fix: stop suppressing synthetic@pipeline.com (real customer address)

Paul Wilson (Compound Technologies) signed up with synthetic@pipeline.com, which is a genuine, deliverable EarthLink address (pipeline.com MX -> earthlink-vadesecure.net; he confirmed receipt by phone). Our code had hardcoded pipeline.com + the synthetic@ prefix as a 'non-deliverable FMCSA-census placeholder' and silently suppressed every automated email to him (checkout provisioning, order-creation validation, intake reminders, set-password invites). Nothing in the codebase actually generates that address, so the placeholder rationale was wrong. Removed pipeline.com and the synthetic@ rule from all four suppression sites; only RFC-reserved example.com/test.com/invalid remain blocked.
2026-06-10 14:41:19 -05:00 · 2026-06-10 14:41:19 -05:00 · 1ff8b88ac8
commit 1ff8b88ac8
parent 983c732baf
4 changed files with 20 additions and 21 deletions
--- a/scripts/workers/delivery_worker.py
+++ b/scripts/workers/delivery_worker.py
@ -338,10 +338,10 @@ def _build_portal_onboard_html(pg_order: dict | None) -> str:
    order_number = pg_order.get("order_number", "")
    if not email:
        return ""
-    # Never send a set-password invite to a known placeholder address (e.g. the
-    # FMCSA-census "synthetic@pipeline.com" used when no real email was found).
+    # Never send to RFC-reserved test domains. (pipeline.com is a REAL EarthLink
+    # domain a customer uses -- not a placeholder -- so it is allowed.)
    em = email.strip().lower()
-    if em.startswith("synthetic@") or em.split("@")[-1] in {"pipeline.com", "example.com", "test.com"}:
+    if em.split("@")[-1] in {"example.com", "test.com", "invalid"}:
        return ""
    token = _generate_set_password_token(email, order_number)
    url = f"{PORTAL_URL.rstrip('/')}/set-password?token={token}"
--- a/scripts/workers/intake_reminder.py
+++ b/scripts/workers/intake_reminder.py
@ -64,10 +64,11 @@ MAX_REMINDERS = int(os.getenv("INTAKE_REMINDER_MAX", "10"))
 MIN_AGE_HOURS = int(os.getenv("INTAKE_REMINDER_MIN_AGE_HOURS", "20"))

 # Mirror the API's email validation (api/src/routes/compliance-orders.ts):
-# reject malformed addresses AND known non-deliverable placeholders such as the
-# FMCSA-census "synthetic@pipeline.com" used when no real email was found.
+# reject malformed addresses AND RFC-reserved non-deliverable test domains.
+# NOTE: pipeline.com is a REAL (EarthLink) domain a customer uses -- not a
+# placeholder -- so it is NOT blocked.
 EMAIL_RE = re.compile(r"^[^@\s]+@[^@\s]+\.[^@\s]+$")
-PLACEHOLDER_DOMAINS = {"pipeline.com", "example.com", "test.com"}
+PLACEHOLDER_DOMAINS = {"example.com", "test.com", "invalid"}


 def _email_ok(raw: str | None) -> bool:
@ -75,7 +76,7 @@ def _email_ok(raw: str | None) -> bool:
    if not email or not EMAIL_RE.match(email):
        return False
    domain = email.split("@", 1)[1] if "@" in email else ""
-    if email.startswith("synthetic@") or domain in PLACEHOLDER_DOMAINS:
+    if domain in PLACEHOLDER_DOMAINS:
        return False
    return True