Page MenuHomePhabricator

Set up SPF/DKIM for tools.wmflabs.org
Closed, ResolvedPublic

Description

On Toolserver, the mail queue often has stuck mails from ACC (cf. [[Wikipedia:Request an account]]) to sites like AOL. We should set up SPF/DKIM for tools.wmflabs.org.


Version: unspecified
Severity: normal

Details

Reference
bz53101

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 2:02 AM
bzimport added a project: Toolforge.
bzimport set Reference to bz53101.

We're still in a holding pattern re email, waiting for legal.

(In reply to comment #1)

We're still in a holding pattern re email, waiting for legal.

I thought ops set up e-mail, not legal. :-) Is there further info about this? (And what else is waiting on legal?)

There is discussion regarding the exact domain name that email to/from volunteer [projects] should be using. Right now we're defaulting to the very obvious tools.wmflabs.org; but this has not been cleared by legal. (In particular, there are issues about possible third-party confusion about the "officialness" of email to and from a domain name including 'wmf').

This has actually been resurfaced in our ops meeting yesterday and I expect we'll have a definitive answer shortly, at which point proper MTA setup will be done.

(In reply to comment #3)

There is discussion regarding the exact domain name that email to/from
volunteer [projects] should be using. Right now we're defaulting to the very
obvious tools.wmflabs.org; but this has not been cleared by legal. (In
particular, there are issues about possible third-party confusion about the
"officialness" of email to and from a domain name including 'wmf').

[...]

a) Makes you wonder if for example AOL or Yahoo! do not have legal departments.

b) Illustrates very nicely what happens if someone is paid by the hour.

The mail issue proper has long been fixed (that is, tools.wmflabs.org is the proper, canonical email domain for tool labs) but right now there is a technical limitation with our DNS that makes it impossible to add TXT RRs (and thus SPF entries).

Looking into the matter now.

Turns out that adding the necessary attributes to the LDAP schema was mercifully straightforward.

tools.wmflabs.org now has a proper SPF record.