We have a test environment which is pretty much a copy of the production environment for our Web applications.
In the past email addresses of customer data were scrubbed to avoid emails from test systems getting out into the wild. But our testers tell us that they would want to keep those email address unique, i.e. perfectly mapped to the real ones.
I thought that a usable method to scrub without losing information would be to remove all dots in the email address and then attach ".somewordlongerthanfourcharacters" to the computer part of the address. That would allow testers to know the real address of the customer ("[email protected] -> [email protected]") plus we could set up an internal server named "someword" and have it receive emails for all subdomains of "someword".
Is that a useful idea or are there better methods to achieve this? Should I use a reserved test domain or something like that?
I'd be concerned with all of the NDR's you'd get doing that... That could get extremely annoying.
Another option you could use would be to have an smtp server set as your development target and configure it to just accept and drop the outgoing messages. Hopefully your app has some kind of global variable defining the SMTP server to relay through.
Ensure that the test environment has its own DNS and map the production machine names to machines in the test environment. Make of the machines a mail relay (which you probably should do in production as well, rather than having all of the stuff sitting on the same host name) and just configure the test mail relay to do nothing.
If you're relying on the smtp server on the local box you should probably give it an alias, on the assumption that you might end up with too much load on the box and want to push the email through a different server.
I've used that solution in the past. Appended something like .test.local to all the email addresses. If you have control over DNS, then you can create an internal DNS domain & setup a mail server with a catch all address for testing to avoid all the NDR's.
Of course the biggest concern is what happens when someone 'forgets' to scrub the data & runs tests?
Advice on what to append? make it something that isn't resolvable on the internet i.e. .local