fix: stop suppressing synthetic@pipeline.com (real customer address)

Paul Wilson (Compound Technologies) signed up with synthetic@pipeline.com, which is a genuine, deliverable EarthLink address (pipeline.com MX -> earthlink-vadesecure.net; he confirmed receipt by phone). Our code had hardcoded pipeline.com + the synthetic@ prefix as a 'non-deliverable FMCSA-census placeholder' and silently suppressed every automated email to him (checkout provisioning, order-creation validation, intake reminders, set-password invites). Nothing in the codebase actually generates that address, so the placeholder rationale was wrong. Removed pipeline.com and the synthetic@ rule from all four suppression sites; only RFC-reserved example.com/test.com/invalid remain blocked.
2026-06-10 14:41:19 -05:00 · 2026-06-10 14:41:19 -05:00 · 1ff8b88ac8
commit 1ff8b88ac8
parent 983c732baf
4 changed files with 20 additions and 21 deletions
--- a/api/src/routes/checkout.ts
+++ b/api/src/routes/checkout.ts
@ -202,14 +202,10 @@ async function ensureCompliancePortalUser(
  }
  if (!email) return;

-  // Skip only the genuine FMCSA-census placeholder, never a real customer who
-  // happens to use these (real) consumer domains. The census placeholder is
-  // exactly "synthetic@pipeline.com"; treat that one string as non-deliverable
-  // and anything else as a real address.
-  if (email === "synthetic@pipeline.com") {
-    console.warn(`[checkout] Skipping portal provisioning for ${orderId}: FMCSA-census placeholder email`);
-    return;
-  }
+  // (No address suppression here. `synthetic@pipeline.com` is a real customer
+  // address (EarthLink/pipeline.com), not a placeholder -- provisioning + email
+  // proceed normally. Only RFC-reserved test domains are rejected upstream at
+  // order creation (emailError in compliance-orders.ts).)

  // ── Portal login account (Postgres `customers` row) ──────────────────
  // The portal login + forgot-password read the Postgres `customers` table
--- a/api/src/routes/compliance-orders.ts
+++ b/api/src/routes/compliance-orders.ts
@ -18,19 +18,21 @@ import { requireAdmin } from "../middleware/admin-auth.js";
 const router = Router();

 // ── Email validation ────────────────────────────────────────────────────────
-// Reject malformed addresses AND known non-deliverable placeholders (e.g. the
-// FMCSA-census "synthetic@pipeline.com" used when no real email was found) at
-// order-creation time, so we never seed an order/portal account with an
-// address we can't actually reach.
+// Reject malformed addresses AND RFC-reserved non-deliverable test domains, so
+// we never seed an order/portal account with an address we can't reach. NOTE:
+// `pipeline.com` is a REAL (EarthLink) domain with deliverable mailboxes and is
+// NOT a placeholder -- a customer (Paul Wilson) uses synthetic@pipeline.com as
+// his genuine address, confirmed reachable. Only example.com/test.com are
+// reserved test domains.
 const EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
-const PLACEHOLDER_EMAIL_DOMAINS = new Set(["pipeline.com", "example.com", "test.com"]);
+const PLACEHOLDER_EMAIL_DOMAINS = new Set(["example.com", "test.com", "invalid"]);

 function emailError(raw: unknown): string | null {
  const email = String(raw || "").trim().toLowerCase();
  if (!email) return "customer_email is required.";
  if (!EMAIL_RE.test(email)) return "customer_email is not a valid email address.";
  const domain = email.split("@")[1] || "";
-  if (email.startsWith("synthetic@") || PLACEHOLDER_EMAIL_DOMAINS.has(domain)) {
+  if (PLACEHOLDER_EMAIL_DOMAINS.has(domain)) {
    return "customer_email appears to be a placeholder; a real email address is required.";
  }
  return null;