Strip and downcase email addresses if you're using them as lookup keys for anything
Seems like something I need to learn every few years, and recently popped up on one of my side projects. If you're relying on email addresses as lookup keys, for instance in authentication/login scenarios, then standardize on lowercase and strip whitespace for good measure.
This came up when a customer was not able to get inbound email processing to work for his account. Turns out that his user record had a properly downcased email, but his SMTP server was sending his email address with capitalization. Some string massaging fixed the immediate issue.
User.find_by(email: reply_params["sender"].to_s.downcase)
After putting this fix in, I found everywhere else in the system that email addresses come in as input and gave them the same treatment.