Month: November 2006

Limits in Notes 7 junk mail handling?

WARNING: Possible rant coming up… 🙂

It all started when we got a call from the customer saying that they were unable to add additional e-mail addresses to the list of blocked addresses in their shared inbox. Thinking that it had to be a mistake I took a look but they were right. Upon calling the “ToolsBlock Mail from Sender”-action they would get the following message:
“Limit for Blocked Addressses reached. Please delete addressses before adding more.”

The message had me stumped. Why would the developers of the mail template want to limit the number of addresses an user may block? And of all things spam senders are not the thing you want to limit. Anyways I opened the mail template in Domino Designer and took a look at the source code (the customer is running a standard Notes 7 mail template).

The action calls into the BlockUserRules script library where the below snippet code is copy/pasted from. The offending line is 102 in the Declaration section (in bold):

Function run() As Integer
   <snip />

   '// Prevent list to exceed formula total size of 32K
   '// Mostly because Manage List display issues.
   If Not ((Len(Me.m_CalJunkNames.Text)) >= 30000) Then
      ...
   End If

   <snip />
End Function

The reason for the message

A reference is made in the comment above the If-statement to the 32K limit we all know and love and to a display/UI issue. If those are really the reasons I’m a bit disappointed. Lets look at each stated reason in turn.

The 32K limit

As to the 32K limit there are ways around that. Especially for a functionality where there really shouldn’t be an upper limit. If you are unfamiliar with how the functionality is implemented you can learn a lot by using NotesPeek and looking at the CalendarProfile profile document in a mail database with this feature enabled.

When you add addresses to the list of blocked addresses a long list is stored in a field called $Filter_BlockAddressList with summary info (hence the 32K limit) and then compiled into a @Formula mail rule (see the $FilterFormula_XX fields where XX is a zero based integer index value). The values are imploded with xdd as separator (screenshot).

Why not simply let the list of blocked addresses overflow into multiple fields and hence mail rules. I agree that it is more complicated but wrapping this functionality in a class isn’t too complicated. Another option is turning off summary information for the fields since it isn’t shown in any view. There might be a technical reason for not taking the latter approach since I admit that I don’t know how the router reads the mail rules and whether the summary information is required.

The display/UI issue

This is also a bit disappointing. Lotus have to admit that the UI for managing a large list of blocked addresses is hardly excellent as it is (questionable sorting, no way to search for addresses, what does @example.com mean?) but then why not do something about it instead of simply letting it dictate your functionality? None of our customers would let us get away with reasoning like that.

To sum up…

Anyways – we have a customer that unfortunately cannot use the junk mail functionality anymore as it is supplied out of the box. Either they have to pay for custom development or somehow try to cope in other ways that is move part of the list to the server.

The conclusion – they’re not happy…

Recommendations

To not come off as totally negative I thought I would make a couple of suggestions. If nothing else to get them out there as I think it is a great place for an open source initiative.

I would think that the junk mail feature should have the following features:

  • There shouldn’t be a limit to the number of e-mail adresses, domains or hosts you can add to the list.
  • Correct alphabetically sorting of the list of addresses.
  • The list of blocked domains should be separated from the list of blocked addresses for easier management.
  • Users should only be able to add valid addresses to the list.
  • Users should not be able to add an e-mail address where the entire domain is already blocked.
  • The possibility to search for an address or all addrsses with a particular domain name.

P.S.: Did you spot the spelling mistake in the message in the first paragraph? I doubt that addresses is spelled as shown – too many S’es… 🙂

dbgMsg-methods in lotus.domino.AgentBase

Anyone who knows what the dbgMsg-methods in lotus.domino.AgentBase does except simply outputting to the system console?

public void setDebug(boolean)
public void dbgMsg(String);
public void dbgMsg(String, PrintWriter);
public void dbgMsg(String, PrintStream);

Once you call the setDebug-method with a parameter of true, the dbgMsg-methods will output text to the Java Debug Console or the supplied java.io.PrintWriter or java.io.PrintStream.

IBM – Failover does not work for @Db Functions in Notes

Technote 1093915 outlines some information which is nice to remember when using @Formula to access databases in clusters. After considering this technote you might want a scheduled LotusScript or Java agent to discover the replica id of the target database and store the replica id in a profile document for usage by formula agents. This approach is usable if you want failover to work correctly and doesn’t want to hardcode the replica id into agents which I always consider bad practice.

IBM – Failover does not work for @Db Functions in Notes

Using negative offsets for calendar alarms


Ever need to set an alarm after a meeting in your calendar started? Well I had to do this yesterday and since I have previously looked into the inner workings of the alarms in the calendar I kinda know how it works – ($Alarms)-folder and all.

Since the functionality, simplistically explained, is a matter of taking the offset you specify, convert the number into seconds, subtract it from the start time of the meeting, set a couple of $Alarm-fields and add the document to the ($Alarms)-folder I thought I might get away with entering a negative value for the offset. Entering a negative offset would effectively make the offset be added to the start time instead of subtracted and hence have the alarm go off after the meeting started.

And the big question – does it work? Well yes it does… So if you ever need this kind of functionality you know what to do.

Lotusphere 2007: It’s official – I’m presenting a session!


I must admit I got very excited when I received an e-mail from Rocky the other day with a preliminary approval of one of my submitted Lotusphere sessions. The pulse rose another notch yesterday when the official confirmation appeared in my inbox.

I’m presenting “BP308: Leverage DXL and OOP to Build Powerful Tools”.

Potential IBM Lotus Notes information leakage on port 1352

Andrew Christiansen contacted IBM® Lotus® to report a potential vulnerability
in unauthenticated transactions using the Notes Remote Procedure Call (NRPC)
protocol on port 1352.
The advisory address is as follows:
http://www.fortconsult.net/artikler/advisories.php

The NRPC protocol uses an unauthenticated transaction to look up a user
who is not yet authenticated so that the user can fetch their ID file during
Notes® setup. This transaction is optionally used when a user is first
registered or when a roaming user connects from a new client."

IBM Lotus Notes information leakage on port 1352 via the Lotus Domino Support RSS feed.