On Wed, 25 Aug 2021, Vincent Lefevre wrote: > Yes, but only the notification (and one needs to see the full message). > But what if the close message is sent when an empty From or with > a From containing the 999999999999-cl...@bugs.debian.org address > of the bug[*] (such messages could come from spammers)? > > [*] That could yield a loop, and this may depend on how it is broken.
On Mon, 23 Aug 2021, Andrey Rahmatullin wrote: > Yet the BTS says that the message with this Message-Id has closed the bug: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989734;msg=29 There some (understandable) confusion here. The BTS reports closures as "Reply sent to whoe...@example.com: You have taken responsibility. (Fri, 20 Aug 2021 13:33:06 GMT) (full text, mbox, link)." and has done so for about 20 years. The BTS (like all e-mail systems) totally ignores what is in To/Cc when processing e-mail, and only pays attention to the SMTP RCPT TO and MAIL FROM. Normally -done messages include the done address in the To: header, so it's pretty obvious which message actually caused a bug to be closed, but it is not required. -- Don Armstrong https://www.donarmstrong.com "The trouble with you, Ibid" he said, "is that you think you're the biggest bloody authority on everything" -- Terry Pratchet _Pyramids_ p146