IBM Domino - Denial of mail containing cert.id file - lotus-domino

I have attempted to send an organisational certifier as a mail attachment, and the Domino server denies it as an "attachment type policy violation". There is nothing explicit in the server configuration that would explain this. Other .id files are delivered without problem, and editing the name of the file so that "cert" does not appear as a substring in the file name does not help - the file is denied delivery even if the name entirely obscures its nature (e.g. "xx.id"). Only when I change the extension as well ("xx.yy") is it delivered successfully.
Can anyone explain this behaviour? It looks as though there is a hard-coded policy against sending certifiers by mail, but is that really the case?

The only place Domino could reject the mail is thru a router rule specified in the configuration document (Domino Directory -> Configuration Document -> Router/SMTP -> Restrictions and Controls -> Rules)
Other than that, there must be a Domino-external scanner which checks the file name or file content.

As far as I can see, that message isn't from Domino at all. When searching the Internet for "attachment type policy violation" (with the double quotes), I only find it in conjunction with Exchange 2010 servers. And your question of course.
Can you confirm that all mail servers in this case are Domino servers? Can you check the headers of the returned mail, in order to find out where the mail bounced? Can you check the log.nsf database of the Domino server, both under Mail Routing and Miscellaneous, to see if there's a message about the mail being rejected?
IMHO you should be barking up some Microsoft tree...

Related

HCL Domino Remote Console: How to get name of user connected remotely

I would like to restrict some functions in a user written server add-in for certain users or groups.
Question: Is it possible to get (via an API) the user name who is sending a "Tell" command from a remotely connected server console?
Example:
Tell AddinName Command (issued remotely by Hotline User)
Tell AddinName Command (issued remotely by Admin User)
The remote console (and therefore the "Tell" command) is available to both users, but a subset of commands should only be allowed to authorised users (e.g. Group in Server Document->Security).
Is the user name (entering the "Tell" command) available (e.g. in the MessageQueue)?
I know that internally in Domino there are already some restriction possible to commands issued at the console.
The session.getCommonUserName() always returns the server name (since the add-in runs in context of the server).
Thanks for any pointer or ideas.
Andy
I believe that the answer to this is no, and it would not be advisable to implement tell commands that you can't trust to all authorized administrators.
If you really do need to confirm a user identity for a command, you're going to need to use database to queue the commands. I.e., you could build an application that stores the commands in documents in a database with a restricted ACL. Your addin code can use an Extension Manager hook to monitor the database for changes and read new documents when they appear, or you could have your application use NotesSession.SendConsoleCommand to issue something like 'tell myAddIn process ' to wake up your addin and give it the noteid of the document it just created. If you need to protect against people with full access admin rights overriding the ACL, your application could digitally sign the documents and your addin could verify the signatures.

FTP SSL through PeopleCode/Soft

I'm trying to use PeopleCode to get a file from a remote FTP server that uses SSL. The GetAttachment command returns error code 8, which indicates a problem connecting or authenticating with the "destination server" (which I'm assuming means "remote server"). I don't think the problem is in my code itself, although I'm not discounting that, but rather in the URL configuration and the security certificate.
First, my PeopleCode is:
&returnCode = GetAttachment(URL.MY_FTP_URL, &fileName, &destinationPath);
If &returnCode = %Attachment_Success Then
[...]
Else
MessageBox(0, "", 0, 0, "Fail: " | &returnCode)
End-If;
I've created the URL definition via PeopleTools > Utilities > Administration > URLs. The URL is pretty straight forward. The URLID is "ftps://[remote server]/". I know this connection requires active mode and SSL, so I've added the properties (in addition to username and password) ACTIVEMODE = Y, and SSLUSAGELEVEL = 3.
Now, here is where I think the problem is. By adding the SSLUSAGELEVEL property, I also need to add the CERTALIAS property and (presumably) set it to the name of the SSL certificate. So I got the certificate, uploaded it and created the definition. I went back to the URL definition, added the CERTALIAS property, but the prompt box for the valid values is empty.
I think my problem now is that I need to perform some other step to get the certificate I created to show up in the CERTALIAS prompt. Is my approach generally in the right direction? Or am I missing something else entirely?
Thanks,
First, confirm that it is working at the operating system level.
I have noticed that GetAttachment does not always copy over the ssl certificate with the proper file system permissions, in Oracle linux, to the app server working directory and because of the incorrect file permissions, the destination server will refuse the connection.
I had to create the key file with the correct file permissions and hardcode the path to this key file, with the correct file permissions, in the URL entry.

SQLServer Error: Could not connect to mail server. (The requested name is valid, but no data of the requested type was found)

My Problem On Database Mail on Sql Server 2008 R2. My Database Mail Work fine upto yesterday since 2 years. But From Today My Database Mail Not Work.
I Restart my Database Server. Reconfigure the Database Mail but still i faced the following error.......
Message
The mail could not be sent to the recipients because of the mail server failure. (Sending Mail using Account 6 (2017-06-12T16:12:12). Exception Message: Could not connect to mail server. (The requested name is valid, but no data of the requested type was found).
My Mail Account Setting in following...
I tried from Send Test E-mail, See the View Database Mail Log and see the above mention error.
Please help to resolve this issue.....
Thanks in advance....
Your problem seems network related, especially since nothing has changed on the database configuration.
Also make sure, your user has the rights to connect and access the specified mailbox.
Check Firewalls, DNS, IP configuration.
By the way, the configuration for Office365 seems good, that's the one I use for my servers ;)

how to upload Files to Alfresco via Email?

I wanted to upload files via email in Alfresco.
I am using alfresco community 5.2
I have added inbound email properties in alfresco-global.properties file
and i have followed all the steps and
I sent an email as explained in below links
But I am not able to receive any files in my alfresco
I have referred the links
https://www.youtube.com/watch?v=p17GkHsLdmc
http://keytocontent.blogspot.in/2010/05/upload-files-to-alfresco-via-email.html
Steps I have followed
1. set the properties in global properties
email.inbound.enabled=true
email.server.enabled=true
email.server.port=25
email.server.domain=vikash-laptop.com
email.inbound.unknownUser=anonymous
email.server.allowed.senders=.*
created a user named as hello1
email id=> hello1#vikash-laptop.com
added this user into EMAIL_Contributors group
Created a site named as test site
created a folder in Document Library>>Dropoff and
applied aspect email aliasable
added alias properties as dropoff
so the my email address will be dropoff#vikash-laptop.com
tried to send email to dropoff#vikash-laptop.com
and hello1#vikash-laptop.com both
Still i am not receiving any files which i have attached in email.
How did you try and send an email to vikash-laptop.com? You need to make sure the host name you are specifying (vikash-laptop.com) is going to resolve to the IP address of your alfresco server (I assume running on your laptop).
You also need to make sure that your mail client will resolve that domain correctly and can connect to the alfresco server. For example, if you were going to try and send an email from gmail, that would have problems unless vikash-laptop.com was a registered domain so that the gmail servers could resolve it and access port 25 on that machine from the internet.
If you just want to do a simple test on your laptop without a mail client where alfresco is running you can just telnet to the alfresco host and try and connect to that port (google "test smtp telnet" for a lot of suggestions) and see that it is listening on port 25 as you configured it and that you can send test email.
I have downloaded smtp mail sender and it is working. and now i am able to receive email attachments in alfresco.

Send mail programmatically w/attachments is undeliverable

I am trying to send mail using vb.net from iis through a smart host (mailenable) and out through the internet. When I send mail without attachments it goes out just fine. When I send mail created the same way with an attachment the smart host gets an error sending the email.
"mailenable the remote server appears to have failed or to have rejected the contents of the message"
The smart host is correctly set up with reverse dns and MX records set up correctly. What am I missing?
Happens with .txt and .jpg files both - Attached using system.net.mail.attachment(inputstream, attachmentname, mimetype)
The remote server is rejecting it
the smarthost is making an attempt
Sending attachments to the remote server using outlook works fine
I would concentrate on this portion of the error:
"...rejected the contents of the message"
.. since you have confirmed that sending mail works fine without the attachment.
What time of attachment is it?
How are you attaching it?
Have you checked with the server admin (might be yourself) to see what types of files may be sent through that system?
Be aware that a lot of mail servers rejects email with attachments with files .exe, .bat, .cmd, etc (executables) and zip files containing any of this files.
Can you send the same message with a standard SMTP mail client? Alternatively, can you send the same message using your code via a different mail server (i.e., Google's Gmail IMAP server)?