On Thu, Jul 18, 2013 at 10:10:04PM +0200, Bernd Zeimetz wrote: > the Debian policy says > > "The email address given in the Maintainer control field must accept mail from > those role accounts in Debian used to send automated mails regarding the > package. This includes non-spam mail from the bug-tracking system, all mail > from > the Debian archive maintenance software, and other role accounts or automated > processes that are commonly agreed on by the project."
I could not verify whether it is also rejecting mail from role accounts and chose a non-rc severity accordingly. > It does not require to accept mail from everybody. As you can see that the > email > address is a list, you are free to join the list on alioth, then you are > allowed > to post to it. Or contact the maintainers using the bug tracking system. as > you > can see, the BTS mails arrive just fine. > > To avoid having yet another list catching tons of spam, I don't think it will > be > opened for public postings. Your reasoning makes sense. Still it makes discovering the contact for a random package a little harder and that is unfortunate. This issue recently popped up on -devel during the Mayhem reports. If you have a suggestion on how to mechanically determine the (public/private) security contacts of a random package, that would be appreciated. Helmut -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
