56
Lotus Domino 6 spam Survival Guide for IBM eServer
You may find that you have certain hosts that are allowed to relay off this Domino
server. You could then add these hosts (name or IP address) to the “Allow
messages only from the following internet hosts to be sent to external internet
domains” field. Only hosts that are explicitly added to the Allow field will be able
to use this server as a relay.
Internal hosts (those within the same Internet domain) are exempt from relay
checking by default. Any host determined to be part of your local internet domain
will be allowed to relay off this Domino server, regardless of the setting
described.
In Domino Release 5, in order to restrict internal as well as external hosts from
relaying, you would need to set the notes.ini variable
SMTPAllHostsExternal=1
.
This variable treated all connecting hosts as external hosts and all hosts were
subject to relay checking. This allowed Administrators to close down the relay
capability within Domino for all hosts, including internal hosts. If it was
determined that an internal host needed to relay though the Domino server, this
host could be placed in the “Allow messages only from the following internet
domain to be routed to external internet domains” field.
Conflicts between the destination and source restrictions
Domino 6 handles the conflict that can occur between the destination and source
fields differently than R5 did. In Lotus Domino 5, Deny entries took precedence
over Allow entries; in Lotus Domino 6, Allow entries take precedence over Deny
entries.
For example, let’s say that you allow relays from the following host and deny them
to the following domain:
Allow from hosts: 9.95.91.51
Deny to domains: yahoo.com
On a Domino 5 server, because the Deny entry takes precedence, the named
host, 9.95.91.51, cannot relay to denied destinations. In the example, the
Domino 5 server cannot relay to any address in the yahoo.com domain.
On a Domino 6 server, in the event of a conflict between entries, Allow entries
take precedence. By giving a specific host “Allow” access, you allow that host to
relay to any destination. In the example, the host 9.95.91.51 can relay to the
yahoo.com domain even though the domain is explicitly denied as a relay
destination.
Similarly, the following configuration denies relays from a specified host and
allows them to a specified domain:
Deny from hosts: myhost.iris.com
Allow to domains: hotmail.com
Summary of Contents for AH0QXML - Lotus Domino Messaging
Page 2: ......
Page 18: ...6 Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 92: ...80 Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 117: ...0 2 spine 0 17 0 473 90 249 pages Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 118: ......
Page 119: ......