https://bugzilla.wikimedia.org/show_bug.cgi?id=46640
Nemo <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #6 from Nemo <[email protected]> --- (In reply to Faidon Liambotis from comment #5) > So, this bug report was filed right after a conversation about Echo (RT > #4785) in which I was the one to propose VERP, so we've actually ran a full > circle now :) Hah! Good thing it was still on someone's radar then. Thanks for the reply. > > Yes, we need to do VERP and we'll make that happen. We're not ready yet for > making that change (= making API calls from the mailservers) as the mail > infrastructure is about to be rebuilt, but I think catching up again in, > say, 1-2 months time would be the right time for this. 1-2 months from now would be great for GSoC (it's the deadline for students applications) if someone thinks this suits a GSoC work and unless you want this bug to be fixed *before* the summer by ops/platform. > > From the mailserver side, we can run a script (preferrably one that doesn't > need a full MediaWiki install on the system ;)) when emails to bounce-XXX > addresses arrive. > > The way to avoid fake bounces DoSing a user would be to use a > bounce-<hash>@wikimedia.org return path address with <hash> either being a > random, stored token or one that is the output of a symmetrical encryption > function, encrypt(email, secret). I'm sure Chris Steipp will have multiple > good ideas about that :) Sounds like an endorsement/proposal for Chris to be a (co-)mentor? ;-) Chris, are you interested in soliciting students work in this area? If yes, who could be interested mentoring? -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
