I would like to add the ability for users to send an email to an address that automatically saves the attachments as documents and saves the email as html, etc.
I think I understand how I can write the functions, but I'm uncertain on how to ensure the security. My application is designed as single code, but each customer has their own database and subdomain. The app looks at the subdomain and determines the database to use for authentication, etc. (There is no master db.)
First, I thought sendgrid would give you a custom email address to use like [email protected] that you could forward to for testing or real use but I don't see that anywhere. I would probably set up a separate domain
How do I ensure that emails sent from user from companyA gets saved in their db? I've thought of:
putting the company name in the email address that the user sends to "[email protected]"
a custom email address with a company-wide unique key "[email protected]"
The code can find the right db, look at the 'from' email address to see if it matches an existing user, then perform the desired functions. However, that doesn't seem too secure. I also am going to want several different email addresses that a user can use that performs different functions ('add to existing part, add to new part, don't add document, etc.)
I'm looking for a better setup that preferably allows for non-ugly email addresses. What do others do?
