[tor-project] email interface for Trac: a proposal

David Goulet dgoulet at ev0ke.net
Fri Dec 9 18:09:34 UTC 2016

On 09 Dec (18:54:32), Silvia [Hiro] wrote:
> Hi everyone,
> I have been working my way through a wish list of Trac features, and
> started from implementing an interface to create and reply to tickets
> via email.
> I now have a simple prototype, but before proceeding I'd like to receive
> some feedback on my proposal so far.
> So here is my masterplan:
> 1. Verify that the email is signed and the signature is recognised. For
> the moment and during the first pilot we could restrict this feature to
> @tpo addresses and verify the key w/ the info we have in db.tpo. Further
> on, we can verify the key by importing eventually missing keys from
> known keyservers.
> I am implementing step 1 through procmail and a simple script.
> 2. If the email has a valid signature, check permissions for the users,
> parse the email and create the ticket or reply to a thread.

One thing here that could block a user is the GPG key expiration. If the key
is expired, I guess the validation should fail but would be nice that the user
gets a meaningful message at that point.

In that case, this setup will need to have a quick way to retrieve a key that
is in the database but not working (expired). Not sure how to pull that off
but I'll let you think about it :).

I personally like this validation so we avoid unauthenticated SPAM on our trac
which is already bad enough sometimes with cypherpunks account.

Thanks hiro!

> I am implementing step 2 through a python script, so that I can
> interface directly with Trac libraries.
> Note that I am assuming that I am receiving somehow the email on the
> server. For testing purpose I have been configuring postfix, but this of
> course might change in prod.
> A couple of questions I now have.
> - Do you have any particular concern with this setup?
> - Anything I should consider when introducing a change in a tpo
> infrastructure machine?
> One last thing: the architecture is simple enough but I'd like to share
> my scripts and procmail setup, so that you can all have a look. Can I
> get a git repo for this project?
> Thanks,
> - s
> _______________________________________________
> tor-project mailing list
> tor-project at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 585 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20161209/d0d1d37a/attachment.sig>

More information about the tor-project mailing list