Setting server mail rules

You can create content filtering rules for that define actions to take on certain messages. When a new message that meets a specified condition is deposited in MAIL.BOX, Domino® automatically performs the designated action. Possible actions include journaling a message, moving it to a database, refusing to accept or deliver a message, changing the routing state of a message, or stopping the processing of subsequent rules. Rule conditions are based on content in the message headers or in the message body.

About this task

Mail rules automatically handle mail in a variety of situations. By configuring a set of conditions and actions, you can customize rules to block spam mail or intercept messages with questionable content. For example, you could create a rule that rejects mail that includes a suspicious subject line, such as MAKE_MONEY_FAST!!!, or messages originating from a known spam vendor. Similarly you can restrict users from receiving message attachments that do not have a business purpose by setting up a rule to intercept messages that contain attachments of certain file types (EXE, VBS, VBE, SCR, and so forth) and redirect them to a quarantine database where they could be reviewed by an administrator and optionally sent on to the intended recipient.

Except where a rule action explicitly indicates, Domino® does not notify the sender or recipient if a rule prevents a message from reaching its destination. For example, if a rule results in a message being routed to a graveyard database, Domino® does not generate a delivery failure report or indicate to the intended recipients that a message for them has been intercepted. By contrast, if a message triggers a rule with the specified two-part action Don't deliver message/ Send NDR, the sender receives a delivery failure report stating that the message was rejected for policy reasons.

Note: Although Domino® does not generate a notification to the sender when a rule condition triggers the action don't accept message, because rules execute as mail is deposited to MAIL.BOX, the sender may still receive notification that the message was rejected. For example, when the Domino® SMTP listener refuses a message because of a mail rule, the sending SMTP server receives the error indicating that the transaction was rejected for policy reasons. Typically, servers receiving this type of error generate a delivery failure report to the sending user. Similarly, when a mail rule prevents the server from accepting a message, a Notes® client attempting to deposit the message in MAIL.BOX displays an error indicating that the message cannot be sent.

Mail rules are not intended to serve as an anti-virus solution and should not be considered a replacement for anti-virus software. Although you can configure rules to quarantine messages with known virus attachments, the available rule actions do not include typical anti-virus features such as generating warnings upon detecting a virus or automatically disinfecting files.

Domino® stores the mail rules you create in the Configuration Settings document. On startup, each server retrieves from the appropriate Configuration Settings document and registers them as monitors on each MAIL.BOX database in use.

Whenever MAIL.BOX receives a new message from any source -- the SMTP process, the Router on another server, or a client depositing a message -- the server evaluates the various message fields against the registered mail rules. Each message is evaluated only once. Additional updates occurring after a message is added to MAIL.BOX -- such as updates to reflect the number of recipients handled -- do not cause reevaluation of the rules.

Stopping the processing of a mail rule

About this task

When setting up mail rules, you can use a stop processing action to stop processing all of the rules that follow the one that contains the stop processing action. You can use the stop processing action alone, that is, as the only action in a mail rule, or you can use it with another action in a rule, and it can also be in one rule that is in a series of rules. This is especially useful when more than one rule could apply to a message, but you want execution of mail rules to stop after the first action is executed. For example, you can define the following rules:

  • Rule 1) If Subject contains Marketing Move to database Marketing Information and Stop Processing Rules
  • Rule 2) If Subject contains Sales Don't deliver message

    Result: If the subject line contains the subject Marketing and Sales, the message is moved to the Marketing Information database and processing stops. No other action is taken on the message.

Note: The stop processing action is available on Domino® server versions 6.0.3, 6.5 or later.
Prioritizing mail rules

When multiple mail rules are enabled, you can set their relative priority by moving them up and down in the list.

Putting new rules into effect

The Configuration Settings document displays new mail rules only if the document has been previously saved.

When you add a new rule, it takes effect only after the server reloads the mail rules. A reload is automatically triggered if the Server task detects a rule change when performing its routine check of the Configuration Settings document. This check occurs approximately every five minutes.

You can force the server to reload rules, using a console command.

Enter the following command at the server console:

set rules

To create a new mail rule

About this task

If you create a rule that includes a backslash (\), semicolon (;), comma (,), asterisk (*), or quotation mark ("), an error message appears indicating that these characters are not allowed. This message does not yet display for forward slashes (/), but forward slashes should not be used when setting rules.

Procedure

  1. Make sure you already have a Configuration Settings document for the server(s) where the rules will apply.

    If you are creating a new Configuration Settings document, complete the Group or Server name field on the Basics tab, and then click save and close the document. Then reopen the document to begin adding rules. If you attempt to add a new rule before saving a new document, you are prompted to save the configuration before proceeding.

  2. From the Domino® Administrator, click the Configuration tab and expand the Messaging section.
  3. Click Configurations.
  4. Select the Configuration Settings document for the mail server or servers you want to administer, and click Edit Configuration.
  5. Click the Router/SMTP > Restrictions and Controls > Rules tab.
  6. Click New Rule.
  7. In the Specify Conditions section of the New Rule dialog box, set the criteria the server uses to determine whether to apply a rule to a given message. A rule condition can include the following components:
    Table 1. Rule conditions
    Condition component Description

    Message item to examine

    Specifies the Notes® message item that the SMTP listener, the router, or the client examines when evaluating whether to apply a rule. Choose one of the following: Sender, Subject, Body, Importance, Delivery priority, To, CC, BCC, To or CC, Body or subject, Internet domain, Size (in bytes), All documents, Attachment name, Number of attachments, Form, Recipient count, Any recipient, Blacklist tag, or Whitelist tag.

    Note: To create a rule that acts on all messages deposited in MAIL.BOX, choose All Documents

    Logical operator or qualifier

    Specifies how the Router evaluates the content of the target field. Choose one of the following:

    • contains (for text field values)
    • does not contain (for text field values)
    • is
    • is not
    • is less than (for numeric field values)
    • is greater than (for numeric field values)

    For example, if you selected the message item Attachment Name, selecting the qualifier is defines a rule that acts on all messages having an attached file with a name that exactly matches the name you specify.

    Value to check in message item

    Specifies the content to search for in the target message item.

    For example, if the target message item is Attachment Name and the qualifier is contains, enter .VBS to create a rule that acts on all messages having an attached file with a name containing the string .VBS, including, LOVE-LETTER.VBS, CLICK-THIS.VBS.TXT, and MY.VBS.CARD.EXE.

    Note: When defining a match against a user's name, specify the canonical format, for example, UserName/Sales/East
    • Text fields do not support wildcard values, such as the asterisk character (*). To specify a search string for a target field, use the contains operator and enter the search string in the accompanying text field. For example, as in the preceding example, to search for an attached file with a name that contains the string .VBS, create the condition Attachment Name contains .VBS, not Attachment Name is *.VBS.
    • Search string text is not case sensitive.
    • When indicating numeric values, always enter a numeral, rather than its text equivalent. That is, enter 2, not two.
  8. Click Add.
  9. Optional: Modify the condition by doing the following:
    • Add more conditions, by selecting Condition, and then selecting AND or OR. Repeat Steps 7 and 8 for each new condition.
    • Add an exception by selecting Exception and repeating Steps 7 through 9 for each exception. You can add only one exception to a condition statement.
  10. In the Specify Actions section specify the action to perform when a message arrives that matches the condition statement, and click Add Action. You can specify one action per rule.
    Table 2. Mail rule actions
    Action name Description
    Journal this message

    The Router sends a copy of the message to the configured Mail journaling database and continues routing the message to its destination. Journaling must be enabled on the Router/SMTP - Advanced - Journaling tab.

    Move to database

    The Router removes the message from MAIL.BOX and quarantines it in the database specified in the accompanying text field, for example, GRAVEYARD.NSF. The specified database must already exist. The message is not routed to its destination. Placing messages in a quarantine database lets you examine them more closely for viruses or other suspicious content.

    Don't accept message

    Domino® rejects the message, but the Router does not generate a delivery failure report. Depending on the message source, the sender may or may not receive an NDR or other indication that the message was not sent.

    • When Domino® does not accept an incoming SMTP message it returns an SMTP "permanent error" code to the sending server, indicating that the message was rejected for policy reasons. SMTP permanent errors (500-series errors) indicate error types that will recur if the sender attempts to send to the same address again. Depending on the configuration of the sending client and server, the message originator may then receive a Delivery Failure report.
    • For messages received over Notes® routing, Domino® returns a Delivery Failure Report indicating that the message violated a mail rule.
    • For messages deposited by a Notes® client, the sending client displays an error indicating that the message violated a mail rule.
    Don't deliver message

    Domino® accepts the message, but rather than sending it to its destination, it processes the message according to one of the following specified options:

    • Silently delete - Domino® deletes the message from MAIL.BOX with no indication to the sender or recipient.
    • Send NDR - Domino® generates a nondelivery report and returns it to the sender. The MIME and Notes® rich-text versions of messages sent from a Notes® client result in separate delivery failure reports.
    Change routing state

    Domino® accepts the message but does not deliver it. Instead, it marks it as held, changing the value of the RoutingState item on the message to HOLD. This change to the routing state of the message causes the Router to retain the message in MAIL.BOX indefinitely, pending administrative action.

    Note: When you mark a message as held, other rules are not executed until the "held" message is released.

    Domino® differentiates between messages held by a mail rule and messages held as undeliverable.

    Note: This action may not work properly on servers where third-party products, such as certain types of anti-virus software, also manipulate the RoutingState item.
    Stop processing

    Domino® stops processing any rules that apply to the message when the stop processing action is encountered in a rule. Subsequent rules for that message are not executed.

  11. To save the rule and put it into effect immediately, click OK.

    To save the rule but delay putting it into effect, click the Off radio button, and then click OK.

  12. Optional: After you create several rules, you can rearrange them to indicate their relative priority. The server executes each rule in turn, beginning with the first rule in the list. To change the position of a rule, select it and click Move Up or Move Down. Place rules with security implications higher in the list to ensure that the server processes them before other rules.
  13. Click Save & Close.
  14. The change takes affect the server task registers it or after the set rules command is received.

Results

How mail rules handle encrypted messages

If MAIL.BOX receives an encrypted message (Notes® encrypted, S/MIME, PGP, and so forth), the server mail rules process any rule conditions that are based on unencrypted information in the message envelope, such as the sender, importance, and recipients, but do not process conditions based on the encrypted portion of the message body. Most rule conditions are based on information in the message envelope. The server does not log instances in which rules are unable to process a message.

Specifying the message form in a condition

About this task

You can specify which types of messages a rule acts on by specifying the message form type in the rule condition. When evaluating the form type, the server checks the Notes® message form used (the Form item displayed in the Document properties); it does not use form information defined in MIME items in the message. All messages deposited in MAIL.BOX are rendered as Notes® documents, including inbound Internet messages in native MIME format. By default, messages received over SMTP use the Memo form, except for SMTP Nondelivery reports, which Domino® renders using the NonDelivery Report form. Common Notes® form names include:

  • Appointment
  • Delivery Report
  • Memo
  • NonDelivery Report
  • Notice
  • Reply
  • Return Receipt
  • Trace Report