Open Bug 209181 Opened 22 years ago Updated 8 months ago

Bugzilla should track bugmail that bounces and automatically disable bugmail on accounts that continually bounce.

Categories

(Bugzilla :: Email Notifications, enhancement)

Product:
Bugzilla
Component:
Email Notifications
Version:
2.17.1
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

People

(Reporter: mozilla, Unassigned)

References

Details

I think it would help in the triaging of bugs to know if a reporter's email address is still valid. If we get a bounce message from the reporter, a flag or notation should be added to the bug telling us that the address appears to no longer be valid. This is helpful especially when dealing with somewhat old bugs, and we are waiting on confirmation from the reporter. If the reporter's address is dead, we'll be waiting a long time.
Seems like a good idea; confirming. Also, Hardwars/OS -> All/All
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows XP → All
Hardware: PC → All
This is not as easy as it sounds. Currently, Bugzilla mail comes from <webservergroup>@hostname; this address typically doesn't go anywhere, unless the administrator set up an alias to handle this mail somehow. So, the bounces don't go anywhere unless the administrator sets up an alias to handle this mail somehow. To do what you're suggesting, there would have to be some bugzilla script that would listen to that alias, be able to detect a bounce message (difficult, if not impossible, due to all the different formatting of bounces; although, there may be an RFC standard for X-Message-Status or something like that), and then do something with that information. There's also no authentication with SMTP, so people could start forging bounce messages to the alias, and get prompt the alias to do whatever it normally does (post comments to the bug? Close the account? What?) without any authentication. The security issues raised by fixing this are not insignificant, and involves coopting the webservergroup address, which other applications (PHP scripts, etc.) may use, or administrators may not want to redirect to a script (maybe they use it for something else.) Email has always been considered a secondary notification (i.e. the Bugzilla installation itself is the final version of the status information for the bug), so email should *never* be relied upon to get bug information. Unless anyone can point out some huge point I'm missing, I propose marking RESOLVED/WONTFIX.
Actually, it's not as hard as you make it out to be. In fact, I do it on gcc bugzilla. 1. Use a return-path to make the bounces go to whatever alias you want. 2. See RFC1892 for delivery status notifications. 3. There's a perl module that handles most formats of bounce messages out there, standard and non-standard. See Mail::DeliveryStatus::BounceParser. We can always extend the messages 4. Nobody forges bounce messages. If they do, you should block bugzilla from allowing them anyway. This is a people problem. We aren't disabling or deleting accounts, just marking a possible bounce. We can record the ip address that sent the bounce if you are really that concerned, if this is a problem. 5. If you are really super concerned about bounces, we could record the message id of each message we send out (for 30 days or something), as well as who it was sent to, and match the bounce back to it, and not mark any address as possibly bouncing we can't do this for.
Ok... that's good to know how it's done elsewhere. But you hit the nail on the head: this is a people problem. As I noted, email was ALWAYS considered a secondary notification tool; it should not be relied upon to get BZ information out to people. Still propose RESOLVED-WONTFIX. Justdave?
the other thing you can do is set the return path with a + extension, which sendmail and other MTAs will ignore anything following the +, but it'll still be included in the headers for the benefit of the recipient. Do you could do something like MAIL FROM:<bugzilla-bounce+B209181-T1060226522-netscape.com-justdave@bugzilla.mozilla.org> where Bxxx is the bug number, Txxxx is the unix timestamp used in the activity log/long descriptions for the bug change, and the rest is obvious. Majordomo 2 does it in a similar fashion to track mailing list bounces. Not sure the fact that it bounced should be noted in the bug, but some sort of bounce tracking has been on the idea list for Bugzilla in the back of my head for some time now. It's an easy way to detect dead accounts.
Well, then I'll accept. We still need to come up with what to do with a bounce report though... that's not really clear from the bug report.
Status: NEW → ASSIGNED
It can easily happen sooner or later that some (too) strict mail providers will block _all_ emails from being delivered to his mail server if there are too many mails that bounce being sent from one server (eg bugzilla) to his system. yahoo.com is one (of many?) that enforces: "if you send me too many mails that i can't deliver, i won't accept your mails at all, not even the ones i could deliver" as their way of fighting spam. http://help.yahoo.com/help/us/mail/spam/spam-18.html Their reasoning is that you must be sending spam to some outdated list of email addresses. They suggest Variable Envelope Return Paths to detect bounces: http://cr.yp.to/proto/verp.txt
See also bug 94247, where the proposal was that the reporter should be able to ABANDON a bug (giving it a blank, or otherwise specially marked reporter field to indicate that they are no longer involved).
Blocks: 299795
-> default assign (JP no longer works on bz) (In reply to comment #7) > ... > They suggest Variable Envelope Return Paths to detect bounces: > http://cr.yp.to/proto/verp.txt VERP is interesting suggestion - implmented in debian http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305324 additional references http://packages.debian.org/stable/perl/libmail-verp-perl http://search.cpan.org/src/GYEPI/Mail-Verp-0.04/Verp.pm http://packages.debian.org/testing/perl/libmail-verp-perl http://www.courier-mta.org/?sendmail.html http://www.postfix.org/VERP_README.html
Assignee: preed → email-notifications
Status: ASSIGNED → NEW
QA Contact: mattyt-bugzilla → default-qa
*** Bug 299795 has been marked as a duplicate of this bug. ***
No longer blocks: 299795
(In reply to comment #4) > ... : this is a people problem. > > As I noted, email was ALWAYS considered a secondary notification tool; it should > not be relied upon to get BZ information out to people. Paul, please explain - if bz e-mail is secondary then what is primary notification method? By "this is a people problem" do you mean one should assume bz mail won't be delivered, that one either calls or pings the person (immediately or after some period of time)? Don't most people rely upon bugzilla as THE controlling process to get information to and from people? E-mail is the only identifier in the bug (eg. bz doesn't have irc nicknames) so it certainly is a *major* piece of bugzilla. Even if it is as you say, secondary, bz email surely is still *very* important. I have been told by developers and I have seen in documentation that one should request info from others via bugzilla rather than use direct email (i.e. between two people) - to perserve tracking of conversation and activity within the bug. Further observations: * If this is difficult to implement it doesn't make it any less important * Developers and triagers have a different takes on usage of bz, might this bug be one of them? * Don't modern tracking tools tout e-mail notification and update of issue/bug via e-mail as a major feature/selling point? * this is big time waster for the triager * this contributes to delays in making progress on bugs both new and old * this is not just a problem for old bugs - email addresses expire for new reporters and commenters too UI complexity need not increase. Examples: * strike-through name+address if it's not getting mail * mousoever could indicate date of last successful delivery or failed delivery Same functionality for cc: and commentors would be equally helpful. Does Bug 249121 add complexity to this bug?
When we get bounces, we often configure the user's EMail Prefs to "Disable All Mail", then we disable the account with a message saying "Mail bouncing - contact webmaster@eclipse.org". It's been working good so far, except the whole process is manual. As for comment 2, to prevent forging, set a threshold for bounces. User's mail bounced 5 times? Disable all mail going to them. Optionally disable their account with [insert message here]. Ignoring bounces is bad in that mail server admins on the receiving end can end up putting busy bugzilla sites on SPAM RBL's because they continuously send them mail to invalid addresses. D.
This seems to be a thing that'd need to be very site-specific in its implementation. Proposing either WONTFIX (allowing a site to handle it however it wishes it to be handled), or moving to b.m.o component.
> This seems to be a thing that'd need to be very site-specific I'm not sure I agree. Add this to the email parameters: bounced_email_processing Consider user is AWOL after [5] bounced messages Action(s) to take when someone is declared AWOL: [x] Disable account [x] Append "AWOL" to real, so everyone knows about it [x] Disable all bugmail to this person [ ] Notify site admin
Should be: > [x] Append "AWOL" to realname, so everyone knows about it
To make it 100% accurate we can check only our local MTA bounces which generated during SMTP session but not when remote server accept email and bounce mail later. This slightly decrease amount of dead addresses because there still front-end servers which accept mail and bounce later. To accomplish this we need just small shell script, which can be written within hours. I will look into bugzilla code and see if I can help with this.
Currently field "Reporter accessible?" used for same thing but changed manually, it can be used for this purpose on automatic manner
Summary: Bounce on bug reporter email should be noted → Bugzilla should track bugmail that bounces and automatically disable bugmail on accounts that continually bounce.

Hmm, BMO does this. I don't know if it's before or after we forked it back to harmony though. If before, we may have this in Harmony already.

(In reply to Denis Roy from comment #12)

When we get bounces, we often configure the user's EMail Prefs to "Disable All Mail", then we disable the account

Why disable the account, isn't "disable all mail" enough ?

(In reply to chrizilla from comment #20)

(In reply to Denis Roy from comment #12)

When we get bounces, we often configure the user's EMail Prefs to "Disable All Mail", then we disable the account

Why disable the account, isn't "disable all mail" enough ?

In BMO it's because we want to know there is someone on the other end (at that address) who will respond.

You need to log in before you can comment on or make changes to this bug.