Page MenuHomePhabricator

Comments from invalid email addresses vanish into the ether
Closed, ResolvedPublic

Description

If a user replies to a email notification of a task, but the reply comes from an address that Phabricator doesn't know belongs to the user, the reply completely disappears. (This is common for people who have several email addresses directing to e.g. their Gmail, but always reply from one address.) Phabricator should respond to the sender to the effect of "We don't know that you're allowed to comment on this, so your comment wasn't posted."

Event Timeline

jonah214 assigned this task to epriestley.
jonah214 raised the priority of this task from to Needs Triage.
jonah214 updated the task description. (Show Details)
jonah214 added a subscriber: jonah214.

Yeah, this is pretty funky right now. You may be able to set phabricator.allow-email-users to true to get slightly better behavior, but that also might not do much. Another not-so-great workaround is to add all your email addresses to your account, which I think works. But mostly we need to clean this code up and make it handle failures better.

One minor issue is that I'm not sure how to best prevent auto-reply loops, if we happen to send email somewhere that triggers an automatic reply. We probably don't need to worry about this, though -- the mail should go from the user to the task address, then the error would come from the default reply-to address, so any automatic response would go there instead, and we can safely swallow that mail.

Another not-so-great workaround is to add all your email addresses to your account, which I think works.

This does seem to work, we just didn't realize it was necessary for a
while, during which a lot of comments were lost. (Well, not truly
lost, since they're in Sent Mail, but digging all of them out of there
is really irritating.)

One minor issue is that I'm not sure how to best prevent auto-reply loops, if we happen to send email somewhere that triggers an automatic reply. We probably don't need to worry about this, though -- the mail should go from the user to the task address, then the error would come from the default reply-to address, so any automatic response would go there instead, and we can safely swallow that mail.

Yeah, I recognize that this is a problem -- but I have to think it's
one that's been solved many times before.

Thanks for your attention.