Page MenuHomePhabricator

Never send normal mail to unverified addresses
ClosedPublic

Authored by epriestley on Feb 9 2017, 6:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 13, 9:16 AM
Unknown Object (File)
Fri, Dec 13, 9:16 AM
Unknown Object (File)
Fri, Dec 13, 8:55 AM
Unknown Object (File)
Fri, Dec 13, 7:33 AM
Unknown Object (File)
Tue, Dec 10, 4:45 PM
Unknown Object (File)
Tue, Dec 3, 2:56 PM
Unknown Object (File)
Oct 29 2024, 2:02 PM
Unknown Object (File)
Oct 22 2024, 6:10 AM
Subscribers
None

Details

Summary

Ref T12237. This tightens our delivery rules, which previously sent normal mail to unverified addresses:

  • We sent general mail to unverified addresses so that you wouldn't miss anything between the time you sign up (or have an account created) and the time you verify your address. This was imagined as a slight convenience for users.
  • We sent automatic reply mail to unverified addresses if they sent mail to us first, saying "we don't recognize that address". This was imagined as a convenience for users who accidentally send mail "From" the wrong address (personal vs work, for example).

I think both behaviors are probably a little better for users on the balance, but not having mail providers randomly shut us off without warning is better for me, personally -- so stop doing this stuff.

This creates a problem which we likely need to solve before the release is cut:

  • On installs which do not require mail verification, mail to you will now mostly-silently be dropped if you never bothered to verify your address.

I'd like to solve this by adding some kind of per-user alert that says "We recently tried to send you some mail but you haven't verified your address.", and giving them links to verify the address and review the mail. I'll pursue this after restoring mail service to secure.phabricator.com.

Test Plan
  • Added a unit test.
  • Unverified my address, sent mail, saw it get dropped.
  • Reverified my address, sent mail, saw it go through.
  • Verified that important mail (password reset, invite, confirm-this-address) either uses "Force Delivery" (skips this check) or "Raw To Addresses" (also skips this check).
    • Verified that Phacility instance stuff is also covered: it uses the same invite flow.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable