Domino smtp routing through non-domino server

Posted on 2004-04-15
Medium Priority
Last Modified: 2013-11-16
Our current configuration consists of 5 Domino servers, 3 Domino servers in a cluster, an incoming Domino server and an outgoing Domino server. The mail coming in first hits a Linux box running qmail and spamassassin and then the incoming Domino server via smtp. The incoming Domino server checks the recipient against the NAB and sends valid mail to the cluster via the Notes protocol.

Because of the vast amount of non-valid recipient addresses, we want to upgrade from 5.0.12 to 6.5.1 so that we can reject connections for non-valid recipients. To do this we need to have the incoming mail hit the incoming Domino server first, then send it to the Linux box via smtp, which would in turn send it to the Domino cluster.

The problem comes when the incoming Domino server receives an email with a valid address. When it looks at the NAB, it is going to want to send it to the Domino cluster instead of the Linux box.

How do I overide the routing to have the incoming Domino server route to the Linux box via smtp?
Question by:rdhowarth
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10835873
Create separate Notes networks, see under Configuration/Messaging/Networks, and explicitly define a connection for an internal server to pass through the Linux box.
LVL 63

Expert Comment

ID: 10839615
This is not gona work.
You want the Domino to check recipient against directory, but not to accept the SMTP mail. You want it to forward to Linux qmail handler. Why?
LVL 15

Accepted Solution

Bozzie4 earned 1500 total points
ID: 10840667
Sure you can do it like sjef says.

But I think it will be easier to create a completely separate Notes domain to do this.  Add the directory you want to use, using directory assistance (over ldap, or remote notes rpc).  Do not create connection documents to directly link the 2 domains, instead force the mail trafic over smtp.

External -> Domino Domain 1 -> Linux Mail -> Domino Domain 2

Another option would be to let the Linux Mail program already check the mail addresses, I think this makes more sense.  I don't know anything about qmail, but afaik in Sendmail, it should be possible to use an LDAP directory to do the lookup, and to reject mail that's not in the LDAP directory (your Domino directory).  
In the past (before LDAP), I worked in a company where we would create the files with authorized email addresses for sendmail from our Domino Directory, using an agent, so that would be an option too (for qMail I guess something similar can be done.)  In each case, this would make your topology a lot simpeler, and easier to maintain (I hope)

External -> Linux Mail -> Internal Domino Domain
              Domino LDAP
               Domino generated config files



Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.


Author Comment

ID: 10849067
Actually I discounted using 2 Domino domains because of added administration. Our Domino configuration is already made more complex by puling info from Oracle HR.

I did find an add-in for qmail that will query LDAP. I need to test it with the Domino implementation, but since I will have source code, I think I can make it work. That way mail can keep using the same path, and I won't have 80000 emails to non-existant users every day plugging up my MTA. I do need the Linux server to check the valid email with spamassassin.

Thanks to Bozie4 for sugesting using LDAP from the Linix box.
LVL 13

Expert Comment

ID: 10872167
A new TA has been added to EE: Lotus Domino Admin (http://www.experts-exchange.com/Web/Lotus_Domino_Admin/).

Since it's still rather empty we're looking for content for this TA. This should offer visitors a better chanche of finding answers to their questions.

This question, though not posted in a wrong TA, was a typical Lotus Domino Admin question. Therefore I'm moving it from Lotus Notes/Domino TA to Lotus Domino Admin TA.

Page Editor
LVL 19

Expert Comment

ID: 10876169
Good work CRAK!

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article covers general Notes 8.5 troubleshooting information including recreating the Notes\Data folder.
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question