How Domino® uses reverse DNS lookups to control inbound SMTP sessions

Domino® inbound relay controls, DNS blacklist filters, and inbound connection controls allow or deny mail based on where messages originate. For these controls to work, Domino® must be able to identify the connecting host's IP address, host name, and Internet domain.

Domino® obtains this information from two sources: the IP stack and the Domain Name Service (DNS). When a host originates a connection to the Domino® SMTP service, the connecting host passes its IP address to the IP stack of the computer running the Domino® server. The SMTP service reads the IP address directly from this source.

For Domino® to obtain host name and domain information, it must have access to the Domain Name Service (DNS) and be able to locate a PTR record for the connecting host. A PTR record resolves an IP address to a host name.

To request a PTR record, the Domino® SMTP listener performs a reverse lookup to the DNS. From the host name returned by this query, Domino® parses out the domain name of the connecting host, comparing this domain name to the list of local Internet domains in the Global domain document. Hosts from domains listed in the Local primary Internet domain or Alternate Internet domain aliases fields of the Global Domain document are considered to be part of the local Internet domain; all others are treated as external hosts.