#dominoforever | Product Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Help the client to dectect Fake mails. Make it visible if a mail came via SMTP (and other stuff)

Motivation / Background:

Yesterday a customer called. In this company, there was a 'boss writes secretary do you have time for me today?' type of mail. The reply address (only after reply was clicked) pointed clearly 'somewhere', but besides this, it was very well done - most likely to gather more information in preparation of the next wave of an attack.



Idea:

Besides all the stuff we do on the servers (like filtering, virus scanning etc...) we should start point the user to potential issues - So I suggest to add more individual clientside driven side checks. The following is probably not complete, not everything is helpflul for everyone and some are only half baked, but, however, there should be something useful in this list for everyone.

Already before clicking reply, for incoming mail, make it visible ...

1. SMTP Addresses:
a) ... if a mail was coming from a SMTP Source
b) ... if the reply address would have more than one @ sign  in it. Same for more than one pair of <> , more than one set of ""  
b1) Work out a logic for Reply to all for the same
c) ... if the part of the sender displayed to the user is the same as it would be for someone in my contacts (including recent contacts) but still point to a different Recipient?
c1) Work out a logic for Reply to all for the previous point.
d)  ... visualize addresses (from, copy to) that are not in my contacts/recent contacts
d1 on top of d: and allow to manually add the address to recent contacts (right click?)

=> Every single one out of this list by itself would have identified yesterdays sample as fake - i.m.h.o. we are clearly not giving the enduser currently all information we should..


2. Singed Mails
- I might get a new certificate. - Do I already have one from this user?
- I might have a recent contact and a certificate from Max.miller@thiscompany.com - if I get another mail from this user: Did it again come with the same certificate?



3. Links:
- Make any active Element (Files, link, code) clearly identifiable (e.g. this could be a red rectangle around 'it' (the element with active code) with a green background or something).
- If someone sends me a link all the time (maybe as part of the Message disclaimer) Have a way to accept that link as part of a contact / recent contact as harmless (probably at the same time unimportant, too :-) ).
- It is currently way too complicated to look at the complete URL of a long incoming link (edit mode, mark and copy in property boy, ad notepad and paste ....). Most of the time, when doing so, I am only trying to find out: How many dots are in the URL. is it http or https. what is the true server the thing is sent to  (if there is many dots, what is the last, and winning domain when opened).


4. Message disclaimer
- Instead of displaying me those all the time (and leave it to me to find out if it looks exactly the same as yesterdays) it might be very helpful to be able to mark and accept those (recent contacts?) - and replace it just with a line of text if still the same as in the last mail.





  • Guest
  • Aug 31 2019
  • Assessment
  • Attach files
  • Guest commented
    19 Jul, 2022 07:29am

    As for URLs, I could envision a popup when the cursor is over it that just shows the 'barebones' URL : xxx.xxx so the user does not have to try to figure it out by counting dots.

  • Guest commented
    19 Jul, 2022 07:28am

    we created a subform that was added above the email address fields of the Memo/Reply/Reply with History form. In it we just show the Variable : SMTPOriginator

    in a computed text. This way the user sees the original email address of the sender right away, not the 'alias' that the sender has decided to show. This has already simplified the handling of incoming emails and secured users.