[NEW] Reply notification email to sender's email when the Direct Reply feature is disabled

[localguru]

Closes #12176

If direct e-mail feature isn't enabled, all e-mail replies to notification e-mails are sent to the global set e-mail From_Email address.

Many users reply to those e-mails and assume the reply is sent to the original sender. As a result, this is confusing and, in my opinion, also a privacy issue, because private e-mails could be sent to the global From_Email e-mail address. This is usually an unwanted recipient of the contents of the e-mail.

There are several solutions to this problem:

a) The sender e-mail address for notifications can be configured separately, e.g. [email protected] and the real name of the user is not placed in front of the e-mail address, but e.g. No-Reply. As a result: No-Reply <[email protected]>. For most users it would be clear that the answer will not be sent to the sender. Should a user reply to noreply@ nevertheless, an autoresponder could send an answer with a corresponding hint or the e-mail is just dropped.

b) A Reply-To header is set, which contains the e-mail address of the user.

c) The sender's real name and the e-mail address corresponds to the e-mail address of the user.

I think option c) would be the best solution to the problem. This is a quick pull for option c).

The patch could also be included as an option so that the configuration can be set to enable this feature.

[sampaiodiego]

thanks again @localguru

I've changed your code a little bit, let me know what you think, because we cannot use the sender's email address as the "From" address because most email providers validate that address against the SMTP server and they might flag the email as spam if it is not valid. That's why we have the from setting, to allow a proper SMTP configuration.

so what I did was always add a Reply-To with sender's email address.. If the server uses the Direct Reply feature, we'll still replace that with one email address we can track.

basically I changed to follow your b) option..

[CLAassistant]

All committers have signed the CLA.

[rodrigok]

@sampaiodiego the code looks good for me, what do you think?

[sampaiodiego]

I think it is good to go

[nmagedman]

AFAICT, a user's email address is not displayed to any other (non-admin) users anywhere within the RC UI, so we've always considered this a private field. However, with this change, the email address is now exposed via these emails.

1. Is my premise correct? Are users’ email address considered public or private data?
2. If public, where are the email addresses displayed?

[andreybrasil]

Hi,
I think there should be an option to disable sending the user's full name in the FROM: field for notifications of messages sent when offline.

Some email clients and collaboration services automatically add contacts from answered messages and sometimes even from received messages to the address book.

Once this happens all subsequent email messages sent by rocketchat begin to be identified with the name of an individual who was saved in the address book initially linked to the email address of the rocketchat.