From 255095e6bd12b3ad43aeeafa690d07888378c1f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joakim=20M=C3=B6rling?= Date: Fri, 22 May 2026 12:59:49 +0200 Subject: [PATCH] Document kontakt@bilhej.se receiving and fix stale contact address in requirements. - Add production checklist section for Resend inbound on bilhej.se - Note that mail is read in the Resend dashboard unless a webhook is added later - Update GDPR letter footer example in REQUIREMENTS.md to kontakt@bilhej.se Co-authored-by: Cursor --- REQUIREMENTS.md | 2 +- docs/production-email-checklist.md | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/REQUIREMENTS.md b/REQUIREMENTS.md index 22ff751..14da9f6 100644 --- a/REQUIREMENTS.md +++ b/REQUIREMENTS.md @@ -446,7 +446,7 @@ Gross margin: 14 SEK | Is a license plate personal data? | Yes (it directly identifies a vehicle owner). | | Is an address personal data? | Yes. | | What if we only process address transiently? | Data minimization is a GDPR principle (Art. 5(1)(c)). Transient processing with immediate deletion is a strong compliance posture. | -| Do we need to inform the recipient? | Yes, GDPR Art. 14 requires informing the data subject. The letter itself can serve this purpose — include a footer like: _"Detta brev skickades via BilHej.se. Din adress hämtades från Transportstyrelsens fordonsregister och har raderats efter utskick. För frågor: hej@bilhalsning.se"_ | +| Do we need to inform the recipient? | Yes, GDPR Art. 14 requires informing the data subject. The letter itself can serve this purpose — include a footer like: _"Detta brev skickades via BilHej.se. Din adress hämtades från Transportstyrelsens fordonsregister och har raderats efter utskick. För frågor: kontakt@bilhej.se"_ | ### 11.2 Transportstyrelsen Access diff --git a/docs/production-email-checklist.md b/docs/production-email-checklist.md index 36dddb3..aed77fa 100644 --- a/docs/production-email-checklist.md +++ b/docs/production-email-checklist.md @@ -54,3 +54,24 @@ Fallback: reset links still log when `MAIL_HOST` is empty. Keep using Mailpit (`docker compose up`, http://localhost:8025). Do not point local Docker at Resend unless you intend to send real mail. + +## 5. Contact email (`kontakt@bilhej.se`) + +Inbound mail uses **Resend Receiving** on the root domain `bilhej.se`. No mailbox is created in +Strato; the MX record routes all `@bilhej.se` addresses to Resend. + +**Setup (done once):** + +1. Resend → **Domains** → `bilhej.se` → enable **Receiving** +2. Strato → **DNS** → add the receiving MX record (e.g. `inbound-smtp.eu-west-1.amazonaws.com`) +3. Wait until Resend shows receiving as **Verified** +4. Send a test mail to `kontakt@bilhej.se` and confirm it appears under **Emails → Receiving** + +**Reading mail:** open the [Resend Receiving inbox](https://resend.com/emails/receiving). There is +no automatic forward to Gmail unless you add a webhook handler later. + +| Address | Purpose | Where mail goes | +|---------|---------|-----------------| +| `kontakt@bilhej.se` | General questions (site, orders, support) | Resend dashboard | +| `jcamorling@gmail.com` | Complaints (shown on `/kontakt` only) | Gmail directly | +| `noreply@bilhej.se` | Outbound only (password reset) | Not an inbox |