This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Evelyn Fronuteroni
Jun 26, 2018, 9:09 AM
16 Posts

SMTP Open Relay

  • Category: Administration
  • Platform: Windows
  • Release: 9.0.1
  • Role: Administrator
  • Tags: SMTP,SMTP Relay,Administration
  • Replies: 1

Hi, we have a peculiar situation.

Over the past many years, we have been using our Domino Server (being the main mail server) as a open SMTP relay for other servers. Other servers(quite a few of them) use the SMTP service of Domino to route mails related to alerts/notifications.

Now, there was an audit against us and it was mentioned that we need to restrict this to only the approved servers as there is chance of SMTP spoofing internally. SMTP Authentication is out of question for the time being. Can I use the setting "Allow messages only from the following internet hosts to be sent to external internet domains:" in the SMTP Inbound Controls of the Configuration document? If yes, can I just enter the IPs or hostnames of the servers in this field?

Any inputs are welcome. Thanks in advance.

~Sigmund Dworelitnivu
Jun 26, 2018, 12:40 PM
328 Posts
Inbound Relay Enforcement

I've used 'Inbound relay Enforcement'. In the Administrator Help, read: 'Specifying enforcement of inbound relay controls '

Inbound Relay Enforcement

Perform Anti-Relay enforcement for these connecting hosts:   All connecting hosts

Exclude these connecting hosts from anti-relay checks: <IP Addresses enclosed in Brackets>

[10.10.10.1]
[10.10.11.2]

Exceptions for authenticated users:  Allow all authenticated users to relay

------------------

Although probably not needed, I'd also add the following to the Notes.ini:

SMTPAllHostsExternal=1


 


This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal