Last Update: 10-FEB-2011
Operating System: OpenVMS
Component: PMDF Shared Library
Base Level Required: PMDF V6.5
Other Requirements: tcp_smtp_server.exe
Platform Subdirectory File(s) to download
-------- ------------ --------------------
OpenVMS Alpha [.VMS.ALPHA_EXE] PMDFSHR_SMTP.ZIP
OpenVMS I64 [.VMS.IA64_EXE] PMDFSHR_SMTP.ZIP
OpenVMS VAX [.VMS.VAX_EXE] PMDFSHR_SMTP.ZIP
General info
------------
You will need to have a License PAK with a release date after the date of
PMDFSHR.EXE or libpmdf.so to run PMDF. Note that this may apply to other
images as well.
Patches may be obtained from the anonymous FTP account on
ftp.pmdf.process.com. Use FTP to connect to the host ftp.pmdf.process.com
and login as the user anonymous. Use your e-mail address as the login
password.
Move to the pmdf_65_patches subdirectory:
ftp> cd pmdf_65_patches
Patches will be located in platform-specific sub-trees, as follows:
Platform Subdirectory
-------- ------------
OpenVMS vms
When FTPing images, be sure to FTP them as binary. Before retrieving
such an image with the GET command, be sure to put your FTP into binary
mode with a command such as TYPE IMAGE or TYPE BINARY.
Change history
---------------
IMPORTANT: Starting with ident V6.5-x5, PMDFSHR.EXE *requires* an updated
tcp_smtp_server image (due to a previous change for PMAS support). If
libpmdf.so is installed without the updated tcp_smtp_server, crashes will
result.
10-FEB-2011 (ident V6.5-x6)
** IMPORTANT **
Fixed a security vulnerability with the SMTP, POP, and IMAP protocols when
TLS is used. (d/e 11113)
Addresses the STARTTLS vulnerability in CERT bulletin CVE-2011-0411
(see http://www.kb.cert.org/vuls/id/555316).
9-DEC-2010 (ident V6.5-x5)
Added code to prevent infinite loops of inline directory channel lookups.
Once the maximum (10 iterations) is reached, the message will be enqueued to
the directory channel itself for further processing. (D/E 9761)
9-DEC-2010 (ident V6.5-x5)
Channel keyword 'addlineaddrs' is available to modify the behavior of mail
sent through PMDF using VMS MAIL. By default, messages sent from VMS MAIL
through PMDF will only show those addresses that were processed by PMDF on
the 'To' and 'CC' headers. By specifying the 'addlineaddrs' keyword on the
'defaults' or 'l' channel on your VMS PMDF system, messages sent from VMS
MAIL through PMDF will contain all addresses in the 'to' and 'cc' headers.
(D/E 7008)
25-JUN-2010 (ident V6.5-x2)
Fixed a problem with the parsing of ranges in patterns in mapping table
entries, for example $[A-Z]. (D/E 11034)
25-JUN-2010 (ident V6.5-x2)
Added support to the POPPROXY authentication source in the SECURITY.CNF file
for using TLS, and for specifying more than one server. To use multiple
servers, specify up to three comma-separated server:port pairs on the SERVER
option in the [AUTH_SOURCE=POPPROXY] section. To use TLS, add to the
[AUTH_SOURCE=POPPROXY] section TLS_MODE=1. It will use port 995 as the
default if no port is specified with the server name(s). Note that the port
specified must be a dedicated TLS port as POPPROXY will not do STARTTLS to
the stardard POP port. (D/E 10904)
Installation
------------
OpenVMS
Before installing a new PMDFSHR.EXE, issue the following command:
$ PMDF SHUTDOWN DISPATCHER
Failure to issue the above command could result in the current
processes not recognizing commands (i.e., RESTART and SHUTDOWN) with
the new PMDFSHR.EXE in place.
Download the PMDFSHR_SMTP.ZIP file. Use UNZIP to unpack the file
into files PMDFSHR.EXE and TCP_SMTP_SERVER.EXE.
PMDFSHR.EXE needs to be copied to the PMDF_EXE: directory and then
installed with the command:
$ INSTALL REPLACE PMDF_SHARE_LIBRARY
on all members of the OpenVMS cluster running out of the affected PMDF
directory tree.
TCP_SMTP_SERVER.EXE needs to be copied into the PMDF_EXE: directory.
In some cases new versions of PMDFSHR.EXE may alter the format of
compiled configurations. When this happens recompilation and
reinstallation are also necessary:
$ PMDF CNBUILD
$ INSTALL REPLACE PMDF_CONFIG_DATA
The first command need only be done once for each hardware (VAX, Alpha,
and I64); the latter must be done on every cluster member that runs
PMDF. Failure to recompile and install the configuration after
installing new versions of PMDFSHR.EXE may lead to "compiled
configuration version mismatch" errors.
Next, be sure to start the dispatcher by issuing the following command:
$ PMDF STARTUP DISPATCHER
Sites running in PMDF-MR TS Replacement mode (mrif_* channels) should
remember to stop and then start their allin1 senders/fetchers processes
after putting the new image (and recompiling the configuration as
needed) into place.