Reply to notification emails can result in privacy leak


#1

Hii,

Is your feature request related to a problem? Please describe.

If direct email feature isn’t enabled, all replies to notification e-mails are sent to the global set e-mail From_Email address:

packages/rocketchat-lib/server/functions/notifications/email.js

        // using user full-name/channel name in from address
        if (room.t === 'd') {
                email.from = `${ String(message.u.name).replace(/@/g, '%40').replace(/[<>,]/g, '') } <${ RocketChat.settings.get('From_Email') }>`;
        } else {
                email.from = `${ String(room.name).replace(/@/g, '%40').replace(/[<>,]/g, '') } <${ RocketChat.settings.get('From_Email') }>`;
        }
        // If direct reply enabled, email content with headers

Because the real name of the user is placed before the global e-mail address, many of my users reply to these e-mails and think the reply goes back to the sender.

As a result, this is confusing and, in my opinion, also a privacy issue because private e-mails are sent to the global e-mail address.

There is also the danger that e-mail clients such as Thunderbird, Outlook etc. will automatically collect this incorrect e-mail address consisting of the user’s right name and “incorrect” <From_Email> in their address book.

Describe the solution you’d like

There are several solutions to this problem:

a) The sender e-mail address for notifications can be configured separately, e.g. noreply@yourdomain.de and the real name of the user is not placed in front of the e-mail address, but e.g. No-Reply. As a result: No-Reply <noreply@yourdomain.de>. For most users it would be clear that the answer will not be sent to the sender. Should a user reply to noreply@ nevertheless, an autoresponder could send an answer with a corresponding hint.

b) A Reply-To header is set, which contains the e-mail address of the user. However, this does not solve the automatic collection of incorrect e-mail addresses in the recipient’s address book.

c) The sender’s real name and the e-mail address corresponds to the e-mail address of the user.

I think option c) would be the best solution to the problem.

see also: https://github.com/RocketChat/Rocket.Chat/issues/12176

Cheers
Marcus