Bug#899244: tracker.debian.org: emails sent to non-existing/misspelled team names (team+NAME@..) are silently discarded

To: Lars Kruse <devel@sumpfralle.de>, 899244@bugs.debian.org
Subject: Bug#899244: tracker.debian.org: emails sent to non-existing/misspelled team names (team+NAME@..) are silently discarded
From: Raphael Hertzog <hertzog@debian.org>
Date: Tue, 22 May 2018 16:01:53 +0200
Message-id: <[🔎] 20180522140153.GC31818@home.ouaza.com>
Reply-to: Raphael Hertzog <hertzog@debian.org>, 899244@bugs.debian.org
In-reply-to: <[🔎] 152691004152.32173.2235597090853737128.reportbug@erker.lan>
References: <[🔎] 152691004152.32173.2235597090853737128.reportbug@erker.lan> <[🔎] 152691004152.32173.2235597090853737128.reportbug@erker.lan>

Hi,

On Mon, 21 May 2018, Lars Kruse wrote:
> recently I sent a mail to <team-munin@tracker.debian.org>, as this is

Do you really mean "team-munin@t.d.o" and not "team+munin@t.d.o" ?

> (this issue of the missing team "munin") is about to be fixed now)

This leads me to believe that you meant the latter.

> My mail was silently discarded (see [1]).
> 
> Instead I expected a failure notice message.
> 
> Thus I was unaware, that my mail disappeared, until I talked to one
> of the maintainers in person.

Yeah, it's unfortunate. But it's also bad when we send bounces to random
persons who never sent the original message. Unfortunately, spammers are
abusing email addresses and forging mails to other random addresses scraped
on the internet.

The current design (automatic delively to a maildir) doesn't make it
possible to generate a bounce at SMTP time for such a dynamic error
condition.

What could be possible would be to generate a manual e-mail notification
when the discarded email was DKIM-signed and/or SPF approved so that
we are confident that the email was not forged. We could also whitelist
all emails known to tracker.d.o under the assumption that those are users
who care about tracker.d.o and not random people that will be unhappy
about a wrong notification.

I'm unlikely to implement this myself but I will gladly review code and
mentor anyone interested in implementing this.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Reply to:

References:
- Bug#899244: tracker.debian.org: emails sent to non-existing/misspelled team names (team+NAME@..) are silently discarded
  - From: Lars Kruse <devel@sumpfralle.de>

Prev by Date: Bug#899113: marked as done (tracker.debian.org: emails sent to '<package>@tracker.d.o' are discarded)
Next by Date: Re: What to do with the "Upstream info" links in the PTS and the packages-metadata branch in collab-qa ?
Previous by thread: Bug#899244: tracker.debian.org: emails sent to non-existing/misspelled team names (team+NAME@..) are silently discarded
Next by thread: Bug#899270: tracker.debian.org: show people who have DM rights for a package even if not in Uploaders
Index(es):
- Date
- Thread