Abstract and secure away email addresses


I’ve got some forms on an app that send out to some email addresses. What would be the best way to abstract away these email addresses so that clients wouldn’t be able to see them?

My idea was to have client-side code use a helper to call some Server-side code that then uses Meteor Email to actually send out the messages. I was then thinking of storing the actual ‘to’ emails in the private section of settings.json.

This method ensures that the address won’t be accessible by client-side code. But is there a better way of doing this or is Settings.json not the best place to store the actual address?

Also, how does the community feel about having confidential information only available in server-side code? What are some possible ways users can still access this info?

1 Like

Adding the email to the private key of settings is enough