To allow employees to read e-mail received at generic addresses, like email@example.com or firstname.lastname@example.org, you would typically provide IDs and passwords for these 'dummy' accounts. The users could then switch IDs (or re-logon) to open the target mail files. While this may be the easiest approach for managing generic e-mail accounts, it isn't necessarily the best, as it creates several security holes in your system. In this tip, I'll discuss a few of these security concerns and explain why a mail-in database is a safer alternative.
One thing to consider is that it is difficult to take back IDs and passwords once you've given them away. Asking users to return files does no good, since they may keep copies without your knowledge. If you change an ID's password or public key (and enable server-side checking of these items) you can disable one person's copy of the ID. But then you have to update the other valid copies with the new information, or they won't work.
The same applies to Domino Web mail accounts. If you disable someone by changing the Web password, you have to tell the other people the new password. All of this is doable, but a bit of a pain.
Dummy accounts also offer malicious users a way to gain access to your entire system. Since you ideally want the total number of user accounts to be as small as possible, adding an account named Helpdesk, for example, just gives hackers another crack at guessing a password. The names of these accounts are usually obvious, too, making them inviting targets for break-ins.
Having user accounts with generic names also violates a standard "best practice" for security policies -- that is, users should log onto a computer system with unique names. If you look at a log file and see some suspicious activity by a user named Resumes, you have little idea who actually performed those actions.
A mail-in database solves all of these problems. There is no specific ID or password associated with the mail file. Therefore, there is no way to log on to Domino with the usernames Helpdesk, Resumes, etc. You grant or deny access to the mail-in database by adding/removing regular usernames from the database access control list (ACL).
If you want to prevent departing employees from accessing the Helpdesk mail file, you just take their names out of the ACL, and they'll be locked out. Adding someone is just as easy -- simply put their name into the mail file ACL. You don't have to hand out ID files, tell anyone an additional password, or keep certain users up-to-date with changes to the generic account.
Mail-in databases are simple to create and manage. For more information, see Domino Admin Help -> Index -> Mail-in Database (R5 and R6).
About the author: Chuck Connell is president of CHC-3 Consulting, which helps organizations with all aspects of Domino and Notes.
Please let others know how useful this tip is via the rating scale below. Do you have a useful tip or code to share? Submit it to our monthly tip contest and you could win a prize and a spot in our Hall of Fame.