launchpad-dev team mailing list archive

[Jeroen Vermeulen <jtv@xxxxxxxxxxxxx>]

We just hit a problem where email sent out by a script running on the 
staging codehosting server unexpectedly goes out to users in the real 
world, not the staging mailbox.  See bug 593501.  I assume it's 
necessary for staging codehosting to send out real email in order to 
spot operational glitches.

In our case several factors conspire to exacerbate this: the fact that 
the database can have branches that don't exist in bzr in the first 
place; the fact that staging codehosting isn't copied from production so 
we get lots of these nonexistent branches there; and the fact that the 
script needs to run on codehosting in order to access branches.

I'm wondering if there may be other unexpected emails going out from 
staging codehosting that we might not be noticing.  Wouldn't it be safer 
to use a whitelisting approach here, where staging-codehosting email is 
blocked except when the code says it shouldn't be?


Jeroen