Reject reply by email to notification if the from email is not verified (!79932) · Merge requests · GitLab.org / GitLab

Sincheol (David) Kim requested to merge 328028-reply-by-email-to-notification-is-attributed-to-wrong-user into master Feb 04, 2022

What does this MR do and why?

When a user forward an email that has a reply by email mail key, we were associating it to the original user regardless of where the email came from.

I think it is done by accident mostly, so we should reject these emails and let them comment on the issue directly.

I can't think of any valid use case for this, but we can look into it again later if we overlooked something.

NOTE: We can't do much about Service Desk issues as the support_bot is the author of the comment so we're ignoring those. It doesn't seem necessary for now, but I think it'd be great if we can make it clear who responded.

Screenshots or screen recordings

User will receive an email something like this when replying from an email address that is not associated with the original recipient.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #328028 (closed)

Edited Feb 08, 2022 by Sean Arnold

Reject reply by email to notification if the from email is not verified

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports