send tor-security@ into frontdesk or the like?
We have two problems with the current tor-security@ list:
-
schleuder is basically broken for us at this point: @sysrqb can't get mails from the list because of key update issues, so for the past months there have been no tor browser people receiving any security mails. @hiro and sysrqb have tried for the past week to fix it but schleuder is proving resistant.
-
the vast majority of the mails that go to the list are either spam or should have gone to frontdesk (i.e. they are people who don't realize they are asking a helpdesk question, or worse they know they're asking for support but they're hoping that tor-security will have better experts).
So I am thinking that integrating the tor-security pipeline into the frontdesk pipeline is the best available plan. That way for helpdesk things they can just handle them like other helpdesk things, and for things that look security related they can reach out to the right tor person, just like they need to do right now for helpdesk mails that look security related.
The competing alternate plan is to discard schleuder, make tor-security into a normal mailman list, and add @gus to it so he can pass most of the non-spam mails to frontdesk. Are there other alternatives to consider?
Calling the names of @isabela and @gaba so they can help us make a good choice here, and @nickm because I think he might be the remaining other tor-security@ member. (Are there more?)
Technically we would be losing some gpg encryption interactions that an ideal schleuder would give us, but the situation right now is that we're destroying our usability in exchange for some theoretical security, and that's a poor tradeoff.