Include the email subject line in rejection messages

This change has a tradeoff. It increases our backscatter vulnerability - the subject could have spammy content - but it's extremely valuable to the user to know exactly which message was rejected. If you sent two at the same time, and only one was rejected, you would have no way of knowing which worked and which to resend without going to the website (which is what email-in is trying to avoid, kinda).
2025-02-23 00:04:59 +08:00 · 2014-07-17 10:04:02 -07:00 · 2014-07-17 10:04:02 -07:00 · c8d322d1be
commit c8d322d1be
parent 1682f5d584
4 changed files with 15 additions and 21 deletions
--- a/app/jobs/scheduled/poll_mailbox.rb
+++ b/app/jobs/scheduled/poll_mailbox.rb
@ -44,7 +44,7 @@ module Jobs
        if message_template
          # inform the user about the rejection
          message = Mail::Message.new(mail_string)
-          client_message = RejectionMailer.send_rejection(message.from, message.body, message.to, message_template)
+          client_message = RejectionMailer.send_rejection(message.from, message.body, message.subject, message.to, message_template)
          Email::Sender.new(client_message, message_template).send
        else
          Discourse.handle_exception(e, { code: "unknown error for incoming email", mail: mail_string} )
--- a/app/mailers/rejection_mailer.rb
+++ b/app/mailers/rejection_mailer.rb
@ -3,11 +3,12 @@ require_dependency 'email/message_builder'
 class RejectionMailer < ActionMailer::Base
  include Email::BuildEmailHelper

-  def send_rejection(from, body, to_address, template)
-    build_email(from, template: "system_messages.#{template}", source: body, destination: to_address)
+  def send_rejection(message_from, message_body, message_subject, forum_address, template)
+    build_email(message_from,
+                template: "system_messages.#{template}",
+                source: message_body,
+                former_title: message_subject,
+                destination: forum_address)
  end

-  def send_trust_level(from, template)
-    build_email(from, template: 'email_reject_trust_level')
-  end
 end
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@ -1356,21 +1356,21 @@ en:
    email_reject_trust_level:
      subject_template: "Email issue -- Insufficient Trust Level"
      text_body_template: |
-        We're sorry, but your email message to %{destination} didn't work.
+        We're sorry, but your email message to %{destination} (titled %{former_title}) didn't work.

        Your account does not have the required trust level to post new topics to this email address. If you believe this is in error, contact a staff member.

    email_reject_no_account:
      subject_template: "Email issue -- No Account"
      text_body_template: |
-        We're sorry, but your email message to %{destination} didn't work.
+        We're sorry, but your email message to %{destination} (titled %{former_title}) didn't work.

        There is no known account with this email address. Try sending from a different email address, or contact a staff member.

    email_reject_empty:
      subject_template: "Email issue -- No Content"
      text_body_template: |
-        We're sorry, but your email message to %{destination} didn't work.
+        We're sorry, but your email message to %{destination} (titled %{former_title}) didn't work.

        We couldn't find any content in the email. Make sure that you wrote something at the top of the email - we can't parse inline replies.
        If you're getting this and you did include content, try again in UTF-8 plain text (no HTML).
@ -1378,21 +1378,21 @@ en:
    email_reject_parsing:
      subject_template: "Email issue -- Content unrecognized"
      text_body_template: |
-        We're sorry, but your email message to %{destination} didn't work.
+        We're sorry, but your email message to %{destination} (titled %{former_title}) didn't work.

        We couldn't find where your reply was in the email. **Make sure to write your entire reply at the top of the email** -- everything below the start of the replied-to message is discarded.

    email_reject_post_error:
      subject_template: "Email issue -- Posting error"
      text_body_template: |
-        We're sorry, but your email message to %{destination} didn't work.
+        We're sorry, but your email message to %{destination} (titled %{former_title}) didn't work.

        Some possible causes are: complex formatting, message too large, message too small. Please try again.

    email_reject_reply_key:
      subject_template: "Email issue -- Bad Reply Key"
      text_body_template: |
-        We're sorry, but your email message to %{destination} didn't work.
+        We're sorry, but your email message to %{destination} (titled %{former_title}) didn't work.

        The provided reply key is invalid or unknown, so we don't know what this email is in reply to. Contact a staff member.

--- a/spec/jobs/poll_mailbox_spec.rb
+++ b/spec/jobs/poll_mailbox_spec.rb
@ -44,14 +44,7 @@ describe Jobs::PollMailbox do
  describe "processing email" do

    let!(:receiver) { mock }
-    let!(:email_string) { <<MAIL
-From: user@example.com
-To: reply+32@discourse.example.net
-Subject: Hi
-
-Email As a String
-MAIL
-    }
+    let!(:email_string) { fixture_file("emails/valid_incoming.eml") }
    let!(:email) { mock }

    before do
@ -82,7 +75,7 @@ MAIL
        sender_object = mock

        RejectionMailer.expects(:send_rejection).with(
-            message.from, message.body, message.to, :email_reject_trust_level
+            message.from, message.body, message.subject, message.to, :email_reject_trust_level
        ).returns(client_message)
        Email::Sender.expects(:new).with(client_message, :email_reject_trust_level).returns(sender_object)
        sender_object.expects(:send)