Project membership information can be pulled from the OpenStack keystone API.
The Toolforge project itself has something like this that routes emails for <tool>@tools.wmflabs.org to the shared tool account where it can be processed using .forward files. That processing is LDAP based, using a lookup script and exim4 configuration.
- *@<project>.wmflabs.org forwards to project admins
- <project>@<something>.wmflabs.org forwards to project admins
- <project>-(admins|members)@<something>.wmflabs.org forwards to project admins/members
Having some kind of optional per-project address -> destination mapping similar to the Toolforge feature would also be nice, but that is not necessary for an initial implementation.
Ideally this base feature can also be leveraged to fix T61142: root@<labs-instance> should email project admins either directly or indirectly.