Elast alert email_from_field sends message just to one recipient

[goolzerg]

Hello!

When I use email_from_field option, Elastalert sends message just to one recipient, but there is two recipients. Here is my rule:

name: SOD Error recipients
type: frequency

# ES Settings
es_host: elasticsearch
es_port: 9200

index: $INDEX
num_events: 1
timeframe:
    seconds: 30
realert:
  minutes: 0
filter:
- query:
    query_string:
      query: "ServiceName: test_multirecipients"
aggregation:
  seconds: 10
aggregation_key: logger
query_key: logger

#SMTP Settings
smtp_host: "$SMTP_IP"
smtp_port: $SMTP_PORT
smtp_ssl: false
smtp_auth_file: /opt/config/smtp_auth_file.yaml
from_addr: "$SMTP_FROM"
email_format: "html"
email_from_field: "recipients"
# Include certain field inside alert body
include: ["ServiceName", "message", "logger", "recipients"]

alert_text_type: alert_text_only
alert_text: "sometext"

alert_text_args:
  - ServiceName
  - "@timestamp"
  - recipients
  - logger

alert:
- "email"
email:
  - "$SMTP_TO2"

I think that trouble can be due format of "recipients" field, but I'm not sure. Here is how it looks:

I tried another syntax:

In both cases message always sends to first email address in list (it can be any email), and the second recipient is ignored. But the second recipient is always listed in recipients inside message in outlook.

Message came to ByndyuSoftTest email but ByndyuSoft4 ignored

Message came to ByndyuSoft4 email, but ByndyuSoftTest ignored