A word of warning to anyone building web apps: Be careful about requirements around “emails coming from the web app”. Here’s an example of why:
- I agreed that (on my open source real estate listing site) people could email listings to any recipient. Didn’t sound too hard, get an email provider, create an unauthenticated link to the listing, send it off! Right?
- First problem I noticed is that many domains won’t even accept email from new domains, they get flagged. There is no procedural way to get your new domain’s email accepted by all other domains in some rigorous fashion; it seems to be a combination of crafting the “right” MX record at the domain level and/or adding some other private key/value pairs, an obscure art form, and literally calling domain admins up or filing obscure tech support requests via some dusty automated system. Blame spammers, I guess.
- Then, they wanted custom body and signature, so I built in a rich-text editor for the body and added