First let me start by saying I know very little about Notes/Domino, so if I am asking something stupid, I apologize.
As a result of political details I won't get in to, and related to a current e-mail migration project from four different legacy mail systems to a new hosted environment, where no user data is being migrated and users are being actively prevented from sending mail into the new environment from the old environment, the following request has come up.
Once the new system is production, we would like to facilitate user access to the legacy environments. This will allow continuity of information contained in e-mail (e. g. day one on new system, users can send a new message as a reply to a message visible in the old system). We would like to do this in a read-only fashion, to ensure that no changes are occurring as a result of user actions in the legacy environment. (This "lock" of the old environment is related to e-discovery concerns from the legal department.)
For the purposes of this question, the legacy environments of interest are a set of distinct Domino environments, with clients ranging from 5.x to 8.x. I believe all of the Domino servers are 8.x. Most users have the Notes client although iNotes access is available.
Our first thought is just to mark the user mail NSFs as "read-only" on the server. I've seen some references online that suggest this is a workable solution, but my search-fu has failed me on finding a definitive answer.
Is there a "good" way to do this?
Thanks!
p.s. just to forestall questions on this, we don't expect 100% prevention of user information forwarding as there are too many ways for it to happen – we're just preventing as best as we can and stating as policy that they can't do it other ways. Not my decision – just following orders. The proposed migration plan is not a discussion point at this juncture – it's just finding out if one piece of it is at all reasonably doable.
p.p.s. the legacy systems include Exchange as well so I've asked the same question again with Exchange as the source. It didn't feel right to make those two into one question.
Best Answer
Set the ACLs of the Mail Databases, so that the users only have "Reader" access. Given, that "Consistent ACLs" are enabled, they can read (new) mail, ... but can't reply, move, ... them and the servers can still deliver mail that is coming from somewhere.
If that is, what you are looking for.