Transcription
CH A P T E R25Configuring IMAP Settings in Cisco UnityConnection 10.xThis chapter contains information on setting up Cisco Unity Connection so that users can use IMAPclients to send, forward, or reply to messages through the Unity Connection server.See the following sections: Overview of SMTP Message Handling in Unity Connection 10.x, page 25-1 Example Using IMAP and ViewMail for Outlook 10.x, page 25-2 Recommendations for Deploying IMAP Access in Unity Connection 10.x, page 25-3 Task List for Configuring IMAP Access in Unity Connection 10.x, page 25-3 Procedures for Configuring IMAP Access in Unity Connection 10.x, page 25-5Overview of SMTP Message Handling in Unity Connection 10.xCisco Unity Connection can receive and process SMTP messages that are generated by IMAP clients,for example, a voice message recorded in a Microsoft Outlook email client by using ViewMail forOutlook.When an authorized IMAP client tries to send a message to Unity Connection through SMTP, UnityConnection attempts to categorize the message as a voicemail, email, fax, or delivery receipt. UnityConnection also attempts to map the sender to a user and the message recipients to users or contacts bycomparing the SMTP addresses in the message header to its list of SMTP proxy addresses.If SMTP authentication is configured for the IMAP client and the SMTP address of the sender matchesa proxy address or the primary SMTP address for the authenticated user, or if SMTP authentication isnot configured for the IMAP client and the SMTP address of the sender matches a proxy address orprimary SMTP address for any Unity Connection user, Unity Connection processes the message for eachindividual recipient based on the type of recipient: If the recipient maps to a VPIM contact, Unity Connection converts the message into a VPIMmessage, removing any attachment that is not allowed by the VPIM standard. Then, UnityConnection either delivers the message to the specified VPIM location if the VPIM location ishomed on the local server, or forwards it to another digitally networked Unity Connection server fordelivery if the VPIM location is homed on that server. If the recipient maps to a user homed on the local server, Unity Connection performs the actionspecified on the Message Actions page of the profile for the user in Cisco Unity ConnectionAdministration. For each type of message (voice, email, fax, or delivery receipt) you can configureSystem Administration Guide for Cisco Unity Connection Release 10.x25-1
Chapter 25Configuring IMAP Settings in Cisco Unity Connection 10.xExample Using IMAP and ViewMail for Outlook 10.xwhether Unity Connection accepts the message and places it in the user mailbox on the UnityConnection server, relays the message to the user at an alternate SMTP address, or rejects themessage and generates a non-delivery receipt (NDR). If the recipient maps to a user homed on a remote Unity Connection server, Unity Connection relaysthe message to the home server of the user, which then performs the action specified on the MessageActions page of the user profile. If the recipient does not map to any of the above, Unity Connection either relays the message to theSMTP smart host, or sends an NDR to the sender, depending on the option selected for the When aRecipient Cannot be Found setting on the System Settings General Configuration page inConnection Administration. By default, Unity Connection sends an NDR.If SMTP authentication is configured for the IMAP client and the SMTP address of the sender does notmatch a proxy address or the primary SMTP address for the authenticated user, the Unity Connectionserver returns an SMTP error, which in most cases causes the message to remain in the client outbox. IfSMTP authentication is not configured for the IMAP client and the SMTP address of the sender does notmatch any known user proxy address or primary SMTP address, Unity Connection puts the message intothe MTA bad mail folder (UmssMtaBadMail).NoteUnity Connection marks an incoming SMTP message as secure if the message includes the secureheader, or if the message sender is a user who is in a class of service that is configured to always sendsecure messages. See the “How Cisco Unity Connection 10.x Handles Messages That Are MarkedPrivate or Secure” section in the “Configuring IMAP Settings in Cisco Unity Connection 10.x”athttp://www.cisco.com/en/US/docs/voice ip .)Example Using IMAP and ViewMail for Outlook 10.xThe employees at ExampleCo use Microsoft Outlook to access a Microsoft Exchange server for email.Each employee at the company receives corporate email at an address that follows the [email protected]. ExampleCo wants employees to be able to use Outlook to accessvoice messages stored on the Cisco Unity Connection server. To allow employees to send, forward, orreply to voice messages in the Outlook client, ExampleCo deploys the Cisco Unity ConnectionViewMail for Microsoft Outlook plug-in. The Outlook client for each employee is configured to accessthe Unity Connection user account via IMAP.When Robin Smith at ExampleCo wants to send an email message to a coworker, Chris Jones, Robincomposes a new email message to [email protected]. By default, Outlook is configured to routenew email messages to the Microsoft Exchange server for delivery. Next, Robin wants to send Chris avoice message, and selects the New Voice Message icon, which opens the ViewMail for Outlook form.Robin again addresses the message to [email protected], records audio for the message, andselects the Send button. In this case, because ViewMail is configured to use the Unity Connection IMAPaccount to send messages, the voice message is routed to the Unity Connection server for delivery.When Unity Connection receives the voice message, it searches the list of SMTP proxy addresses [email protected] (the sender) and [email protected] (the recipient). Because theseaddresses are defined as SMTP proxy addresses for the user profiles of Robin Smith and Chris Jonesrespectively, Unity Connection delivers the message as a voice message from Robin Smith to ChrisJones.System Administration Guide for Cisco Unity Connection Release 10.x25-2
Chapter 25Configuring IMAP Settings in Cisco Unity Connection 10.xRecommendations for Deploying IMAP Access in Unity Connection 10.xWhen Chris opens Outlook, the email message from Robin shows up as a new message in the MicrosoftExchange Inbox. The voice message from Robin, on the other hand, shows up as a new message in theInbox of the Unity Connection account that Chris accesses via IMAP. If Chris replies to either message,the Outlook client will automatically route the reply by using the account in which Chris received theoriginal message.NoteAs Unity Connection is configured to be able to match the corporate email addresses in use atExampleCo to Unity Connection user accounts (via the SMTP proxy address that is defined for eachuser), users can use the existing Outlook address book to address both email and voice messages. Inaddition, users do not need to think about which account to use to compose, reply to, or forwardmessages—this is all handled automatically by the Outlook and ViewMail configuration.Recommendations for Deploying IMAP Access in UnityConnection 10.xWhen deploying IMAP clients to access and send Cisco Unity Connection messages, we recommend thefollowing: Use a firewall to protect the Unity Connection SMTP port from unauthorized access. The SMTP portand domain are listed on the System Settings SMTP Configuration Server page inCisco Unity Connection Administration. Configure Transport Layer Security for IMAP client connections in order to protect user passwords. Configure the corporate email address of each user as an SMTP proxy address for the user. Whensetting up the Unity Connection IMAP account on user workstations, use the corporate emailaddress of the user, rather than the Unity Connection-specific email address, in the IMAP settings.In this way, users do not need to know an extra set of email addresses for addressing voice messagesin the email client, and are insulated from changes to the Unity Connection-specific addresses if theUnity Connection SMTP domain is changed. ViewMail for Outlook limits the message recipients that a user can reach to objects that are in thesearch space of the user, and sends a non-delivery receipt (NDR) for messages that are sent torecipients that do not appear in the search space. If you are using search spaces to limit the objectsthat users can reach and do not want users to receive NDRs for unreachable objects, considercreating a separate Outlook address book for ViewMail users that is limited to the objects in the usersearch space.Task List for Configuring IMAP Access in Unity Connection 10.x1.If you plan to configure Cisco Unity Connection to relay messages for users to another SMTP server,do the following subtasks:a. Configure the SMTP smart host to accept messages from the Unity Connection server. See thedocumentation for the SMTP server application that you are using.b. Configure the Unity Connection server to relay messages to the smart host. See the“Configuring the Cisco Unity Connection Server to Relay Messages to a Smart Host” sectionon page 25-5.c. Review the settings that control whether private or secure messages can be relayed. See the“Configuring Message Relay Settings” section on page 25-5.System Administration Guide for Cisco Unity Connection Release 10.x25-3
Chapter 25Configuring IMAP Settings in Cisco Unity Connection 10.xTask List for Configuring IMAP Access in Unity Connection 10.x2.Configure message actions for Unity Connection users or user templates. See the “Message Actionsin Cisco Unity Connection 10.x” section in the “Setting Up Features and Functionality ControlledBy User Account Settings in Cisco Unity Connection 10.x” chapter of the User Moves, Adds, andChanges Guide for Cisco Unity Connection Release 10.x, athttp://www.cisco.com/en/US/docs/voice ip comm/connection/10x/user mac/guide/0xcucmacx.html.3.Configure SMTP proxy addresses for users who will send or receive messages from IMAPclients.See the “SMTP Proxy Addresses in Cisco Unity Connection 10.x” section in the “Setting UpFeatures and Functionality Controlled By User Account Settings in Cisco Unity Connection 10.x”chapter of the User Moves, Adds, and Changes Guide for Cisco Unity Connection Release 10.x, athttp://www.cisco.com/en/US/docs/voice ip comm/connection/10x/user mac/guide/10xcucmacx.html.NoteAt a minimum, we recommend that you configure the corporate email address of each user as anSMTP proxy address for the user.4.Associate users with a class of service that offers a license to use an IMAP client to access voicemessages. See the “IMAP Client Access to Voice Messages in Cisco Unity Connection 10.x” sectionin the “Setting Up Features and Functionality Controlled By Class of Service in Cisco UnityConnection 10.x” chapter of the User Moves, Adds, and Changes Guide for Cisco Unity ConnectionRelease 10.x, athttp://www.cisco.com/en/US/docs/voice ip comm/connection/10x/user mac/guide/10xcucmacx.html.5.Configure SMTP proxy addresses for VPIM contacts who may receive messages from IMAP clients.See the “SMTP Proxy Addresses in Cisco Unity Connection 10.x” section in the “ManagingContacts in Cisco Unity Connection 10.x” chapter of the User Moves, Adds, and Changes Guide forCisco Unity Connection Release 10.x, athttp://www.cisco.com/en/US/docs/voice ip comm/connection/10x/user mac/guide/10xcucmacx.html.6.Configure the Unity Connection server to allow SMTP connections from IMAP clients. See the“Configuring the Unity Connection Server for IMAP Client Access and Authentication” section onpage 25-6.7.If you configured Transport Layer Security to be required or optional in the procedure in Task 6.:Configure the Unity Connection server to provide a secure IMAP Unity Connection, as described inthe “Securing Cisco Unity Connection Administration, Cisco PCA, and IMAP Email Client Accessto Unity Connection” section on page 30-1.8.Optionally, modify the settings that determine the characteristics of SMTP messages that UnityConnection accepts. See the “Configuring SMTP Message Parameters” section on page 25-7.9.For each user workstation, configure a supported IMAP client to access a Unity Connectionmailbox.See the “Configuring an Email Account to Access Unity Connection Voice Messages”chapter of the User Workstation Setup Guide for Cisco Unity Connection Release 10.x, athttp://www.cisco.com/en/US/docs/voice ip comm/connection/10x/user setup/guide/10xcucuwsx.html.System Administration Guide for Cisco Unity Connection Release 10.x25-4
Chapter 25Configuring IMAP Settings in Cisco Unity Connection 10.xProcedures for Configuring IMAP Access in Unity Connection 10.xProcedures for Configuring IMAP Access in Unity Connection10.xSee the following sections: Configuring the Unity Connection Server for IMAP Client Access and Authentication, page 25-6 Configuring Message Relay Settings, page 25-5 Configuring the Unity Connection Server for IMAP Client Access and Authentication, page 25-6 Configuring SMTP Message Parameters, page 25-7Configuring the Cisco Unity Connection Server to Relay Messages to a SmartHostTo enable Cisco Unity Connection to relay any type of message to the SMTP address for a user, yourUnity Connection server must be configured to relay messages through a smart host.To Configure the Cisco Unity Connection Server to Relay Messages to a Smart HostStep 1In Cisco Unity Connection Administration, expand System Settings, expand SMTP Configuration,then select Smart Host.Step 2On the Smart Host page, in the Smart Host field, enter the IP address or fully qualified domain nameof the SMTP smart host server. (Enter the fully qualified domain name of the server only if DNS isconfigured.)Step 3Select Save.Configuring Message Relay SettingsYou can choose whether Cisco Unity Connection relays messages that are marked private or secure.To Configure Message Relay SettingsStep 1In Cisco Unity Connection Administration, expand System Settings, expand Advanced, then selectMessaging.Step 2To have Cisco Unity Connection relay messages that are marked private, check the Allow Relaying ofPrivate Messages check box. (This check box is checked by default.) Unity Connection sets the privateflag on the message when relaying a private message.To prevent Unity Connection from relaying private messages, uncheck the check box. Unity Connectionsends an NDR to the message sender when it receives a message that it cannot relay because the messageis marked private.Step 3To have Unity Connection relay secure messages, check the Allow Relaying of Secure Messages checkbox. (This check box is unchecked by default.) Unity Connection relays secure messages as regularmessages.System Administration Guide for Cisco Unity Connection Release 10.x25-5
Chapter 25Configuring IMAP Settings in Cisco Unity Connection 10.xProcedures for Configuring IMAP Access in Unity Connection 10.xTo prevent Unity Connection from relaying secure messages, uncheck the check box. Unity Connectionsends an NDR to the message sender when it receives a message that it cannot relay because the messageis marked secure.Step 4Select Save.Configuring the Unity Connection Server for IMAP Client Access andAuthenticationYou have a number of options for controlling which clients can initiate SMTP connections withCisco Unity Connection. You can create an access list, which allows you to configure specific IPaddresses or IP address patterns that correspond with clients that you wish to allow or deny access. Youcan also choose to allow all clients to connect, regardless of IP address; if you do so, you can specifywhether those clients (known as untrusted IP addresses) must authenticate, and whether Transport LayerSecurity is required or allowed for clients with untrusted IP addresses.If you choose to require clients with untrusted IP addresses to authenticate with Unity Connection, usersenter their Unity Connection alias and Cisco PCApassword (also known as the web-applicationpassword) in the IMAP client to authenticate. Make sure that users understand that whenever theychange their Cisco PCA password in the Unity Connection Messaging Assistant, they also must updatethe password in their IMAP client. If users have trouble receiving voice messages in an IMAP client afterhaving updated their Cisco PCA password in both applications, see the “Troubleshooting IMAP ClientSign-In Problems in Cisco Unity Connection 10.x” section in the “Configuring an Email Account toAccess Unity Connection Voice Messages” chapter of the User Workstation Setup Guide for Cisco UnityConnection Release 10.x, athttp://www.cisco.com/en/US/docs/voice ip comm/connection/10x/user setup/guide/10xcucuwsx.htm.Do one or both of the following procedures, as applicable. To Configure the Cisco Unity Connection IP Address Access List, page 25-6 To Configure Access and Authentication for Untrusted IP Addresses, page 25-7To Configure the Cisco Unity Connection IP Address Access ListStep 1In Cisco Unity Connection Administration, expand System Settings SMTP Configuration, thenselect Server.Step 2On the SMTP Server Configuration page, on the Edit menu, select Search IP Address Access List.Step 3On the Search IP Address Access List page, select Add New to add a new IP address to the list.Step 4On the New Access IP Address page, enter an IP address; or, you can enter a single * (asterisk) to matchall possible IP addresses.Step 5Select Save.Step 6On the Access IP Address page, to allow connections from the IP address that you entered in Step 4,check the Allow Unity Connection check box. To reject connections from this IP address, uncheck thecheck box.Step 7If you have made any changes on the Access IP Address page, select Save.Step 8Repeat Step 2 through Step 7 for each additional IP address that you want to add to the access list.System Administration Guide for Cisco Unity Connection Release 10.x25-6
Chapter 25Configuring IMAP Settings in Cisco Unity Connection 10.xProcedures for Configuring IMAP Access in Unity Connection 10.xTo Configure Access and Authentication for Untrusted IP AddressesStep 1In Cisco Unity Connection Administration, expand System Settings SMTP Configuration, thenselect Server.Step 2On the SMTP Server Configuration page, check the Allow Connections From Untrusted IPAddresses check box to allow all clients to connect by using SMTP, regardless of whether UnityConnection is configured to specifically allow connections from their IP addresses.Step 3If you checked the check box in Step 2, check the Require Authentication From Untrusted IPAddresses check box to configure authentication for these types of clients. Then, select how UnityConnection handles Transport Layer Security for untrusted IP addresses:Step 4 Disabled—Unity Connection does not offer TLS as an option for SMTP sessions that are initiatedby clients or servers with untrusted IP addresses. In most cases, if the client is configured to useTLS, but Unity Connection does not offer it, the Unity Connection fails and the client notifies theuser. Required—Clients or servers connecting from untrusted IP addresses must use TLS to initiateSMTP sessions with the Unity Connection server. Optional—Clients or servers connecting from untrusted IP addresses can use TLS to initiate SMTPsessions with the Unity Connection server, but are not required to do so.NoteTo protect user passwords, we recommend that you require authentication from untrusted IPaddresses and configure Transport Layer Security as either Required or Optional.If you chose Required or Optional for the Transport Layer Security setting in Step 3, to configure TLSon the Unity Connection server, see the “Securing Cisco Unity Connection Administration, Cisco PCA,and IMAP Email Client Access to Unity Connection” section on page 30-1.Configuring SMTP Message ParametersYou can configure Unity Connection to reject any incoming SMTP messages that are larger than aconfigurable total size or have more than a configurable number of recipients. By default, UnityConnection accepts messages that are larger than 10 MB or have more than 15,000 recipients.To Configure SMTP Message ParametersStep 1In Cisco Unity Connection Administration, expand System Settings SMTP Configuration, thenselect Server.Step 2On the SMTP Server Configuration page, in the Limit Size of Message field, enter a number inkilobytes to limit the size of an individual message sent by an SMTP client.Step 3In the Limit Number of Recipients per Message field, enter the number of recipients allowed permessage.Step 4Select Save.System Administration Guide for Cisco Unity Connection Release 10.x25-7
Chapter 25Procedures for Configuring IMAP Access in Unity Connection 10.xSystem Administration Guide for Cisco Unity Connection Release 10.x25-8Configuring IMAP Settings in Cisco Unity Connection 10.x
Configure the SMTP smart host to accept me ssages from the Unity Connection server. See the documentation for the SMTP server application that you are using. b. Configure the Unity Connection server to relay messages to the smart host. See the "Configuring the Cisco Unity Connection Server to Relay Messages to a Smart Host" section on page .
![Cisco NetFlow Configuration [Cisco NetFlow] - Cisco](/img/3/cisco-netflow-configuration.jpg)
