Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reply to messages via email #481

Merged
merged 13 commits into from Jun 10, 2022
Merged

Reply to messages via email #481

merged 13 commits into from Jun 10, 2022

Conversation

joemasilotti
Copy link
Owner

@joemasilotti joemasilotti commented Jun 9, 2022
edited

This PR implements inbound email processing for replying to messages.

Closes #423.

To-dos:

  • Implement Action Mailbox to receive inbound emails
  • Create a new message when an inbound email is received in reply to a notification email
  • Note in the message email that you can reply to the email directly
  • Properly obfuscate the "from" field so someone can't guess it and send a message to a conversation they aren't a part of
  • Mark the conversation's notifications as read continued via email
  • Run through Businesses::Permission to ensure user is permitted to send the message
  • Ensure conversation isn't blocked
  • Configure Postmark and production settings

Questions/concerns:

  • Is mail.from "safe" - can we trust it actually is that person?
  • Is reply-to "conversations-#{id}@" the right approach - or should we explore a header?
  • What about multipart (HTML) email bodies?
  • Routing all: :messages isn't sustainable.
  • Do we need to handle "reply above this line"? Not until I use it in production for a bit.

Pull request checklist

  • My code contains tests covering the code I modified
  • I linted and tested the project with bin/check
  • I added significant changes and product updates to the changelog Not until I remove the feature flag

@joemasilotti
MVP: Can receive an inbound email from a message
b425594 
TODOS:

* Is `mail.from` "safe" - can we trust it actually is that person?
* What about multipart (HTML) email bodies?
* Is reply-to "conversations-#{id}@" the right approach - or should we
  explore a header?
* Routing all: :messages isn't sustainable.
@joemasilotti
Sign new message emails for replying
6447461 
Instead of using the conversation ID in the reply-to, instead use a
signed ID to ensure it can't be guesses.

This should remove the worry of someone faking a `from` header.
@joemasilotti
Process inbound emails starting with "message-"
82d35f3
@joemasilotti
Note that you can respond to a message via email
f1f8266
@joemasilotti
Copy link
Owner Author

joemasilotti commented Jun 9, 2022
edited

@fig mentioned on the stream:

Stripping out signature blocks —

​I'm not sure how reliable it is, but properly configured email client should add a signature block identifier (2 dashes, a space, carriage return, new line) which we can look for and remove all after.

@joemasilotti joemasilotti marked this pull request as ready for review June 9, 2022 22:54
@joemasilotti joemasilotti marked this pull request as draft June 9, 2022 22:55
@joemasilotti joemasilotti marked this pull request as ready for review June 10, 2022 02:08
@joemasilotti joemasilotti merged commit 4414822 into main Jun 10, 2022
5 checks passed
@joemasilotti joemasilotti deleted the action-mailbox branch June 10, 2022 02:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tysongach tysongach tysongach left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement Action Mailbox to reply to messages via email
2 participants
@joemasilotti @tysongach