We have various environments for development and testing where all emails from Auth0 are trapped via a fake SMTP server (MailTrap in this case).
Our testers are using various fake email domains for their testing which appear to be black listed for emailing by Auth0.
When a user with a blacklisted email domain attempts to reset their password, they receieve a successful message:
“We’ve just sent you an email to reset your password.”
however the logs show “Success Change Password Request” for that user, followed by “Failed Sending Notification” with the error “the domain is blacklisted”.
I have tried follow the below for white listing the domaons, but I assume this is for access and not emailing:
The user also appears to be able to authenticate through Auth0, so I assume it is just emailing that is blacklisted?
I have yet to see any configuration to change the black listsing in our test environment, nor a rule example to work around this.
I have tried turning off the anomoly detection, but this did not seem to allow the email to send (and is not in the related Auth0 docs).
Any help or guidance would be greatly appreciated.
If configuration of this is not supported, this would be helpful to know so I can report this to our testers.