Maniphest T249237

Fix Cloud VPS and Toolforge mail servers to work with the modern internet
Open, MediumPublic
Actions

Assigned To

None

Authored By

	bd808
	Apr 2 2020, 4:36 PM

Tags

Referenced Files

None

Subscribers

AntiCompositeNumber

View All 10 Subscribers

Description

The Cloud Services environment provides two separate SMTP related services: outbound mail sending for all Cloud VPS hosts via the mx-out0{1,2}.wmflabs.org hosts, and inbound/outbound mail for Toolforge via the mail.tools.wmflabs.org service.

Both sets of mail servers have had a long list of historic issues related to modern internet practices of validating message origins/senders to combat spam. Historically these issues have been addressed (or not) on an ad hoc basis as active issues arise. As is often the case with this approach to maintenance of shared systems, once the active event is resolved (or the reporter gives up) the follow up tasks linger and rot in the global backlog. It feels like it is time to actually bundle these tasks together along with a bit of purposeful design to try and dig us out of this tech debt.

See also

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Open		None	T249237 Fix Cloud VPS and Toolforge mail servers to work with the modern internet
		Resolved		aborrero	T249114 E-mails from noreply@pypi.org to tools.pywikibot@tools.wmflabs.org are not forwarded to certain recipients due to SPF
		Resolved		aborrero	T120210 tools-mail: check SPF of sender before forwarding email
		Resolved		aborrero	T120225 Toolforge: correctly envelope forwarded email
		Declined		None	T235401 Emails from discourse-mediawiki.wmflabs.org softfail SPF
		Open		None	T208281 Set up SPF, DKIM, etc. for new cloud MX servers
		Resolved		herron	T41785 Create a Cloud VPS SMTP smarthost
		Resolved		bd808	T174618 Request creation of project-smtp VPS project
		Resolved		herron	T206261 Routing RFC1918 private IP addresses to/from WMCS floating IPs
		Resolved		aborrero	T175964 Set up mail rate limiting for tools-mail
		Resolved		aborrero	T256737 Toolforge email: proper prometheus integration
		Resolved		bd808	T256806 Mailserver TLS is broken, root certificates are not present for sent intermediate certificates

Event Timeline

bd808 created this task.Apr 2 2020, 4:36 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 2 2020, 4:36 PM

bd808 added a subtask: T249114: E-mails from noreply@pypi.org to tools.pywikibot@tools.wmflabs.org are not forwarded to certain recipients due to SPF.Apr 2 2020, 7:53 PM

bd808 added a subtask: T120210: tools-mail: check SPF of sender before forwarding email.

bd808 added a subtask: T120225: Toolforge: correctly envelope forwarded email.

bd808 added a subtask: T235401: Emails from discourse-mediawiki.wmflabs.org softfail SPF.

bd808 added a subtask: T208281: Set up SPF, DKIM, etc. for new cloud MX servers.

Dvorapa added a subscriber: Dvorapa.Apr 2 2020, 9:02 PM

DSquirrelGM added a subscriber: DSquirrelGM.Apr 8 2020, 3:21 PM

bd808 assigned this task to aborrero.Apr 15 2020, 10:57 PM

bd808 triaged this task as Medium priority.

bd808 added a project: Goal.

bd808 moved this task from Inbox to Soon! on the cloud-services-team (Kanban) board.

• JHedden added a subtask: T175964: Set up mail rate limiting for tools-mail .Apr 21 2020, 4:47 PM

Krenair added a subscriber: Krenair.Apr 21 2020, 8:21 PM

aborrero closed subtask T175964: Set up mail rate limiting for tools-mail as Resolved.Jun 23 2020, 8:53 AM

Bstorm reopened subtask T175964: Set up mail rate limiting for tools-mail as Open.Jun 23 2020, 3:18 PM

aborrero closed subtask T175964: Set up mail rate limiting for tools-mail as Resolved.Jun 24 2020, 12:06 PM

aborrero closed subtask T120225: Toolforge: correctly envelope forwarded email as Resolved.Jun 25 2020, 1:10 PM

Naypta added a subtask: T256806: Mailserver TLS is broken, root certificates are not present for sent intermediate certificates.Jun 30 2020, 8:14 PM

aborrero closed subtask T256806: Mailserver TLS is broken, root certificates are not present for sent intermediate certificates as Resolved.Jul 1 2020, 9:26 AM

aborrero closed subtask T256737: Toolforge email: proper prometheus integration as Resolved.Jul 1 2020, 11:17 AM

aborrero removed aborrero as the assignee of this task.Jul 2 2020, 11:51 AM

aborrero moved this task from Soon! to Epics on the cloud-services-team (Kanban) board.

aborrero closed subtask T249114: E-mails from noreply@pypi.org to tools.pywikibot@tools.wmflabs.org are not forwarded to certain recipients due to SPF as Resolved.

aborrero closed subtask T120210: tools-mail: check SPF of sender before forwarding email as Resolved.

aborrero added a subscriber: aborrero.

Nintendofan885 added a subscriber: Nintendofan885.Jul 24 2020, 8:46 AM

Aklapper closed subtask T235401: Emails from discourse-mediawiki.wmflabs.org softfail SPF as Declined.Sep 8 2020, 1:17 PM

AntiCompositeNumber added a subscriber: AntiCompositeNumber.Oct 6 2021, 3:45 PM

Stang added a subscriber: Stang.Jul 19 2022, 8:03 PM

fnegri edited projects, added cloud-services-team; removed cloud-services-team (Kanban).Jan 18 2023, 6:45 PM

fnegri moved this task from Kanban to Epics on the cloud-services-team board.