When IMSS is configured to use Domino as the LDAP server, it will query the Internet Address field to verify the recipient's email address. However, if the user has more than one email address, IMSS will only acknowledge the first one in the list and ignore the aliases.
This article demonstrates how to validate a user with more than one email address.
The current IMSS design does not consider additional addresses or aliases when Domino is the LDAP server.
To resolve this, additional addresses must be exported to a file, which is used to feed the IMSS or Mail Transfer Agent (MTA).
If you are using Postfix, use the exported list to create a mapping file of valid recipients. Use the following parameter:
For more information about this parameter, refer to this Postfix document: Postfix Configuration Parameters.
Rejecting invalid recipients on the MTA will save you bandwidth and resources for handling junk email. Alternatively, you can check if Postfix or any other MTA can be configured to use Domino LDAP while considering the additional addresses per user.
The only possible way to filter out such mails is to use policies after the mail is initially accepted. Do any of the following:
- The first policy you will create should have "Any sender" and "Any recipient". The Exceptions should have "From internal address list to any" and "From any to internal address list". The conditions should match anything and the action is delete. All emails that are not from an internal user nor addressed to an internal user are removed or quarantined.
- Create all your policies using address groups in the recipient section. The last policy should delete all of the remaining mails which are not handed off in one of the previous rules. This serves as a "catch all" rule. However, do not forget a final action before valid emails can hit the last rule. Otherwise, you will loose the legitimate emails.