HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Clear

Security

    Showing 58

    Authenticated Received Chain (ARC) signing support

    After the integration of the DKIM signature key, SPF evaluation, it would be interesting to complete the support for the anti-spam scheme through the integration of ARC signatures (RFC 8617), which for example solve the problem of message forwardi...
    over 2 years ago in Domino / Security 0 Needs Review

    Domino should reject messages when the envelope 'From' header differs from the 'From' header in the message body

    A configuration feature is needed in Domino to block emails when the MAIL FROM address (in the envelope) differs from the FROM address in the email header.
    6 months ago in Domino / Security 1 Needs Review

    Domino Internet CA should support current standards

    The Domino Internet CA currently does not have extended key usage nor Subject Key Identifier/Authorized Key Identifier (not yet enforced) added to certificates. Those attributes are needed today to be compatible with other environments like Apple ...
    7 months ago in Domino / Security 0 Needs Review

    ID VAULT revert from archive button in ID VAULT Template

    IDV_ENABLE_VAULT_SCAN is a cool feature, while it has a little side effect. If user was away for a week User.ID is archived from vault and no longer can be extracted used. see technote. https://support.hcl-software.com/csm?id=kb_article&syspar...
    9 months ago in Domino / Security 0 Needs Review

    Allow not sending trusted root certificate on TLS handshake

    RFC 5246 (TLS 1.2) and 8446 (TLS 1.3) clearly state that sending the root certificate is unnecessary, as it is supposed to be known to clients. https://www.rfc-editor.org/rfc/rfc5246#section-7.4.2 https://www.rfc-editor.org/rfc/rfc8446#section-4.4...
    4 months ago in Domino / Security 0 Needs Review

    Enhance OIDC to support dynamic custom claims

    When using OIDC in Domino as a provider, need to be able to limit who can authenticate with each registered client application. Also, there needs to be an available ability to include the groups an authenticating user is in as part of the custom "...
    8 months ago in Domino / Security 0 Needs Review

    Certstore retry when renewal fails

    If the let’s encrypt network isn’t responding due to local or global network failure. the server should have some options for retries of renewals to keep the server running as expected even if temporary failures occurs. Also that if several failur...
    2 months ago in Domino / Security 1 Needs Review

    Document that describes Domino HTTP security settings

    There's a document created years ago: https://www.caicorp.com/2017/11/22/adding-security-http-response-headers-to-ibm-lotus-domino-server-to-get-an-a-rating/ HCL should have a similar document with more security settings.
    over 1 year ago in Domino / Security 1 Needs Review

    Password policy functioning improvements with "Check vault first then directory"

    ID vault is implemented on the server and in configuration document "Check vault first then directory" is enabled. All users authenticate to the server through ID vault successfully. Use case: The web user is able to login even though the warning ...
    over 1 year ago in Domino / Security 0 Needs Review

    Suppress this password prompt if password is set for server.id

    If a password is not set for server.id, the audit team will request the customer to set a strong password on server.id. Setting a password for the server ID will cause a password prompt on every server restart, including but not limited to unatten...
    3 months ago in Domino / Security 0 Needs Review
                                        Copyright © 2025 HCLSoftware Limited