Home
IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
Configuring
Use this information to configure an IBM® Domino® network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters. Also use this information to set up IBM iNotes® on a server using Domino Off-Line Services (DOLS).
Configuring iNotes®
IBM® iNotes® (previously IBM Domino® Web Access) provides IBM Notes® users with browser-based access to Notes mail and to Notes calendar and scheduling features. Administrators specify mail policy and security policy settings as well as notes.ini file settings to complete the full implementation of IBM iNotes.
Editing the configuration settings document for iNotes®
Many of the features you enable using the configuration settings document can also be configured using policies.
Specifying notes.ini file settings for IBM iNotes
A number of notes.ini file settings are available, some also represented in policy documents, to help you tune your configuration of IBM® iNotes®. This section contains many of the notes.ini file settings for iNotes, but is not a comprehensive list due to the fact that some have been replaced by settings in the server configuration document.
Enabling a whitelist of acceptable file types
To prevent direct opening of attachments that may contain harmful content, a content-disposition header has been added that instructs the browser to save the file attachment rather than opening it directly.

IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
- What's new in IBM® Domino® 10?
  Learn about all of the new features for administrators in IBM® Domino® 10.
- Overview
  Welcome to IBM® Domino® Administrator Help.
- Installing
  Use this documentation to install the IBM® Domino® server and subsequently deploy the IBM Notes® client.
- Planning
  Use this topic as an overview of planning task.
- Configuring
  Use this information to configure an IBM® Domino® network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters. Also use this information to set up IBM iNotes® on a server using Domino Off-Line Services (DOLS).
  - Configuring a network
    This section presents the planning concepts and setup procedures necessary for a successful IBM® Domino® deployment over a network. It provides information on network protocols from a Domino perspective but does not attempt to provide general network information.
  - Configuring users and servers
    Topics in this section describe how to set up users and servers.
  - Editing the NOTES.INI file
    You should rarely, if ever, need to modify a server's or client's NOTES.INI file. The NOTES.INI file contains many settings that Domino® and Notes® rely on to work properly. An accidental or incorrect change may cause Domino or Notes to run unpredictably. Therefore, you should edit the NOTES.INI file only if special circumstances occur or if IBM® Support Services recommends that you do so.
  - Configuring directory services
    This section describes how to plan, set up, and use IBM® Domino® directory services.
  - Configuring messaging
    This section provides an overview of messaging and describes how to set up mail routing, how to set up and customize mail servers, and how to track mail.
  - Configuring iNotes®
    IBM® iNotes® (previously IBM Domino® Web Access) provides IBM Notes® users with browser-based access to Notes mail and to Notes calendar and scheduling features. Administrators specify mail policy and security policy settings as well as notes.ini file settings to complete the full implementation of IBM iNotes.
    - iNotes® ultra-light mode
      The ultra-light mode of IBM® iNotes® is designed for use on a mobile device. It is also the accessible mode available on Microsoft™ Windows™ operating systems (Win32) using Mozilla Firefox 3.0 or later.
    - Getting started with iNotes®
      After installing and configuring IBM Notes and enabling IBM iNotes, perform these tasks to enable users to get up and running with iNotes.
    - Creating mail policy settings for iNotes® users
      IBM® Domino® administrators can use a number of mail policy settings.
    - Creating security policy settings for iNotes® users
      To create or enforce security settings for IBM® iNotes® users, you must create a security policy settings document.
    - Desktop policy settings supported in iNotes®
      When applied to a user, these desktop policy settings lock down the associated user preferences in IBM® iNotes®. Any existing policies previously assigned to iNotes users are enforced.
    - Editing the configuration settings document for iNotes®
      Many of the features you enable using the configuration settings document can also be configured using policies.
      - Secure mail for iNotes®
        To allow IBM® iNotes® users to encrypt and digitally sign email messages, you must enable both the Encrypted mail support and the Name Resolution and Validation fields on the iNotes tab of the server's configuration settings document.
      - Adding a disclaimer to outgoing iNotes® messages
        You can add a disclaimer to outgoing IBM® iNotes® messages. A disclaimer is a denial or a disavowal of legal responsibility for the contents of the message. In some countries, not having a proper disclaimer on messages may result in fines leveled by regulatory agencies.
      - Configuring alternate name support in iNotes®
        An alternate name is helpful when a user wants to use his or her native language and character set to type, display, and look up names. For example, users can type a name in a native language and character set when sending mail. A user's primary name is recognizable to an international audience; an alternate name is recognizable to the user's native language.
      - Using browser cache management
        Use browser cache management to improve client side performance and security of IBM® iNotes® sessions on Internet Explorer by controlling which entries are stored in the cache and which are removed when the iNotes session ends.
      - Making calendar details available to all users
        You can make calendar details available to all users with settings on the server's configuration settings document.
      - Making Notes® links work in iNotes®
        You can configure IBM® iNotes® so that users can open IBM Notes® links (document, view, or application links) in either a new browser window or in Notes. iNotes supports Notes links to any server, as long as the user has access to the application to which the link connects and the application is on an IBM Domino® server in the local area network. This is also useful for iNotes users who reply with history or forward a thread with Notes links back to a Notes user. You can also configure the server to offer Notes links only or Web links only.
      - Setting a maximum attachment size
        You can set a maximum attachment size other than the default value.
      - Specifying notes.ini file settings for IBM iNotes
        A number of notes.ini file settings are available, some also represented in policy documents, to help you tune your configuration of IBM® iNotes®. This section contains many of the notes.ini file settings for iNotes, but is not a comprehensive list due to the fact that some have been replaced by settings in the server configuration document.
        Notes.ini file settings used when integrating iNotes® with IBM® Docs
        There are several notes.ini file settings that correspond to the settings on the mail policy settings document, IBM Docs Integration section. When configuring IBM® iNotes® integration with IBM Docs, these notes.ini file settings override the corresponding settings in the mail policy setting document. To set up iNotes and IBM Docs integration, use the steps in the procedure Integrating iNotes with IBM Docs.
        Notes.ini file settings used when integrating iNotes® with Connections Files
        There are several notes.ini file settings that correspond to the settings on the mail policy settings document, Connection Files Integration section. When configuring IBM® iNotes® integration with IBM Connections, these notes.ini file settings override the corresponding settings in the mail policy settings document. To set up iNotes and Connections integration, use the steps in the procedure Integrating iNotes with Connections files.
        Enabling accessible features in the client
        Mail, Calendar, Contacts, and Preferences are fully accessible. The IBM® iNotes® client has a preference to limit full mode functionality available to just the currently accessible piece. There is also a server-wide setting that allows administrators to limit all iNotes users to this accessible feature set.
        Setting up type-ahead
        The type-ahead feature in IBM® iNotes® uses the names of people to whom users have recently sent email to populate a list of type-ahead names that display when a user is completing an address field that expects an email address. This feature caches, in memory, a list of names that are used most frequently, and then displays those names at the beginning of the list.
        Setting up Auto Save
        The auto save feature in IBM® iNotes® automatically saves the body of mail messages created by users so that drafts and changes made to them are maintained should users forget to save them, or if something happens to their workstation (for example, a crash or power outage).
        Using prefetch for documents
        You can set a notes.ini file variable so that the client loads the contents of either the visible unread messages or all visible messages in an asynchronous manner after the view list is loaded.
        Enabling Web-style search
        To search IBM® iNotes® using a Web-style query, enable the notes.ini file setting INOTES_WA_DISABLE_WEBSTYLE_SEARCH=1.
        Allowing users to take the Domino® directory offline
        You can use a notes.ini file variable, $DOLSDirectoryCatalog, to set the name of an IBM® Domino® directory that the user may take offline.
        Enabling the whitelist Active Content Filter
        You can enable a whitelist filter as the Active Content Filter (ACF) in Domino. The ACF is used to remove potentially harmful active content from HTML messages such as JavaScript, Java, and ActiveX. A whitelist filter removes all entities except those in the whitelist. A blacklist filter (used by default) retains all entities except those in the blacklist.
        Disabling the Active Content Filter
        Use the notes.ini file variable, iNotes_WA_DisableActCntSecurity, to disable the Active Content Filter. A setting of 1 disables the filter. Setting this variable to 0 (or omitting it from the server's notes.ini file) enables the filter.
        Setting the level of automatic cache clearing
        If you choose not to enable Browser Cache Management for the IBM® Domino® server, IBM iNotes® tab of the Configuration Settings document, you can set the level of automatic cache clearing using the notes.ini file variable iNotes_WA_LogoutScrubType.
        Redirecting users to a Web page after logout
        Specifying the number of names to return
        Use the notes.ini file setting, iNotes_WA_NameLookupMaxNumMatch=value to specify the maximum number of names to return on name lookups.
        Using GZIP to improve iNotes® performance
        By default, IBM® iNotes® uses compression, GZIP format, to reduce network bandwidth consumption and provide better performance, particularly for users with slow network connections. You can use the Compress HTTP response data setting in the configuration settings document to enable or disable compression. Use the notes.ini file settings to turn GZIP compression on and off, and to specify the types of content to compress.
        Enforcing two-digit years in a calendar
        Administrators can enforce the use of two-digit years by disabling the International date settings preference available to users.
        Enabling days in work week calendar display
        You can enforce the display of a five-day work week, or allow IBM® iNotes® users to decide whether or not to display it.
        Enabling or disabling the secondary calendar
        Administrators can specify a notes.ini file setting to enable or disable the display of a secondary calendar.
        Enabling a whitelist of acceptable file types
        To prevent direct opening of attachments that may contain harmful content, a content-disposition header has been added that instructs the browser to save the file attachment rather than opening it directly.
        Using notes.ini file settings for iNotes® in a mixed environment
        The following notes.ini file settings have been replaced by settings in the configuration settings document beginning with IBM® Lotus® Domino® 7. To configure users who have the DWA7, Mail8 or a later mail template, use the appropriate settings on the iNotes tab of the configuration settings document instead of these variables.
        Preventing users from acknowledging a request for a return receipt on iNotes® incoming mail messages
        Use a server notes.ini file parameter to show or suppress a prompt that lets the IBM® iNotes® client user choose whether to acknowledge a request for a return receipt on an incoming message.
        Disabling ultra-light mode
        You can disable IBM® iNotes® ultra-light mode using a notes.ini file setting.
    - Renaming an iNotes® user
      You rename an IBM® iNotes® user who has an iNotes ID and an IBM Notes® certified public key located in their person document in the Domino® Directory the same way you rename a Notes user.
    - Integrating with other applications
      IBM® iNotes® can be integrated with IBM Sametime® and IBM Connections.
    - Customizing iNotes®
      Once IBM® iNotes® has been installed and configured, you can customize your implementation in the following ways:
  - Configuring Web servers
    This section describes how to set up the IBM® Domino® Web server, the Domino Web Navigator, and other Web servers such as IBM HTTP.
  - Setting up a cluster
    Setting up a cluster includes the tasks of creating and verifying that it is working correctly, and then setting up user access, mail, replications, size quotas, directory assistance, roaming, web navigation, and use of a private LAN in the cluster.
- Securing
  This section describes IBM® Domino® security features, including execution control lists, IDs, and SSL.
- Administering
  This documentation provides information about the administration tools for managing and monitoring IBM Domino® servers and databases.
- Tuning
  Use this information to improve IBM® Domino® server, Domino Web server, and messaging performance through the use of resource balancing and activity trends, Server.Load commands, advanced database properties, cluster statistics, and the Server Health Monitor.
- Troubleshooting
  This section describes how to find and solve problems with IBM® Domino® server and Administrator client.
- Glossary

Enabling a whitelist of acceptable file types

To prevent direct opening of attachments that may contain harmful content, a content-disposition header has been added that instructs the browser to save the file attachment rather than opening it directly.

About this task

The downside of this is that attachments of known file types (jpg, pdf, and so on) that would have opened now requires additional steps for the customer. A whitelist mechanism has been implemented using two notes.ini file variables to allow customers to specify file types that should not be prevented from downloading.

Note: Use this option with caution. Adding file types to the whitelist allows the browser to load those types using its default handling, which could enable third-party active content run in the browser to gain access to session information and data from the mail server. Be certain that the file types that are added are known to be safe.

iNotes_WA_Sec_AttachCDHeader
- If set to 0, turns off the header setting.
- If set to 1 (default), sets the header for all file types except those in the whitelist, plus (if the user-agent indicates Mobile and Safari) .bmp, .gif, .jpg, and text, plus (if the user-agent indicates Mobile and Safari and Android) the extensions already listed, plus .csv, .doc, .pdf, .ppt, and .xls.
- If set to 2, sets the header for all file types except those in the whitelist. This allows device browsers to open the default file types in cases where either the notes.ini value is set to 1, or is not set at all. In this case, both the default four file types and those entered in the notes.ini file are used.
iNotes_WA_Sec_AttachCDWhiteList Specifies a comma-delimited list of attachment types to allow opening directly, for example, iNotes_WA_Sec_AttachCDWhiteList=jpg,pdf,gif

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.