[vote] Create private mailing list for OpenWrt committers

Mon Apr 7 12:50:48 PDT 2025

On 03/04/2025 22:49, Hauke Mehrtens wrote:
> Hi all,
> 
> I propose creating a new mailing list that only OpenWrt committers can 
> read. All OpenWrt committers should be subscribed by default, and it should 
> be possible to send messages to the list without requiring a subscription. 
> Additionally, this list should replace the current abuse at openwrt.org and 
> contact at openwrt.org addresses handling with freescout.openwrt.org.
> 
> This would be similar to the old openwrt-hackers at lists.openwrt.org
> 
> Please vote Yes or +1 if you support the creation of this list.
> 
> I will conclude the vote on 26th April 2025.
> 
> 
> Rationale:
> 
> Currently, some of the project's internal communication happens through 
> direct emails, Signal, or small private groups. While some discussions 
> should remain private, they shouldn’t be limited to a highly selective 
> subset of individuals. A dedicated internal mailing list would provide a 
> structured way to handle sensitive topics without resorting to fragmented, 
> ad-hoc communication.

I agree that a private list would be better than the current situation. I 
don't know what volume of messages to expect for security/abuse handling 
etc. As others suggested, a list of topics that this list is supposed to be 
used for might be a good idea, to discourage using this list to *decrease* 
transparency.

> Public discussions and voting should still take place on openwrt-adm, and 
> key management topics (e.g., release planning) should remain there. 
> However, we may also want to consider merging openwrt-adm and openwrt-devel 
> to streamline communication, but the merger is out of scope of this vote.
> 
>  From an operational standpoint, responding to external inquiries is often 
> challenging. I hesitate to CC a public mailing list without explicit 
> permission, but I’d have no issue including a private list. This would 
> improve transparency while maintaining appropriate confidentiality.

What kind of external inquiries are we talking about here? For external 
communication regarding our infrastructure, a private list makes sense.

I agree just cc'ing a public list is not appropriate, but in some cases it 
may be a good idea to refuse to comment on the subject matter of a mail in 
private if we don't think the confidentiality is justified, and just reply 
that they should use one of our public communication channels?

> 
> Additionally, organizing OpenWrt meetings via direct emails to ~40 
> committers is inefficient and prone to missing recipients. A dedicated 
> mailing list would simplify coordination.
> 
> Finally, freescout.openwrt.org was broken for about six months, causing all 
> incoming emails from this period to be lost. While it is now functional, it 
> appears nobody is reading the mails. A dedicated private list would provide 
> a more reliable channel for handling such inquiries.
> We are getting more than one spam mail per day on freescout, the spam 
> filter on the mailling list is working much better.

Regarding concerns about decommissioning Freescout: I think a mailing list 
can be used for the same purposes just fine if "reply to all" is used 
consistently, as long as the volume of mails is low.

That being said, regardless of the details we decide on, I'm in favor of 
creating the new list - I certainly don't have a better idea to solve the 
issues described by Hauke, so: +1

Best,
Matthias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-adm/attachments/20250407/5f6a0969/attachment.sig>