User:Legoktm/Mailman


 * About 500 mailing lists
 * Mailman is the single longest piece of software the Movement has used. It was used by Nupedia and predates MediaWiki.
 * Mailman2 is bad. No mobile support, archives are inflexible (no search), very bad security practices, no real database for storage.
 * Decided to migrate in batches, set up a way for Mailman3 to coexist with Mailman2. Amir aka Ladsgroup kicked off the effort and then I joined him. Lots of volunteers and other staff helped with testing and debugging throughout the process.
 * Discovered a security bug in Mailman2, it was keeping archives for mailing lists that were set to not keep archives (board, legal, lgbt)
 * Then we started migrating, learned that no one had really tested Mailman3 on MariaDB, the database we use. Anyone who had an emoji in their name was rejected. Oops.
 * Discovered a security bug in Mailman3, when migrating private lists, archives would be public until the import finished. Big oops.
 * Worked well with upstream in getting our stuff fixed.
 * WMF funded a security audit last month, team is working on resolving those, the worst has been fixed and was an issue in a dependency.