Nemo <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #6 from Nemo <> ---
(In reply to Faidon Liambotis from comment #5)
> So, this bug report was filed right after a conversation about Echo (RT
> #4785) in which I was the one to propose VERP, so we've actually ran a full
> circle now :)

Hah! Good thing it was still on someone's radar then. Thanks for the reply.

> Yes, we need to do VERP and we'll make that happen. We're not ready yet for
> making that change (= making API calls from the mailservers) as the mail
> infrastructure is about to be rebuilt, but I think catching up again in,
> say, 1-2 months time would be the right time for this.

1-2 months from now would be great for GSoC (it's the deadline for students
applications) if someone thinks this suits a GSoC work and unless you want this
bug to be fixed *before* the summer by ops/platform.

> From the mailserver side, we can run a script (preferrably one that doesn't
> need a full MediaWiki install on the system ;)) when emails to bounce-XXX
> addresses arrive.
> The way to avoid fake bounces DoSing a user would be to use a
> bounce-<hash> return path address with <hash> either being a
> random, stored token or one that is the output of a symmetrical encryption
> function, encrypt(email, secret). I'm sure Chris Steipp will have multiple
> good ideas about that :)

Sounds like an endorsement/proposal for Chris to be a (co-)mentor? ;-) Chris,
are you interested in soliciting students work in this area? If yes, who could
be interested mentoring?

You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to