diff --git a/app/controllers/action_mailroom/inbound_emails_controller.rb b/app/controllers/action_mailroom/inbound_emails_controller.rb
index 0c74d4b29a..e5970b38ec 100644
--- a/app/controllers/action_mailroom/inbound_emails_controller.rb
+++ b/app/controllers/action_mailroom/inbound_emails_controller.rb
@@ -1,3 +1,4 @@
+# TODO: Add access protection using basic auth with verified tokens. Maybe coming from credentials by default?
 class ActionMailroom::InboundEmailsController < ActionController::Base
   skip_forgery_protection
   before_action :require_rfc822_message