Skip to main content

Quick Tip : Stop emails from Sandbox to unwanted domains


Designing a robust automated system is challenging yet profoundly satisfying. I'm sure most can relate, it is bliss to watch the system automatically doing all the work, like clockwork (quite literally).

However, there can be some downsides as well. In our example, we wanted to ensure that in no way possible, an email is sent out to external recipients from a sandbox. Of course, the first step would be to mask the required data. However, there's still a possibility that real email addresses can make it into a sandbox.

So, we devised a solution to absolutely restrict such emails from a sandbox. The solution is actually quite simple.

This solution only targets email sent out manually by users in a sandbox. It does not address emails sent via apex, automation or third party tools

Step 1 - Identify the test domain

Identify a domain that you want to enable, to be able to send test emails from the sandbox. For example, if you are in XYZ Inc, you most likely want to send test emails only to the XYZ domain (xyz.com).

Step 2 - Identify Production Org Id

Get the organization Id of your production instance. To retrieve it, go to Setup> Settings > Company Settings > Company Information and make note of the organization id. (Note: This will be used to identify at run-time if the current instance is production or a sandbox)

Step 3 - Create REGEX code

Create a REGEX code to match the domain. Following are a few examples. 

(Note: This REGEX code is built to allow comma-separated email addresses, but may not be sufficient to handle all possible combinations of domain names. So, if you want to use a complicated domain name, you may need to tweak REGEX accordingly)

For the testorg.com domain, REGEX will be:

^[\W]*([\w+\-.%]+@(testorg\.com){1,}[\W]*,{1,}[\W]*)*([\w+\-.%]+@(testorg\.com))[\W]*$

For the xyz.org domain, RGEX will be

^[\W]*([\w+\-.%]+@(xyz\.org){1,}[\W]*,{1,}[\W]*)*([\w+\-.%]+@(xyz\.org))[\W]*$


Step 4 - Create a validation rule

Now, create a validation rule on the Email Message object, to throw an error, if the email address does not match the REGEX code. Before saving, you will need to:

  1. Replace Org id within sample validation rule, with your production instance's org id (as retrieved in STEP 2)
  2. Replace REGEX code within sample validation rule, with your domain specific REGEX (created in STEP 3)


$Organization.Id != '00D050000008ouS'
&&
(
AND(
    NOT(ISBLANK(ToAddress)),
    !REGEX(ToAddress, "^[\\W]*([\\w+\\-.%]+@(mailinator\\.com){1,}[\\W]*,{1,}[\\W]*)*([\\w+\\-.%]+@(mailinator\\.com))[\\W]*$")
)
||
AND(
    NOT(ISBLANK(CcAddress)),
    !REGEX(CcAddress, "^[\\W]*([\\w+\\-.%]+@(mailinator\\.com){1,}[\\W]*,{1,}[\\W]*)*([\\w+\\-.%]+@(mailinator\\.com))[\\W]*$"))
||
AND(
    NOT(ISBLANK(BccAddress)),
    !REGEX(BccAddress, "^[\\W]*([\\w+\\-.%]+@(mailinator\\.com){1,}[\\W]*,{1,}[\\W]*)*([\\w+\\-.%]+@(mailinator\\.com))[\\W]*$"))
)


Final Solution

Learn how to restrict emails from sandbox to a specific domain
Final Validation Rule on Email Message object


Conclusion

This can be very effective to have absolute control over what domains can a sandbox send emails to, and avoid unnecessary hassles for you and your clients.





Labels:

Comments

Post a Comment

Popular posts from this blog

Quick Tips: Salesforce default Images

Well, I'm sure a lot of you still rely on using out of the box salesforce images for displaying quick icons within formula fields or even using them within your Visualforce pages. Lately, I realized that a lot of earlier resources are no longer accessible, so I tried to quickly extract all images from Salesforce CSS files and provide a quick reference here. Please note, I've referenced all images from SF servers directly, so if anything changes, the image should stop rendering here. As these images are completely controlled by Salesforce, and in case they change anything, it might lead to image not being accessible. Image path Image /img/samples/flag_green.gif /img/samples/flag_green.gif /img/samples/flag_red.gif /img/samples/color_red.gif /img/samples/color_yellow.gif /img/samples/color_green.gif /img/samples/light_green.gif /img/samples/light_yellow.gif /img/samples/light_red.gif /img/samples/stars_100.gif /img/samples/stars_200.gif /img/samples/stars_300.
5 comments
Read more

Lightning: Generate PDF from Lightning components with in-memory data

I'm sure as everyone is diving into lightning components development, they are getting acquainted with the nuances of the Lightning components framework. As well as, its current limitations. Being a new framework, this is bound to happen. Although we have our users still using salesforce classic, we have started using lightning components framework our primary development platform and Visualforce is considered primarily for rendering lightning components within Classic Service console. Recently, while re-architecting a critical module, we encountered a problem wherein we needed to generate PDF from lightning components. Now, being Javascript intensive framework, it has limited room for such features (may be included in future roadmap). As of now, there is no native feature within the lightning framework to do so (at least I didn't find anything). Common Scenario - Create Visualforce page to retrieve data and generate PDF For scenarios where the data exist within Sa
2 comments
Read more

Quick Tips: Setup SFDX Manually without Admin access

We all have faced challenges while working in different enterprise environments, where there may be lot of controls/ checks/ red-tape to get by. In such situations, getting access to simple tools (even git) can take lot of time. Note: This tutorial is to be followed at your own risk, as it may not be complaint to your organization's IT policies. What is SFDX? SFDX is a command line utility for managing salesforce builds/ deployments. Being command line, it can be easily embedded to automation chains, to help build fully automated build and deployment processes. To get started, refer  https://trailhead.salesforce.com/en/content/learn/trails/sfdx_get_started Setup SFDX on Windows machine without admin access As you may have already realized, SFDX installation needs admin access to one's machine. Which may be a luxury a lot of developers may not have. So, i tried to provide a step-by-step guide to setup SFDX on your computer without any admin access Steps: Note:
1 comment
Read more