fix: stop suppressing synthetic@pipeline.com (real customer address)

Paul Wilson (Compound Technologies) signed up with synthetic@pipeline.com,
which is a genuine, deliverable EarthLink address (pipeline.com MX ->
earthlink-vadesecure.net; he confirmed receipt by phone). Our code had
hardcoded pipeline.com + the synthetic@ prefix as a 'non-deliverable
FMCSA-census placeholder' and silently suppressed every automated email to
him (checkout provisioning, order-creation validation, intake reminders,
set-password invites). Nothing in the codebase actually generates that
address, so the placeholder rationale was wrong. Removed pipeline.com and the
synthetic@ rule from all four suppression sites; only RFC-reserved
example.com/test.com/invalid remain blocked.
This commit is contained in:
justin 2026-06-10 14:41:19 -05:00
parent 983c732baf
commit 1ff8b88ac8
4 changed files with 20 additions and 21 deletions

View file

@ -64,10 +64,11 @@ MAX_REMINDERS = int(os.getenv("INTAKE_REMINDER_MAX", "10"))
MIN_AGE_HOURS = int(os.getenv("INTAKE_REMINDER_MIN_AGE_HOURS", "20"))
# Mirror the API's email validation (api/src/routes/compliance-orders.ts):
# reject malformed addresses AND known non-deliverable placeholders such as the
# FMCSA-census "synthetic@pipeline.com" used when no real email was found.
# reject malformed addresses AND RFC-reserved non-deliverable test domains.
# NOTE: pipeline.com is a REAL (EarthLink) domain a customer uses -- not a
# placeholder -- so it is NOT blocked.
EMAIL_RE = re.compile(r"^[^@\s]+@[^@\s]+\.[^@\s]+$")
PLACEHOLDER_DOMAINS = {"pipeline.com", "example.com", "test.com"}
PLACEHOLDER_DOMAINS = {"example.com", "test.com", "invalid"}
def _email_ok(raw: str | None) -> bool:
@ -75,7 +76,7 @@ def _email_ok(raw: str | None) -> bool:
if not email or not EMAIL_RE.match(email):
return False
domain = email.split("@", 1)[1] if "@" in email else ""
if email.startswith("synthetic@") or domain in PLACEHOLDER_DOMAINS:
if domain in PLACEHOLDER_DOMAINS:
return False
return True