We are trying to restrict e-mail from Internet to some internal groups.
We already has configured the ACL for a Group Document to only allow some Notes people to route to this group (Document Properties - Key - Uncheck “All readers and above” - Check “some people”). Works fine.
Now we are trying to allow only some internet addresses to route messages to this group. We include only a SMTP address (for example someone@domain.com) into the Document Properties ACL, but ALL internet addresses still routing to the group.
If we exclude the internet address from the ACL, ALL internet addresses still routing too.
So how can we restrict the incoming Internet mail to this group? Note that we don’t want stop all messages, some internet addresses must to be allowed to route to the group.
Subject: How can we restrict e-mail from Internet to some groups?
The setting you need is called “Deny messages intended for the following Internet addresses”. Look it up in the Domino Administrator 6 Help db.
Cheers,
Subject: RE: How can we restrict e-mail from Internet to some groups?
Mike,
if I use this setting all messages are denied to the group, and we need allow some SMTP users to send to that, like a filter.
I tried another way from Adm Help, “Restricting users from sending mail to groups listed in the Domino Directory”, that works fine only for Notes users, although to be said that it also works for users smtp.
The problem is any way I try all messages still arrive.
Thank you for your help.
Leandro.
Subject: Use external unix box as smtp filter/gateway
sounds like the functionality you’re seeking would be best implemented outside of Domino, by using a FreeBSD or Linux box in between the Internet and your internal Domino server(s), to act as a filtering smtp relay host. I’d probably try to explore using a combination of Postfix(postfix.org) plus Tagged Message Delivery Agent (tmda.net) to allow some subset of internet addresses to be permitted to email to some subset of your internal addresses. Lots of other benefits of using an external smtp relay/filter/“firewall”/bastion-host in between the raw internet and your internal mail systems include being able to use additional antivirus scanning such as Amavis, anti-spam measures such as SpamAssassin, ability for powerful and flexible multidomain handling, and alias re-routing, etc.