« Test | Main| How I added Textbox.io rich text editor to XPages »

How to setup Gmail's smtp.gmail.com as the outgoing mail server on both Domino and on iOS

Tags: After Hours Lotus Domino Configuration
One of the fun things with software, and perhaps especially server software, is that there is lots of ways to get things done. Sometimes you just drown in settings, configurations and restarts. Suddenly things start to work, and you really don't know exactlywhat fixed the problem! This is a story along those lanes, and I write about primarily to remember the steps for later for my own part. Perhaps it can be beneficiary to others too.
From having my own Domino server and using it for both incoming- and outgoing mail, things has transformed over the years to only handle incoming mail, and relaying outgoing mail to other SMTP-servers. In my case it has been the Telenor server "smtp.online.no" for many years. Up til now I have been very satisfied with Telenor and smtp.online.no too. If you are interested, you can read more about the history of my server at the end of this article.
The Problem

However, in January 2017 something happened on the the Telenor-side, and suddenly their SMTP-server wouldn't accept relayed mail from my server anymore.
Sending mail from my Domino server quickly resulted in the following log-entry, along with a non-delivery report sent back to the sender
06.02.2017 23:06:48   Router: Message 00796504 NOT transferred via SMTP to SMTP.ONLINE.NO for some.recipient@somewhere.com 553 5.3.0 <some.recipient@somewhere.com>... We do not relay from
If I tried to send from my iPhone or iPad, which also had the smtp.online.no as outgoing mail server, I received this;
A picture named M2
The above is in Norwegian, and says; “Cannot Send Mail – A copy has been placed in your Outbox. The Recipient {name} was rejected by the server.”
I have now been in touch with the support-departments for both Canal Digital and Telenor, and to make a long story very short; Hopelessly problematic to get any sensible answers at all!!!

First Canal Digital: From filing a support-request via their own support-pages, I didn't get any answer at all. First when I posted on their Facebook-page, they answered instantly!
So, note-to-self, don't bother to write anything in support forms or send email, that won't be answered anyway. Only use channels that obviously hurt a little if requests stay unanswered. That must feel like the other side of the coin for Canal Digital…
The answer to my problem? Canal Digital just points to Telenor and basically says "it's their fault, we do nothing with mail".
Ok, over to Telenor, and a very similar story unveils with them. Sensible enough they don't have a Facebook page where customers can rant (they have learnt the lesson that Canal Digital is learning …) However, after registering a couple of cases, were the latter pointed to a huge document with very detailed information about the problem, I finally got an answer today;
We don't do e-mail support at all via e-mail ….

….. Ha ha ha, are you kidding me?!?! No e-mail support via e-mail ?!?!? (choke choke …)
However, they points me to Telenoreksperten, a call-center charging you no less than approximately USD 3 per minute. I guess this is no other logic than if your washing machine breaks down. Nobody will even touch your washer if you don't stuff their deep pockets full of money ….
The solution
So, suddenly I got the idea that perhaps Gmail provided some SMTP-servers to use? And yes , they do! Very much so, and very cool ways of doing stuff such as App-passwords allowing other services or machines to login and use the servers. Whoooa, this is the way to do stuff Telenor!!!! Look and learn - I don't even charge you USD 3 a minute!!!
1. Ensure that your Domino mail server can be reached from the outside.
First of all you must open the port 25 in your router and point it to your Domino server. This is typically called port forwarding  and it differ between routers how to specify this. On my router it look like this;

Maskingenerert alternativ tekst:Tjenesten avn Dani noPOP3 Dani Dani nog•'TPSend Dani no*4TPSend2 Lokal IP Lokal port Protokoll TCP Legg hl I sle 587

2. Enable TLS on the server. Gmail won't connect to your server unless some sort of SSL or TLS is enabled.
If the mail server still uses port 25, everything can be pretty secured with TLS anyway. You need this access to your mail server in a second, because Gmail will connect to your server with a user name and a password to check that the server you specify, actually is a mail server. Sensible enough.

I also enabled TLS on my server, according to the "
How to configure Domino for secure SMTP sessions using STARTTLS". I did the following for my inbound mail;

a. Enable the SMTP Listener task via the Server document (Basics tab).

A picture named M3
b. Enable SMTP Inbound TCP/IP port status in the Server document (Ports -> Internet Ports -> Mail tab).

A picture named M4
c. Enable SSL negotiated over TCP/IP port in the Configuration document (Router/SMTP -> Advanced -> Commands and Extensions tab).

A picture named M5
d. Restart the SMTP Listener task

Use console command restart task smtp (or wait to restart the whole server at last … )

e. For my outbound SMTP I simply had to do; Set Negotiated SSL for the SMTP Outbound "TCP/IP port status" in the Server document (Ports -> Internet Ports -> Mail tab)

A picture named M6
f. Restart router or - as I like it when I do changes like this, restart the whole server;

Use console command restart server

3. Logon to your Gmail account. Don't have any, create one. No matter what you end up with here (for example mymail@gmail.com), you can use this account to relay mail from your server.

4. Create an Google so-called "App-password" to use later
a. Goto My Account

A picture named M7
b. Goto the Goole Logon-page
Maskingenerert alternativ tekst:Pålogging og sikkerhet Kontrollér passordet ditt og tilgangen til Google- kontoen din. Google-pålogging Enhetsaktivitet og varsler Tilkoblede apper og nettsteder
c. Goto the App-passwords
A picture named M9
d. In the next screen you can generate App-passwords to use from other devices to logon to your Gmail account. I have for example created a separate App-password for my Domino server access like this;

A picture named M10
5. Next you will allow your mail server to connect to Gmail.
Coming here, you have performed the following prerequisites. Access to your mail server on your chosen port (25, 465 or 587). You have enabled TLS at least on your outgoing server. You have created an App-password to use soon.

In this step we will tell Gmail that another e-mail (in my case my.real.mail.home@here.com) can relay mail via my Gmail account mymail@gmail.com.

a. Goto your Gmail's Settings

A picture named M11
b. Goto the Accounts and Import

A picture named M12
Above you see how my my.real.mail.home@here.com address already has been added as an own separate e-mail address (see "Not an alias"). It points to my mail server and indicating port 25 and TLS is activated. Below I show you how I add another mail address. Why, because you have to repeat this for any e-mail address you want to appear as a separate e-mail when received at others. By this I mean; When I send an e.mail from my.real.mail.home@here.com, I want the recipient to see the mail as coming from my.real.mail.home@here.com and not from mymail@gmail.com.
History of my Domino server

Back in year 2000 I set up my own small company - Voith's CODE (http://www.vcode.no), and with it a small Domino server
Communication back then was ADSL-style and most people had pretty poor speed both up and downstream. Another huge problem back in those days were that you received a new IP address pretty much every time you connected to the net. To circumvent that, I rented a SDSL-line with a static IP-address and used the Domino server for traditional Notes- and Web applications server, and as a both incoming- and outgoing e-mail server. At the time I was really happy with this setup and with the humongous speed of 1 Mbit both up and down on the SDSL line everything worked very well.
At some point it started to become a problem that mail from my server was tagged as spam at recipient servers. Probably something to do with my server not having a proper reverse DNS pointer or something. More and more mail from my server were blocked at recipients, and my server was regarded as spam no matter what Of course this could have been fixed with SSL certificates, reverse DNS proxies, and whatnot!
By coincident my family and I moved to another house back then, and at the new address it suddenly was very expensive to continue the SDSL-line. The only other alternatives were to either use ADSL again, with all the fun with switching IP-addresses and whatnot, or, start using the local cable TV broadband-offer.
I went with the latter and now connects to the net via the cable TV company Canal Digital. Albeit Canal Digital didn't offer static IP-addresses, they sort of said that the IP-address stays "pretty static" for a long time. That has been proven true in my case, and I typically receive a new IP address every 3-4 months or so. At the present time, the IP address has been static for more than 6 months.
With all the trouble of the outgoing mail server, again coincidence striked! Suddenly I couldn't send any mail at all from my own Domino server, and it turned out that Canal Digital were really strict about what server they would allow outgoing mail through. At the beginning they only allowed port 25, which automatically meant that their subcontractor Telenor's e-mail server smtp.online.no were to be used.
Simply by specifying "smtp.online.no" as the relay server in the server's Configuration Document;
A picture named M13
Restart the server and voila, all the mail flowed through to Telenor's SMTP server. Nice!
This all worked beautifully up to January 26th 2017, 20:33. At least that is the last registered outgoing mail I have which were delivered through smtp.online.no.

After the GMail setup, the router setting looks like this;
A picture named M14
So closing up - Thanks to Google and GMail for providing such a wonderful service! And thanks for nothing  to TeleNor and Canal Digital not having proper user support in place!

Post A Comment