Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Directory and routing adventure

I'm supporting two environments (Domino & Exchange) which are currently able to communicate over the Exchange-Notes Connector. There is now requirement to have a support for same email domain (@company.com) in both environments. Now I'm searching the best solution for the inbound mail routing to this domain.

So far I have end up to the following scenarios:

1. Build a common directory (already done in Domino) which have all addresses and use the "LDAP Routing Query" to relay Exchange emails to Exchange bridgehead servers and Domino messages to Domino SMTP relay.
Unfortunately this option have complex and unreliable steps (directory synchronization over platforms, maintenance of LDAP routing attributes)

2. Route everything to one environment and to use Exchange-Notes Connector to relay messages to another system.
Unfortunately this option have unnecessary hops, performance and possible email fidelity problems.

3. Wait AsyncOS 5.5 and to get tiered LDAP lookup to different directories.
Unfortunately this option still have LDAP routing attribute requirement and it can't yet be implemented.

4. Consolidate everything into one environment.
I only wish I could do that !

Anyone else struggling with such a problems ? Any experiences, ideas or best practices would be highly appreciated

3 REPLIES
New Member

Re: Directory and routing adventure

I think Option #1 would be your best bet if option #3 doesn't work for you in the upcoming AsynOS 5.5

Here is how I would proceed with Option #1. You may want to run a sanity check to make sure it achieves what you want and won't cause any problems.


You would first need to implement these steps first before you can make use of the Notes group query:

Does the Email Security Appliance (ESA) support Lotus Notes groups?


No, by default, Lotus Notes uses a group structure that is not compatible with the ESA's group query
mechanism.

If you wish to use groups with Lotus Notes you MUST add an attribute to the user object to query
against. Typically, users have used the description field to store group information. You can modify the schema to include a new one.

An example of an entry that would work for a domino server:

User Entry

dn:cn=FnameLname,ou=Users,dc=example,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Fname Lname
sn: Lname
givenName: Fname
uid: FLastname
mail: FLastname@example.com
description: AVONLY


Example Filter

(&(mail={a})(description={g}))


--------------------------------------------------


1. "System Administration > LDAP > LDAP Profile" for the Domino server that has all the Lotus Notes recipients.


2. Verify the "ldap group" can successfully look up all the Notes recipients. It should fail on any Exchange users since those don't exist there.


3. Submit and Commit the ldap group changes

4. Go to "Network > Listeners > Inbound Listener". Click on the "ldap queries" at the bottom and enable the ldap group that you created in step #2.


5. Submit and Commit changes.

6. Go to "Mail Policies > Incoming mail Policies". Create a new policy called "Domino-Users". Then select "recipient" and choose the ldap group query memberships.

For example, if an incoming Lotus Notes recipient comes in, you verify if this recipient can be found in the Domino directory. If there is a match, then "Domino-Users" mail policy is applied to this message.

If not, for example, it's an Exchange recipient, then it goes to the "Default" at the bottom of the "Incoming Mail Policies"

7. In the content filter of the "Domino-Users", you would create a content filter that would send the message to the Domino mailserver.

8. If you want, for the Default policy, have a content filter that delivered the mail to the Exchange server.

That should be it.


Let me know if this would get you the results that you needed.



I'm supporting two environments (Domino & Exchange) which are currently able to communicate over the Exchange-Notes Connector. There is now requirement to have a support for same email domain (@company.com) in both environments. Now I'm searching the best solution for the inbound mail routing to this domain.

So far I have end up to the following scenarios:

1. Build a common directory (already done in Domino) which have all addresses and use the "LDAP Routing Query" to relay Exchange emails to Exchange bridgehead servers and Domino messages to Domino SMTP relay.
Unfortunately this option have complex and unreliable steps (directory synchronization over platforms, maintenance of LDAP routing attributes)

2. Route everything to one environment and to use Exchange-Notes Connector to relay messages to another system.
Unfortunately this option have unnecessary hops, performance and possible email fidelity problems.

3. Wait AsyncOS 5.5 and to get tiered LDAP lookup to different directories.
Unfortunately this option still have LDAP routing attribute requirement and it can't yet be implemented.

4. Consolidate everything into one environment.
I only wish I could do that !

Anyone else struggling with such a problems ? Any experiences, ideas or best practices would be highly appreciated

New Member

Re: Directory and routing adventure

If you have the Notes-Exchange connector installed, maybe you can use the fact that all Domino addresses published to Exchange receive an SMTP address. If you route the shared domain to Exchange your Domino users receive the mail trough the connector.
You have an aditional hob for your Domino users... but the administration is minimal. (I'm not sure what versions you use and if the sugested functionality is still available, my knowledge of the N-E connector is from Exchange 5.5 /Domino 5.x. (and using it was horrible :cry: ))

An other option (also intoducing an extra hob) is to put a mailserver in between that downloads the addresses from both environments and routes the mail correct. This can be done with the free products Sendmail or Postfix or (like we have for it) the commecial (but too expensive) product MMP from BT/Syntegra
Info: http://www.btglobalservices.com/business/global/en/products/mmp/index.html

Steven

Re: Directory and routing adventure

We are just decomissioning our Notes connectors in a week after migration to Exchange 2003. The method we used is to have everything come to Exchange 2003 first, and relay on to Notes if the recipient does not resolve in Active Directory. Microsoft calls it:

How to share an SMTP address space in Exchange 2000 Server or in Exchange Server 2003

http://support.microsoft.com/kb/321721

Frank@tribune.com

309
Views
0
Helpful
3
Replies
CreatePlease to create content