- Name of tool/project: Mailman3 / lists.wikimedia.org
- Project home page: https://list.org/
- Name of team requesting review: SRE ServiceOps
- Primary contact: @Legoktm, @Ladsgroup
- Target date for deployment: n/a, already deployed
- Link to code repository / patchset:
- https://gitlab.com/mailman/mailman - core internal REST API
- https://gitlab.com/mailman/mailmanclient - REST client powering web<-->core communication
- https://gitlab.com/mailman/hyperkitty and https://gitlab.com/mailman/mailman-hyperkitty - web archiver
- https://gitlab.com/mailman/postorius - web administrative interface
- https://gitlab.com/mailman/django-mailman3 - some shared code for hyperkitty and postorius
Description of the tool/project:
Mailman3 is a rich mailing list suite, with email and web interfaces. Mailman2 was notoriously insecure, but we've also found issues with Mailman3 that are concerning and could use a deeper review.
Description of how the tool will be used at WMF:
Powers lists.wikimedia.org, facilitates public and private/sensitive discussions across wide groups of Wikimedians.
- Apache httpd
Key Python dependencies:
The rest should be specified in the corresponding setup.py files (it's a longish tree).
Has this project been reviewed before?
I am not aware of a formal review, certainly has happened informally.
Working test environment
A test environment is available in Cloud VPS: https://polymorphic.lists.wmcloud.org/postorius/lists/. Using the Puppet role is generally the best way to get our setup replicated.