CONFIGURING


Changing SMTP port settings

You can modify inbound and outbound SMTP port settings.


Configuring SMTP authentication options on servers that use Internet Site documents

On servers that use Internet Site documents, the SMTP service obtains inbound port authentication settings from the Security tab of the SMTP Site document, rather than from the Server document. As a result, when Internet Site documents are used, the TCP/IP and TLS port authentication settings described in the procedures that follow are not available in the Server document. Settings in the Server document continue to provide the inbound SMTP port number and status and determine whether the Domino server allows incoming connections from the authenticated user.

To determine whether the use of Internet Site documents is enabled for a server, check the value of the Load Internet configurations from Server\Internet Sites documents field on the Basics tab of the Server document. If this field is set to Enabled, the server uses Internet Site documents to configure all of its Internet protocols (SMTP, POP3, IMAP, and so forth).

If the server uses Internet Site documents, and an Inbound SMTP Site document is not present in the Domino Directory, or the authentication options in a configured Inbound SMTP Site document are set to No, the SMTP service rejects incoming connections. In each case, connecting hosts receive the following error when attempting to authenticate with the SMTP service:

This site is not enabled on the server.

Ensuring that SMTP clients can connect to a nonstandard port

Because remote SMTP clients attempt to connect to port 25 by default, if you specify a different port number, be sure to configure connecting clients to use the new port, otherwise inbound SMTP connections will fail. This can cause routing problems, especially if the server with the nonstandard SMTP port acts as a relay host for outbound Internet mail.

To configure your other Domino servers to transfer outbound SMTP mail to a nonstandard SMTP port, change the Outbound SMTP setting on the Port -> Internet Ports -> Mail tab of the Server document.

For example, if a server must initiate an SMTP session with a receiving server on which the SMTP task is listening on port 26, set the SMTP Outbound port to 26 on the Server document of the initiating server.

Configuring SMTP port security

To prevent unauthorized access to the SMTP Listener and to protect SMTP sessions from eavesdropping, you can require users and servers to provide name and password credentials to authenticate with the server, and you can enable the use of TLS to encrypt both inbound and outbound SMTP sessions.

On servers that support TLS, you can encrypt SMTP mail sessions by having the server send and receive mail over the TLS port (port 465 by default). Domino also supports negotiated TLS for both inbound and outbound sessions, which allows for encryption over the TCP/IP port between servers that support the STARTTLS command.

You can restrict access to the SMTP listener so that only users who are allowed to access the server can connect to the server's inbound SMTP port.

Related concepts
Securing SMTP sessions using the STARTTLS extension
Understanding Internet site documents on Domino servers
Customizing SMTP Routing
Restricting SMTP inbound routing
Restricting outbound mail routing

Related tasks
Changing the inbound SMTP port settings
Changing outbound SMTP port settings
Setting up Notes user, Domino server, and Internet user access to a Domino server