Tuesday, 29. April 2008
PermaLink iPhone mail with Domino IMAP / SMTP
mailhelper_welcome.pngIt had to happen sooner or later.

We have our first iPhone user * who simply must have access to his Lotus Notes email via iPhone.

We wasted a small amount of time looking at some of the ridiculous Heath Robinson lash-ups that are reported on various iPhone users' forums (example: forward copies of received email to Gmail accounts and poll those accounts using IMAP), before deciding to ignore them and try the obvious - direct connection via IMAP and SMTP.

IMAP

There's really not a lot to say on the IMAP side of things save that - for email at any rate - It. Just. Works.

Obviously you have to have IMAP listening and accessible through the firewall, the absence of this prerequisite being the stated reason behind some of the aforementioned Heath Robinson lash-ups. And the iPhone seems to assume SSL connectivity during account creation, with no visible means of turning it off at that time, though it can be turned off later if you don't have SSL enabled.

This brief video at YouTube tells you all you really need to know.

SMTP

This is where many people will doubtless slip up.

It is important to have a good understanding of the respective duties of an MX server and of a message submission or MSA server. The two are different and attempting to use the same server to fulfil both roles will lead to trouble.

You should really avoid allowing users to submit email via your MX, for at least these reasons.
  • MX, by definition, listens on port 25 and is publicly advertised via DNS as such. If you use this for message submission as well as for receiving externally originated email then, in order for it not to be an open relay, you need to enable authenticated submission and allow authenticated users to relay. This makes your MX a target for brute force attacks against SMTP AUTH.

  • You have no control over the IP address allocated to your users' iPhones while they are out and about (obviously you do have control while they are on your WLAN). An MX server used for message submission therefore cannot use any IP reputation service (chiefly DNSBLs) to deny email at the time of delivery because you cannot know whether an individual inbound email is one of your users submitting a message via iPhone or a compromised home or mobile computer being used as a socks proxy to deliver spam.

    (The Domino allow authenticated users to relay feature is pre-empted by both local and DNS block lists.)

Recognising this, we have a server which is not MX, which listens on port 587 (the standard port for message submission) and which only accepts authenticated submission.

You'll find that documented here.

You can specify the port to use during mail account set-up on the iPhone by using syntax like

  • msa-server.example.com:587

That is, append a colon and the port number to use for message submission to the end of the host name to be used for SMTP submission.

And that's it.

It works, and the user * is delighted though he hasn't yet asked about PIM sync...

* The type of user whose requests cannot safely be refused.

Category: SnTT
Technorati:

Comments :

1. Ben Rose29/04/2008 14:19:09
Homepage: http://www.jaffacake.net


Interesting stuff.

I went through a similar process to enable the email on my Nokia E90 to connect to my personal Domino server. I had the slight advantage that I don't use Domino as my MX which gave me some extra options.



2. Bryan Schmiedeler29/04/2008 15:08:39


I understand that Lotus is working on something for the iPhone. My guess is that it will be DWA but who knows? Ed Brill has mentioned this before. I bet it comes when the new iPhone and sofware is released, sometime in June.



3. Nathan T. Freeman30/04/2008 14:05:19
Homepage: http://nathan.lotus911.com


@2 - Why speculate? DWA Lite for the iPhone was announced and even demonstrated at Lotusphere. I believe the target is 8.0.2, which is a summer target. The latest it would be delivered is Domino 8.5, which is due by Q4.

Nice write-up Chris. Thanks for the details on message submission vs. MX, too! Very handy.



4. Jonathan Walkup30/04/2008 14:25:14


DWA Lite for iPhone is part of 8.5, not 8.0.2. There has been much speculation about whether Lotus will announce something like Lotus Traveller for the iPhone, but nothing substantive yet.



5. Chris Linfoot30/04/2008 14:40:10


Nice to see traveller spelled correctly for a change.



6. Barb Skedel30/04/2008 16:48:30


I hope IBM is working toward a true sync product instead of just the DWA Lite client. I have quite a few iphone users already and they want their mail, calendar, and contacts to sync directly into the iphones corresponding apps. They love the fact they can get their email via IMAP but wish it was pushed down to the device (like a blackberry) too instead of them having to pull it.



Unable to post a comment? Please read this for a possible explanation...
Add Manual Trackback
Please enter the details of the trackback post. Your trackback will not appear on the site until it has been verified. This won't be immediate, as trackbacks are validated on a scheduled basis. Be patient.











Search
Popular Categories
Blogs
Coffee and Cats
DNSBLs
Domino Administration
Domino Whitelist
Dumb and Dumber
Flickr
SMTP AUTH
Show n Tell
Software
Spam
Spam Statistics
T'Internet
Trunk Monkeys
Viruses and Worms
Wallace and Gromit
Whitelisting
Wii
Monthly Archive
2008
2008
2008
2008
2008
2007
Full Archive
Other stuff
Anti-Spam Tools
Misc Links
Land banking information
ClustrMaps
Locations of visitors to this page
Contact Me
email - Chris Linfoot
skypeme
Meta
Proudly powered by IBM Lotus Domino 8 Proudly powered by IBM Lotus Domino 8

Subscribe to articles Subscribe to articles feed

Subscribe to comments Subscribe to comments feed

ROR info ROR info


My Amazon wish list Wishlist
Save XP
Sign the Save XP Petition Today!
Idea Jam
Planet Lotus
Dilbert