This section lists the new features and feature enhancements released in Messaging Server 8.1 and patch sets.

• Support for Oracle Linux 9 (Patch Set 27)

• FIPS support for Oracle Linux 9 (Patch Set 27)

• Support for NSS 3.101 (Patch Set 27)

• Support for New Indexing and Search Engine (Patch Set 27)

• Support for Storing BadGuy in Memcached Server (Patch Set 4)

• Additional Event Notification Types (Patch Set 2)

• Migrating of Mailboxes from Microsoft Exchange Server to Oracle Messaging Server (Patch Set 2)

• Support for Non-Root Users to Run Messaging Server on Linux (Patch Set 1)

• Support for Domain Keys Identified Mail (DKIM) (Patch Set 1)

• Support for Solaris 11.4

• Support for Oracle Linux 7 and 8

• Support for Packages Instead of commpkg

• Store Transaction Logging

• Recipe-Based Initial Configuration Has Been Implemented

• Routing-only MTA Initial Configuration (without LDAP) Has Been Implemented

• JMS support for ENS

• Support for TLS 1.3

• Monitoring Using msstatbot Tool

• Login User Name and Password Normalization

• Login User Name and Password Normalization

• Enhanced "foreverypart" Sieve Extension

• Alarm Submit Default Port Has Been Changed

• IMAP Email Address Internationalization

• Support for UTF-8 User Names, email addresses, and Domains

• New IMAP Capabilities Have Been Added

• New Milter Actions Added to the MILTER_ACTIONS Mapping

• Support for File Carbon Copy

• include_retries MTA Option Added to the Mapping

• Sieve Vacation Extension Has Been Enhanced

• Mapping Template Has Been Enhanced

• DEQUEUE_ACCESS Mapping Has Been Implemented

• Support for New Parameters Added to the XCLIENT SMTP Command

• Support for Statefile Added to msconfig Utility

• nextif Added to the Sieve and Recipe Language

• get_msconfig_info Added to the Recipe Language

• SHA-2 Hash Functions Added to the Recipe Language

• msconfig SET Command Enhanced

• Support for XCONVTAG SMTP Extension

• New Flags Added to the AUTH_ACCESS Mapping

• Activating Spam Filter Has Been Enhanced

• REPROCESS_TIMEOUT and REPROCESS_CONNECT_TIMEOUT Options Added to Milter Configuration Files

• A "$S Flag Is Used in the LOG_ACTION Mapping

• Enabling the XBCC SUBMIT Extension

• AUTH_DEACCESS Mapping Has Been Implemented

• ALIAS_DESCRIPTION Alias Option Has Been Added

• New Options for SMTP and LMTP Channels Has Been Implemented

• --dryrun Option Has Been Added to msconfig Command

• log_remote_option Has Been Added

• Support for the JSON Format

• include_domain Option Has Been Added to msconfig Command

• id MTA Option Has Been Added

• interfaceaddress Source Channel Option Has Been Enhanced

• New Option Has Been Added

• Additional Bit Flag Has Been Implemented for MTA

• Additional Virtual Channel Support in MTA

• $< and $> Metacharacters Are Used in the AUTH_REWRITE Mapping

• Additional MTA Option

• Controlling the Prefix Generation on MTA-generated syslog Messages

• processnestedmessages and retainnestedmessages Options Have Been Added

Messaging Server supports Oracle Linux 9 operating system.

Messaging Server supports Federal Information Processing Standards on Oracle Linux 9 with NSS 3.101 available as part of operating system libraries.

Messaging Server uses the open-source Mozilla Network Security Services library to provide SSL/TLS functionality. This release updates to Version 3.101.

Messaging Server supports OpenSearch as an index and search service for use with the Classic message store. Support for index search using Cassandra message store is removed.

Starting with Messaging Server 8.1.0.4.0, storing BadGuy details in memcached server is supported. You must install memcached server to store BadGuy details.

For more information, see Messaging Server Security Guide.

Starting with Messaging Server 8.1.0.2.0, the following Event Notification Types are supported along with the existing types:

• Copy

• ExpungeMsg

• MsgFlags

• AnnotateMsg

For more information, see Messaging Server System Administrator's Guide.

Starting with Messaging Server 8.1.0.2.0, a utility to migrate mailboxes from Microsoft Exchange Server to Oracle Communications Messaging Server is included.

For more information, see the discussion about migrating mailboxes from Microsoft Exchange Server to Oracle Communications Messaging Server (Doc ID 2632831.1) on the My Oracle Support Web site:

https://support.oracle.com/portal/

Starting with Messaging Server 8.1.0.1.0, non-root users can run Messaging Server with RBAC privileges on Linux.

For more information, see Messaging Server Security Guide.

Starting with Messaging Server 8.1.0.1.0, Domain Keys Identified Mail (DKIM) is supported. By using DKIM, email senders generate public and private key pairs. The public key is published to DNS records, and the matching private keys are stored in a sender's outbound email servers.

For more information, see the discussion about DKIM (Doc ID 2681977.1) on the My Oracle Support Web site: https://support.oracle.com/portal/.

Messaging Server now supports Solaris 11.4.

Messaging Server supports Oracle Linux 7 and 8 operating systems.

Starting with Messaging Server 8.1.0, commpkg is no longer used to install/uninstall the Messaging Server. Instead, Messaging Server is distributed as a package that can be directly installed or uninstalled with the rpm tool on Linux and the pkgadd/pkgrm tools on Solaris.

Note that legacy package commands like pkginfo, pkgadd, and pkgrm are not available in Solaris 11.4 OS. Please contact Oracle to install the necessary Oracle Solaris packages.

Store transaction logging is now enabled by default. To restore the previous default behavior, set the messagetrace.activate option to no.

Starting with Messaging Server 8.1.0, the init-config command (also known as configure) supports recipe-based initial configuration. In this mode of operation, a minimal configuration is generated and then special msconfig recipe files are run to configure individual server roles. For more information on init-config, see the Messaging Server Reference Guide. The examples section gives example usage for common roles.

Starting with Messaging Server 8.1.0, the init-config command can generate an initial configuration for a routing-only MTA that does not require use of LDAP. Although the MTA has always supported operation without LDAP, this makes it simpler to configure such an MTA. You can use the init-config -r mta command to generate an initial MTA configuration for this function.

Messaging Server events can now use the bundled JMS ENS provider (ens-jms.jar). The Glassfish MQ JMS provider is no longer supported for use with Messaging Server.

Messaging Server now supports TLS version 1.3 (RFC 8446) and is enabled by default.

Messaging Server now uses msstatbot tool to perform basic administrative tasks, and monitor cluster health. See Messaging Server System Administrator's Guide for more information on the msstatbot tool.

Login user names and passwords are now normalized to Unicode normalization form C. This is a conservative subset of the behavior recommended in RFC 8265. In addition, login user names containing a domain with an IDN A-label (RFC 5890) are canonicalized to IDN U-labels. As a result, non-ASCII user and domain names in LDAP must be provisioned in Network Unicode (RFC 5198). If user or domain names were previously provisioned in decomposed Unicode or IDN A-labels, the LDAP directory must be updated prior to deploying this release.

It is now possible to control whether or not the "foreverypart" Sieve extension looks inside of nested messages or treats them as leaf parts. The ":processnestedmesssages" argument tells "foreverypart" to look inside and is the default. The ":retainnestedmessages" argument causes nested messages to be treated as leaf parts.

Starting with Messaging Server 8.1.0, the default value of the alarm.noticeport option has been changed to 587.

The IMAP server now advertises and implements IMAP Support for UTF-8 (RFC 6855). This means that email messages conforming to RFC 6532 can now be delivered to the message store if permitted by use of the utf8negotiate, utf8header, or utf8strict channel keyword.

However, once these messages are in the message store they will be presented undamaged to legacy IMAP and POP clients (note that this behavior is not fully compliant with RFC 6855 but we believe this behavior is least likely to cause problems in the long run). It's possible legacy clients will have problems displaying these messages and likely legacy clients will be unable to reply to these messages. Sites choosing to allow EAI may wish to either create support materials explaining the issue or wait until significant clients have been upgraded.

Note that IMAP APPEND has no restrictions on use of UTF-8 header mail messages. This is necessary to avoid surprises when migrating mail from other systems to our message store.

The behavior of IMAP APPEND has changed with this feature: any line containing 8-bit characters in an email header that does not conform to either RFC 2047 or RFC 6855 will cause a blank line to be insertted prior to that line so it is treated as part of the message body.

Messaging Server now supports use of UTF-8 in user names, email addresses, and domains. When provisioning UTF-8 domains, be sure to store the U-label form in LDAP as described in RFC 5890. While Messaging Server supports this type of internationalization, be aware that supporting systems outside of Messaging Server (e.g., identity services, provisioning services, monitoring, and logging services) may not provide a similar level of support. Customers are encouraged to consider the consequences of deploying fully internationalized user and domain identifiers on systems external to Messaging Server prior to doing so. Reading the discussion of the provisioning considerations related to such identifiers in section 3.2 of RFC 5894 is recommended.

Note that use of Net Unicode as described in RFC 5198 is required for these identifiers. In particular, this requires use of Unicode normalization form C when transmitting Unicode text on the Internet and applies to these identifiers in LDAP, IMAP, and SMTP.

The IMAP server now supports URL-PARTIAL (RFC 5550) and STATUS=SIZE (RFC 8438) capabilities. See Supported Standards for a full list of IMAP capabilities.

The ADDHEADER and INSHEADER milter modification actions has been added to the MILTER_ACTIONS mapping table.

The File Carbon Copy (Fcc) is now supported for sieve extension.

A include_retries MTA option has been added which provides the means to include message retry information in various mappings.

A :noheadercheck nonpositional parameter has been added to the Sieve vacation extension. If specified, it suppresses the checks for List-*: intended to prevent vacation replies from being sent to mailing lists.

A construct of the form $?a,b,c,... can now be used in a mapping template to perform random value selection.

A DEQUEUE_ACCESS mapping has been implemented.

Support has been added for the DESTADDR and DESTPORT parameters to the XCLIENT SMTP command.

Statefile support has been added to the msconfig utility, consisting of:

• A --statefile switch on the msconfig command line which is used to specify the path to the statefile to be read/updated. All statefile support is disabled if --statefile is not specified.

• The read function in the recipe language now accepts a third string paramater specifying the name of a statefile variable. The variable will be used if present or will be updated with any value that's entered.

• Three new recipe language functions have been added: exists_statefile, get_statefile, set_statefile, and delete_statefile. These functions can be used to get, set, and delete statefile variables, respectively.

• The msconfig write command has been extended to update the statefile in addition to writing out any new configuration information.

A nextif statement has been added to the Sieve and Recipe language loop facility.

A new function, get_msconfig_info, has been added to the Recipe language. It can be used to return various pieces of information about the msconfig utility itself.

Support for the SHA-2 family hash functions SHA-256 and SHA-512 has been added to the hash and hash_hmac functions in the Recipe and Sieve languages.

The msconfig SET command now allows the C-style backslash sequences \r (carriage return), \n (line feed), \t (tab), and \uNNNN (Unicode character, must specify exactly 4 hexadecimal digits) in option values.

The flagtransfer channel option now enables the use of a new XCONVTAG SMTP extension. This extension is used to pass along conversion tag information.

In this release, following new flags have been added to the AUTH_ACCESS mapping:

• A $S flag is set on input in the AUTH_ACCESS mapping if a connection to the destination for this message is already open and is going to be reused.

• A $+R flag can now be used in the AUTH_ACCESS mapping to specify an alternate ALLOW_TRANSACTIONS_PER_SESSION TCP/IP channel-specific option value for the current message. Note that using the value to force the current session to terminate will cause the setting to return to the default ALLOW_TRANSACTIONS_PER_SESSION value.

• A $V flag can now be used in the AUTH_ACCESS to specify a skip count to be encoded in the queue file name of the current message. This flag is specifically intended for use by smartsendauth_access callout.

• A $+. flag can now be used in the AUTH_ACCESS mapping to specify the host name to use in any HELO, EHLO, or LHDO commands that are issued.

• A $n flag can now be used in the AUTH_ACCESS mapping to signal a temporary failure for the current message and cause it to be tried again later. Note that $N is used to permanently fail the current recipient.

• A $( flag can now be used in the AUTH_ACCESS mapping to provide a value overriding the MAX_MX_RECORDS TCP/IP-channel-specific option.

• A $+% flag can now be used in the AUTH_ACCESS mapping to specify an override backoff time that will be used if the delivery attempt fails.

Previously the $+R sequence in FROM_ACCESS and recipient access mappings was only capable of activating a single spam filter, using the syntax "$+Rnumber|optin-string". It now accepts an additional syntax, "$+Rn1,s1,n2,s2..." that can be used to activate multiple spam filters (n1, n2 ...), each with an associated option string (s1, s2 ...).

Two new options, REPROCESS_TIMEOUT and REPROCESS_CONNECT_TIMEOUT, have been added to milter configuration files. These option allow a different and usually longer timeout to be set when the milter is invoked during a reprocessing operation (and thus no SMTP/SUBMIT client is present).

The "$S" input flag is now set for the LOG_ACTION mapping if the current log entry is going to be written to the log file, and clear if it is not.

The new bccserver channel option, when placed on a SUBMIT server channel, enables the XBCC SUBMIT extension which can be used by clients to generate separate blind carbon responses with a single transaction. By default, the nobccserver option is disabled.

A new AUTH_DEACCESSS mapping table has been implemented. This mapping forms a pair with the AUTH_ACCESS mapping table and is intended to be used to release resources allocated by the AUTH_ACCESS mapping. More specifically, AUTH_ACCESS can now be used to allocate some connection-related resource, which can then be used by one or more connections used to deliver the current and possibly subsequent messages. The AUTH_DEACCESSS mapping is called when the last connection is finally closed. The mappings communicate through the use of a deaccess parameter string, which is set by the new "$," flag in the AUTH_ACCESS mapping.

You can now use the following options for SMTP and LMTP channels:

• A new TIMEOUT_MULTIPLIER TCP/IP channel-specific option has been implemented for SMTP and LMTP channels. This option is used to change the units of the various timeout parameters from the default of minutes to seconds, allowing for shorter timeouts with finer granularity.

• A new BANNER_RECEIVE_TIME TCP/IP-channel-specific option has been added. This new option specifies the amount of time the SMTP/LMTP client will wait to receive the initial banner from the SMTP/LMTP server. The default value for this option is 2 minutes. Prior to this option being available, the timeout to receive the banner was controlled by the STATUS_MAIL_RECEIVE_TIME TCP/IP-channel-specific option, which defaulted to 10 minutes.

You can now specify --dryrun on the msconfig command line to turn off automatic configuration writes and if the configuration has been modified will cause msconfig to exit with an error (EX_CONFIG).

You can use the log_remote_mta option to control the generation of a separate logging field for remote MTA information.

MTA connection and transaction logs can now be written in JSON format. JSON format is enabled by setting the log_format MTA option to 5. When the setting is done, each line of the resulting log file consists of a single, separate JSON object.

An id MTA option has been added. This option can be used to specify an identifier for a particular MTA or group of MTAs that share a common network setup. Currently, this option is only used by the smartsend plugin in its probes for IP address lists.

A bit-encoded include_domain MTA option has been added. At present only one bit (0, value 1) is defined, which if set causes destination domain information to be included in CONVERSIONS mapping probes.

The interfaceaddress source channel option has been extended to allow specification of two different addresses, one used for logging and the other as the actual TCP/IP source address. Normally the same address is used for both purposes. When two addresses are specified they must be separated by a sharp sign with the logging address appears first, such as, "logging-address#bind-address".

An alias_description alias option has been added so that aliases can have a description attached that shows up in unified configuration. This option has no effect on alias expansion.

The log_filename, log_envelope_id, log_tracking, log_message_id, log_auth, log_filter, log_reason, log_diagnostics, log_remote_mta, log_isc_status, log_uid, log_mailbox_uid, log_conversion_tag, and log_transactionlog MTA all accept an additional bit flag, position 2, value 4. If set along with bit 0 (value 1), this bit causes the attribute to appear unconditionally in XML and JSON log entries even if it is blank. The log_times, log_intermediate, and log_username use different bits to provide similar controls. See the option descriptions for details.

A new TLS_NEGOTIATION_TIME TCP/IP-channel-specific option has been added. This new option specifies the amount of time the SMTP/LMTP client will wait for the opposite end of the connection during TLS negotiations. The default value for this option is 1 minute. Prior to this option being available, the timeout for TLS negotiation in the SMTP server was controlled by the STATUS_TRANSMIT_TIME TCP/IP-channel-specific option and the timeout for the TLS negotiation option in the SMTP client was controlled by the STATUS_RECEIVE_TIME TCP/IP-channel-specific option, both of which defaulted to 10 minutes.

Bit 3 (value 8) of the log_conversion_tag MTA option, if set, will cause the first conversion tag associated with each message recipient, if present, to be treated as an additional "virtual channel" by the MTA counter subsystem. This "channel" will then appear in counter output along with all the other channels. Note that no attempt is made to distinguish these virtual channels from normal channels; use of unique names must be dealt with by appropriate configuration.

The $< and $> metacharacters can now be used in AUTH_REWRITE mappings to send messages to syslog. The semantics are the same as in other access mappings, e.g, SEND_ACCESS.

The new authrewrite_extra_headers MTA can be to include the content of additional header fields in AUTH_REWRITE mapping table probes.

The prefix used on syslog messages generated by the log_connections_syslog and log_messages_syslog MTA options is now controlled by the log_syslog_prefix MTA option.

The "IMTA-W-" prefix used on MTA-generated syslog messages is now controlled by the sndopr_prefix MTA option. Note that setting the option to the empty string eliminates the prefix entirely.

The processnestedmessages and retainnestedmessages options have been added. You can use thes options to control whether or not the conversion channel "looks inside" of nested message parts (processnestedmessages, the default) or treats them as leaf parts (retainnestedmessages).

The documentation set for Messaging Server 8.1.0 includes the following new guide:

• Unifed Communications Suite Schema Reference: Provides information on LDAP Schema.

Support for the following features may be eliminated in a later release, may be already removed in this release, or removed in a previous release:

• Support for Cassandra Store Removed (Patch Set 27)

• Support for Solaris 10, Oracle Linux 6, Red Hat Enterprise Linux 6 Deprecated

• Support for Index and Search Service (ISS) Removed

• Support for Cassandra Store Indexed Search Removed

• Support for Oracle Glassfish Message Queue Removed

• Support for Sun Cluster and Veritas Cluster Agents Removed

• Support for Delegated Administrator Tool Removed

• MMP Submission Proxy and MMP Legacy Config Support Removed

• Support for SSL server certificate validation for MMP connections Removed

• Support for SSL server certificate validation Removed

• TLS Version 1.1 Disabled by Default

• Support for Legacy Store msgtrace Logging Removed

• capability_x_unauthenticate Option Removed

• Support for IDN A-labels in LDAP Deprecated

• Support for SSL version 2 CLIENT-HELLO Removed

This section lists the fixed issues in this release of Messaging Server.

This section lists the known problems in this release of Messaging Server.

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.