DTM

DTM Smtp Interceptor

The DTM SMTP Interceptor is designed to intercept and block unwanted SMTP connections. Its engine operates with internal actions, while a Notes database configuration file enables Domino administrators to whitelist or blacklist specific domains or IP addresses. For example, the tool can be used to prevent certain users from connecting to the mail server via SMTP and ban them.

Fail2ban integrated to Linux is used by the system to block incriminated inbound IP addresses. The DTM SMTP Interceptor records hostnames and IP addresses in the appropriate format for use with Domino-SMTP or Domino filters applied by Fail2ban, as logged in HCL Domino logs. This ensures streamlined management of unwanted connections and enhances security measures for the mail server.

DTM Smtp Interceptor Configuration

The configuration is done via documents in a HCL Notes Database, modifications are dynamic, there is no need to restart the HCL Domino server.

Whitelisted Domains or IP addresses (IPv4, IPv6, or CIDR) allow administrators to bypass controls for specified Internet Domains or IP addresses, granting access to the SMTP inbound of Domino even when blacklist options are applied.

Blacklisted Domains or IP addresses (IPv4, IPv6, or CIDR) enable administrators to block access from specific Internet Domains or IP addresses entirely.

Administrators can blacklist certain SMTP commands or restrict the set of allowable SMTP commands. For standard SMTP commands, specific commands can be refused even if they lack parameters.

For  EHLO/HELO, administrators can blacklist any SMTP Hello command based on two configurable options: empty EHLO/HELO (Domino will not respond) and prohibiting specific EHLOs/HELOs.

For MAIL FROM, administrators can blacklist any SMTP "Mail From" address and block SMTP connections.

For  recipients, administrators can blacklist recipients using two configurable options: setting a maximum number of accepted recipients and prohibiting specific recipient email addresses.

DTM Smtp Interceptor Logging

The logging of incoming SMTP emails is stored as documents in an HCL Notes Database. The recording of information is dynamic, but the email body is not logged to ensure security and privacy.