Page MenuHomePhabricator
Create Task
Maniphest T248384

Delete email addresses with privileged @domain names from mailing lists at offboarding
Open, MediumPublic
Actions

Description

As described in T248126: Please decom reading-wmf mailing list this is a request for a process enhancement to delete email addresses with privileged domain names (e.g., @wikimedia.org) from mailman at offboarding. This would reduce the odds of account compromise and otherwise misuse on the mailmain lists.

This probably ought to also apply to specific contractor work email addresses that aren't part of the set of well known privileged domain names, too, although that's potentially more complicated and harder to track - the task submitter isn't sure if that's an issue at present.

There may be complementary actions like resetting the list administrator password if the user was also an administrator of a list, although that's even more complicated process wise, perhaps.

Related Objects

Event Timeline

dr0ptp4kt created this task.Mar 24 2020, 12:02 PM
Restricted Application added a project: SRE. · View Herald TranscriptMar 24 2020, 12:02 PM
Volans added subscribers: MoritzMuehlenhoff, herron.Mar 25 2020, 9:02 AM
jcrespo added subscribers: akosiaris, jcrespo.Apr 2 2020, 4:03 PM

@akosiaris This seems unrelated to your recent proposal for mailman tooling, but could it be an included, secondary use case?

akosiaris added a comment.Apr 2 2020, 4:15 PM

Yes the same API could be used as well so we could accommodate it.

MoritzMuehlenhoff triaged this task as Medium priority.Apr 6 2020, 12:48 PM
ema moved this task from Backlog to General on the Wikimedia-Mailing-lists board.Jun 24 2020, 1:52 PM
Legoktm subscribed.Mar 26 2021, 7:43 AM

I'm not sure where the canonical offboarding documentation is, but we already have a script for mailman2 to remove someone from all lists. mailman3 has a REST API, so we could write a cookbook or something for it.

Legoktm mentioned this in T278516: Close / shut down public services@ mailing list (which has no maintainers).Apr 28 2021, 4:12 AM
Mvolz subscribed.Apr 28 2021, 10:01 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits