[tor-bugs] #12802 [Circumvention/BridgeDB]: BridgeDB needs Nagios checks for the Email Distributor

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon May 11 19:17:19 UTC 2020 

#12802: BridgeDB needs Nagios checks for the Email Distributor
-------------------------------------------------+-------------------------
 Reporter:  isis                                 |          Owner:  phw
     Type:  enhancement                          |         Status:
                                                 |  needs_review
 Priority:  High                                 |      Milestone:
Component:  Circumvention/BridgeDB               |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  bridgedb-email, nagios, anti-        |  Actual Points:
  censorship-roadmap-2020                        |
Parent ID:  #30152                               |         Points:  5
 Reviewer:  cohosh                               |        Sponsor:
                                                 |  Sponsor30-must
-------------------------------------------------+-------------------------
Changes (by phw):

 * status:  needs_information => needs_review


Comment:

 Replying to [comment:35 cohosh]:
 > - It's not super urgent in this case, but putting the email password in
 an environment variable would allow us to not have it in the bash history
 [[br]]
 That's a good point.
 [https://github.com/NullHypothesis/bridgedb/commit/74b159e9c2c473f02b629cd4bf7152a363770666
 This commit] adds support for passing the key as environment variable.
 [[br]]
 > - 60 seconds seems a bit fast for email. How about making this 5-10
 minutes? I'm thinking in terms of reducing false positives plus being
 realistic about our response time to the alert.
 [[br]]
 I used to have it set to 5 minutes but that turned out to be excessive.
 BridgeDB reliably responds within a few seconds, so I think it's safe to
 assume that if the response didn't come within 60 seconds, it won't come
 at all.
 [[br]]
 > - Is there a reason we're logging in twice (once at
 [https://github.com/NullHypothesis/bridgedb/compare/develop...enhancement/12802
 #diff-d0583351ac71e6c7bfc1e74d665de991R56 L56] and once at
 [https://github.com/NullHypothesis/bridgedb/compare/develop...enhancement/12802
 #diff-d0583351ac71e6c7bfc1e74d665de991R128 L128])?
 [[br]]
 One login is for our SMTP connection (to send the email) and the other is
 for our IMAP connection (to check for the response). Is there a way to
 simplify this?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12802#comment:36>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list