Inbound Email Flow infinite loop

arielgritti
Mega Sage

‎09-07-2022 06:28 AM

Hi Community

I hope you can help me with some ideas to solve this issue:

We have this scenario:

  • We are creating a record using an Inbound Email flow
  • We add the recipients in the inbound email to the record's watch list
  • We send a notification after we create the record to inform the record number. This notification is sent to the watch list too

What is the issue?

  1. If the sender adds in the recipients (the CC list in the original email) addresses as "no-reply" (in all the variations, "noreply", "no-reply", "dont-reply", etc) we have an "infinite loop". The "no-reply" answer, we sent the notification again, and again, and again
  2. If the sender adds a lot of addresses in the CC a lot of notifications are sent, doesn't matter if they aren't "no-reply" addresses

Only 1 loop, sent more than 15.000 emails x 100 CC = 1.5M of emails sent! 😞

Some ideas?

  1. I'm thinking to parse the recipient list to delete any type of "no-reply" address (in all the manners they appear)
  2. I'm thinking to establish an upper limit, for instance, 20 addresses in the CC (really I'll only add 20 addresses to the watch list), but the problem is, which 20? There is no way to know, the first 20
  3. I'm open to hear you mates 😉

Any idea to help me to resolve this issue? We have more than 20 inbound email flows running and this is a potential risk to collapse our email system.

 

Thanks,
Ariel

 

0 Helpfuls
  • 1,352 Views
1 REPLY 1

Tony Chatfield1
Kilo Patron

‎09-07-2022 05:02 PM

Hi, it's sounds like you might want to start by reviewing your concept\process\business requirements as there seem to be a number of issues which result in unnecessary risk.

"No reply' email addresses are normally flagged as the organization involved does not want email sent to the address, so adding these to a watch list or emailing them does seem counter productive.
Perhaps you can use email address filters to exclude received messages from this type of address?

How to use Email Address filters to ignore any email from any sender? - Support and Troubleshooting ...

Triggering an outbound email to the email/user that triggered the 'update' normally ends badly with automated platforms and adding ad-hoc email addresses to watch lists is a high risk action, You could potentially prevent this scenario if 'new' email addresses were added as sys_users and your notifications were not flagged send to event creator = true.

I would also review the requirement behind addition of emails to a watch list simply because a user CC'd the email address(es) in a response, potentially if the user action was in error/the wrong address was added the result is a security/data breach.