Opened 6 years ago

Last modified 5 years ago

#408 new enhancement

Opt-in email

Reported by: adehnert Owned by:
Priority: normal Milestone:
Component: mail Keywords: opinionated
Cc:

Description (last modified by adehnert)

Another approach to handling our "we keep getting marked as spammers" issue (see also #357, #407) is to require users to opt-in or do something special to send mail, thereby preventing your average untargeted spammer from being able to exploit us to source spam.

We probably want to make sure that our autoinstallers (WordPress? and MediaWiki? in particular) are able to send account confirmation emails. We could automatically opt in anybody who runs those, but I bet that'll substantially limit the number of people we can catch. Another approach is to patch them to use some special default-enabled mechanism that untargeted spammers wouldn't try:

  • have a magic string like current-locker-owner@scripts.mit.edu that's always allowed and rewrite it
  • some simple API that allows unblocking mail for ten minutes, and call it right before sending mail
  • SMTP server running on a separate port or IP that isn't blocked, and configure them to use it instead

Notes on some of our common autoinstalled things:

Change History (4)

comment:1 Changed 6 years ago by adehnert

  • Description modified (diff)

comment:2 Changed 6 years ago by adehnert

  • Keywords opionated added

comment:3 Changed 6 years ago by adehnert

There's a bunch of discussion on -i trac-#357 today (12/19/14).

comment:4 Changed 5 years ago by andersk

  • Keywords opinionated added; opionated removed
Note: See TracTickets for help on using tickets.