Provide MoCo with a URL to a transport map for @mozillamessaging.com

RESOLVED FIXED

Status

RESOLVED FIXED
11 years ago
10 years ago

People

(Reporter: gozer, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

11 years ago
So they can be smarter secondary MXes and only allow what we explicitely want.
(Reporter)

Updated

10 years ago
Summary: Provide MoCo with a SVN feed of our virtual_alias maps → Provide MoCo with a SVN feed of a transport map for our email
(Reporter)

Comment 1

10 years ago
As justdave pointed out on IRC, having a transport map instead would make things much simpler and require fewer updates, so here it is:

http://build.mozillamessaging.com/transport-map.txt
I don't think that's a good place to stick it.

a) you're essentially publishing all of your email addresses to the world at large - a spammer's dream. :)

b) retrieval over HTTP is subject to DNS poisoning and so forth.
Spammer's dream, or a leaker's dream, if you set up mail accounts for people before announcing that they're working for momo.
(Reporter)

Comment 4

10 years ago
Well, I should have mentionned it was a temporary location for you too have a look at.

It would be restricted access to a subset of MoCo IPs, justdave, can you tell me what kind of restrictions will not be a problem for you? Big enough but not too big.

It's already accessible via HTTPS at the same URL <https://build.mozillamessaging.com/transport-map.txt>

I also want to move it to its own separate hostname, as it obviously doesn't belong on build.mozillamessaging.com, once again, part of the temporary location part.

I have to keep reminding myself how 'public' posting comments on bugzilla really is, with all the watchers and all (Hello watchers!)
(Reporter)

Updated

10 years ago
Summary: Provide MoCo with a SVN feed of a transport map for our email → Provide MoCo with a URL to a transport map for @mozillamessaging.com
Yeah, an https URL that's locked down so it can only be accessed from our IP would work.  The paranoid security guy in me says dm-mail01/02 should be the only IPs in our address space with access to it. (63.245.208.150/63.245.208.176).
(Reporter)

Comment 6

10 years ago
The final url is : <https://systems.mozillamessaging.com/transport-map.txt> and should be working as soon as DNS propagates. It's restricted to 63.245.208.150 and 63.245.208.176 for the time being.
Can you have it add a header like this on the front of the file?  (Just to make life easy on my end and keep people from screwing with it locally)

------8<------
# vim: syntax=conf
# NOTE: This is a TRANSPORT map, not a virtual alias table.

# This file is autogenerated from a cronjob at mozillamessaging.com.

# DO NOT EDIT THIS FILE DIRECTLY

############################
##                        ##
##  mozillamessaging.com  ##
##                        ##
############################

# if we don't know about the user, bounce it.
------8<------
(In reply to comment #4)
> I have to keep reminding myself how 'public' posting comments on bugzilla
> really is, with all the watchers and all (Hello watchers!)

The original temporary URL still works, open to the public, and this is still a public bug.
(Reporter)

Comment 9

10 years ago
<http://build.mozillamessaging.com/transport-map.txt> is now correctly 404ed.

Thanks for pointing it out.
(Reporter)

Comment 10

10 years ago
(In reply to comment #7)
> Can you have it add a header like this on the front of the file?  (Just to make
> life easy on my end and keep people from screwing with it locally)
> [...]

Added, should reflect live shortly.
Looks good, I think we're all set.
(Reporter)

Comment 12

10 years ago
Thanks!
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.