 6.1.0, 6.1.1, 7.1, 7.1.0, 7.2, 7.2.0, 7.3

Operating system(s): IBM i

Reference #: N1017620

Modified date: 12 December 2012


Translate this page: