Lotus Domino Administrator 8 Help - Creating an Adjacent domain document

MAIL

Creating an Adjacent domain document
You create an Adjacent domain document when you need to restrict the transfer of mail from one adjacent domain to another. For example, if you are in domain B and want to prevent mail from an adjacent domain A from traversing your domain to reach another adjacent domain C, create an Adjacent domain document that names C as the adjacent domain and denies mail from A.

Using an adjacent domain document to prevent domain A from routing mail to domain C

The restrictions you define in the Adjacent domain document apply to the domain of the previous hop only. That is, in the Adjacent domain document created in the previous example, adding A to the Deny list prevents mail originating in A from routing to C. This includes mail that domain A may receive from domain Z for eventual transfer to C.

But suppose you want to allow mail from A, but deny mail from domain Z, which uses A and B as intermediate domains to reach C. If the administrator in domain B removes domain A from the deny list of the Adjacent domain document for domain C, and adds domain Z, domain Z is allowed to route mail to C. This is because once the message arrives in domain B the domain of origin appears to be A, rather than Z. In the absence of restrictions on transferring mail from A to C, IBM® Lotus® Domino™ allows the message to route.

Diagram showing that Adjacent domain documents cannot explicitly deny mail from domains beyond an adjacent domain

You also use Adjacent domain documents to allow Free Time searches across domains. For more information, see Setting up scheduling.

Note Restrictions set in an Adjacent domain document work in conjunction with those in the Configuration Settings document. Domino always defaults to the most restrictive entry.

Adjacent Domain documents do not provide connectivity to adjacent domains, and are not required to enable connections between adjacent domains. To define routes between adjacent domains, create a Connection document.

Using Adjacent domain documents to restrict mail

By default, a domain that can route mail to your domain can also route mail through your domain to another adjacent domain. When mail routes from one domain to another through your domain, it ties up your resources. To prevent your servers from being used to transfer mail between other domains, you can selectively allow and deny mail routing through your domain to the domain named in the Adjacent domain document.

The Allow and Deny fields on the Restrictions tab of the Adjacent domain document let you control the flow of messages from other domains to the adjacent domain. Entries in these fields must be the names of adjacent domains; the Router ignores entries for non-adjacent domains beyond the previous hop. If you deny a domain from sending mail through your domain, the Router denies all mail received from that domain, including messages the domain may have passed on from another, non-adjacent domain. There is no way to restrict specific users from routing to a IBM® Lotus® Notes® domain. Restrictions apply to all users in specified domain.

The settings in the Allow and Deny fields work in conjunction with the Allow and Deny fields on the Router/SMTP - Restrictions and Controls - Restrictions tab of the Configuration Settings document. In the event of any conflict between settings, Domino applies the most restrictive entry.

Messages may be further restricted by Adjacent Domain documents, Non-adjacent Domain documents, and Configuration Settings documents set up between domains along the routing path.

To create a Adjacent domain document

1. From the Domino Administrator, click the Configuration tab and then expand the Messaging section.

2. Choose Domains.

3. Click Add Domain to create a new Domain document.

4. On the Basics tab, complete these fields:

Field Enter

Domain type Choose Adjacent domain

Adjacent domain name The name of the adjacent Domino domain. The current domain must have a Connection document to this domain.

Domain description Optional description of the domain

5. To restrict other domains from routing mail through the current domain to the adjacent domain, click the Restrictions tab, complete the following fields, and then click Save and Close:

Field Enter

Allow mail only from domains Enter the names of adjacent Domino domains that are allowed to route mail to this adjacent domain.
To allow any domain to route mail through the local domain to this adjacent domain, leave this field blank.

Deny mail from domains Enter the names of adjacent Domino domains that are not allowed to route mail to this adjacent domain.
To allow any domain to route mail through the local domain to this adjacent domain leave this field blank.

Note

You cannot use wildcards in the Restrictions fields. You must enter explicit domain names.

6. Create a Connection document to specify how servers in the current domain connect to the adjacent domain.

Setting up Notes routing

Glossary

Feedback on Help or Product Usability?

Help on Help

All Help Contents

Glossary

Field	Enter
Domain type	Choose Adjacent domain
Adjacent domain name	The name of the adjacent Domino domain. The current domain must have a Connection document to this domain.
Domain description	Optional description of the domain

Field	Enter
Allow mail only from domains	Enter the names of adjacent Domino domains that are allowed to route mail to this adjacent domain. To allow any domain to route mail through the local domain to this adjacent domain, leave this field blank.
Deny mail from domains	Enter the names of adjacent Domino domains that are not allowed to route mail to this adjacent domain. To allow any domain to route mail through the local domain to this adjacent domain leave this field blank.