diff --git a/email_api/email_api/app.js b/email_api/email_api/app.js
index 859292d..6b0d1b9 100644
--- a/email_api/email_api/app.js
+++ b/email_api/email_api/app.js
@@ -118,7 +118,7 @@ async function markEmailAsProcessed(domain, key, status, processor = 'rest-api',
 // Process endpoint
 app.post('/process/:domain', async (req, res) => {
   const { domain } = req.params;
-  const auth = req.headers.get('authorization');
+  const auth = req.headers['authorization']; // Fixed: Use req.headers['authorization'] instead of req.headers.get
   if (auth !== `Bearer ${API_TOKEN}`) {
     return res.status(401).json({ error: 'Unauthorized' });
   }
@@ -137,6 +137,7 @@ app.post('/process/:domain', async (req, res) => {
 
   logger.info(`[${requestId}] INCOMING POST /process/${domain}: payload_summary=${JSON.stringify(payloadSummary)}`);
 
+  let recipients = [];
   try {
     // Decode and parse email
     const content = data.email_content;
@@ -154,7 +155,7 @@ app.post('/process/:domain', async (req, res) => {
     });
 
     const fromAddr = parser.from?.value[0]?.address || `lambda@${domain}`;
-    const recipients = [
+    recipients = [
       ...(parser.to?.value || []),
       ...(parser.cc?.value || []),
       ...(parser.bcc?.value || [])
@@ -198,10 +199,10 @@ app.post('/process/:domain', async (req, res) => {
     res.status(200).json({
       message: 'Email forwarded',
       forwarded_to: validRecipients
-    });
+  });
   } catch (error) {
     logger.error(`[${requestId}] Error in /process/${domain}: ${error.message}`);
-    await markEmailAsProcessed(domain, data.s3_key, 'error', 'rest-api', fromAddr, recipients);
+    await markEmailAsProcessed(domain, data.s3_key, 'error', 'rest-api', parser?.from?.value[0]?.address || `lambda@${domain}`, recipients);
     res.status(500).json({ error: 'Internal server error' });
   }
 });
@@ -209,7 +210,7 @@ app.post('/process/:domain', async (req, res) => {
 // Stats endpoint
 app.get('/stats/:domain', async (req, res) => {
   const { domain } = req.params;
-  const auth = req.headers.get('authorization');
+  const auth = req.headers['authorization']; // Fixed: Use req.headers['authorization'] instead of req.headers.get
   if (auth !== `Bearer ${API_TOKEN}`) {
     return res.status(401).json({ error: 'Unauthorized' });
   }