feat: add NeverBounce email verification for transactional emails#1499
feat: add NeverBounce email verification for transactional emails#1499evanjacobson merged 6 commits intomainfrom
Conversation
Adds pre-send NeverBounce verification to reduce ~3% bounce rate on transactional emails. Blocks invalid and disposable emails; allows valid, catchall, and unknown through. Fails open if NeverBounce is unavailable. Callers receive SendResult so they can react to blocked emails: - Magic link route returns 400 with user-facing error - Org invite expires invitation row and throws BAD_REQUEST - Billing lifecycle cron removes idempotency row for retry - Admin email testing routes through send() for verification
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
Code Review SummaryStatus: 1 Issue Found | Recommendation: Address before merge Overview
Issue Details (click to expand)WARNING
Fix these issues in Kilo Cloud Other Observations (not in diff)Previously raised issues in Files Reviewed (12 files)
Reviewed by gpt-5.4-20260305 · 2,444,342 tokens |
- Admin sendTest restores original provider-specific routing (respects selected provider) with NeverBounce check added before dispatch - send() now checks provider return value — returns provider_not_configured when credentials are missing instead of falsely claiming sent: true - SendResult reason union extended with 'provider_not_configured'
There was a problem hiding this comment.
most of this will be filtered out after #1356 merges
- Magic link route: neverbounce_rejected → 400 (user's email is bad), provider_not_configured → 500 (server issue, don't blame the user) - Billing cron: only deletes idempotency row for provider_not_configured (transient). Keeps the row for neverbounce_rejected (terminal) to avoid re-verifying the same invalid address every sweep.
| execution_time: number; | ||
| }; | ||
|
|
||
| const BLOCKED_RESULTS = new Set<NeverBounceResult>(['invalid', 'disposable']); |
There was a problem hiding this comment.
note that 'disposable' was not explicitly included in the spec, but is included here. 'disposable' emails are services such as tempmail, guerilla mail, etc.
| acceptInviteUrl, | ||
| }); | ||
|
|
||
| if (!emailResult.sent) { |
There was a problem hiding this comment.
WARNING: Provider misconfiguration is still reported as a bad invite address
sendOrganizationInviteEmail() now distinguishes neverbounce_rejected from provider_not_configured, but this branch collapses both cases into the same BAD_REQUEST / "use a different email" response. If email delivery is broken in preview or staging because the provider credentials are missing, organization owners will be told the invitee's address is invalid even though the failure is operational.
| // For neverbounce_rejected the address is permanently invalid — keep the | ||
| // idempotency row so we don't re-verify on every sweep. |
There was a problem hiding this comment.
This comment seems out of place? The code below it doesn't relate to it?
2 participants
Summary
Adds NeverBounce email verification before sending transactional emails to reduce our ~3% bounce rate. Blocks
invalidanddisposableemails; allowsvalid,catchall,unknownthrough. Fails open if NeverBounce is unavailable.How it works:
src/lib/email-neverbounce.tscalls the NeverBounce single-check API with a 5s timeoutsend()returnsSendResult({ sent: true } | { sent: false, reason }) so callers can reactCaller handling:
BAD_REQUESTsend()so NeverBounce is exercisedVerification
Automated tests (50 passing)
npx tsc --noEmit— no type errorspnpm lint— cleanemail-neverbounce.test.ts— 11 tests (all result types, fail-open, Sentry reporting, timeout, params)magic-link/route.test.ts— 10 testsautoTopUp.test.ts— 16 testsemail.test.ts— 13 testsManual tests (all passing on localhost)
fakeperson@xyznotarealdomainever.comtld→ HTTP 400test@mailinator.com→ HTTP 400support@neverbounce.com→ HTTP 200evan@kilocode.ai→ email received in inboxVisual Changes
N/A — no UI changes in this PR (admin page provider selector is unchanged).
Reviewer Notes
NEVERBOUNCE_API_KEYhas been added to Vercel.