move all mail config into ldap
- user mail forwards, mail user +extension forwards, mail user +extension pipes, all of it.
- service domain aliases files
- service domains whitelists/blacklists/neverusers/RBLs
- update external puppet modules
- concat used: 0.2.0, concat upstream: 2.0.0
- needs careful modules review, we use removed functions from 0.2.0
- module should move from modules/concat to 3rdparty/modules/concat
- stdlib usd: 2.2.1, stdlib upstream: 4.6.0
- needs careful modules review, not sure about deprecated use of this module
- module should move from modules/stdlib to 3rdparty/modules/stdlib
- xinetd used: own module, maybe move to puppetlabs xinetd module
- rabbitmq used: own module, maybe move to puppetlabs rabbitmq module
- setup regression testing environment
- Non-DD accounts:
- new object classes? Something to differentiate
- Would like to always add NM/DM/etc
- Possibly porter box access for NM/DM ?
- Clean up old expired entries
- scale ud-generate:
- ldap replication?
- LDAP query interface read-only with hidden master
- Privileged modify operations should only be allowed from lo.
- Code base:
- Could we have one, please?
- move @d.o to MXes (different source IP to avoid RBL for important mail?)
- root everywhere, no authority to speak for team
- SSO for web apps (nagios, rt, wiki, etc)
- Tied to ud-ldap (but not LDAP password, dammit!)
- Something that is scriptable and scales
- Way to have per user views. Doable with contacts, just needs to be done
- Way to test IPv6, without duplicating all of our config
- It'd be nice if service names like db.d.o had sshfp records in DNS. This is tricky because some of the purpose service names are CNAMEs, but not all.