Hello Lee, On Thu 14 Sep 2023 at 04:38pm GMT, Lee Garrett (@lgarrett) wrote: > ... ... @@ -361,7 +361,25 @@ If you use mutt, a simple way to send it is to use > 361 361 Simple "mail" command works: > 362 362 :: > 363 363 > 364 - cat DLA-XXXX.txt | gpg --clearsign | mail -s "[SECURITY] [DLA XXXX-X] $SOURCEPACKAGENAME security update" -a "From: Max Mustermann <max.mustermann@debian.org>" -r max.mustermann@debian.org debian-lts-announce@lists.debian.org > 364 + cat DLA-XXXX.txt | gpg --clearsign | mail -s "[SECURITY] [DLA XXXX-X] $SOURCEPACKAGENAME security update" -r no-reply@debian.org debian-lts-announce@lists.debian.org > 365 + > 366 +**WARNING** > 367 + * Any unsigned body text will cause `your mail to be silently discarded > 368 + <https://bugs.debian.org/1050915>`_. For this reason, Thunderbird is not > 369 + suited for sending DLA mails. > 370 + * You will not get any feedback if the mail was somehow invalid. `It will get > 371 + silently discarded <https://bugs.debian.org/1050906>`_. > 372 + * Do not use a different mail address as sender, you'll otherwise get > 373 + backscatter spam. > 374 + * Do not set any other mail headers, or duplicate mail headers, this will cause > 375 + the `mail to be silently discarded <https://bugs.debian.org/1050906>`_. > 376 + In particular, if you use the above "mail" one-liner, you will need to delete > 377 + any mail headers (From:, To:, Subject:) from the template before signing it. > 378 + * If an earlier delivery attempt got blackholed, you must re-sign the mail > 379 + content, otherwise the mail will be `silently discarded > 380 + <https://bugs.debian.org/1051941>`_. > 381 + * If all else fails, ask in #debian-lists on irc.oftc.net why the mail delivery > 382 + failed. Provide a timestamp, queue IDs, and mail logs if possible. > 365 383 > 366 384 Only when you have confirmed that the package was processed after upload (once you get the accept email) should you send the DLA to the mailing list. > 367 385 Hmm, could you explain the use of no-reply@debian.org ? Isn't it generally discouraged by the e-mail standards? -- Sean Whitton
Attachment:
signature.asc
Description: PGP signature