Environment
Novell GroupWise 2012
Novell GroupWise 8
Novell GroupWise 7
Novell GroupWise 6.X Novell GroupWise 7
Novell GroupWise Internet Agent
Situation
SMTP incoming IP address exception does not work
All SMTP messages are blocked
Cannot allow inbound SMTP for a specific ip address
Inbound SMTP for a specific ip address does not work when the SMTP default is set to Prevent
Error: "DMN: Refused sender: userid@<idomain>"
Error: "550 Mail from rejected"
550 error on GWIA
Configure GWIA to only allow inbound SMTP traffic from a specific site
Configure GWIA to block all but one site or IP address
Prevent inbound SMTP mail from all but one site or IP address
All SMTP messages are blocked
Cannot allow inbound SMTP for a specific ip address
Inbound SMTP for a specific ip address does not work when the SMTP default is set to Prevent
Error: "DMN: Refused sender: userid@<idomain>"
Error: "550 Mail from rejected"
550 error on GWIA
Configure GWIA to only allow inbound SMTP traffic from a specific site
Configure GWIA to block all but one site or IP address
Prevent inbound SMTP mail from all but one site or IP address
Resolution
Working as designed.
For this to work (allow incoming mail for ONLY 1 internet site) you must do the following :
2. Choose "Prevent incoming messages"
3. In the Exceptions, "Allow messages from" section , put in an entry of, *@*.*.
4. In the same Exceptions section , put in another entry of the internet host name of the site you want to accept (like novell.com)
5. In the same Exceptions section, put in another entry of the IP Address of the above host name
6. Click OK, OK.
Workaround:
If you have a firewall, you can allow SMTP traffic only from a Specific site, by doing the following:
1) Turn on "Allow incoming messages" for "SMTP Incoming" settings, in the GWIA Access Control, Default Class of Service.
2) Place GWIA inside the firewall, with a private address, and a public address on the firewall, NAT translated the public address to the private address.
3) Create a filter on the firewall to only allow traffic to this public address, and port 25 (SMTP port), from the specific host's ip address. This will allow mail only from this ip address, and not from any other host, or ip address.
Note: This is actually a better solution than having GWIA accept and reject traffic. This way, the only host that can attach to the GWIA, is the host specified in the firewall exception.
If you have a firewall, you can allow SMTP traffic only from a Specific site, by doing the following:
1) Turn on "Allow incoming messages" for "SMTP Incoming" settings, in the GWIA Access Control, Default Class of Service.
2) Place GWIA inside the firewall, with a private address, and a public address on the firewall, NAT translated the public address to the private address.
3) Create a filter on the firewall to only allow traffic to this public address, and port 25 (SMTP port), from the specific host's ip address. This will allow mail only from this ip address, and not from any other host, or ip address.
Note: This is actually a better solution than having GWIA accept and reject traffic. This way, the only host that can attach to the GWIA, is the host specified in the firewall exception.
Additional Information
The documentation is incorrect and has been submitted as a defect.
Formerly known as TID# 10066854
Formerly known as TID# 10066854