SECURING


Setting up TLS for Notes or Domino using SMTP

A Notes® client or Domino® server can act as an SMTP client when routing mail to an SMTP server. The Notes client or Domino server can use TLS to connect to a Domino server running the SMTP service or to another type of SMTP server. You cannot set up a Notes client or Domino server for TLS client authentication when connecting using SMTP.

About this task

If you do not have the server's CA marked as a trusted root in the server key ring file for the Domino server, Domino automatically adds the certificate and logs the condition in the log file. Other Internet protocols do not allow users to proceed unless they have the server's CA marked as a trusted root. You should, however, mark the CA certificate as a trusted root instead of automatically adding the trusted root to ensure that the trusted root you receive is valid.

For information on setting up a Notes client to use TLS to connect to an SMTP server, see HCL Notes Help.

Parent topic: TLS and S/MIME for clients

To set up TLS for a Domino server routing mail to an SMTP server

Procedure

1. From the Domino Administrator, click the Configuration tab, and open the Server document.

2. Select the Ports -> Internet Ports -> Mail tab.

3. In the SMTP Outbound column, select Disabled in the TCP/IP port status field.


4. In the SMTP Outbound column, select Enabledin the TLS port status field.

5. Save and close the document.

6. Add the trusted root certificate for the CA of the SMTP server.

Related concepts
Configuring Domino to send and receive mail over SMTP
Setting up Notes and Internet clients for TLS authentication

Related tasks
How users can obtain trusted certificates manually