IBM SmartCloud Notes Mail Routing - 21st Oct

IBM Collaboration Solutions

Open Mic

Date: 21st Oct , 2015

IBM SmartCloud Notes (SCN)

Mail Routing

IBM Corporation ©2015 2

2 2

Open Mic Team

Naresh Luthra – L3 Smart Cloud Notes

Presenter

Ranjit Rai - IBM ICS SWAT

Focusing on entire Notes/Domino

Jayavel Rajendran - IBM ICS SWAT


Hansraj Mali - IBM ICS SWAT


Vinayak Tavargeri – IBM ICS Support Facilitator for Open Mics

2

IBM Corporation ©2015

Agenda

1 SmartCloud Notes (SCN) Mail Routing Overview

Email Hygiene

Email Retention

Hybrid & Hosted Environments

2. Routing Topology & Server Roles

3. Sample Mail Flow Scenarios

4. Admin controls

5 Common issues, causes, best practices

6. Useful URLs

3


IBM SmartCloud Notes Overview

Email Hygiene ( Anti-virus / Anti-Spam)

Mail between users in same SCN company (organization) is scanned for viruses (NRPC Hub servers).

Mail between users in different SCN companies (organizations) is scanned for viruses and Spam (Hygiene servers).

Mail to and from on-premise users and SCN users in a Hybrid environment is scanned for viruses.

Mail to the Internet is scanned for viruses (Hygiene servers).

Mail from the Internet is scanned for viruses and Spam (Hygiene servers).

4


IBM SmartCloud Notes Overview (continued)

Email Retention

Additional service offering (“IBM SmartCloud Archive Essentials”) allows

capture, retention and discovery of mail sent to or from SCN users.

Capture: SCN SMTP servers & NRPC Hub Servers.

Retention: Data transferred via encrypted connection to storage site.

Search/Discovery: Query for content (criteria, time frame).

Retrieval: Original format (Rich Text or MIME).

Note: Email Retention (“IBM SmartCloud Archives Essential”) is distinct from “Journaling Options,” which logs next “Journaling Options,” which logs next hop results for mail sent or received “Journaling Options,” which logs next hop results for mail sent or received via NRPC; and for Notes client session activity via NRPC .

5


IBM SmartCloud Notes Overview (continued)

Hybrid Environment

On-premise Domino servers.

Extends into SCN Service.

Selected during initial setup of SCN

NRPC routing between on-premise servers and SCN environment.

Inbound SMTP: On-premise Gateway servers (default).

Outbound SMTP: Based on sender's location (on premise or in SCN).

“Email Management” → “Manage Routing to External Internet Domains.”

Email Retention: Offered in SCN service.

6


IBM SmartCloud Notes Overview

Hosted Environment

Also know as “Service-only environment ”

NRPC routing amongst company (organization) users

SMTP routing to and from other SCN companies

Inbound SMTP: Hygiene servers → SCN SMTP servers → Mail servers

Outbound SMTP: Mail servers → SCN SMTP servers → Hygiene servers

“Email Management” → “Manage Routing to External Internet Domains”

Email Hygiene

Email Retention


SmartCloud Notes Topology & Server Roles

Domino Mail Servers

Primary, Secondary mail replica for every user.

Additional servers (DR).

Domino NRPC Mail Hub Servers

Anti-virus.

Email Retention.

Routing within SCN companies.

Routing to and from on-premise environments.

8


SmartCloud Notes Topology & Server Roles (Concluded)

Domino SMTP Hub Servers

Between Hygiene servers and other SCN servers.

Email Retention.

Mail Hygiene Servers

Internet facing.

Inbound and outbound SMTP mail.

Opportunistic TLS (STARTTLS, Port 25).

Anti-virus and anti-Spam (outbound: anti-virus; inbound: anti-virus and anti- Spam).

9


Domain Verification

Important for setting up a new Company

Mail routing prospective , it tells us that you own that domain and are the true owner of that domain .

Edit a CNAME record

After the domain verification , you points the MX to our service

For United state Data center , specify smtp.notes.na.colabserv.com

For Asia Pacific Data center , specify smtp.notes.na.colabserv.com

For European data center , specify smtp.notes.ce.colabserv.com

10


Hosted Only Scenarios

11


Scenario #1: Hosted User to Hosted User (same Company & Same Home Server or different Home Server)

12


Scenario #2: Hosted User to Hosted User (Different Company / Same Home Server or Different Home Server / Destination is SCN Customer)

13


Scenario # 3: Hosted User to External user (Different Company / Destination is Non SCN / Non Hybrid)

14


Scenario #4 : : Hosted User to Hosted User. (Different SCN Companies & Different Home Servers; SCN Owns the Destination Domain.)

15


Scenario #5: Hosted User to External Internet User. (Different Companies; SCN Does not Own Destination Domain.)

16


Scenario #6: Inbound - External Internet User to Hosted User. (Different Companies; SCN Owns Destination Domain.)

17


Hybrid “Typical” Scenarios

18


Scenario #7: Inbound - External Internet User to Hosted User of Hybrid Environment. (Different Companies; SCN Does not Own Destination Domain.)

19


Scenario #8: Hosted User in Hybrid Environment to On-premise User. (Same Company; Domain Owner not considered.)

20


Scenario #9: On-premise User in Hybrid Environment to Hosted User. (Same Company; Domain Owner not Considered.)

21


Scenario #10: Hosted User in a Hybrid Environment to External Internet User. (Different Companies; SCN Does Not Own Destination Domain.)

22


Scenario #11: On-premise User in a Hybrid Environment to an External Internet User. (Different Companies; SCN Does not Own Destination Domain.)

23


Scenario #12: Hosted User in a Hybrid Environment with Outbound Relay to External Internet User. (Different Companies; SCN Does Not Own Destination Domain.)

24


“SmartCloud Notes Mail Routing – Admin UI Options”

25


SmartCloud Notes Mail Routing – Options

Email Management Options

Message Size Limit

Email Forwarding

On-premise SMTP relay Routing

26


SmartCloud Notes Mail Routing – Options

27


Recent Cases

Case 1

Issue : Hybrid Customer in service reported that one of it‟s user was not receiving mails from the

internet user and from also from the SC user ( different Company )

Analysis : Solution is based on Scenario 7 , We in service checked that the mail was send to the

hybrid user by the SC user by checking the logs from the Hygiene server . So we found that the mail

was transfer to the on premise Gateway server were Mx is hosted .The Incoming mails has to come

from the On-premise server via Nrpc Hub server . The issue has to be looked upon from the on-

premise end and not from the service end point .

28


Case 2

Issue : Hybrid Customer reported that after one of the user was migrated to service , Mail

forwarding stopped working . Earlier before Migration it was working for that user .

Analysis : Found out that domain used in mail forwarding was the local domain ,In order to make

it working for user , the forwarding mail domain should be listed as local domain via GDD. This

will allow the mail to be transfer to the on premise via Nrpc from the service .From the on

premise it will route to the forwarding address as before

As of now it was working as designed . The mail was transferred to the hygiene server as the

forwarding domain was define locally , the hygiene server when transferring the mail to the

internet was giving the error “Invalid domain”

29


Case 3

For e-mail transfer/ delivery delay related issues for Nrpc mail transfer to the service the

following settings might be helpful . Apply these setting on each of the on-premise mail hub

server

Customize the routing retry interval :-

a.) From the Domino Administrator client, open a server in the domain.

b.) Click Configuration > Server > Configurations.

c.) Create or edit a Configuration Settings document that applies to the mail hub server.

d.) Click Router/SMTP > Restrictions and Controls > Transfer Controls.

e.) In the Initial transfer retry interval field, specify 1 minutes. Default 15 min

30


2.) To allow the use of multiple transfer threads for mail routing, perform the following steps on

each of on-premise mail hub server :-

a) Add the following setting to the server notes.ini file RouterAllowConcurrentXferToAll=1

b) Perform the following steps to limit the number of transfer threads used for routing to any

single destination. This setting reduces the chance that routing to one destination over a slow

connection will monopolize transfer threads and prevent routing to other destinations.

31


1) From the Domino Administrator, click Configuration > Server > Configurations

2) Add or edit a Configuration Settings document that applies to the mail server.

3) Click Router/SMTP > Restrictions and Controls > Transfer Controls.

4) In the Maximum concurrent transfer threads field, specify the value 4 .

Note: These steps allow the use of multiple transfer threads when routing mail to any destination, not only to the service. After users are provisioned for the service, monitor mail routing. Ensure that the setting does not negatively affect the performance of routing to destinations other than the service.

32


Case 4

Issue : Customer is facing issue sending mails to some of the internet domain . Error establishing

SSL connection (connect) - 417 Temporary delivery error.

Analysis : When we checked the Mail hygiene logs we saw the following error message 417

Temporary delivery error .

Found that the customer was using weaker cipher suite

For security reason RC4 cipher suite was removed from the Hygiene servers and for the receiving

domain this was the only cipher suite used to make the successful connection.

The customer needs to upgrade their cipher suite .

33


Case 5

Issue : User sent mail to two users . One user is able to see the content and the

Other user is unable to see the content .

Analysis : In case of user for whom the content wasn‟t visible . The mail

Was converted from mime to rich text .

The workaround was to keep the following setting

Format preference for incoming mail in the user‟s Person document to

"Keep in Senders Format".

34


Case 6

Issue : User sometime doesn‟t receives mail from a particular sender (hosted customer )

Reason : Sometime the mail from the sender are block by the Mail hygiene because they are

tagged as SPAM as per the current system filter .

Solution : If the customer thinks that the mail from the particular sender is falsely tagged as

SPAM by our service then Send the copy of the blocked mail to the Hygiene team ( for that you

need to work with IBM support team ) or send the mail again if you have the access to that mail

with CC to [email protected] . This will help to update the hygiene filters dynamically .

35

mailto:[email protected]






Case 7

Issue : Sender getting the DFR , Several matches found in Domino Directory ,

when sending mails to the user‟s in Smart cloud .

Reason : The e-mail used for the active user is also found in some other user‟s

service record as alias or short name . It doesn‟t matter if the user is suspended or

active .

Solution : Remove the suspended user‟s service record / if the alias or short name is

found in the other active user„s service record then it needs to be removed (Need to

work with IBM support for resolving this issue )

36


Case 8

Issue : Getting DFR When sending mail to the hosted SC company user

Error Message : Server error: '550 invalid DNS MX or A/AAAA resource record

Analysis : MX was listed at second level . To work properly it has to be listed in first

Level

<Domain> 74738 IN MX 5 <server name > ( 1st Level )

<server name >. 300 IN CNAME smtp.notes.na.collabserv.com. (2nd Level )

It should be as follows

<Domain> 74738 IN MX 5 smtp.notes.na.collabserv.com. ( 1st Level )

37


Basic Configuration Practices

After provisioning users to SCN, then configure the MX record(s) to point to SCN (if applicable), not

before . Otherwise, there is a risk of Delivery Failure Reports.

When the intent is for on-premise SMTP servers to receive mail from the Internet (rather than the

SCN Service receiving the mail), do not point MX record(s) to SCN. Otherwise, Delivery Failure Reports

result, as SCN does not own the destination domain in this configuration and , therefore, is not prepared to accept the mail from the Internet.

When the intent is for the SCN Service to receive mail from the Internet, be sure to validate the

Internet domain(s) first, and then point the MX records to SCN. Otherwise, Delivery Failure Reports

result, as SCN is not prepared to accept the mail from the Internet until domain Validation has taken

place .

Alphabetic listing of the Domino name of the on-premise Primary and Secondary Mail Hub servers is

used to determine which server and SCN NRPC Hub server will first attempt to route mail to.

38


Useful Urls Configuring the MX record for a domain http://www-01.ibm.com/support/knowledgecenter/SSPS94/service/topics/cfg_hosted_domain_mx_t.dita?lang=en

Verifying ownership of a domain http://www-01.ibm.com/support/knowledgecenter/SSPS94/service/topics/cfg_hosted_domain_verify_t.dita?lang=en

39


Questions?

Press *1 on your telephone to ask a question.

Visit our Support Technical Exchange page or our Facebook page for details on future events. To help shape the future of IBM software, take this quality survey and share your opinion of IBM software used within your organization: https://ibm.biz/BdxqB2

40

IBM Collaboration Solutions Support page

http://www.facebook.com/IBMLotusSupport

IBM Collaboration Solutions Support

http://twitter.com/IBM_ICSSupport

40

http://www.ibm.com/support/entry/portal/scheduled_tech_exchanges/lotus/lotus_brand_support_(general)

https://www.facebook.com/IBMLotusSupport

https://ibm.biz/BdxqB2





IBM SmartCloud Notes Mail Routing - 21st Oct

Software

Transcript of IBM SmartCloud Notes Mail Routing - 21st Oct