FROM: email address sometimes wrong

We have Gitlab-CE omnibus version 8.9.11 installed, and users are authenticated via LDAP. We are having issues where people’s email contacts are being corrupted by the Gitlab email ‘from’ address.

Our configuration has:

gitlab_rails[‘gitlab_email_display_name’] = ‘Gitlab Support Team’
gitlab_rails[‘gitlab_email_from’] = ‘gitlab_support_team_group@example.com’

People are receiving emails from gitlab, such as comments on merge requests, where the FROM: address is the commenting user’s name (not the configured display name) but the ‘gitlab_email_from’ configuration email address (not the user’s email address from LDAP). This is a big problem, as confidential emails end up being sent to our group.

Our configuration hasn’t changed in a long time. We did upgrade to 8.9.11 late last year, and we did migrate to a new server a couple months ago, but the configuration of ‘gitlab_email_*’ settings hasn’t changed.

This is a rather urgent problem. If anyone has any suggestions, please don’t hesitate to reply.

Did you found a solution?
Have you created an issue (bug report)? I could not find a suitable bug report at: Issues · GitLab.org / GitLab FOSS · GitLab

I could not find another suitable configuration option at:
https://gitlab.com/gitlab-org/omnibus-gitlab/raw/master/files/gitlab-config-template/gitlab.rb.template

Maybe it is feature for paid subscriptions? I am guessing because of comments in:
https://docs.gitlab.com/ee/tools/email.html


I have the same issue with a this setup:

  • using CentOS 7 x86_64
  • started with GitLab-CE 10.0.3 omnibus installation and updated it (now running 11.0.3)
  • connection to Active Directory for LDAP user account access
  • using on-premise SMTP server to send email (SMTP settings | GitLab)

The problem is easily reproducible. Enable “User Settings – Notifications – Receive notifications about your own activity” and comment on your own commits.

In the following text I replace my display name with MYNAME.
The word WRONG@EMAIL.ADDRESS is the email address set in /etc/gitlab/gitlab.rb with these options:

gitlab_rails[‘gitlab_email_from’] = ‘WRONG@EMAIL.ADDRESS’
gitlab_rails[‘gitlab_email_reply_to’] = ‘WRONG@EMAIL.ADDRESS’

And CORRECT@EMAIL.ADDRESS is the email address stored in LDAP for my user account. In the user’s account information I can verify that GitLab retrieves the correct email address.

The header of a notification email looks like:

From: MYNAME WRONG@EMAIL.ADDRESS
Reply-To: GitLab WRONG@EMAIL.ADDRESS
To: CORRECT@EMAIL.ADDRESS

The correct email address is used for the TO field.

The main problem from my point of view:
REPLY-TO uses the wrong email address. It should use the email address of the user accessible in GitLab.

Another issue (but minor) is:
FROM should use the email address of the user.

Another minor issue:
REPLY-TO should use the correct display name of the user instead of “GitLab”.

After editing GitLab’s configuration file with sudo vim /etc/gitlab/gitlab.rb by prepanding these lines with “#”:

gitlab_rails[‘gitlab_email_from’] = ‘WRONG@EMAIL.ADDRESS’
gitlab_rails[‘gitlab_email_reply_to’] = ‘WRONG@EMAIL.ADDRESS’

and running sudo gitlab-ctl reconfigure GitLab does not use the correct value for REPLY-TO for user comments.
A notification email for a comment from me to my commit looks like:

From: MYNAME gitlab@EXTERNALDNSNAME
Reply-To: GitLab noreply@EXTERNALDNSNAME
To: CORRECT@EMAIL.ADDRESS

EXTERNALDNSNAME is the value of “external_url” in GitLab’s configuration file minus ‘https://’.

I did submit a ticket but it didn’t get me anywhere. https://gitlab.com/gitlab-org/gitlab-ee/issues/3152

We also have this problem. And it’s really annoying because the users sometimes think that they reply to their colleague, while it actually goes into a Gitlab box.