Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SECURITY: BCC active user emails from group SMTP #19724

Merged
merged 1 commit into from Jan 5, 2023

Conversation

tgxworld
Copy link
Contributor

@tgxworld tgxworld commented Jan 4, 2023

When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.

When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.
@tgxworld tgxworld merged commit 7bd83ef into stable Jan 5, 2023
2 of 9 checks passed
@tgxworld tgxworld deleted the security/group-smtp-bcc-stable branch January 5, 2023 00:50
tgxworld added a commit to tgxworld/discourse that referenced this pull request Jan 5, 2023
tgxworld added a commit to tgxworld/discourse that referenced this pull request Jan 5, 2023
When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.

Co-authored-by: Martin Brennan <martin@discourse.org>
tgxworld added a commit that referenced this pull request Jan 5, 2023
tgxworld added a commit that referenced this pull request Jan 5, 2023
When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.

Co-authored-by: Martin Brennan <martin@discourse.org>
tgxworld added a commit to tgxworld/discourse that referenced this pull request Jan 5, 2023
tgxworld added a commit to tgxworld/discourse that referenced this pull request Jan 5, 2023
When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.

Co-authored-by: Martin Brennan <martin@discourse.org>
tgxworld added a commit that referenced this pull request Jan 5, 2023
tgxworld added a commit that referenced this pull request Jan 5, 2023
When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.

Co-authored-by: Martin Brennan <martin@discourse.org>
@xfalcox xfalcox mentioned this pull request Feb 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
3 participants