Designing a robust automated system is challenging yet profoundly satisfying. I'm sure most can relate, it is bliss to watch the system automatically doing all the work, like clockwork (quite literally).
However, there can be some downsides as well. In our example, we wanted to ensure that in no way possible, an email is sent out to external recipients from a sandbox. Of course, the first step would be to mask the required data. However, there's still a possibility that real email addresses can make it into a sandbox.
So, we devised a solution to absolutely restrict such emails from a sandbox. The solution is actually quite simple.
This solution only targets email sent out manually by users in a sandbox. It does not address emails sent via apex, automation or third party tools
Step 1 - Identify the test domain
Identify a domain that you want to enable, to be able to send test emails from the sandbox. For example, if you are in XYZ Inc, you most likely want to send test emails only to the XYZ domain (xyz.com).
Step 2 - Identify Production Org Id
Get the organization Id of your production instance. To retrieve it, go to Setup> Settings > Company Settings > Company Information and make note of the organization id. (Note: This will be used to identify at run-time if the current instance is production or a sandbox)
Step 3 - Create REGEX code
Create a REGEX code to match the domain. Following are a few examples.
(Note: This REGEX code is built to allow comma-separated email addresses, but may not be sufficient to handle all possible combinations of domain names. So, if you want to use a complicated domain name, you may need to tweak REGEX accordingly)
For the testorg.com domain, REGEX will be:
For the xyz.org domain, RGEX will be
Step 4 - Create a validation rule
Now, create a validation rule on the Email Message object, to throw an error, if the email address does not match the REGEX code. Before saving, you will need to:
- Replace Org id within sample validation rule, with your production instance's org id (as retrieved in STEP 2)
- Replace REGEX code within sample validation rule, with your domain specific REGEX (created in STEP 3)
|Final Validation Rule on Email Message object|
This can be very effective to have absolute control over what domains can a sandbox send emails to, and avoid unnecessary hassles for you and your clients.