Phase 5b — Pre-Go-Live Design Corrections
A pre-go-live investigation (the email-path-resolution study, recorded in full in the workbooks notebook) reconciled the module’s design against its implementation and corrected six discrepancies on operations PR #191. This page records the conclusions; the full seven-step study (design re-read → consistency → resolved design → inventory → discrepancies → options → implementation) stays in the workbook as source-of-process.
Resolved sending-identity design
Section titled “Resolved sending-identity design”- Sending domain
{sendingDomainSlug}.{partition}.ardamails.com— partition mandatory, sourced from the…-API-PartitionMailZoneNameCFN export (parametric, never a hard-coded apex). - From fixed by the configuration signature (
{fromLocalPart}@{sendingDomain}, defaultnoreply@…); no per-send override. - Per-tenant Postmark Server + Sender Signature; server name
ardamails-{partition}-{slug}(derived from the sending domain). - DNS per-tenant DKIM TXT + Return-Path CNAME (
pm-bounces.<domain>, the value Postmark returns) written into the partition zone; SPF/DMARC stay at the partition apex. - Verification gate
DKIMVerified ∧ ReturnPathDomainVerified(SPF verification deprecated;Confirmednot required).
The settled decisions are recorded durably in Email Module Decisions.
Discrepancies corrected (D1–D6)
Section titled “Discrepancies corrected (D1–D6)”| # | Discrepancy | Correction |
|---|---|---|
| D1 | Flat {slug}.ardamails.com (no partition; hard-coded apex) | Compose {slug}.{mailZoneName} from the zone-name export; one synthesizer feeds send + provisioning |
| D2 | Partition source not wired — PartitionMailZoneName exported but unread | Ingest the export through read-cloudFormation-values.cmd → config → wiring |
| D3 | Return-Path hand-built bounces.{slug} | Publish Postmark’s returned ReturnPathDomain (pm-bounces.<domain>); DTO gains the field |
| D4 | Server name arda-{slug} → cross-partition DuplicateName | Derive ardamails-{partition}-{slug} from the sending domain |
| D5 | Dead SPFVerified parse | Removed; gate is DKIM ∧ Return-Path |
| D6 | Per-send fromLocalPart override | Removed end-to-end (API, domain, persistence); From fixed by signature |
Plus a cleanup (CC-3): the redundant drift partition log tag was removed — the Sentry environment dimension already carries the partition.
Why it mattered
Section titled “Why it mattered”The flat domain (D1) was unshippable: a per-tenant DKIM host outside the partition zone is rejected by Route 53’s zone-containment rule, and DKIM would not align with the From domain under DMARC. The fix is anchored in the reusable practice Parametric Infrastructure Values — consume the partition’s published zone name rather than re-deriving the domain.
Copyright: © Arda Systems 2025-2026, All rights reserved