Page MenuHomePhabricator

Facilitate sending to an arbitrary email address rather than a user account
Open, Needs TriagePublic

Description

I understand the mail sending mechanism is currently realised through the mediawiki core, but it would be great to be able to send forms to an arbitrary email address rather than a MediaWiki user account.

Among other possible use-cases, that could help mitigate the leakage of information about the persons whose wiki accounts are assigned to the recipient of the form, when it is undesirable to know who the person is.

Currently, when a submission is made using the form with the submitter requesting a copy of the form submission, the subject of email sent to the submitter is the content of the gettext string identified as "emailccsubject", i.e. "Copy of your message to $1: $2", which reveals the username of the recipient.

Event Timeline

ahmad created this task.Aug 11 2018, 5:20 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 11 2018, 5:20 PM
Reedy added a subscriber: Reedy.EditedAug 11 2018, 9:59 PM

Sending to an arbitary address just seems a great way for spammers to send spam out... It seems to defeat the point of the contactform when it's designed to go to a intended recipient

emailccsubject is a core message that we reuse...

Maybe we we should be using a different message?

Something along the lines of "Copy of your submission of $1: $2" where $1 is the title of the form (or similar) e.g. https://github.com/wikimedia/mediawiki-extensions-WikimediaMessages/blob/master/i18n/contactpage/en.json#L42, and $2 stays to be the subject?

ahmad added a comment.Aug 13 2018, 3:10 PM

By "arbitary address" I meant one set by the form administrator, instead of having to be that of a wikiuser account as currently is the case. Not one entered by the form user.

I'm considering working around this on the level of the UI string,

But there's also the usecase of having a workflow for handling received form submissions by one or more persons. As far as I know there's currently no way to distinguish emails sent through the form in order to set a rule, for example, to forward it to another address or autoreply.

I understand this is not the model of the current implementation, but it would be great to have.

Reedy added a comment.Aug 13 2018, 3:12 PM

By "arbitary address" I meant one set by the form administrator, instead of having to be that of a wikiuser account as currently is the case. Not one entered by the form user.

Ok, that makes more sense. I'll update the task in a few

But there's also the usecase of having a workflow for handling received form submissions by one or more persons.

At least at Wikimedia, we just use mailing lists/distribution lists or OTRS queues

Reedy renamed this task from Facilitate sending to an arbitrary email address to Facilitate sending to an arbitrary email address rather than a user account.Aug 13 2018, 3:13 PM
Reedy updated the task description. (Show Details)
ahmad added a comment.Aug 13 2018, 3:17 PM

But there's also the usecase of having a workflow for handling received form submissions by one or more persons.

At least at Wikimedia, we just use mailing lists/distribution lists or OTRS queues

How does that work? Does the receiving wikiuser manually forward to the mailing list of a working group? Or are dummy wikiuser accounts are created in order to set their email addresses to that of the distribution list?

Reedy added a comment.Aug 13 2018, 3:22 PM

Yeah, "dummy" accounts are used. Often with an appropriate name/username, so the leaking you were mentioning is less of a problem