Page MenuHomePhabricator
Create Task
Maniphest T137614

Create a list of domains used by Wikimedia users that have active DMARC records
Closed, DeclinedPublic
Actions

Description

For T137603, a list of domains used by Wikimedia users in their preferences that have active DMARC records is needed. To do that:

  1. Get a list of (unique) domains used by Wikimedia users.
  2. For each domain, get the DMARC record (dig +short txt _dmarc.yahoo.com); exclude domains that do not have a DMARC record.
  3. Exclude domains that have a p=none tag (for example .wikimedia.org or .gmail.com).
  4. List the remaining domains.

Ideally, this process would be done by a (maintenance) script so that it can be repeated easily.

Details

SubjectRepoBranchLines +/-
Add script to get unique list of email domains on WMF wikismediawiki/extensions/WikimediaMaintenancemaster+72 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

scfc created this task.Jun 11 2016, 4:25 AM
Aklapper mentioned this in T146281: Certain emails not received (Yahoo/RocketMail?).Oct 2 2016, 9:12 AM
Trijnstel subscribed.Oct 9 2016, 8:33 PM
gerritbot subscribed.Nov 9 2016, 3:16 PM

Change 320605 had a related patch set uploaded (by Reedy):
Add script to get unique list of email domains on WMF wikis

https://gerrit.wikimedia.org/r/320605

gerritbot added a project: Patch-For-Review.Nov 9 2016, 3:16 PM
Reedy subscribed.Nov 9 2016, 3:18 PM

Step 1 ^

Can probably be further updated to a script that does the lot

Krinkle closed this task as Declined.May 25 2018, 10:23 PM
Krinkle subscribed.

Per T66795, we no longer have this problem because we now always use Reply-To instead of From, for precisely the reasons outlined in this task.

It seems rather odd for us to both not fake sender (when the sender's domain has DMARC validation) and still pretend to be senders of insecure domains also seems... phishy to me. We should just always send on behalf of ourselves (eg. wiki@wikimedia.org) and use Reply-To.

Which, is exactly what we did last year with T66795, which resulted in wgUserEmailUseReplyTo being true by default in MediaWiki core as well as for Wikimedia Foundation wikis.

Krinkle mentioned this in T137603: Block Special:EmailUser for people with a DMARC-problem address.May 25 2018, 10:23 PM
gerritbot added a comment.May 25 2018, 10:23 PM

Change 320605 abandoned by Krinkle:
Add script to get unique list of email domains on WMF wikis

Reason:
Task declined per https://phabricator.wikimedia.org/T137614#4233073

https://gerrit.wikimedia.org/r/320605

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL