Hello, Ian Jackson [10/Feb 3:24pm GMT] wrote: > Package: dgit-infrastructure > Version: 14.7 > > Empirically, now, this URL > > > https://lists.debian.org/msgid-search/[email protected]&firsthit=1 > > goes directly to the relevant tag2upload report. So the "reported by > email" thing on the web page could link directly to the message, which > would be great. > > This means the Manager would need to know the Message-ID. There are > three basic ways we could organise this between Manager and > Oracle/Builder. > > 1. Since Oracle/Builder always sends zero or one mail to the user (or > tagger), it could use a predictable Message-ID for that email. > > Predictable Message-IDs might have some minor adverse security > implications, though. For example, an attacker could pre-send a > bogus message with that ID to the mailing list and thence to > USENET gateways. > > 2a. The Manager could generate a Message-ID for the user report, and > tell it to the Oracle via the o2m protocol. > > 2b. The Manager could generate a Message-ID *prefix* for *all* emails > from the Oracle/Builder for this attempt, and the Oracle/Builder > would append a fixed component (the "status" perhaps, or perhaps > merely append ".starting" for the non-final message). > > This would mean the final disposition email Message-ID would be > predictable given the "starting" email; see above. > > 3. The Oracle email-generation code could explicitly generate and set > a Message-ID for every message and, for the case of the to-user > final email, report that to the Manager. > > I think I would like to do 2a or 3. > > I expect that 3 will be easiest, but probably the best approach would > be to try to implement it in oracled, as an experiment to see what's > most convenient.
(2a) seems slightly cleaner for future debugging because then msgid generation always happens on the Manager, instead of possibly happening in two places? I guess for (3) we could include the message-id as a new field in the existing 'email reported' line of the protocol. -- Sean Whitton
signature.asc
Description: PGP signature

