Solved

How to restrict iNotess and SMTP access for certain users

Posted on 2004-04-07
7
950 Views
Last Modified: 2013-12-18
Is there a way to do this (Dominio 6.5):
 -restrict/deny iNotes access for certain users, without effecting their ability to logon to quickplace & sametime with their internet password
 -restrict/deny SMTP access for certain users so they cannot relay messages through their account from the outside. Some of our remote users need to relay from POP clients so currently the relay controls are set to 'Allow all authenticated users to relay'.

cheers
Andrew
0
Comment
Question by:manta357
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 10777773
If you don't want the certain users to use inotes, replace the mail template of that user to use notes mail template rather than inotes template.

Check your configuration document for deny parameters in smtp inbound/outbound controls and list the domain name of their internet addresses. And there is no way you can specifically restrict access per user.

~Hemanth
0
 
LVL 4

Assisted Solution

by:sreeser
sreeser earned 100 total points
ID: 10778835
Unfortunately if you replace with regular mail then the user can't access via web browser either.  If you want to deny access to both you can also change the maximum internet settings to no access.


As for the second if you ONLY want to allow the remote users access and you have thier ip addresses (or you can assign them something like remote.myorg.com if it is a remote office) then you can put that in the
Exclude these connecting hosts from anti-relay checks: field


Perform Anti-Relay enforcement for these connecting hosts:      All connecting hosts
Exclude these connecting hosts from anti-relay checks:      10.1.1.*
Exceptions for authenticated users:      Perform anti-relay checks for authenticated users
0
 
LVL 4

Expert Comment

by:sreeser
ID: 10778900
Actually I was wrong... you can still access via browser with the regular nots client ... just not  inotes access so if you want to prohibit access from any point other than the client use the max internet access

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Expert Comment

by:sreeser
ID: 10778963
akkk you can tell its the end of a LONG day

I meant to say the regular mail template still allows web access just not inotes whether via web or outlook.  So even if you switch back to the regular template they will still have web browser access.

IBM recently renamed INotes Web access to Domino Web Access just to confuse everyone... including me!
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 10785107
If I understand you correctly, you don't really need to relay from POP clients.  Depending on what you mean, you can either set restrictions to internal IPs for inbound/outbound destinations, or you can get something like POPRetriever to suck POP messages into Domino.

Describe exactly what they are doing that needs to be allowed, and what they are doing that needs to be restricted.
0
 

Author Comment

by:manta357
ID: 10854050
Hi, thanks for the comments, restricting their max internet access should solve the first issue.
The situation is: I've got 3 groups of mail users, those that work only in the office using the Notes client. Those that use the Notes client from various remote locations (and IPs) and those that use POP clients like Eudora from various remote locations (and IPs). What I'd like to setup is that the Eudora users can can access via POP and SMTP to send/recieve mail to anyone (Notes domain and to external). But all the other users, since they should be connecting with the Notes client (which dosn't use the SMTP port from what I understand), should be restricted. What seems to be happening is that everyone can connect via SMTP from the outside because they can authenticate with their account, and then send mail anywhere using any mail client.
At this stage I'm not sure I can accomplish it with the mixture of mail clients.

Andrew
0
 
LVL 24

Accepted Solution

by:
HemanthaKumar earned 150 total points
ID: 10859358
If you open up smtp access for one user...... it is opened for everyone.. unless you have orgunit or domain to restrict but not individuals.. Check Configuration document for restrictions in smtp inbound and outbound controls
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For users on the Lotus Notes 8 Standard client, this article provides information on checking the Java Heap size and adjusting it to half of your system RAM in attempt to get the Lotus Notes 8.x Standard client to run faster.  I've had to exercise t…
I thought it will be a good idea to make a post as it will help in case someone else faces these issues. I trust this gives an idea how each entry in Notes.ini can mean a lot for the Domino Server to be functioning properly. This article discusses t…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question