This may be releated to #43178.
I have another Jenkins instance that uses the Jenkins internal database. I just upgraded this instance. I have 2 entries on the people page:
Userid: "Jon Schewe", full name: "Jon Schewe", email "jpschewe@xxx", delete button is active, no password is set. Last commit activity is on my last job.
Userid: "jpschewe", full name: "Jon Schewe", email "jpschewe@xxx", delete button is NOT active, password is set. Since the password is set, presumably this is who I'm logging in as. There is no last commit activity on this user.
I committed changes as "jpschewe@xxx" through GitHub. The github hook fired and caused my build to run. At the end of the build:
19:33:37 Email was triggered for: Always*19:33:37* Sending email for trigger: Always*19:33:37* Not sending mail to unregistered user jpschewe@xxx*19:33:37* An attempt to send an e-mail to empty list of recipients, ignored.
This is using the Jenkins user database, so I would expect this is the case that was tested for, as opposed to my other instance that uses the unix database. This security fix doesn't appear to be working as expected. I understand the concept of not sending emails outside an organization, however the fix that I had before of using a presend script to filter email addresses has worked rather nicely. I'm not sure why Jenkins has 2 users for me in the people list or how this effects this sending of email, but I suspect they are related.