Thursday, April 23, 2015

IBM Smartcloud Hybrid , setup an SMTP mail relay using the domino Passthru Server

When you set-up IBM Smartcloud Hybrid config you will see the migrated users e-mail will be send directly from the service SMTP.
If your company policies requires that emails should be sent from an internal server (eg. journaling, managed signature,centralized AV-spam, whatever ) you can set an SMTP relay from the account settings

Manage My Company --> IBM Smartcloud Notes -> Account Settings

Email Management here you can set the SMTP relay, and you can set 1 hostname or IP address.

The Smtp from service support STARTLS so if your relay server can do same the e-email flow will be encrypted.

I've asked to IBM support if was possible to set and authentication for SMTP relay  and they have created this SPR #TPON9VBCRT for the enanchement request.

If you haven't already an SMTP relay published you can use for example the Domino Passthru server set-up for the hybrid configuration.

Before that we have to enable and secure the SMTP on this server:

On first enable the SMTP listener on the basic tab of server document, than going to configuration document (create a new one if you haven't ) 

Router SMTP --> Restriction and Control --> SMTP Inbound  and set as below

thank going down to the page and set as below

If you are on Europan datacenter  set

Now we have to set the internal relay from Passthru  to the other internal mailserver

Server config --> Router SMTP --> Basic

Now you are ready to open the TCP-IP port 25 from internet through the domino server and through the Passthru server to the internal mail server.
I suggest also to set-up STARTLS as written in this technote so the service SMTP can use this protocol to secure the mail relay.

This will be the mail flow

from service : mail to user in service --->  NRPC protocol cloud2cloud 
from service: mail to on premise user -->  NRPC protocol cloud 2 on premise 

from service : mail to internet --> SMTP relay to domino Passthru server  --> SMTP relay to local server

No comments:

Post a Comment