On 2015-01-24 02:00:34 +, Ben Hutchings wrote:
On Wed, 2015-01-21 at 17:07 +1300, Chris Bannister wrote:
Or an option in reportbug to do so, turned on by default. It could put
an X- header in the email.
That way users of reportbug can choose to be 'spammed' or not.
This is still
On Wed, 28 Jan 2015, Vincent Lefevre wrote:
On 2015-01-24 02:00:34 +, Ben Hutchings wrote:
On Wed, 2015-01-21 at 17:07 +1300, Chris Bannister wrote:
Or an option in reportbug to do so, turned on by default. It could put
an X- header in the email.
That way users of reportbug can
On Wed, 2015-01-21 at 17:07 +1300, Chris Bannister wrote:
On Mon, Jan 19, 2015 at 01:03:52AM +, Ben Hutchings wrote:
On Mon, 2015-01-19 at 08:37 +0800, Paul Wise wrote:
On Mon, Jan 19, 2015 at 8:06 AM, Don Armstrong wrote:
I'm going to put together a bit more firm of a proposal
On 2015-01-22 12:41:05 +1000, Russell Stuart wrote:
On Wed, 2015-01-21 at 21:10 -0500, Michael Gilbert wrote:
So anyway, nn-subscribe can be used to spam confirmation messages
currently, and general mail to the bts from an unknown address will
end up doing the same, but it's basically a
On Wed, Jan 21, 2015 at 9:41 PM, Russell Stuart wrote:
The reason is all that happens now is you get one unwanted email and
that is the end of it. In particular the attacker can't force you do to
something to prevent the bugs.debian.org from sending further unwanted
emails. If you get rid of
On Mon, Jan 19, 2015 at 7:32 PM, Russell Stuart wrote:
In other words the current system contains robust defences against such
an attack. All I (and I presume Ben) are saying is removing those
defences is not a good idea, given it's easy enough to design a system
that keeps them. Currently
On Wed, 2015-01-21 at 21:10 -0500, Michael Gilbert wrote:
So anyway, nn-subscribe can be used to spam confirmation messages
currently, and general mail to the bts from an unknown address will
end up doing the same, but it's basically a non-issue because it's a
rather uninteresting thing to
Russell Stuart writes (Re: Who gets an email when with bugreports [was: Re:
Unauthorised activity surrounding tbb package]):
701234-subyes-8aba1368a9ac33362ea1f68c28446c15-65bf3bd3886fb8abfe59d40709c84...@bugs.debian.org
I presume this invite address is unforgeable (because Ian Jackson's
On 2015-01-18 16:06:32 -0800, Don Armstrong wrote:
I'm going to put together a bit more firm of a proposal in the next few
weeks, but I think that basically everything but nnn-done@ and
nnn-submitter@ should be no different from mailing nnn@, and until I
allow submitters to opt out of e-mail,
On 20/01/15 16:00, Vincent Lefevre wrote:
It would be great if the maintainer could *always* receive the mail
when mailing to nnn@, and not just under obscure conditions. For
instance, I've been told by some maintainers that if the bug is
reassigned, the maintainer doesn't receive the mail!
On Mon, Jan 19, 2015 at 01:03:52AM +, Ben Hutchings wrote:
On Mon, 2015-01-19 at 08:37 +0800, Paul Wise wrote:
On Mon, Jan 19, 2015 at 8:06 AM, Don Armstrong wrote:
I'm going to put together a bit more firm of a proposal in the next few
weeks, but I think that basically everything
On Mon, Jan 19, 2015 at 11:31:20AM +, Wookey wrote:
Am I right that the
only way to expliticly mail the submitter and the maintainer is to
look the submitter's mail up in the initial bugrep and just CC it,
whilst replying to bugnum@b.d.o, which will automatically include the
maintainer?
On Mon, 2015-01-19 at 16:57 -0500, Michael Gilbert wrote:
Isn't the spam vector already wide open for
nn-subscr...@bugs.debian.org, which isn't much (ab)used today?
I fail to see how any of the discussed changes open an abuse vector
that doesn't already exist.
OK, so let me help you
Hi,
Quoting Ben Hutchings (2015-01-19 02:03:52)
On Mon, 2015-01-19 at 08:37 +0800, Paul Wise wrote:
I'd very much appreciate the ability to not be auto-subscribed to
every bug so please do implement the opt-out thing, preferably before
this change is rolled out.
Personally, I think
On Mon, Jan 19, 2015 at 4:30 PM, Johannes Schauer wrote:
how about the other way round then:
- by default everything stays as it is and there is no auto subscription
- by sending an email to the bts I can activate that I'm automatically
subscribed to all bugs I submitted or contributed
On 19/01/15 01:14, Paul Wise wrote:
On Mon, Jan 19, 2015 at 5:03 PM, Tomas Pospisek wrote:
But isn't subscribing participants natural? Posting to a bug
report means participation and thus you'd get the follow-ups. Why
would you post to a bug report if you aren't interested in what
On Mon, Jan 19, 2015 at 4:41 AM, Russell Stuart wrote:
But isn't subscribing participants natural?
It may be natural, but IMO you are underestimating the spam vector
problem.
Debian's bug submission mechanism does not try to verify you control the
email address you are submitting from.
On 2015-01-19 10:03, Eugene Zhukov wrote:
Through my experience this is not the case - even the maintainer
doesn't get mail about a bug.
For example I'm listed as a maintainer of epubcheck package,
No, you're not:
Maintainer: Debian XML/SGML Group
debian-xml-sgml-p...@lists.alioth.debian.org
+++ Adam D. Barratt [2015-01-19 11:01 +]:
On 2015-01-19 10:47, Mattia Rizzolo wrote:
On Mon, Jan 19, 2015 at 09:26:41AM +, Wookey wrote:
Can someone remind me what the current rules are (or where it's
written down). I know it doesn't work the way I expect it ought
to, but I
Firstly, I should say: I'm sorry that I got the design of this wrong
when I set up the BTS. I hadn't appreciated at the time that bug
reports are actually (amongst other things) ad-hoc mailing lists.
Paul Wise writes (Re: Who gets an email when with bugreports [was: Re:
Unauthorised activity
On Mon, Jan 19, 2015 at 05:14:18PM +0800, Paul Wise wrote:
People often file bugs for issues they discover in software they don't
use or care about, getting followups to those isn't necessary.
Uh? What's your rationale for this, and in particular for the often
part?
Surely the typical use case
On Mon, January 19, 2015 10:14, Paul Wise wrote:
On Mon, Jan 19, 2015 at 5:03 PM, Tomas Pospisek wrote:
But isn't subscribing participants natural? Posting to a bug report
means participation and thus you'd get the follow-ups. Why would you
post to a bug report if you aren't interested in
+++ Paul Wise [2015-01-19 17:14 +0800]:
On Mon, Jan 19, 2015 at 5:03 PM, Tomas Pospisek wrote:
I can understand your point of view and I think also the why but isn't
that position the exception from the rule? That is shouldn't the process
be optimized for the common case and allow the
On Mon, Jan 19, 2015 at 09:26:41AM +, Wookey wrote:
Can someone remind me what the current rules are (or where it's
written down). I know it doesn't work the way I expect it ought to, but
I forget/never-understood exactly how it does work.
Do maintainers always get the initial mail to a
On Mon, Jan 19, 2015 at 5:03 PM, Tomas Pospisek wrote:
But isn't subscribing participants natural? Posting to a bug report
means participation and thus you'd get the follow-ups. Why would you
post to a bug report if you aren't interested in what happens with it,
how things proceed/evolve?
It
On Mon, 2015-01-19 at 10:03 +0100, Tomas Pospisek wrote:
Am 19.01.2015 um 02:03 schrieb Ben Hutchings:
No, this would turn the BTS into a (worse) spam vector.
But the acknowledgement mail should tell you how to subscribe, if you
aren't already subscribed.
But isn't subscribing
On Mon, Jan 19, 2015 at 11:26 AM, Wookey woo...@wookware.org wrote:
+++ Paul Wise [2015-01-19 17:14 +0800]:
On Mon, Jan 19, 2015 at 5:03 PM, Tomas Pospisek wrote:
I can understand your point of view and I think also the why but isn't
that position the exception from the rule? That is
On 2015-01-19 11:31, Wookey wrote:
I recall looking at that list for the 'maintainer and submitter'
option, and being disappointed not to find one. Am I right that the
only way to expliticly mail the submitter and the maintainer is to
look the submitter's mail up in the initial bugrep and just
Am 19.01.2015 um 02:03 schrieb Ben Hutchings:
On Mon, 2015-01-19 at 08:37 +0800, Paul Wise wrote:
On Mon, Jan 19, 2015 at 8:06 AM, Don Armstrong wrote:
I'm going to put together a bit more firm of a proposal in the next few
weeks, but I think that basically everything but nnn-done@ and
On 2015-01-19 10:47, Mattia Rizzolo wrote:
On Mon, Jan 19, 2015 at 09:26:41AM +, Wookey wrote:
Can someone remind me what the current rules are (or where it's
written down). I know it doesn't work the way I expect it ought to,
but
I forget/never-understood exactly how it does work.
Do
Tomas Pospisek t...@sourcepole.ch writes:
But isn't subscribing participants natural? Posting to a bug report
means participation and thus you'd get the follow-ups. Why would you
post to a bug report if you aren't interested in what happens with it,
how things proceed/evolve?
Most other bug
On Mon, Jan 19, 2015 at 8:06 AM, Don Armstrong wrote:
I'm going to put together a bit more firm of a proposal in the next few
weeks, but I think that basically everything but nnn-done@ and
nnn-submitter@ should be no different from mailing nnn@, and until I
allow submitters to opt out of
On Mon, 2015-01-19 at 08:37 +0800, Paul Wise wrote:
On Mon, Jan 19, 2015 at 8:06 AM, Don Armstrong wrote:
I'm going to put together a bit more firm of a proposal in the next few
weeks, but I think that basically everything but nnn-done@ and
nnn-submitter@ should be no different from
On Sun, 18 Jan 2015, Tomas Pospisek wrote:
I guess, changing semantics of bugnumber[-something]@b.d.o yet again
will not be considered.
Actually, I think that the way we handle nnn-* is pretty much wrong, but
it's wrong for mainly historical and manpower reasons.
I'm going to put together a
Am 18.01.2015 um 17:41 schrieb Andreas Tille:
On Sun, Jan 18, 2015 at 01:07:35PM +, Mark Brown wrote:
On Sun, Jan 18, 2015 at 10:09:34AM +0100, Andreas Tille wrote:
On Fri, Jan 16, 2015 at 04:48:33PM +, Steven Capper wrote:
we have had no discussion
over #773359; your response is
35 matches
Mail list logo