One could argue that the
reply_id (which seems to map both to a topic and the person replying) is identifier enough, and spoofing
reply_id is harder than spoofing an e-mail address, so it’s effectively just as strong with or without coming from the right e-mail address.
But I’m not actually trying to argue that. What you’re saying here makes total sense. And, after thinking on it, I realize that the thing leading to this behavior is definitely an edge case (we have SSO creating an account with university e-mail addresses, but people sometimes forward those to other addresses, from which they respond).
My real question is about the contents of the error email people receive in that case, which seems like it could be misleading. The real issue, or at least the thing the person receiving the error e-mail has control over in this case, is the “From” address (and the address associated with their account), not the “To” address, as far as I can tell.
Anyway, I already have a workaround by:
- changing the content of that message (love that Discourse is so customizable!) and
- telling people to change their email address if they want to use reply-by-email
but I’m just wondering if it makes sense to change something about what error messages are sent in which situations, given this potential confusion.
If the answer to that is “No, things are fine as-is,” that’s totally fine.