Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 534
  • Last Modified:

Lotus Notes 4.6 SMTP MTA / spam question

We use a Lotus Notes 4.6.5 server for our small business.  Lately, we've been getting spammed by someone who seems to be randomly mailing spam to thousands of randomly generated names at our domain which, of course, are not valid email addresses in the address book.  As a result, our server determines that the addresses are invalid and then attempts to return the spam email with an undeliverable message.  Of course, the return address isn't valid either so the server bogs down with thousands of messages in the outgoing mail queue.  As a result, legitimate outgoing email gets stuck in the queue for hours or even days.

I can think of three possible solutions, but can't figure out how to implement them:

1) Stop the server from trying to send bounce messages when someone emails an address that is not in the address book;
2) create a catch all mailbox for all emails that cannot be delivered to a legimate address which can be deleted periodically; or
3) send undeliverable mail to /dev/null if there is such a thing in Notes.

Can anyone help me accomplish this or a similar result with a minimum of pain?

I would hope that there is just a SMTP MTA switch that I could stick in the notes.ini file to accomplish this, but I just can't any documentation about it if it does exist.

Thanks a million.
0
dhaworth6
Asked:
dhaworth6
3 Solutions
 
Sjef BosmanGroupware ConsultantCommented:
You're in deep trouble. R4 has little or no features to do what you want. Support is no longer there... I can think of the following solutions:
- upgrade to R6 and configure it
- upgrade to R6 and add anti-spam software
- use an external SMTP-serverprocess to catch spam (involves changing SMTP port numbers when run on the same server)

Most cost-effective: upgrade!
0
 
qwaleteeCommented:
Actually, most cost-effective is to find an old unused box and load (free) SendMail on it.

Some of the R5 relaying controls are available as R4 notes.ini variables, but I don't know if the "only accept messages for addresses taht are present in teh directory" option is available.

If you want a relatively inexpensive R6 upgrade, get Domino Express.
0
 
marilyngCommented:
Found these suggestions to work as a fair stop gap for persistent domains for 4.6

  http://www.keysolutions.com/NotesFAQ/whatlotus.html

The ini parameter: SMTPMTA_Denied_Domains=thistextfile.txt  allows you to create a list of domains you want to deny.  What I did was create a database for these domains that I wanted to deny, and an agent that would load the text file and then restart the SMTPMTA to reload the text file

Gotchas for this - if the incoming IP is bogus or not a standard domain, like "[COMPUTER]" then you have to search the message header for the handshaking IP and decide if that one is valid.  Because the spammers change their IP address, you have to maintain the list - so my database cleared entries after 7 days.

The other BIG gotcha what that if the list was too large, or had too many unresolved domains, the SMTPMTA task would take up to 2 hours to load the list, checking each entry.  During this time, no mail was delivered.

If you haven't turned on "Fullname" and allow the server to resolve first name, then the common first names get hit.  

Couldn't upgrade fast enough :)

Good luck!
marilyng

0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now