Currently investigating an issue where emails sent to [email protected] from jenkins-monitor via SendGrid gets rejected.

EMAIL: [email protected]
REASON: 550 5.1.0 Recipient rejected: <[email protected]>
SMTP-ID: <[email protected]>
PROCESSED STRING: November 26, 2015 - 04:00:06
AMMSGID: uiKU_c9ITDaEk4-ku4EfWw.filter0019p1las1.10896.5656D8223D.0

hello-

i would like [email protected] for reporting inclusivity specific incidents. thanks!

it should forward to a list that includes:

• ashley williams ([email protected])
• julie pagano ([email protected])
• beau gunderson ([email protected])
• nathan zadoks ([email protected])
• bryan hughes ([email protected])
• forrest norvell ([email protected])
• jona hugger ([email protected])
• sakthipriyan vairamani ([email protected])
• rich trott ([email protected])
• kat marachan ([email protected])

One of the workshoppers, git-it, needs to send email and is now over the free tier in the email service it uses. Would we be able to give access to the workshopper bot so that the service can continue for more Node.js users?

workshopper/org#27 (comment)

In theory it should go to the TSC, but I know that some people are not receiving the emails.

This repo enables a path for Node.js community members to engage with individuals in the project privately.

I think we need to asses the possibility of a privacy policy around inbound emails that AREN'T for member <> member discussions. This would likely need to include something around confidentiality of private info (like name, email address, etc.) and ensuring that the usage of any inbound emails is not used for anything outside of work in the Node.js project.

Here's a list of email aliases that are relatively obviously for inbound emails:

• report@
• security@
• admin@
• accounts@
• moderation@
• user-feedback@

We need an email alias (perhaps [email protected]) that individuals can use to report CoC violations. It should forward to members of the @nodejs/inclusivity WG

@rvagg ... what is the process for getting this set up?

@rvagg , I can't think of any problem it will cause. How about you? If not I'll go ahead and do it.

Refs: nodejs/node#33864

Just wondering why we have some of these personal ones?

• { "from": "rvagg", "to": "[email protected]" }
• { "from": "jbergstroem", "to": "[email protected]" }

Also what are these used for? They appear as though they could be the same?

  { "from": "admin", "to": [
    "[email protected]"
  ] },
  { "from": "accounts", "to": [
    "[email protected]"
  ] },

cc @rvagg and @jbergstroem I guess?

See #56.

I don't think that mailgun supports recursive aliases. So you can do ctc@ -> tsc@, you have to double-up the list. So what we should do with the update app in this repo is adjust it so that if any aliases are recognised in the "to" list (i.e. any [email protected] in the iojs.org aliases list) get expanded to what's in that list itself. So we can then use recursive aliases locally in aliases.json but mailgun only sees the full lists.

admin and accounts both go to @rvagg only. It seems like there are other people that might be appropriate to add for redundancy. @mhdawson perhaps?

build has only three people (@rvagg, @jbergstroem, @mhdawson). It seems like there might be reason to add more folks from @nodejs/build perhaps?

ci just goes to @joaocgreis. Again, maybe some other folks from @nodejs/build or @nodejs/jenkins-admins?

ci-alert still contains Alexis C.'s email. That should probably be removed. There's a second email on there I don't recognize offhand. That alias could probably use a review.

release-validation-alert is just @mhdawson. Not sure if that's new/experimental or not, but just bringing it up in case that's another option for adding some folks.

Sorry accidentally committed directly as I hit the wrong button instead of opening PR - d628d99

I don't think it makes sense to revert/make new PR but opening this as an FYI/Transparency. If I can get a few thumbs up in place of what would have been PR approvals I'll close and publish the change to make it effective.

Currently this repo does not have auto-deploy mechanics. Deployment can be done only by a member of @nodejs/build-infra.
To reduce chances of oversight and confusion about when a change takes effect, only infra members should merge code, and by that confirm that the change was deployed.

I think I have accidentally merged PRs in this repo that were expected to be merged by @nodejs/build-infra team (https://github.com/nodejs/email?tab=readme-ov-file#responsibility), due to the inciting big green "merge" button on the PR once been approved (sorry!!).

Can we can add code owner requirement on merging PRs, or automate the deploy process?

• Audit admin/accounts/build email addresses
• The ci email address goes solely to @joaocgreis. It would be good to find out what it's for, whether it gets any email, and who else might be added to it.
• Audit ci-alert email address
• The build-security address has @mmarchini and two other people who are (AFAIK) not active (@maclover7 and @gibfahn). It would be good to find out what it's for, whether it gets any email, and who else might be added to it.
• The security-ecosystem address goes to HackerOne. I don't believe it is taking any more reports. We should probably remove that email address? Or set up an auto-reply? Or maybe HackerOne sends a decent auto-reply?
• The user-feedback email address is likely unused?
• Are we still doing CrowdIn and the nodejs-crowdin email address? If so, are @zeke and @obensource still the right people for that email address? Are there others?
• Audit i18n similar to nodejs-crowdin .
• Audit github-bot. It's mostly inactive people. Is the email address used?
• The node-slack-bot address goes to one (inactive?) person (@gdams). Does it get any email? Would it make sense to add some other folks?
• The website-redesign email doesn't seem to have the current and active website-redesign people? Is that email even necessary? Seems like the GitHub team is sufficient.
• Audit zoom-nodejs. (Seems like a somewhat weird mix of people. Who is on there and why? What is the purpose of the email address?)

Originally posted by @Trott in #181 (comment)

[email protected]

Can we remove the forward to [email protected] and instead forward it to the current members of the security group. Then we can forward nodejs.org, rather than the other way around.

I've given the @nodejs/tsc team write access to this repo as I realized that some TSC members didn't have access and it would be useful for management purposes.

(This is really just a notice.)

Hey,

Some platforms (php for example) provide emails that can be used by core members for "official" communication - allowing the creation of special filters to better handle with the emails coming in.

At Node.js - we list the public emails of core collaborators at https://github.com/nodejs/node

It might be useful to allow users to sign up for @nodejs.org emails

I have found that at the moment only @rvagg does this (here: https://github.com/nodejs/email/blob/master/iojs.org/aliases.json#L74 )

Is this something we have a policy on or ever discussed?