M-Switch is a high-performance, robust and highly flexible messaging server which can be configured to act as an SMTP or X.400 message transfer agent,. M-Switch can also be configured as a gateway between a number of different messaging protocols, as shown on the diagram below. This page looks at conversion between X.400 and SMTP, for information on conversion of the Military Messaging protocols please see the M-Switch ACP127 and STANAG 4406 Gateway page.
Channels to convert between RFC 822 and X.400 P2 according to the rules of RFC 2156 are provided. Conversion of body parts is performed according to RFC 2157 and RFC 1496. Channels are provided for the conversion of the message body-part types of X.400 and those of MIME (RFC 2045).
M-Switch MIXER supports address translation using both encapsulated addressing flexible address mapping using the standard MIXER address mapping mechanisms. MIXER is a standardized mapping between X.400 and Internet mail specified in RFC 2156. Addresses are mapped algorithmically, with MIXER mappings relating part or all of the domain of an Internet email address to O, OUs, ADMD, PRMD and Country of X.400 OR Addresses. This provides a convenient way to algorithmically map addresses, usually resulting in addresses that are reasonable for human users. M-Switch MIXER provides a configurable option to use Common Name mappings instead of the MIXER preferred personal name.
This mapping can be configured in the directory according to RFC 1838. M-Switch MIXER supports this, and provides GUI configuration of the MIXER mappings. A typical MIXER gateway will define a small number of these mappings.
M-Switch MIXER provides flexible configuration to map Importance: and various priority fields and MTS Grade of Delivery and internal M-Switch Priority are assigned according to RFC 6758.
Per User Address Mappings
M-Switch MIXER extends this core mapping to provide mappings for individual user addresses configured in the directory. A directory entry will hold both Internet and X.400 addresses for a user, and will map between these. This has the benefit of providing a completely flexible mapping for a community of users, and can also utilize information that is already configured in the directory where users have access to both Internet mail and to X.400.
There is flexible configuration for mapping in both directions. It is possible to use multiple directories; each handling different parts of the mail address space. The attributes used for the mappings are also configurable. This is important where a MIXER gateway supports multiple organizations, and there are existing directories for each organization holding the relevant information.
M-Switch MIXER maps between MIME messages and X.400 or STANAG 4406 messages. Acknowledgements are also mapped in both directions:
- SMTP DSNs (Delivery Status Notifications) are mapped with X.400 Delivery Reports.
- SMTP MDNs (Message Disposition Notifications) are mapped with X.400 IPNs (InterPersonal Notifications).
File Transfer Body Part (FTBP)
File Transfer Body Part (FTBP) is an X.400 extension designed to handle transfer of generic information over X.400. The EMA Message Attachment Working Group (MAWG) has defined a specific mode of using FTBP and most X.400 client vendors have adopted this mechanism. The M-Switch supports this format, and enables conversion between this and the corresponding MIME functionality. This enables straightforward exchange of attachments, such as Microsoft Word documents, between Internet Mail and X.400 users.
M-Switch MIXER can map X.400 messages to Internet, by wrapping the X.400 Content as a MIME Body Part according to the X400WRAP specification. This mapping is used by default for X.400 messages which are not InterPersonal Messages, including Military P772 Messages.
MIXER as specified in RFC 2156 does not include any security mappings, as in general mapping of protocol dependent security features does not make sense. M-Switch supports the S/MIME encoding of Secure Internet Messages (RFC 3851).
When messages are received from Internet Email in S/MIME format, S/MIME signatures are verified. This ensures content integrity and originator authentication to the MIXER gateway. Where S/MIME messages are not encrypted, the S/MIME encoding may be stripped and then a standard MIXER mapping is applied. This will map the message to X.400 without S/MIME encoding, which most X.400 clients would not be able to handle.
When mapping from X.400 to Internet Mail, messages may be S/MIME encoded and signed by the gateway. This will provide content integrity and authentication between the MIXER gateway and the Internet Mail recipient.
M-Switch MIXER provides support for structured Security Labels and ad hoc Security Labels. Structured Security Labels can be carried with X.400 messages, as "X.411 labels" in the message envelope. Structured Security labels can be carried with Internet messages, as "ESS labels" within a S/MIME message as defined in RFC 2634 "Enhanced Security Services for S/MIME". ESS labels and X.411 labels are similar ASN.1 encoded labels.
M-Switch MIXER maps between X.411 and ESS Security Labels. Coming from Internet Mail this is done by extracting the ESS Label and the MIME message from the S/MIME encoding, mapping the label encoding and then sending it as an X.411 label. S/MIME signature verification is also done. Coming from X.400, the reverse happens, mapping an X.411 label to an ESS label wrapped in S/MIME, with the S/MIME signed by the MIXER gateway.
M-Switch MIXER can also provide mappings to FLOT (First Line of Text) and other ad hoc security label format. There is flexible support for a variety of labels in Internet messages which is described in detail in M-Switch SMTP. FLOT labels are also supported on the X.400 side.
M-Switch MIXER can map between structured Security Labels and ad hoc Security Labels in both directions. For more information see [Security Label Capabilities in M-Switch].
Mapping of STANAG 4406 Headers
M-Switch has support for STANAG 4406 Headings. It handles MMHS headers in SMTP according to RFC 6477 “Registration of Military Message Handling System (MMHS) header fields for use in Internet Mail”. A high level description is provided in “Military Messaging (MMHS) over SMTP”.
Three capabilities are provided:
- Mapping between the MMHS over SMTP headers and STANAG 4406 Headers.
- Mapping STANAG 4406 with the MMHS-Authorizing-Users as defined in “Draft and Release using Internet Email”.
- Assigning MTS Grade of Delivery and internal M-Switch Priority according to the MMHS MMHS-Primary-Precedence: header.
Isode's MConsole GUI tool is used for configuration and management of M-Switch MIXER.
MConsole allows for full GUI configuration of MTA and Gateway configurations. Multiple messaging/gateway configurations can be managed, all of which are stored in a directory (usually Isode's M-Vault). The screenshot below shows a MIXER (X.400/SMTP Gateway) setup. The address conversion tree is set up for standard MIXER mappings. The configuration pane shows how a number of MIXER mapping options can be set up.
Isode provides a number of management tools and capabilities with its products, to enable control and monitoring of an military messaging system. MTAs and Gateways can be monitored using SNMP (Simple Network Management Protocol), which is ideal for monitoring large numbers of servers, and supported by Industry standard management products.
MConsole can be used for message tracking, delivery reports and inter-personal notifications (enabling support of a Fire and Forget capability) as well as archive access. Statistics for message switching are provided using a Web interface to the Audit Database.
We welcome evaluations of our products and will make support resources available to you for the duration of your evaluation. Evaluation guides for all packages can be found on the relevant product evaluation page. You will need an evaluation password and a licence file which can be obtained by filling out this evaluation application form.