fix: address PR #391 review (tracking UX, SES idempotency, schema uniqueness)

- Case-insensitive unsubscribe pre-check; reject apex tracking hostnames
- PutConfigurationSetTrackingOptions throws on non-200; addWebhookConfiguration
  treats AlreadyExists as success and still returns boolean
- Poll custom tracking verification on 6h cadence when tracking DNS is pending
- Apply HTTPS policy to SES before persisting DB; create new tracking identity
  before removing old SES resources
- Unique customTrackingHostname to avoid cross-domain SES cleanup clashes
- Tests: mixed-case unsubscribe, verification due with pending tracking

Made-with: Cursor

Author: amanjuman

apps/web/prisma/migrations/20260419120000_domain_custom_tracking_hostname_unique/migration.sql

@@ -0,0 +1,2 @@
+-- CreateIndex
+CREATE UNIQUE INDEX "Domain_customTrackingHostname_key" ON "Domain"("customTrackingHostname");

apps/web/prisma/schema.prisma

@@ -197,7 +197,7 @@ model Domain {
   sesTenantId   String?
   isVerifying   Boolean      @default(false)
   /// Self-hosted: custom hostname for SES click/open tracking (e.g. track.example.com). Requires DNS + verification in SES.
-  customTrackingHostname     String?
+  customTrackingHostname     String?      @unique
   customTrackingPublicKey    String?
   customTrackingDkimSelector String?      @default("utrack")
   customTrackingDkimStatus   String?

apps/web/src/server/aws/ses.ts

@@ -217,7 +217,12 @@ export async function putConfigurationSetHttpsTracking(
     HttpsPolicy: httpsPolicy,
   });
   const response = await sesClient.send(cmd);
-  return response.$metadata.httpStatusCode === 200;
+  const code = response.$metadata.httpStatusCode;
+  if (code !== 200) {
+    throw new Error(
+      `PutConfigurationSetTrackingOptions failed for ${configurationSetName}: HTTP ${code ?? "unknown"}`,
+    );
+  }
 }
 
 export async function deleteConfigurationSet(
@@ -379,6 +384,10 @@ export async function getAccount(region: string) {
   return response;
 }
 
+function isAlreadyExistsError(error: unknown): boolean {
+  return (error as { name?: string })?.name === "AlreadyExistsException";
+}
+
 export async function addWebhookConfiguration(
   configName: string,
   topicArn: string,
@@ -391,10 +400,19 @@ export async function addWebhookConfiguration(
     ConfigurationSetName: configName,
   });
 
-  const configSetResponse = await sesClient.send(configSetCommand);
-
-  if (configSetResponse.$metadata.httpStatusCode !== 200) {
-    throw new Error("Failed to create configuration set");
+  try {
+    const configSetResponse = await sesClient.send(configSetCommand);
+    if (configSetResponse.$metadata.httpStatusCode !== 200) {
+      throw new Error("Failed to create configuration set");
+    }
+  } catch (error: unknown) {
+    if (!isAlreadyExistsError(error)) {
+      throw error;
+    }
+    logger.debug(
+      { configName, region },
+      "SES configuration set already exists; continuing",
+    );
   }
 
   const command = new CreateConfigurationSetEventDestinationCommand({
@@ -409,8 +427,22 @@ export async function addWebhookConfiguration(
     },
   });
 
-  const response = await sesClient.send(command);
-  return response.$metadata.httpStatusCode === 200;
+  try {
+    const response = await sesClient.send(command);
+    if (response.$metadata.httpStatusCode !== 200) {
+      throw new Error("Failed to create configuration set event destination");
+    }
+  } catch (error: unknown) {
+    if (!isAlreadyExistsError(error)) {
+      throw error;
+    }
+    logger.debug(
+      { configName, region },
+      "SES event destination already exists; continuing",
+    );
+  }
+
+  return true;
 }
 
 /**

apps/web/src/server/service/domain-service.ts

@@ -435,6 +435,15 @@ export async function setCustomTrackingHostname(
 
   assertTrackingHostnameAllowed(domain.name, normalized);
 
+  const parsedHost = tldts.parse(normalized);
+  if (!parsedHost.subdomain) {
+    throw new UnsendApiError({
+      code: "BAD_REQUEST",
+      message:
+        "Tracking hostname must be a subdomain (for example track.example.com), not the zone apex.",
+    });
+  }
+
   if (
     domain.customTrackingHostname === normalized &&
     domain.customTrackingPublicKey
@@ -443,27 +452,26 @@ export async function setCustomTrackingHostname(
       trackingHttpsRequired !== undefined &&
       trackingHttpsRequired !== domain.trackingHttpsRequired
     ) {
+      const domainForSes: Domain = {
+        ...domain,
+        trackingHttpsRequired,
+      };
+      await reapplyCustomTrackingSesPolicy(domainForSes);
       const updated = await db.domain.update({
         where: { id: domainId },
         data: { trackingHttpsRequired },
       });
-      try {
-        await reapplyCustomTrackingSesPolicy(updated);
-      } catch (error) {
-        logger.error(
-          { err: error, domainId },
-          "[DomainService]: Failed to reapply custom tracking HTTPS policy",
-        );
-      }
       await emitDomainEvent(updated, "domain.updated");
       return updated;
     }
     return domain;
   }
 
-  if (domain.customTrackingHostname) {
-    await removeCustomTrackingResources(domain);
-  }
+  const previousForCleanup =
+    domain.customTrackingHostname &&
+    domain.customTrackingHostname !== normalized
+      ? domain
+      : null;
 
   const selector = domain.customTrackingDkimSelector ?? "utrack";
   const publicKey = await ses.addTrackingEmailIdentity(
@@ -489,6 +497,10 @@ export async function setCustomTrackingHostname(
     },
   });
 
+  if (previousForCleanup) {
+    await removeCustomTrackingResources(previousForCleanup);
+  }
+
   await emitDomainEvent(updated, "domain.updated");
   return updated;
 }
@@ -1134,6 +1146,15 @@ export async function isDomainVerificationDue(domain: Domain) {
     return false;
   }
 
+  if (shouldPollCustomTrackingVerification(domain)) {
+    const now = Date.now();
+    const lastCheckedAt = verificationState.lastCheckedAt?.getTime() ?? 0;
+    if (!verificationState.lastCheckedAt) {
+      return true;
+    }
+    return now - lastCheckedAt >= DOMAIN_UNVERIFIED_RECHECK_MS;
+  }
+
   const now = Date.now();
   const lastCheckedAt = verificationState.lastCheckedAt?.getTime() ?? 0;
   const intervalMs =

apps/web/src/server/service/domain-service.unit.test.ts

@@ -70,6 +70,13 @@ vi.mock("~/server/email-templates", () => ({
   renderDomainVerificationStatusEmail: mockRenderDomainVerificationStatusEmail,
 }));
 
+vi.mock("~/env", () => ({
+  env: {
+    NEXT_PUBLIC_IS_CLOUD: false,
+    NEXTAUTH_URL: "http://localhost:3000",
+  },
+}));
+
 import {
   DOMAIN_UNVERIFIED_RECHECK_MS,
   DOMAIN_VERIFIED_RECHECK_MS,
@@ -421,4 +428,32 @@ describe("domain-service", () => {
 
     await expect(isDomainVerificationDue(domain)).resolves.toBe(false);
   });
+
+  it("uses unverified cadence when custom tracking is still pending even if the sending domain is verified", async () => {
+    const domain = createDomain({
+      status: DomainStatus.SUCCESS,
+      customTrackingHostname: "track.example.com",
+      customTrackingPublicKey: "pk",
+      customTrackingStatus: DomainStatus.PENDING,
+    });
+    mockRedis.mget.mockResolvedValue([
+      new Date(
+        Date.now() - DOMAIN_UNVERIFIED_RECHECK_MS + 5 * 60 * 1000,
+      ).toISOString(),
+      DomainStatus.SUCCESS,
+      "1",
+    ]);
+
+    await expect(isDomainVerificationDue(domain)).resolves.toBe(false);
+
+    mockRedis.mget.mockResolvedValue([
+      new Date(
+        Date.now() - DOMAIN_UNVERIFIED_RECHECK_MS - 5 * 60 * 1000,
+      ).toISOString(),
+      DomainStatus.SUCCESS,
+      "1",
+    ]);
+
+    await expect(isDomainVerificationDue(domain)).resolves.toBe(true);
+  });
 });

apps/web/src/server/utils/ses-tracking-html.ts

@@ -5,7 +5,7 @@
  * @see https://docs.aws.amazon.com/ses/latest/dg/faqs-metrics.html
  */
 export function addSesNoTrackToUnsubscribeLinks(html: string): string {
-  if (!html.includes("unsubscribe")) {
+  if (!/unsubscribe/i.test(html)) {
     return html;
   }
 

apps/web/src/server/utils/ses-tracking-html.unit.test.ts

@@ -22,4 +22,11 @@ describe("addSesNoTrackToUnsubscribeLinks", () => {
     const html = '<a href="https://example.com/">Home</a>';
     expect(addSesNoTrackToUnsubscribeLinks(html)).toBe(html);
   });
+
+  it("handles mixed-case unsubscribe in href", () => {
+    const html =
+      '<a href="https://app.example.com/api/Unsubscribe?id=1">x</a>';
+    const out = addSesNoTrackToUnsubscribeLinks(html);
+    expect(out).toContain("ses:no-track");
+  });
 });