Page MenuHomePhabricator

Never send normal mail to unverified addresses
ClosedPublic

Authored by epriestley on Feb 9 2017, 6:08 PM.
Tags
None
Referenced Files
F11401287: D17329.diff
Tue, Nov 29, 2:32 PM
Unknown Object (File)
Sat, Nov 26, 3:23 PM
Unknown Object (File)
Fri, Nov 11, 10:25 AM
Unknown Object (File)
Fri, Nov 11, 10:24 AM
Unknown Object (File)
Fri, Nov 11, 10:24 AM
Unknown Object (File)
Tue, Nov 8, 9:10 AM
Unknown Object (File)
Tue, Nov 8, 9:08 AM
Unknown Object (File)
Mon, Nov 7, 3:18 PM
Subscribers
None

Details

Summary

Ref T12237. This tightens our delivery rules, which previously sent normal mail to unverified addresses:

  • We sent general mail to unverified addresses so that you wouldn't miss anything between the time you sign up (or have an account created) and the time you verify your address. This was imagined as a slight convenience for users.
  • We sent automatic reply mail to unverified addresses if they sent mail to us first, saying "we don't recognize that address". This was imagined as a convenience for users who accidentally send mail "From" the wrong address (personal vs work, for example).

I think both behaviors are probably a little better for users on the balance, but not having mail providers randomly shut us off without warning is better for me, personally -- so stop doing this stuff.

This creates a problem which we likely need to solve before the release is cut:

  • On installs which do not require mail verification, mail to you will now mostly-silently be dropped if you never bothered to verify your address.

I'd like to solve this by adding some kind of per-user alert that says "We recently tried to send you some mail but you haven't verified your address.", and giving them links to verify the address and review the mail. I'll pursue this after restoring mail service to secure.phabricator.com.

Test Plan
  • Added a unit test.
  • Unverified my address, sent mail, saw it get dropped.
  • Reverified my address, sent mail, saw it go through.
  • Verified that important mail (password reset, invite, confirm-this-address) either uses "Force Delivery" (skips this check) or "Raw To Addresses" (also skips this check).
    • Verified that Phacility instance stuff is also covered: it uses the same invite flow.

Diff Detail

Repository
rP Phabricator
Branch
mail1
Lint
Lint Skipped
Unit
Tests Passed
Build Status
Buildable 15572
Build 20544: Run Core Tests
Build 20543: arc lint + arc unit