Page MenuHomePhabricator

Create a list of domains used by Wikimedia users that have active DMARC records
Closed, DeclinedPublic

Description

For T137603, a list of domains used by Wikimedia users in their preferences that have active DMARC records is needed. To do that:

  1. Get a list of (unique) domains used by Wikimedia users.
  2. For each domain, get the DMARC record (dig +short txt _dmarc.yahoo.com); exclude domains that do not have a DMARC record.
  3. Exclude domains that have a p=none tag (for example .wikimedia.org or .gmail.com).
  4. List the remaining domains.

Ideally, this process would be done by a (maintenance) script so that it can be repeated easily.

Event Timeline

scfc created this task.Jun 11 2016, 4:25 AM

Change 320605 had a related patch set uploaded (by Reedy):
Add script to get unique list of email domains on WMF wikis

https://gerrit.wikimedia.org/r/320605

Reedy added a subscriber: Reedy.Nov 9 2016, 3:18 PM

Step 1 ^

Can probably be further updated to a script that does the lot

Krinkle closed this task as Declined.May 25 2018, 10:23 PM
Krinkle added a subscriber: Krinkle.

Per T66795, we no longer have this problem because we now always use Reply-To instead of From, for precisely the reasons outlined in this task.

It seems rather odd for us to both not fake sender (when the sender's domain has DMARC validation) and still pretend to be senders of insecure domains also seems... phishy to me. We should just always send on behalf of ourselves (eg. wiki@wikimedia.org) and use Reply-To.

Which, is exactly what we did last year with T66795, which resulted in wgUserEmailUseReplyTo being true by default in MediaWiki core as well as for Wikimedia Foundation wikis.

Change 320605 abandoned by Krinkle:
Add script to get unique list of email domains on WMF wikis

Reason:
Task declined per https://phabricator.wikimedia.org/T137614#4233073

https://gerrit.wikimedia.org/r/320605