MAILbus 400 Message Transfer Agent and Application Program Interface, Version X3.0-6 for HP Tru64 UNIX This Cover Letter lists the functional changes that have been introduced in Version X3.0-6 of MAILbus 400 MTA and MAILbus 400 Application Program Interface (API). Functional Changes: ------------------- MTA Version X3.0-6 is based on MTA V3.0 and it includes the fix for the following IPMTs and ASN.1 Vulnerabilities. 1. IPMT CFS.96374 Modification has been done to get the value of the timer (ma_finish_delivery - temporary failure) from an environment variable,instead of taking the value from the compile time 'IR_K_RETRY_INT' parameter. Steps to be followed before the MTA startup: The Retry Interval for Agent has been implemented by means of an environment variable, namely 'MTA_AGT_RETRY'. If this variable is not set, then the timer value would be taken from the default compile time parameter of TEN minutes. The environment variable 'MTA_AGT_RETRY' can be set as shown below. Edit /usr/sbin/mta/mta_cml_script and add the following statements: MTA_AGT_RETRY="" export MTA_AGT_RETRY 2. IPMT CFS.96741 Fix for Routing Instructions act on Agents/Gateways as CASE INSENSITIVE 3. Fix for SSRT3624 X.400 potential security vulnerability via ASN.1 cross reference: NISCC (006489) A potential denial of service has been identified that may allow a remote initiated Buffer Overflow when malformed ASN.1 messages are submitted. This potential buffer overflow has been fixed in this version. Installation Prerequisites and Procedure: ----------------------------------------- Versions of Tru64 UNIX that this patch should be installed on: This patch should be installed on all the Tru64 UNIX machines that are running MAILbus 400 MTA V3.0 and X3.0-x versions. Installing Version X3.0-6 : To install this kit, follow the instructions given in "MAILbus 400 MTA Installing on a Digital UNIX System" or "MAILbus 400 API Installing on Digital UNIX System", with the following exceptions: o Make sure you install one of the following configurations of prerequisite software: - Tru64 UNIX V4.0G DECnet-Plus for Tru64 UNIX V4.0C or later MAILbus 400 MTA V3.0 or X3.0-x Compaq X.500 Directory Service for Tru64 UNIX (Base Subset) V4.0.25 or Tru64 UNIX Enterprise Directory V5.0, V5.1, V5.2 - Tru64 UNIX V5.0, V5.1, V5.1A DECnet-Plus Tru64 UNIX 5.0-1 or later MAILbus 400 MTA V3.0 or X3.0-x Compaq X.500 Directory Service for Tru64 UNIX (Base Subset) V4.0.25 or Tru64 UNIX Enterprise Directory V5.0, V5.1,V5.1A Note: 1. Due to limitations in the schema supplied with Compaq X.500 V4.0-25, not all the new features of the MTA V3.0 are avail- able with this version of the Directory. 2. If your system is running DECnet V4.0C, V5.0B or V5.1, you need to install the "libdnamgmt.so.vxxx.5Aug2002.gz" DECnet patch. Where xxx is the version number Following is a brief description about the Installation procedure: (For detailed installation procedure, refer the steps described in the Manual "MAILbus400 Message Transfer Agent Installing on a Digital UNIX system" Version 2.0.) 1. Copy the tar file to a directory, for example, /tmp1, on the target node. 2. Create a temporary directory, for example, /tmp2, to contain the MTA and API subsets. 3. Change current directory to /tmp2. 4. Unpack the tar file into this directory, for example: # tar -xvf /tmp1/mailbus_400_mta.tar 5. You can now install MTA X3.0.6 from the temporary directory: # setld -l . When you deinstall the MTA, the MTA startup script (/var/mta /scripts/ start_mta.ncl) is renamed to /var/mta/scripts/start_ mta.ncl.savn, where n is a number. The MTA installation pro- cedure installs a new template /var/mta/scripts/start_mta.ncl file. After the subsets have been successfully installed, reap- ply your saved changes to the new copy of the start_mta.ncl file. For the MAILbus 400 API, if you are using the archive libraries on Tru64 UNIX, you will need to relink your application after you has installed Version X3.0.6. The version number of this kit when displayed using NCL manage- ment is X3.0.6 To identify this kit, type the following command: # what /usr/sbin/mta/mta | grep MAILbus the following is the response from this command MAILbus 400 MTA (X3.0-6) Tue Nov 4 12:40:46 IST 2003 Problem reporting: ------------------ Problems relating specifically to this kit should be reported through your normal HP support channel.