Closed Bug 453656 Opened 16 years ago Closed 15 years ago

Provide MoCo with a URL to a transport map for @mozillamessaging.com

Categories

(Mozilla Messaging Graveyard :: Server Operations, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: gozer, Unassigned)

References

Details

So they can be smarter secondary MXes and only allow what we explicitely want.
Summary: Provide MoCo with a SVN feed of our virtual_alias maps → Provide MoCo with a SVN feed of a transport map for our email
As justdave pointed out on IRC, having a transport map instead would make things much simpler and require fewer updates, so here it is:

http://build.mozillamessaging.com/transport-map.txt
I don't think that's a good place to stick it.

a) you're essentially publishing all of your email addresses to the world at large - a spammer's dream. :)

b) retrieval over HTTP is subject to DNS poisoning and so forth.
Spammer's dream, or a leaker's dream, if you set up mail accounts for people before announcing that they're working for momo.
Well, I should have mentionned it was a temporary location for you too have a look at.

It would be restricted access to a subset of MoCo IPs, justdave, can you tell me what kind of restrictions will not be a problem for you? Big enough but not too big.

It's already accessible via HTTPS at the same URL <https://build.mozillamessaging.com/transport-map.txt>

I also want to move it to its own separate hostname, as it obviously doesn't belong on build.mozillamessaging.com, once again, part of the temporary location part.

I have to keep reminding myself how 'public' posting comments on bugzilla really is, with all the watchers and all (Hello watchers!)
Summary: Provide MoCo with a SVN feed of a transport map for our email → Provide MoCo with a URL to a transport map for @mozillamessaging.com
Yeah, an https URL that's locked down so it can only be accessed from our IP would work.  The paranoid security guy in me says dm-mail01/02 should be the only IPs in our address space with access to it. (63.245.208.150/63.245.208.176).
The final url is : <https://systems.mozillamessaging.com/transport-map.txt> and should be working as soon as DNS propagates. It's restricted to 63.245.208.150 and 63.245.208.176 for the time being.
Can you have it add a header like this on the front of the file?  (Just to make life easy on my end and keep people from screwing with it locally)

------8<------
# vim: syntax=conf
# NOTE: This is a TRANSPORT map, not a virtual alias table.

# This file is autogenerated from a cronjob at mozillamessaging.com.

# DO NOT EDIT THIS FILE DIRECTLY

############################
##                        ##
##  mozillamessaging.com  ##
##                        ##
############################

# if we don't know about the user, bounce it.
------8<------
Blocks: 482805
(In reply to comment #4)
> I have to keep reminding myself how 'public' posting comments on bugzilla
> really is, with all the watchers and all (Hello watchers!)

The original temporary URL still works, open to the public, and this is still a public bug.
<http://build.mozillamessaging.com/transport-map.txt> is now correctly 404ed.

Thanks for pointing it out.
(In reply to comment #7)
> Can you have it add a header like this on the front of the file?  (Just to make
> life easy on my end and keep people from screwing with it locally)
> [...]

Added, should reflect live shortly.
Looks good, I think we're all set.
Thanks!
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.