feat(inbound): scaffold InboundMessage + IInboundEmailParser + InboundEmailRouter#23
Open
mpge wants to merge 1 commit intofeat/email-message-idfrom
Open
feat(inbound): scaffold InboundMessage + IInboundEmailParser + InboundEmailRouter#23mpge wants to merge 1 commit intofeat/email-message-idfrom
mpge wants to merge 1 commit intofeat/email-message-idfrom
Conversation
…dEmailRouter Greenfield inbound-email foundation for .NET. Transport-agnostic DTO (InboundMessage), pluggable provider parser interface (IInboundEmailParser), and the routing brain (InboundEmailRouter) that resolves an inbound email to an existing ticket via canonical Message-ID parsing + signed Reply-To verification. Mirrors the NestJS reference and the per-framework inbound-verify PRs (Laravel #70, Rails #45, Django #42, Adonis #50, WordPress #33). Resolution order (first match wins): 1. In-Reply-To parsed via MessageIdUtil — cold-start path. 2. References parsed via MessageIdUtil, each id in order. 3. Signed Reply-To on ToEmail verified via MessageIdUtil. Forged signatures are rejected with a timing-safe CryptographicOperations.FixedTimeEquals under the hood. 4. Subject line reference tag [{Prefix}-\d+]. 5. Legacy InboundEmail.MessageId audit-log lookup. 10 xUnit tests use in-memory EF Core + real EscalatedOptions to exercise the full chain end-to-end: canonical parse, References with mixed unrelated ids, signed Reply-To round-trip, forgery rejection, secret-blank skip, subject-tag match, legacy fallback, no-match return, and the CandidateHeaderMessageIds helper. Follow-up PRs (not in this commit): - PostmarkInboundParser / MailgunInboundParser / SesInboundParser - InboundEmailController (POST /escalated/webhook/email/inbound) - InboundEmailService (threading process() logic, attachment handling)
This was referenced Apr 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Greenfield inbound-email foundation for .NET. Introduces:
InboundMessage— transport-agnostic record capturing a normalized inbound email (from, to, subject, bodies, threading headers, attachments).IInboundEmailParser— pluggable interface for provider-specific webhook payload normalization (Postmark, Mailgun, SES, IMAP).InboundEmailRouter— the resolution brain that maps an inbound message to an existing ticket via canonical Message-ID parsing + signed Reply-To verification.Resolution order
Mirrors the NestJS reference and the per-framework inbound-verify PRs (Laravel #70, Rails #45, Django #42, Adonis #50, WordPress #33):
MessageIdUtil.ParseTicketIdFromMessageId— cold-start path, no DB lookup on the header required.MessageIdUtil, each id in order.ToEmail(reply+{id}.{hmac8}@...) verified viaMessageIdUtil.VerifyReplyTo. Forged signatures rejected withCryptographicOperations.FixedTimeEqualsunder the hood.[{Prefix}-\d+]) — legacy.InboundEmail.MessageIdaudit-log lookup — covers pre-migration Message-IDs we sent before the canonical format was in place.Scope
Router + DTO + interface only. Follow-up PRs:
PostmarkInboundParser/MailgunInboundParser/SesInboundParserimplementationsInboundEmailController—POST /escalated/webhook/email/inboundwith signature verificationInboundEmailService— orchestrates parser → router → reply/ticket create + attachment handlingDependencies
feat/email-message-id). UsesMessageIdUtil; stays onfeat/email-message-iduntil that merges tomain.Test plan
EscalatedOptionsto exercise the full chain:InboundEmail.MessageIdCandidateHeaderMessageIdshelper: in-reply-to first, references afterCandidateHeaderMessageIdshelper: empty headers yield none