Setting up routing to non-adjacent Domino® domains

Non-adjacent domains are Domino® domains that are not directly connected, but have an intermediary domain, adjacent to both of them in common.

About this task

Here's an example of a non-adjacent domain. Domain A and domain B are adjacent and have Connection documents defining the route between them. Similarly, domain B, in turn, is adjacent to domain C and mutual Connection documents exist between them; and domains C and D are likewise adjacent to each other and linked by Connection documents. Domain B is thus adjacent to domain A on one side, and domain C on the other; and domain C is adjacent to B and D, respectively. If no direct connection exists between A and C, these two domains are considered to be non-adjacent domains. Similarly if there is no direct connection between B and D, these two domains are also non-adjacent.

Administrators can create a Non-adjacent domain document to control message routing to a non-adjacent domain. A Non-adjacent Domain document serves three functions:

  • Specifies a routing path to the non-adjacent domain by supplying next-hop domain information
  • Restricts mail from other domains from routing to the non-adjacent domain
  • Defines the Calendar server used to enable free time lookups between two non-adjacent domains.

Non-adjacent domain documents are only required to specify routing restrictions to a non-adjacent domain. However, to simplify addressing on messages destined for a non-adjacent domain, it's useful to have a Non-adjacent domain document for that domain. Without a Non-adjacent domain document in the Directory, the Router has no defined routing path to the non-adjacent domain. The Router can transfer a message to the non-adjacent domain if the recipient address uses explicit path routing (User@AdjacentDomain@NonAdjacentDomain), but cannot transfer a message with a simple domain address (User@NonAdjacentDomain). When explicit addressing is used the Router uses the Connection documents between domains to calculate the path to the next-hop domain.

But when a Non-adjacent domain document is available, the Router obtains intermediary domain information from that document. This eliminates the need for users sending mail to a non-adjacent domain to use complex, explicit addressing. Thus, if domain A has a Non-adjacent domain document for domain C, when Kathy Burke in domain A sends mail to Robin Rutherford in domain C, she uses the address Robin Rutherford@C (rather than Robin Rutherford@C@B). Because the Router finds the intermediate domain information in the Non-adjacent domain document, the message is transferred successfully to domain C by way of domain B.

Because there is no direct connection between two non-adjacent domains, you cannot define the routing path between them in a Connection document. Connection documents can only be used between two directly-connected, adjacent domains. However, users in non-adjacent domains can send mail to each other by routing it through the intermediary domain.

One way to do this is to use explicit addressing -- telling the Router how to reach the destination domain through the intermediary domain by placing the entire routing path in the address field. For example, if Kathy Burke in domain A wants to send a message to Robin Rutherford in the non-adjacent domain C, she addresses the message by way of domain B, as follows:

Robin Rutherford@C@B 

In processing the message, the Router on the domain A mail server looks only at the last part of the address, and uses the Connection document to determine the route to domain B. The domain B server then uses the Connection document in its Domino® Directory to transfer the message to domain C.

Although the use of explicit addressing is an effective method for directing mail to non-adjacent domains, because it relies on a complete knowledge of the inter-domain routing topology, it's also not a very practical solution. This information is not readily available to a typical user. To simplify routing and addressing to non-adjacent domains, you can create a Non-adjacent domain document in the Domino® Directory to define the path between the non-adjacent domains.

Note: Since, by definition, all servers in a domain use the same Domino® Directory, only one Non-adjacent domain document is required for each non-adjacent domain. You do not have to create a separate document for each server.

Using Non-adjacent domain documents to simplify addressing makes them valuable enough. But Non-adjacent domain documents play another equally significant role. Although they are not strictly required to enable routing between non-adjacent domains, they are needed if you want to restrict routing of messages from certain domains.

By default, any domains that can route mail to your domain can also route mail to the destination domains named in a Non-adjacent domain document. Mail routed from one domain to another through your domain consumes your network resources. To prevent your servers from being used to transfer mail between other domains, you can selectively allow and deny mail routing through your domain.

The Allow and Deny fields on the Restrictions tab of the Non-adjacent domain document let you control the flow of messages from other domains to the non-adjacent domain. Entries in these fields must be the names of adjacent domains; the Router ignores entries for non-adjacent domains beyond the previous hop. If you deny a domain from sending mail through your domain, the Router denies all mail received from that domain, including messages the domain may have passed on from another, non-adjacent domain.

The Deny mail from domains field in a Non-adjacent domain document does not block messages that use explicit domain addressing, that is, addresses that explicitly name every domain on the routing path. A Non-adjacent domain document can only block mail that relies on information in the Non-adjacent domain document to supply the name of a a missing intermediate domain. If the entire routing path is contained in the recipient address, the Router doesn't need to check the document to determine where to route the message, and thus cannot block it. For example, if in the previous example, the administrator in domain B creates a a Non-adjacent domain document for domain D and adds domain A to the Deny mail from domains field. Kathy Burke in domain A can still send mail to Judy Kaplan in domain D by specifying the following explicit domain address: Judy Kaplan@D@C@B.

To prevent Kathy Burke from sending this message, the administrator in Domain B would have to create an Adjacent domain document for domain C that names domain A in the Deny mail from domains field.

The settings in the Allow and Deny fields work in conjunction with the Allow and Deny fields on the Router/SMTP - Restrictions and Controls - Restrictions tab of the Configuration Settings document. In the event of any conflict between settings, Domino® applies the most restrictive entry.

Messages may be further restricted by Adjacent Domain documents, Non-adjacent Domain documents, and Configuration Settings documents set up between domains along the routing path.

To create a Non-adjacent domain document

Procedure

  1. From the Domino® Administrator, click the Configuration tab and then expand the Messaging section.
  2. Choose Domains.
  3. Click Add Domain to create a new Domain document.
  4. On the Basics tab, complete these fields:
    Table 1. Basics tab fields

    Field

    Enter

    Domain type

    Choose Non-adjacent domain

    Mail sent to domain

    The name of the non-adjacent Domino® domain you want to route mail to.

    Route through domain

    The name of the intermediary Domino® domain through which you want to route mail for the destination domain. The current domain must have a Connection document to this domain.

    Also, the Domino® Directory in the intermediary domain must have a Connection document to the destination domain.

    Domain description

    An optional description of the domain

  5. Click the Restrictions tab and complete one or both of these fields:
    Table 2. Restrictions tab fields

    Field

    Enter

    Allow mail only from domains

    Enter the names of Domino® domains adjacent to the current domain that are allowed to route mail to this non-adjacent domain.

    Leave this field blank to allow any domain to route mail through the local domain to the non-adjacent domain.

    Deny mail from domains

    Enter the names of Domino® domains adjacent to the current domain that are not allowed to route mail to this non-adjacent domain.

    Leave this field blank to allow any domain to route mail through the local domain to the non-adjacent domain.

    Note: You cannot use wildcards in the Restrictions fields. You must enter explicit domain names.
  6. Click the Calendar Information tab, and for Route requests through calendar server, enter the name of the Domino® server in the intermediary domain that accepts and forwards free time queries from the current domain to the non-adjacent domain.

What to do next

Create a Connection document to specify how servers in the current domain connect to the intermediary adjacent domain.