diff --git a/README.md b/README.md
index f5117abd0..b52220554 100644
--- a/README.md
+++ b/README.md
@@ -182,7 +182,7 @@ For full instructions, requirements, and configuration details, see the [Self Ho
#### Railway
-[](https://railway.app/template/bG6D4p)
+[](https://railway.com/deploy/DjrRRX?referralCode=EZR3s0&utm_medium=integration&utm_source=template&utm_campaign=generic)
#### Render
diff --git a/SIGNING.md b/SIGNING.md
index cb719ffb8..f794bc9ba 100644
--- a/SIGNING.md
+++ b/SIGNING.md
@@ -60,7 +60,7 @@ We support a variety of deployment methods, and are actively working on adding m
## Railway
-[](https://railway.app/template/DjrRRX)
+[](https://railway.com/deploy/DjrRRX?referralCode=EZR3s0&utm_medium=integration&utm_source=template&utm_campaign=generic)
## Render
diff --git a/apps/docs/content/docs/policies/meta.json b/apps/docs/content/docs/policies/meta.json
index 14ba43d70..2251871a5 100644
--- a/apps/docs/content/docs/policies/meta.json
+++ b/apps/docs/content/docs/policies/meta.json
@@ -8,6 +8,7 @@
"privacy",
"terms",
"security",
+ "verify-email",
"support"
]
}
diff --git a/apps/docs/content/docs/policies/verify-email.mdx b/apps/docs/content/docs/policies/verify-email.mdx
new file mode 100644
index 000000000..72e3a1098
--- /dev/null
+++ b/apps/docs/content/docs/policies/verify-email.mdx
@@ -0,0 +1,68 @@
+---
+title: Verifying Emails from Documenso
+description: How to confirm that an email is genuinely from Documenso, and what to do if you receive a suspicious message.
+---
+
+import { Callout } from 'fumadocs-ui/components/callout';
+
+## Check the Sender Domain
+
+All email sent by Documenso originates from one of the following domains. If you receive an email claiming to be from Documenso and the sender address does not end in one of these domains, treat it as suspicious.
+
+| Domain | Used for |
+| ------------------------ | -------------------------------------------------------------- |
+| `app.documenso.com` | Transactional email |
+| `documensomail.com` | Transactional email |
+| `documensoemail.com` | Transactional email |
+| Custom domain | [Enterprise organisations](/docs/users/organisations/email-domains) using a custom email domain |
+
+Typical sender addresses include:
+
+- `noreply@app.documenso.com`
+- `noreply@free.documensomail.com`
+- `noreply@individual.documensoemail.com`
+
+
+ A misspelling such as `documenso-mail.com`, `documensomaiI.com` (capital i instead of l), or any other variation is not a Documenso domain.
+
+
+## Types of Email Documenso Sends
+
+Documenso sends email only for the following purposes:
+
+- **Account verification** — confirming your email address when you sign up or change it
+- **Password reset** — a link to reset your password that you requested
+- **Document invitations** — notifying you that a document has been shared with you to sign, approve, or view
+- **Signing reminders** — follow-up reminders for pending document actions
+- **Completed document notifications** — confirmation that all parties have signed a document
+- **Team invitations** — inviting you to join an organisation or team
+
+## What Documenso Will Never Do
+
+- Ask for your password via email
+- Send you an attachment and ask you to open it to verify your identity
+- Ask you to confirm payment details or billing information over email
+- Send unsolicited marketing emails if you have not opted in
+
+## How to Tell If an Email Is Legitimate
+
+1. **Check the sender address** — the domain must be `documenso.com` or `documensomail.com`
+2. **Look at the link destination** — hover over any link before clicking; it should point to `app.documenso.com`
+3. **Watch for urgency or threats** — legitimate Documenso emails do not threaten account suspension to pressure you into clicking a link immediately
+4. **Verify the action yourself** — if in doubt, log in to [app.documenso.com](https://app.documenso.com) directly (not via the email link) and check whether the document or notification exists there
+
+## Report a Suspicious Email
+
+If you receive an email that appears to impersonate Documenso:
+
+1. Do not click any links or download any attachments
+2. Forward the email as an attachment to **support@documenso.com**
+3. Delete the email from your inbox
+
+You can also report phishing emails directly to your email provider using their built-in reporting tools.
+
+## Related
+
+- [Security Policy](/docs/policies/security) — Documenso's security practices and vulnerability disclosure process
+- [Create an Account](/docs/users/getting-started/create-account) — What to expect during sign-up
+- [Security Settings](/docs/users/settings/security) — Enable two-factor authentication and manage sessions
diff --git a/apps/docs/content/docs/self-hosting/deployment/railway.mdx b/apps/docs/content/docs/self-hosting/deployment/railway.mdx
index 93c861678..81392a37d 100644
--- a/apps/docs/content/docs/self-hosting/deployment/railway.mdx
+++ b/apps/docs/content/docs/self-hosting/deployment/railway.mdx
@@ -24,7 +24,7 @@ Before deploying, you need:
The fastest way to deploy Documenso on Railway is using the official template:
-[](https://railway.app/template/bG6D4p)
+[](https://railway.com/deploy/DjrRRX?referralCode=EZR3s0&utm_medium=integration&utm_source=template&utm_campaign=generic)
This template automatically provisions:
diff --git a/apps/docs/content/docs/users/getting-started/create-account.mdx b/apps/docs/content/docs/users/getting-started/create-account.mdx
index 17030e730..8047f48ea 100644
--- a/apps/docs/content/docs/users/getting-started/create-account.mdx
+++ b/apps/docs/content/docs/users/getting-started/create-account.mdx
@@ -39,7 +39,11 @@ Navigate to [documen.so/free](https://documen.so/free) to create a free account.
Provide your name, email address, and create a password. Alternatively, sign up with Google for faster access.
-{/* TODO: Add screenshot of registration form */}
+
diff --git a/apps/docs/public/get-started-images/documenso-registration-form.webp b/apps/docs/public/get-started-images/documenso-registration-form.webp
new file mode 100644
index 000000000..5b414adc5
Binary files /dev/null and b/apps/docs/public/get-started-images/documenso-registration-form.webp differ
diff --git a/apps/remix/app/components/dialogs/claim-update-dialog.tsx b/apps/remix/app/components/dialogs/claim-update-dialog.tsx
index bcbd91a56..bdcdfbd55 100644
--- a/apps/remix/app/components/dialogs/claim-update-dialog.tsx
+++ b/apps/remix/app/components/dialogs/claim-update-dialog.tsx
@@ -2,6 +2,7 @@ import type { TLicenseClaim } from '@documenso/lib/types/license';
import { trpc } from '@documenso/trpc/react';
import type { TFindSubscriptionClaimsResponse } from '@documenso/trpc/server/admin-router/find-subscription-claims.types';
import { Button } from '@documenso/ui/primitives/button';
+import { Checkbox } from '@documenso/ui/primitives/checkbox';
import {
Dialog,
DialogContent,
@@ -28,6 +29,7 @@ export const ClaimUpdateDialog = ({ claim, trigger, licenseFlags }: ClaimUpdateD
const { toast } = useToast();
const [open, setOpen] = useState(false);
+ const [backportEmailTransport, setBackportEmailTransport] = useState(false);
const { mutateAsync: updateClaim, isPending } = trpc.admin.claims.update.useMutation({
onSuccess: () => {
@@ -67,19 +69,33 @@ export const ClaimUpdateDialog = ({ claim, trigger, licenseFlags }: ClaimUpdateD
await updateClaim({
id: claim.id,
data,
+ backportEmailTransport,
})
}
licenseFlags={licenseFlags}
formSubmitTrigger={
-
-
+ <>
+