MAIL
To save system resources, before it accepts a message, the IBM® Lotus® Domino® SMTP listener checks the Mail From address specified in the message envelope during the SMTP transaction. If you set the Domino server to deny mail from a particular source, Domino denies it whenever that source is encountered -- for example, if users from a denied domain send mail through a relay, Domino denies it based on its origin from that domain. Domino creates an entry in the log file (LOG.NSF) whenever a message is rejected.
Note SMTP can resolve names for group types of Mail-only or Multi-purpose. When you create or modify the SMTP and Router settings in the Configuration Settings document, be sure to enter group names that have a group type of Mail-only or Multi-purpose. These groups must be in the primary directory. This applies to settings on the Restrictions tab, the SMTP Inbound Controls tab, and the SMTP Outbound Controls tab.
To restrict who can send Internet mail to your users
1. Make sure you already have a Configuration Settings document for the server(s) to be configured.
2. From the Domino Administrator, click the Configuration tab and expand the Messaging section.
3. Click Configurations.
4. Select the Configuration Settings document for the mail server or servers you want to restrict mail on, and click Edit Configuration.
5. Click the Router/SMTP - Restrictions and Controls - SMTP Inbound Controls tab.
6. Complete these fields in the Inbound Sender Controls section, and then click Save & Close:
During the SMTP conversation, the Domino SMTP listener compares the address in the MAIL FROM command received from the connecting host with the entries in this field.
For example, if you enter lotus.com in the field, Domino accepts incoming mail only if the address in the MAIL FROM command ends in lotus.com. Domino denies messages from all other Internet addresses.
You can create a Notes group containing a list of addresses from which to allow messages and enter the group name in this field. A group entry is valid only if it does not contain a domain part or dot ("."). For example, the group with the name group1 is valid, but the groups named iris.com or group2@iris are not.
If you enter addresses in this field, all messages except those matching addresses listed in this field can route to your users. Mail is denied only from addresses matching the entries in this field.
For example, if you enter lotus.com in the field, Domino accepts messages from all Internet addresses and domains except those ending in lotus.com. Domino denies messages from senders whose addresses end in lotus.com.
You can create a Notes group containing a list of addresses from which to deny messages and enter the group name in this field. A group entry is valid only if it does not contain a domain part or dot ("."). For example, the group with the name group1 is valid, but the groups named iris.com or group2@iris are not.
Note Be careful not to specify the same entry in an Allow field and a Deny field because Domino will deny messages for that entry. The Deny setting takes precedence for security reasons.
Related topics