fix: hide other recipients

[ColinBuyck]

This PR addresses #873

• Addresses the issue in full
• Addresses only certain aspects of the issue

Description

This PR sends emails via 'bcc' rather than the 'to' field in order to hide the other recipients of the email. My research showed that the options are simple: use the bcc field to send in bulk or loop through each email and send individually. I've included some resources below mentioning the use of the bcc field. Both implementations are straightforward but I worried that sending emails individually could lead to serious performance issues. I also heard mentions of this approach requiring queuing systems which seemed out of scope. The risk of the bcc approach is that the empty "to" field is more likely to be flagged as suspicious so a dummy email like "[email protected]" could be used to help address that concern... though seemingly not entirely.

Nodemailer discussion: nodemailer/nodemailer#385

SES advocating for the altenative of sending individually: https://aws.amazon.com/blogs/messaging-and-targeting/how-to-send-messages-to-multiple-recipients-with-amazon-simple-email-service-ses/

Stackoverflow supporting bcc: https://stackoverflow.com/questions/66627529/send-email-to-undisclosed-recipients-nodemailer

Mentions of potential flagging with empty "to" field: https://security.stackexchange.com/questions/177713/how-did-i-get-this-email-without-a-to-field

https://stackoverflow.com/a/27855503

UPDATE: After discussing with product and Morgan, we're going to utilize bcc to send the bulk emails but use the jurisdiction's from address to avoid the spam flagging issue mentioned above.

UPDATE PART 2: The public side will have to be tested with totally separate emails not just modified with a plus symbol since two bcc emails to the same inbox will only show as one email.

How Can This Be Tested/Reviewed?

This can be tested most easily with the lottery flow. Create an admin and partner user connected to your email. Find a listing with lottery enabled and fill out two applications with two separate accounts on the public side. Then, go through the lottery flow with the two partners portal users and notice that emails sent to admins don't show [email protected] in the recipient list. Then, publish the results to the public and you're two applicant emails should send separately and not have visibility to one another in the email information.

Author Checklist:

• Added QA notes to the issue with applicable URLs
• Reviewed in a desktop view
• Reviewed in a mobile view
• Reviewed considering accessibility
• Added tests covering the changes
• Made corresponding changes to the documentation
• Ran yarn generate:client and/or created a migration when required

Review Process:

• Read and understand the issue
• Ensure the author has added QA notes
• Review the code itself from a style point of view
• Pull the changes down locally and test that the acceptance criteria is met
• Either (1) explicitly ask a clarifying question, (2) request changes, or (3) approve the PR, even if there are very small remaining changes, if you don't need to re-review after the updates

[ColinBuyck]

Looking for thoughts on the decision between bcc and looping through emails described in the description above 🧼

[ludtkemorgan]

@ColinBuyck is this still on Hold?

[mcgarrye]

🧶

[YazeedLoonat]

Looks good! super minor nit comment but giving approval!

[emilyjablonski]

hefty to test 😰 looks great!