rehostuser -n Can Result in Lost Mail (Doc ID 1934941.1)

Last updated on APRIL 28, 2021

Applies to:

Goal

The -n switch on the rehostuser command allows you to leave the original folders in place on the source system after moving a user to a different backend message store system.

However, this can cause problems due to the way the LMTP and ims-ms channels detect that a user has been moved.

Address rewriting and routing is done as messages are being placed into destination channel queues. A message in the LMTP channel queue has already had the recipient address rewritten and destination backend message store system selected and encoded into the envelope recipient information. When rehostuser sets the mailUserStatus to defer, any new messages coming in should be held and reprocessed later. But if there are any messages already in the LMTP channel queue waiting to be delivered to the backend, they will not be effected by the change of mailUserStatus, because no LDAP lookup is normally done as the message is being dequeued.

This is rarely an issue because messages should sit in the LMTP channel queue for a very short time.

Any deliveries attempted while the rehostuser is in progress will fail with "mailbox is busy" because rehostuser has the mailbox locked for the duration of the move.

Once rehostuser is done, the source folders are normally removed (as long as you do not use -n).

When the LMTP (or ims-ms) delivery is attempted again, it will find the folder does not exist. The store code at that point is prepared to create a new folder - this is how an INBOX is created the first time a user receives mail - but that requires an LDAP lookup, which will find the user is no longer on this mailhost. That results in an IMAP_WRONG_MAILHOST error, which causes the LMTP client (or ims_master) to reprocess the recipient address, at which point it will find the new mailHost and reroute the message to the appropriate backend.

However, using -n on rehostuser circumvents that final check. If messages were in the queue to be tried later when reshostuser -n started, when those messages are retried, they will be delivered successfully because the folder does exist. If that happens, the mail is delivered to the old copy of the folder (on the source message store system) where the user will not be able to access it. Thus such mail is effectively lost.

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.