This could easily be used by spammers :-(

Notes/Domino 8 Forum

Subject:

I took a look into your findings yesterday and was also quite shocked. Just to elaborate a bit more on your findings to make it a bit more clear for others reading this:
A soundex value is a value that should help users to reach the right person, even if they don't know how that person's name is spelled exactly. It consists of one or two letters and 3 or more numbers, which means that for the basic set there are just 26000 possibilities to, in theory, address a lot of people in a company. The danger of the soundex is that if spammy finds out about this possibility he could just send his spam to the same 26000 addresses and every Domino MX gateway without any need to know actual names in those companies. Also groups that don't even have an Internet address have a soundex value and can be mailed this way. Do you have a group with all employees in your domain (and who doesn't), if that group has an unique Soundex value it's jackpot for Spammy!
This brings me to the one item which makes it a bit less bad than it could have been. If the soundex isn't unique (and with just 26000 possibilities that chance is quite good), the mails don't arrive, even though they are accepted by the mail server. I have to check my mail servers logs to see why exactly (can't do that from where I'm now), but it's probably a duplicate names found error or something.

Feedback response number WEBB7DCFP7 created by ~Ned Prehipilyoni on 04/03/2008