backend-manager 5.0.147 → 5.0.149

package/src/manager/routes/user/data-request/post.js

@@ -96,11 +96,11 @@ function sendConfirmationEmail(assistant, user, requestId, reason) {
     : '';
 
   mailer.send({
-    to: user.auth.email,
+    to: user,
+    sender: 'account',
     categories: ['account/data-request'],
     subject: `Your data request has been received #${requestId}`,
     template: 'default',
-    group: 'account',
     copy: true,
     data: {
       email: {

package/src/manager/routes/user/delete.js

@@ -100,10 +100,10 @@ function sendConfirmationEmail(assistant, email, reason) {
 
   mailer.send({
     to: email,
+    sender: 'account',
     categories: ['account/delete'],
     subject: `Your ${brandName} account has been deleted`,
     template: 'default',
-    group: 'account',
     copy: true,
     data: {
       email: {

package/src/manager/routes/user/feedback/post.js

@@ -21,10 +21,11 @@ module.exports = async ({ assistant, Manager, user, settings, libraries }) => {
     reviewURL: null,
   };
 
-  // If rating is like or love and like feedback is more than dislike feedback
+  // Prompt for review if user gave positive rating (like/love) and wrote meaningful positive feedback (50+ chars)
+  const totalPositiveLength = (settings.positive?.length || 0) + (settings.comments?.length || 0);
   if (
     ['like', 'love'].includes(settings.rating)
-    && (settings.like?.length || 0) >= (settings.dislike?.length || 0) + 10
+    && totalPositiveLength >= 50
   ) {
     decision.promptReview = true;
   }
@@ -34,9 +35,12 @@ module.exports = async ({ assistant, Manager, user, settings, libraries }) => {
   reviews.enabled = typeof reviews.enabled === 'undefined' ? true : reviews.enabled;
   reviews.sites = reviews.sites || [];
 
-  // If reviews are enabled and there are review sites, prompt review
+  // If reviews are enabled and there are review sites, build the full review URL
   if (decision.promptReview && reviews.enabled && reviews.sites.length > 0) {
-    decision.reviewURL = powertools.random(reviews.sites);
+    const site = powertools.random(reviews.sites);
+    const brandDomain = new URL(Manager.config.brand.url).hostname;
+
+    decision.reviewURL = `https://www.${site}/review/${brandDomain}`;
   } else {
     decision.promptReview = false;
   }
@@ -48,8 +52,8 @@ module.exports = async ({ assistant, Manager, user, settings, libraries }) => {
     .set({
       feedback: {
         rating: settings.rating,
-        like: settings.like,
-        dislike: settings.dislike,
+        positive: settings.positive,
+        negative: settings.negative,
         comments: settings.comments,
       },
       decision: decision,
@@ -67,8 +71,8 @@ module.exports = async ({ assistant, Manager, user, settings, libraries }) => {
     review: decision,
     originalRequest: {
       rating: settings.rating,
-      like: settings.like,
-      dislike: settings.dislike,
+      positive: settings.positive,
+      negative: settings.negative,
       comments: settings.comments,
     },
   });

package/src/manager/routes/user/signup/post.js

@@ -1,6 +1,6 @@
-const fetch = require('wonderful-fetch');
 const moment = require('moment');
 const { inferContact } = require('../../../libraries/infer-contact.js');
+const { validate: validateEmail } = require('../../../libraries/email/validation.js');
 
 const MAX_POLL_TIME_MS = 30000;
 const POLL_INTERVAL_MS = 500;
@@ -76,7 +76,8 @@ module.exports = async ({ assistant, user, settings, libraries }) => {
   await processAffiliate(assistant, uid, settings);
 
   // 6. Send emails + marketing (non-blocking, fire-and-forget)
-  sendEmailsAndMarketing(assistant, uid, email, inferred);
+  syncMarketingContact(assistant, uid, email);
+  sendWelcomeEmails(assistant, uid);
 
   return assistant.respond({ signedUp: true });
 };
@@ -234,51 +235,61 @@ async function processAffiliate(assistant, uid, settings) {
 }
 
 /**
- * Send welcome emails and add to marketing lists (non-blocking, fire-and-forget)
+ * Sync marketing contact (non-blocking, fire-and-forget)
+ * Validates email first — skips sync for disposable domains
  */
-function sendEmailsAndMarketing(assistant, uid, email, inferred) {
+async function syncMarketingContact(assistant, uid, email) {
   const Manager = assistant.Manager;
   const shouldSend = !assistant.isTesting() || process.env.TEST_EXTENDED_MODE;
 
   if (!shouldSend) {
-    assistant.log(`signup(): Skipping emails/marketing (BEM_TESTING=true, TEST_EXTENDED_MODE not set)`);
+    assistant.log(`signup(): Skipping marketing sync (BEM_TESTING=true, TEST_EXTENDED_MODE not set)`);
     return;
   }
 
-  assistant.log(`signup(): Sending emails/adding to marketing for ${uid}`);
-
-  // Add to marketing lists (SendGrid + Beehiiv) via centralized endpoint
-  fetch(`${Manager.project.apiUrl}/backend-manager/marketing/contact`, {
-    method: 'POST',
-    response: 'json',
-    body: {
-      backendManagerKey: process.env.BACKEND_MANAGER_KEY,
-      email: email,
-      firstName: inferred?.firstName || '',
-      lastName: inferred?.lastName || '',
-      source: 'user:signup',
-    },
-  }).catch(e => assistant.error('signup(): marketing-contact failed:', e));
+  // Validate email before adding to marketing lists (disposable check only, no ZeroBounce cost)
+  const validation = await validateEmail(email);
+
+  if (!validation.valid) {
+    assistant.log(`signup(): Skipping marketing sync — email validation failed:`, validation.checks);
+    return;
+  }
+
+  const mailer = Manager.Email(assistant);
+  mailer.sync(uid)
+    .then((r) => assistant.log('signup(): Marketing sync:', r))
+    .catch((e) => assistant.error('signup(): Marketing sync failed:', e));
+}
+
+/**
+ * Send welcome, checkup, and feedback emails (non-blocking, fire-and-forget)
+ */
+function sendWelcomeEmails(assistant, uid) {
+  const shouldSend = !assistant.isTesting() || process.env.TEST_EXTENDED_MODE;
+
+  if (!shouldSend) {
+    assistant.log(`signup(): Skipping welcome emails (BEM_TESTING=true, TEST_EXTENDED_MODE not set)`);
+    return;
+  }
 
-  // Send welcome emails (non-blocking, don't fail on error)
-  sendWelcomeEmail(assistant, email).catch(e => assistant.error('signup(): sendWelcomeEmail failed:', e));
-  sendCheckupEmail(assistant, email).catch(e => assistant.error('signup(): sendCheckupEmail failed:', e));
-  sendFeedbackEmail(assistant, email).catch(e => assistant.error('signup(): sendFeedbackEmail failed:', e));
+  sendWelcomeEmail(assistant, uid).catch(e => assistant.error('signup(): sendWelcomeEmail failed:', e));
+  sendCheckupEmail(assistant, uid).catch(e => assistant.error('signup(): sendCheckupEmail failed:', e));
+  sendFeedbackEmail(assistant, uid).catch(e => assistant.error('signup(): sendFeedbackEmail failed:', e));
 }
 
 /**
  * Send welcome email (immediate)
  */
-function sendWelcomeEmail(assistant, email) {
+function sendWelcomeEmail(assistant, uid) {
   const Manager = assistant.Manager;
   const mailer = Manager.Email(assistant);
 
   return mailer.send({
-    to: email,
+    to: uid,
+    sender: 'hello',
     categories: ['account/welcome'],
     subject: `Welcome to ${Manager.config.brand.name}!`,
     template: 'default',
-    group: 'account',
     copy: false,
     data: {
       email: {
@@ -297,7 +308,7 @@ Thank you for choosing **${Manager.config.brand.name}**. Here's to new beginning
       signoff: {
         type: 'personal',
         name: 'Ian Wiedenman, CEO',
-        url: `https://ianwiedenman.com?utm_source=welcome-email&utm_medium=email&utm_campaign=${Manager.config.app.id}`,
+        url: `https://ianwiedenman.com?utm_source=welcome-email&utm_medium=email&utm_campaign=${Manager.config.brand.id}`,
         urlText: '@ianwieds',
       },
     },
@@ -311,18 +322,18 @@ Thank you for choosing **${Manager.config.brand.name}**. Here's to new beginning
 /**
  * Send checkup email (7 days after signup)
  */
-function sendCheckupEmail(assistant, email) {
+function sendCheckupEmail(assistant, uid) {
   const Manager = assistant.Manager;
   const mailer = Manager.Email(assistant);
 
   return mailer.send({
-    to: email,
+    to: uid,
+    sender: 'hello',
     categories: ['account/checkup'],
     subject: `How's your experience with ${Manager.config.brand.name}?`,
     template: 'default',
-    group: 'account',
     copy: false,
-    sendAt: moment().add(7, 'days').unix(),
+    sendAt: moment().add(5, 'days').unix(),
     data: {
       email: {
         preview: `Checking in from ${Manager.config.brand.name} to see how things are going. Let us know if you have any questions or feedback!`,
@@ -342,7 +353,7 @@ Thank you for choosing **${Manager.config.brand.name}**. Here's to new beginning
       signoff: {
         type: 'personal',
         name: 'Ian Wiedenman, CEO',
-        url: `https://ianwiedenman.com?utm_source=checkup-email&utm_medium=email&utm_campaign=${Manager.config.app.id}`,
+        url: `https://ianwiedenman.com?utm_source=checkup-email&utm_medium=email&utm_campaign=${Manager.config.brand.id}`,
         urlText: '@ianwieds',
       },
     },
@@ -354,20 +365,20 @@ Thank you for choosing **${Manager.config.brand.name}**. Here's to new beginning
 }
 
 /**
- * Send feedback email (14 days after signup)
+ * Send feedback email (10 days after signup)
  */
-function sendFeedbackEmail(assistant, email) {
+function sendFeedbackEmail(assistant, uid) {
   const Manager = assistant.Manager;
   const mailer = Manager.Email(assistant);
 
   return mailer.send({
-    to: email,
+    to: uid,
+    sender: 'hello',
     categories: ['engagement/feedback'],
     subject: `Want to share your feedback about ${Manager.config.brand.name}?`,
     template: 'main/engagement/feedback',
-    group: 'account',
     copy: false,
-    sendAt: moment().add(14, 'days').unix(),
+    sendAt: moment().add(10, 'days').unix(),
   })
     .then((result) => {
       assistant.log('sendFeedbackEmail(): Success', result.status);

package/src/manager/schemas/admin/email/post.js

@@ -2,9 +2,9 @@
  * Schema for POST /admin/email
  *
  * Recipients (to, cc, bcc) accept flexible formats:
- * - String email: "user@example.com"
- * - UID string: "uid:abc123" (auto-resolves from Firestore)
- * - Object: { email: "user@example.com", name: "John" }
+ * - Email string: "user@example.com"
+ * - UID string (no @): "abc123" — auto-fetches user doc from Firestore
+ * - Email object: { email: "user@example.com", name: "John" }
  * - Array of any of the above
  */
 module.exports = () => ({
@@ -13,11 +13,11 @@ module.exports = () => ({
   bcc: { types: ['array', 'string', 'object'], default: [] },
   from: { types: ['object'], default: undefined },
   replyTo: { types: ['string'], default: undefined },
+  sender: { types: ['string'], default: undefined },
   subject: { types: ['string'], default: undefined },
   template: { types: ['string'], default: undefined },
   group: { types: ['number'], default: undefined },
   sendAt: { types: ['number', 'string'], default: undefined },
-  user: { types: ['object'], default: {} },
   data: { types: ['object'], default: {} },
   categories: { types: ['array'], default: [] },
   copy: { types: ['boolean'], default: undefined },

package/src/manager/schemas/marketing/contact/delete.js

@@ -1,7 +1,9 @@
 /**
  * Schema for DELETE /marketing/contact
  */
+const { DEFAULT_PROVIDERS } = require('../../../libraries/email/constants.js');
+
 module.exports = () => ({
   email: { types: ['string'], default: undefined, required: true },
-  providers: { types: ['array'], default: ['sendgrid', 'beehiiv'] },
+  providers: { types: ['array'], default: DEFAULT_PROVIDERS },
 });

package/src/manager/schemas/marketing/contact/post.js

@@ -1,13 +1,15 @@
 /**
  * Schema for POST /marketing/contact
  */
+const { DEFAULT_PROVIDERS } = require('../../../libraries/email/constants.js');
+
 module.exports = () => ({
   email: { types: ['string'], default: undefined, required: true },
   firstName: { types: ['string'], default: '' },
   lastName: { types: ['string'], default: '' },
   source: { types: ['string'], default: 'unknown' },
   tags: { types: ['array'], default: [] },
-  providers: { types: ['array'], default: ['sendgrid', 'beehiiv'] },
+  providers: { types: ['array'], default: DEFAULT_PROVIDERS },
   skipValidation: { types: ['boolean'], default: false },
   'g-recaptcha-response': { types: ['string'], default: undefined },
 });

package/src/manager/schemas/marketing/contact/put.js

@@ -0,0 +1,6 @@
+/**
+ * Schema for PUT /marketing/contact (sync)
+ */
+module.exports = () => ({
+  uid: { types: ['string'], default: undefined, required: true },
+});

package/src/manager/schemas/special/electron-client/post.js

@@ -3,7 +3,7 @@
  */
 module.exports = () => ({
   uid: { types: ['string'], default: undefined },
-  appId: { types: ['string'], default: undefined },
-  app: { types: ['string'], default: undefined },
+  brandId: { types: ['string'], default: undefined },
+  brand: { types: ['string'], default: undefined },
   config: { types: ['object'], default: {} },
 });

package/src/manager/schemas/user/feedback/post.js

@@ -4,12 +4,12 @@ module.exports = () => ({
     default: undefined,
     required: true,
   },
-  like: {
+  positive: {
     types: ['string'],
     default: '',
     required: false,
   },
-  dislike: {
+  negative: {
     types: ['string'],
     default: '',
     required: false,

package/src/test/run-tests.js

@@ -25,7 +25,7 @@ async function main() {
       // When running in emulator, we can initialize without credentials
       // The emulator environment variables tell it where to connect
       firebaseAdmin.initializeApp({
-        projectId: process.env.GCLOUD_PROJECT || testConfig.projectId,
+        projectId: process.env.GCLOUD_PROJECT || testConfig.firebaseConfig?.projectId,
       });
     }
     admin = firebaseAdmin;

package/src/test/runner.js

@@ -8,6 +8,7 @@ const HttpClient = require('./utils/http-client.js');
 const assertions = require('./utils/assertions.js');
 const testAccounts = require('./test-accounts.js');
 const rulesClient = require('./utils/firestore-rules-client.js');
+const { EXTENDED_MODE_WARNING } = require('./utils/extended-mode-warning.js');
 
 /**
  * Error class for runtime test skipping
@@ -73,9 +74,9 @@ class TestRunner {
 
     // Warn if TEST_EXTENDED_MODE is enabled
     if (process.env.TEST_EXTENDED_MODE) {
-      console.log(chalk.yellow.bold('  ⚠️⚠️⚠️  WARNING: TEST_EXTENDED_MODE IS TRUE  ⚠️⚠️⚠️'));
-      console.log(chalk.yellow('  External API calls (emails, SendGrid, etc.) are ENABLED!'));
-      console.log(chalk.yellow('  This will send real emails and make real API calls.\n'));
+      console.log(chalk.yellow.bold(`  ${EXTENDED_MODE_WARNING[0]}`));
+      EXTENDED_MODE_WARNING.slice(1).forEach((line) => console.log(chalk.yellow(`  ${line}`)));
+      console.log('');
     }
 
     // Validate configuration
@@ -158,9 +159,9 @@ class TestRunner {
       return false;
     }
 
-    if (!this.options.appId) {
-      console.log(chalk.red('  ✗ Missing appId'));
-      console.log(chalk.gray('    Could not determine app ID from configuration'));
+    if (!this.options.brand?.id) {
+      console.log(chalk.red('  ✗ Missing brand.id'));
+      console.log(chalk.gray('    Could not determine brand ID from configuration'));
       return false;
     }
 
@@ -180,10 +181,21 @@ class TestRunner {
     process.stdout.write(chalk.gray('  Checking server health... '));
 
     try {
-      const response = await http.command('test:health', {});
+      const response = await http.get('test/health');
 
       if (response.success) {
         console.log(chalk.green('✓'));
+
+        // Warn if TEST_EXTENDED_MODE mismatch between test runner and emulator
+        const runnerExtended = !!process.env.TEST_EXTENDED_MODE;
+        const emulatorExtended = !!response.data?.testExtendedMode;
+
+        if (runnerExtended !== emulatorExtended) {
+          console.log(chalk.red.bold(`\n  ⚠️⚠️⚠️  TEST_EXTENDED_MODE mismatch (runner=${runnerExtended}, emulator=${emulatorExtended})  ⚠️⚠️⚠️`));
+          console.log(chalk.red('  Both must match or tests will behave unexpectedly.'));
+          console.log(chalk.red(`  Restart with: ${runnerExtended ? '' : 'TEST_EXTENDED_MODE=true '}npx bm emulator\n`));
+        }
+
         return true;
       }
 
@@ -234,7 +246,7 @@ class TestRunner {
     process.stdout.write(chalk.gray('  Initializing rules testing context... '));
     try {
       this.rulesContext = await rulesClient.createRulesContext({
-        projectId: this.options.projectId,
+        projectId: this.options.firebaseConfig?.projectId,
         rulesPath: this.options.rulesPath,
         accounts: this.accounts,
       });
@@ -263,7 +275,7 @@ class TestRunner {
     // Create initial stats document
     await statsRef.set({
       users: { total: 0 },
-      app: this.options.appId,
+      brand: this.options.brand?.id,
     });
   }
 
@@ -813,7 +825,7 @@ class TestRunner {
       async trigger(functionName) {
         const { PubSub } = require('@google-cloud/pubsub');
         const pubsub = new PubSub({
-          projectId: config.projectId,
+          projectId: config.firebaseConfig?.projectId,
           apiEndpoint: 'localhost:8085',
         });
 

package/src/test/test-accounts.js

@@ -293,6 +293,15 @@ const JOURNEY_ACCOUNTS = {
       subscription: { product: { id: 'premium', name: 'Premium' }, status: 'active', expires: getFutureExpires(), cancellation: { pending: false }, payment: { processor: 'unknown-processor', resourceId: 'sub_test_fake' } },
     },
   },
+  'cancel-too-young': {
+    id: 'cancel-too-young',
+    uid: '_test-cancel-too-young',
+    email: '_test.cancel-too-young@{domain}',
+    properties: {
+      roles: {},
+      subscription: { product: { id: 'premium', name: 'Premium' }, status: 'active', expires: getFutureExpires(), cancellation: { pending: false }, payment: { processor: 'test', resourceId: 'sub_test_fake', startDate: { timestamp: new Date().toISOString(), timestampUNIX: Date.now() } } },
+    },
+  },
   // Dedicated accounts for portal validation tests
   'portal-no-processor': {
     id: 'portal-no-processor',

package/src/test/utils/extended-mode-warning.js

@@ -0,0 +1,11 @@
+/**
+ * TEST_EXTENDED_MODE warning — SSOT for consistent messaging
+ * Used by: emulator.js (console + log file), runner.js (console)
+ */
+const EXTENDED_MODE_WARNING = [
+  '⚠️⚠️⚠️  WARNING: TEST_EXTENDED_MODE IS TRUE  ⚠️⚠️⚠️',
+  'External API calls (emails, SendGrid, etc.) are ENABLED!',
+  'This will send real emails and make real API calls.',
+];
+
+module.exports = { EXTENDED_MODE_WARNING };

package/templates/_.env

@@ -2,6 +2,7 @@
 # Backend Manager
 BACKEND_MANAGER_KEY=""
 BACKEND_MANAGER_NAMESPACE=""
+BACKEND_MANAGER_OPENAI_API_KEY=""
 
 # GitHub
 GITHUB_TOKEN=""

package/test/events/payments/journey-payments-cancel-endpoint.js

@@ -44,6 +44,17 @@ module.exports = {
       },
     },
 
+    {
+      name: 'backdate-start-date',
+      async run({ firestore, state }) {
+        // Backdate startDate so the 24-hour guard doesn't block cancellation
+        const twoDaysAgo = new Date(Date.now() - 2 * 24 * 60 * 60 * 1000);
+        await firestore.set(`users/${state.uid}`, {
+          subscription: { payment: { startDate: { timestamp: twoDaysAgo.toISOString(), timestampUNIX: twoDaysAgo.getTime() } } },
+        }, { merge: true });
+      },
+    },
+
     {
       name: 'call-cancel-endpoint',
       async run({ http, assert }) {

package/test/events/payments/journey-payments-trial-cancel.js

@@ -73,6 +73,17 @@ module.exports = {
       },
     },
 
+    {
+      name: 'backdate-start-date',
+      async run({ firestore, state }) {
+        // Backdate startDate so the 24-hour guard doesn't block cancellation
+        const twoDaysAgo = new Date(Date.now() - 2 * 24 * 60 * 60 * 1000);
+        await firestore.set(`users/${state.uid}`, {
+          subscription: { payment: { startDate: { timestamp: twoDaysAgo.toISOString(), timestampUNIX: twoDaysAgo.getTime() } } },
+        }, { merge: true });
+      },
+    },
+
     {
       name: 'cancel-during-trial',
       async run({ http, assert }) {

package/test/functions/admin/edit-post.js

@@ -115,7 +115,7 @@ module.exports = {
       skip: !process.env.GITHUB_TOKEN ? 'GITHUB_TOKEN env var not set' : false,
 
       async run({ assert, state, config }) {
-        if (!config.githubRepoWebsite) {
+        if (!config.github?.repo_website) {
           assert.fail('githubRepoWebsite not configured');
           return;
         }
@@ -123,7 +123,7 @@ module.exports = {
         const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
 
         // Parse owner/repo from githubRepoWebsite
-        const repoMatch = config.githubRepoWebsite.match(/github\.com\/([^/]+)\/([^/]+)/);
+        const repoMatch = config.github?.repo_website.match(/github\.com\/([^/]+)\/([^/]+)/);
         if (!repoMatch) {
           assert.fail('Could not parse githubRepoWebsite');
           return;

package/test/functions/admin/write-repo-content.js

@@ -155,14 +155,14 @@ module.exports = {
       timeout: 60000,
 
       async run({ state, config }) {
-        if (!process.env.GITHUB_TOKEN || !config.githubRepoWebsite) {
+        if (!process.env.GITHUB_TOKEN || !config.github?.repo_website) {
           return;
         }
 
         const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
 
         // Parse owner/repo from githubRepoWebsite (e.g., 'https://github.com/owner/repo')
-        const repoMatch = config.githubRepoWebsite.match(/github\.com\/([^/]+)\/([^/]+)/);
+        const repoMatch = config.github?.repo_website.match(/github\.com\/([^/]+)\/([^/]+)/);
         if (!repoMatch) {
           return;
         }

package/test/functions/general/add-marketing-contact.js

@@ -245,9 +245,9 @@ module.exports = {
       },
     },
 
-    // Test 8: ZeroBounce validation (only runs if TEST_EXTENDED_MODE and ZEROBOUNCE_API_KEY are set)
+    // Test 8: Mailbox verification (only runs if TEST_EXTENDED_MODE and ZEROBOUNCE_API_KEY are set)
     {
-      name: 'zerobounce-validation',
+      name: 'mailbox-validation',
       auth: 'admin',
       timeout: 30000,
       skip: !process.env.TEST_EXTENDED_MODE || !process.env.ZEROBOUNCE_API_KEY
@@ -261,7 +261,6 @@ module.exports = {
         const response = await http.command('general:add-marketing-contact', {
           email: testEmail,
           source: 'bem-test',
-          // No firstName/lastName - should be inferred as "Rachel Greene"
         });
 
         assert.isSuccess(response, 'Add marketing contact should succeed');
@@ -270,17 +269,17 @@ module.exports = {
         assert.hasProperty(response, 'data.validation', 'Response should contain validation');
         assert.hasProperty(response, 'data.validation.checks', 'Validation should contain checks');
 
-        // ZeroBounce should be in checks when key is set
-        assert.hasProperty(response, 'data.validation.checks.zerobounce', 'Should have ZeroBounce check');
+        // Mailbox check should be in checks when key is set
+        assert.hasProperty(response, 'data.validation.checks.mailbox', 'Should have mailbox check');
 
-        const zbResult = response.data.validation.checks.zerobounce;
+        const mbResult = response.data.validation.checks.mailbox;
 
-        // If ZeroBounce is out of credits, skip test - not a failure
-        if (zbResult.error?.includes('out of credits')) {
-          skip('ZeroBounce out of credits');
+        // If out of credits, skip test - not a failure
+        if (mbResult.error?.includes('out of credits')) {
+          skip('Mailbox verification out of credits');
         }
 
-        assert.hasProperty(zbResult, 'status', 'ZeroBounce should return status');
+        assert.hasProperty(mbResult, 'status', 'Mailbox check should return status');
 
         state.sendgridAdded = response.data?.providers?.sendgrid?.success;
         state.beehiivAdded = response.data?.providers?.beehiiv?.success;
@@ -295,9 +294,9 @@ module.exports = {
       },
     },
 
-    // Test 9: ZeroBounce rejects invalid email (only runs if TEST_EXTENDED_MODE and ZEROBOUNCE_API_KEY are set)
+    // Test 9: Mailbox verification rejects invalid email (only runs if TEST_EXTENDED_MODE and ZEROBOUNCE_API_KEY are set)
     {
-      name: 'zerobounce-rejects-invalid',
+      name: 'mailbox-rejects-invalid',
       auth: 'admin',
       timeout: 30000,
       skip: !process.env.TEST_EXTENDED_MODE || !process.env.ZEROBOUNCE_API_KEY
@@ -305,30 +304,29 @@ module.exports = {
         : false,
 
       async run({ http, assert, skip }) {
-        // Use fake email that ZeroBounce should flag as invalid
+        // Use fake email that mailbox verification should flag as invalid
         const testEmail = TEST_EMAILS.invalid();
 
         const response = await http.command('general:add-marketing-contact', {
           email: testEmail,
           source: 'bem-test',
-          // No firstName/lastName - AI will try to infer from "test"
         });
 
-        // Should still succeed (we fail open) but ZeroBounce should report invalid
+        // Should still succeed (we fail open) but mailbox should report invalid
         assert.isSuccess(response, 'Request should succeed even with invalid email');
 
-        const zbResult = response.data?.validation?.checks?.zerobounce;
+        const mbResult = response.data?.validation?.checks?.mailbox;
 
-        // If ZeroBounce is out of credits, skip test - not a failure
-        if (zbResult?.error?.includes('out of credits')) {
-          skip('ZeroBounce out of credits');
+        // If out of credits, skip test - not a failure
+        if (mbResult?.error?.includes('out of credits')) {
+          skip('Mailbox verification out of credits');
         }
 
-        // ZeroBounce should return a status indicating the email is not valid
-        if (zbResult) {
-          assert.hasProperty(zbResult, 'status', 'Should have status');
+        // Mailbox should return a status indicating the email is not valid
+        if (mbResult) {
+          assert.hasProperty(mbResult, 'status', 'Should have status');
           // Status should NOT be 'valid' for this fake email
-          assert.notEqual(zbResult.status, 'valid', 'Fake email should not be marked valid');
+          assert.notEqual(mbResult.status, 'valid', 'Fake email should not be marked valid');
         }
       },
     },