Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hiding email addresses

Status
Not open for further replies.
mvvilleza

mvvilleza

MIS
Nov 23, 2000
114
PH
Hi everyone,

Would like to hide resigned user's names in the domino directory so that it won't be available for viewing by other users. Is this possible? This is possible in MS Exchange, thought maybe Lotus Domino has this too. Using version 6.5.3, thanks for any help.
 
Sort by date Sort by votes
If the users have resigned, a good idea would be to terminate their account. Why do you keep their Person document ?
I hope that their names are at least in the DenyAccess group.

Pascal.
 
Upvote 0 Downvote
If you say terminate, do you mean deleting the accounts? Next question is, how can i protect the mail files? for example, if you get a copy of the mail files, you can open them using Lotus Notes.
 
Upvote 0 Downvote
* Accounts : yes, I mean disabling the account vie the proper Admin Request functionality. You might want to arrange for not deleting the mail file, for reference purposes.

* DB security : Lotus has always been very clear on security - a database is secure when it is on the server. Outside the server, all bets are off.
Besides, I have witnessed that there are tools which can destroy the ACL of a Notes db locally. Whatever ACL settings you have, locally they can be undone.
This situation is the same for every single db vendor that exists, with one difference : Notes dbs can be encrypted. Not a sure-fire protection, but it does make things quite a bit more difficult for the casual snooper.

You say "if you get a copy of the mail files" - how would you get it ? Normally, if your Admin is doing a proper job, no user can open any other user's mail db and find anything that is not public (unless there is a delegation in place, but that supposes a level of trust). A copy made in the default, security-enabled scenario, would be a copy of what the user can see (i.e. not much).
In the case of a full copy, the only options to get it are either by gaining physical access to the server (a big no-no in security), or at the very least gaining access to the user's PC which has access to the db (a smaller no-no, but still bad). When physical access is possible, there can be no security if the person is not honest and trustworthy.
If no physical access is possible, and the user "copying" does not have ACL access to the db, then there can be no "getting a copy of" a Notes db. Either you have access to it, or you can't open it, much less copy it.

Pascal.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

garion42
  • Locked
  • Question
"Double" attachments appearing in Lotus Notes email
Replies
3
Views
5K
pmonett
pmonett
MarcLefe
  • Locked
  • Question
IBM Lotus Notes 9 Attaching a microsoft doc (word/excel) to an email
Replies
1
Views
5K
pmonett
pmonett
uslemond
  • Locked
  • Question
Re-routing email destined for an external domain to an internal address
Replies
1
Views
6K
pmonett
pmonett
jimcoo
  • Locked
  • Question
outbound mail to addresses with accented characters
Replies
0
Views
94
jimcoo
jimcoo
wild4north
  • Locked
  • Question
Notes Administrator unauthorized email access
Replies
1
Views
106
spi200
spi200

Part and Inventory Search

Sponsor

Back
Top