Contact form email send failure when sender name is an email address

[lupinia]

A fake email from a contact form spammer pretending to be a hacker who compromised my site accidentally found a legitimate bug in my code, so, thanks pretend-hackers!

This is a weird bug related to the way Amazon SES sends email: The from address has to be verified in their system, to prevent the service from being used for spam blasts, even when the recipient is a verified address. And, as the recipient of these emails, I want to be able to just hit reply without doing anything weird or complicated. So, the way it's currently set up is that the from address is in the form of Sender Name <server@domain>, applying the sender's name to my own email address, and then setting the sender's email address as the reply-to address.

The problem here is that when the sender's name is an email address (like when they copy and paste the email address to both fields), the resulting From field is spammer@example.com <redacted@lupinia.net>. And when the first part of the From field contains a valid email address, the rest is ignored.

Thankfully, it's a simple fix: Check for @ signs in the sender name, and replace them with underscores. But it's a fascinating and novel bug that I wanted to properly document.