[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


Allow intranet users to search a SPAM.NSF database for false positives

Posted on 2006-07-12
Medium Priority
Last Modified: 2013-12-18

Our firewall flags potential spam by placing '[SPAM]' in the subject field of an incoming email.

A SMTP rule on the Domino server routes flagged email to a SPAM.NSF database.

I’m wanting to allow end users to be able to look for false positives against their name only.

Can someone suggest how this could possibly be achieved?

Also, we have a Windows 2003 IIS based intranet which users authenticate to; could a ASP session variable which contains the users email address be used to interrogate the NSF database?

Question by:ajosephson
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 46

Expert Comment

by:Sjef Bosman
ID: 17097344
Difficult, unless you want to modify those mail: you'd have to add Reader-fields. Not very practical. You migth allow some sort of Search, I'd say through a browser on your Intranet. You can hide more Notes-features using the HTTP-server.

Furthermore, how is Mark Johnson going to find mail that was addressed to Marc Johanson? I think it's a job for some poor person, under the supervision of the HR department?
LVL 63

Expert Comment

ID: 17099943
I agree that this is going to be difficult due to authentification issues. Web based for sure, with just a script that automatically searches based on login name. No direct connect to the DB itself, just a search agent.

the IIS based mail name may not be the same as for Notes, so Sjef is correct that you would need a translation table that would need to be maintained.

I hope this helps !


Author Comment

ID: 17105478
Thank you for the input.

I’m surprised it is not as straightforward as I though it would be; thinking some kind of .NET database connector would be able to do the job.

Maybe the database can be exported then searched? Or surely a notes script itself  on the clients could do the job?

Or  a ODBC -> NOTES  driver ( http://www.csc.fi/cschelp/sovellukset/stat/sas/sasdoc/sashtml/win/z0624057.htm#z0624673) to allow IIS to access the database?

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

LVL 46

Expert Comment

by:Sjef Bosman
ID: 17106354
We can think of lots of ways to get this done, but tell us first how you are going to prevent that the wrong user reads the wrong mail?

Author Comment

ID: 17106927
Domino is configured with ‘full name  lookup’ & ‘address must exist in domino directory’ so only valid email addresses should get to the router; to then be redirected to SPAM.nsf.

When I user logs into the Intranet a session variable is set with their email address. I was thinking this variable could be used to search the database.
LVL 46

Expert Comment

by:Sjef Bosman
ID: 17107204
These users are also authenticating on the Domino server, when they use that server from the Intranet? I think the only way is to build an application that searches for only their name. If you can pass the name in the URL, so much the easier.
LVL 20

Expert Comment

ID: 17108798
We tried this with a notes DB and performance was horrible. We tried to have an agent that updated the readers fields on new messages but took a long time to run.

We use brightmail quarantine where I am at now and basically it is a MYSQL database the messages get e-mailed into via SMTP and then a program runs to look at the SMTP address and compare it with those in a User table. Then it copies items from the body, subject and other fields into a table and inserts the user key. Then when they log in use just do normal SQL queries.

But as mentioned above we still have issues with the app maintaining the user's table and seeing other names when logging in
LVL 18

Expert Comment

ID: 17115677
Agree with brwwiggins.. familiar with SPAMJAM, that does allow users to find their quarantined spam, but this spam protector allows all spam in and then filters it per user to allow users to manage their own spam.  So it was a performance killer.  

However, I found the separate boxes to be really helpful in curtailing spam, with minimal cost and administration:

Or integration with SpamAssassin

Author Comment

ID: 17127192
Sorry for the delay. I’d like to avoid using a separate appliance - WatchGuard is OK.

sjef_bosman users are only authenticating against the Active Directory not domino.

The email address could easily be passed in a URL to the domino server. I simply do not know domino to understand how this could be used / domino scripts to execute etc.

I appreciate your help.


Author Comment

ID: 17142447

i'm keen to get your advice on this pls?
LVL 46

Accepted Solution

Sjef Bosman earned 1000 total points
ID: 17144164
Ok, this might be the way to do it:
- enable full-text search on the database
- use an URL to search the database

From the Designer Help db:

Use SearchView URLs to limit a search to documents displayed in one database view.
This URL is useful for views that display all documents (so you can have a full-database search) or for views in which you can predict what users need to see, such as all documents whose status is "Completed."


Some of the allowed argument:
The ArgumentList must contain the Query argument; in addition, it may contain any or all of the other arguments in any order.
    Where string is the search string.
    Where n is the number of results to display on each page until the
    SearchMax has been reached. For example Count=10 will display
    10 results per page.
    Indicate 1 to "Sort by relevance," 2 to "Sort by date ascending,"
    3 to "Sort by date descending." The default is 1. SearchView
    also supports a SearchOrder value of 4 to "Keep current order,"
    which sorts the resulting set of documents in the order in which
    they appear in the view.
    Where n is the maximum number of entries returned. The default value is determined by the server.
Where n is the number corresponding to the document that appears first in your list of results. For example, Start=10 begins your list of results with the 10th document found in the search. Start=0 means that paged results will not be returned.

If you can create an URL like
    http: //www.domain.com/spamdb.nsf/?SearchView&Query=mailaddress@domain.com&SearchOrder=3&Start=0
the spam database will be searched and the results will be presented to the user. But beware: any user with some Notes knowledge about creating URLs like this will be able to search the database on ANY user's mailaddress!

You might have to replace the @ by %40

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For Desktop Techs: How to retain a user's Notes configuration data when swapping out the end user's computer. (Assuming that you are not upgrading to a completely different version of Notes client) All you need to do is: 1) install Notes o…
This is an old article, please see an updated version of this article, located here: http://www.experts-exchange.com/articles/23619/Notes-8-5x-Windows-7-Notes-info-and-tips.html
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question