Safeguard against email spoofing with the Safe Email Send To setting.
In order to safeguard against email spoofing we've added a setting for forms that are using are an email override field. This field is activated by adding a list of emails in the form of comma separated values (CSV). When the field is activated the email override value will be validated against the CSV list; if the email override value does not match a value in the list the email will not be sent.
There are 3 different behaviors that can happen on form submission depending on whether or not the Safe Email field is filled out.
The field is left blank: on submission the field is ignored.
The field is filled out and matches the email override value: on submission Zesty.io will validate the email override value against the Safe Email field value(s) and will send an email.
The field is filled out and it does not match the email override value: on submission Zesty.io will validate the email override value against the Safe Email field value(s) and will not send an email.
Adding the Safe Email Send To Setting
This setting can be added via our API with the following JSON body:
"keyFriendly": "Safe Email Send To List",
"tips": "CSV of Safe Emails for Email Override"
If you're not comfortable using our API send a request via Slack or email [email protected] and ask for the setting to be added to your instance.
Using Safe Email Send To
Before trying to use this feature be sure that it is available on your instance. If it is not follow the above instructions on how to add it.
1. Navigate to Settings and then Contact Form.
2. Fill out the Safe Email Sent To List field with comma separated value(s).
3. Save your changes.
4. Refresh the cache by publishing a file or use the refresh cache button to ensure that the changes you've made have persisted.