Both communities DicoAdo.org and Wikimini.org reported problems with their mailboxes after migration to WMCH-Infrastructure. Last week we had a conversation with our Switzerland service provider and they confirmed that email had not been configured correctly.

Premising that we apologize for this community disservice, let's fix this problem.

I share my internal notes, just to make fun of myself, for this huge amount of brainstorming just to do this "5 minutes job":

• Understanding whether we should ask volunteers to migrate their domains to WMCH, because of our technical limitations. NO. ✅
  • Right now the relative authors of dicoado.org and wikimini.org are also domain holders, and they also manage their DNS zones (in DNS servers external to WMCH), and we can keep this situation as-is, to maintain their autonomy). Updated the documentation to say so.
  • ⚠️ Premising that WMCH has access to dicoado.org DNS area but has NO access to Wikimini.org DNS area. This is a known IT risk under control.
• Activate commercial plans for the new mailboxes and confirm new WMCH expenses (requirement: no expenses in charge of the communities)
  • dicoado.org: renamed the already-existing mailbox bonjour@ (since it was orphan and never used by DNS changes). Now it's an alias to info and created the mailbox info. So, no new mailboxes were introduced.
  • wikimini.org: created a new mailbox info (was completely missing).
  • So, just 1 new mailbox was introduced. Additional cost known to Ilario Valdelli.
• Configure DNS servers (see below DNS changes)
  • dicoado.org
  • wikimini.org
    • the kind Lorangeo is aware of this, and they are taking care of this
• Test webmail logins (with or without DNS changes)
  • dicoado.org: works like a charm
  • wikimini-org: probably misconfiguration by WMCH service provider - ticket still open
• Configure web apps with SMTP credentials
  • doing local tests on custom MediaWiki
  • 2024-07-19 dicoado.org \o/
  • 2024-07-19 wikimini.org \o/
• Allow related admins to access their respective mailboxes
  • dicoado.org: the kind Vivian confirmed access ✅
  • wikimini.org: communicated, fixed WMCH issues (not related to Lorangeo)
• eventually decommission wikimini at wikimedia.ch, so Lorangeo does not have to manage 2 mailboxes

General DNS changes:

-dicoado.org MX mta-gw.infomaniak.ch
+dicoado.org MX mailscanner.moresi.com

-dicoado.org TXT 'v=spf1 include:spf.infomaniak.ch ?all'
+dicoado.org TXT 'v=spf1 mx ip4:178.23.174.0/27 ip6:2a02:ab40:0:1003::/64 -all'

Plus, irrelevant SRV changes. See upstream ticket DCT-1238 visible to Ilario and Valerio.

Documentation

Enable the team and any person related to WMCH to understand how the heck to change the password in case of need:

✅ The related internal documentation is here and here (it contains only public info, but for now it's available only to members, sorry, not my decision):

https://members.wikimedia.ch/wiki/Infrastructure/Emails#Mailboxes_in_dicoado.org

https://members.wikimedia.ch/wiki/Infrastructure/Emails#Mailboxes_in_wikimini.org

✅ The above documentation clarifies where exactly the passwords must be updated on both production servers, in case of password changes

✅ The related on-site (on production servers) MediaWiki configurations have PHP comments pointing to the above URLs, too

✅ The related Meta-wiki documentation mentions the mailbox documentation

https://meta.wikimedia.org/wiki/Wikimini/Technical_documentation#Mailboxes

https://meta.wikimedia.org/wiki/Dicoado/Technical_documentation#Mailboxes