Tell the recipient software when a password link expires.

[arnt]

https://datatracker.ietf.org/doc/draft-ietf-mailmaint-expires/

That draft documents the (rare) existing usage of the Expires field, specifies a tighter syntax, and clarifies that "expires" doesn't mean having to delete anything. "Automatically moving the message from inbox to archive" is sensible.

The IETF mailmaint WG requires two implementations before issuing an RFC. I did this one today, to see how hard it would be.

(Or maybe the true reason is: I searched my mail today for a particular domain and and saw several old password reset messages among the top search results. That's junk, those links are expired, let's tell the mailbox indexer when those messages become poor search results.)

It seems reasonable to extend it to cover confirmation messages too.

[benbucksch]

+1

[arnt]

Huh, I didn't see any checklist when I originally made the PR? But it ① follows the code style (and what a nice style it is, too), ② adds tests and ③ contains no breaking changes.

[arnt]

FWIW, Thunderbird just got an implementation of this. It can now archive messages automatically when (in Devise's case) the password link grows stale, or even delete the messages.