https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7765
Kevin A. McGrail <kmcgr...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|NEW |RESOLVED
CC| |kmcgr...@apache.org
--- Comment #1 from Kevin A. McGrail <kmcgr...@apache.org> ---
That is a rule file. In the sa-update man page you will see it documented:
--gpgkey
sa-update has the concept of "release trusted" GPG keys. When an
archive is downloaded and the signature
verified, sa-update requires that the signature be from one of these
"release trusted" keys or else verifi[36;1H:
cation fails. This prevents third parties from manipulating the
files on a mirror, for instance, and sign[36;1H:
ing with their own key.
By default, sa-update trusts key ids "24F434CE" and "5244EC45",
which are the standard SpamAssassin release
key and its sub-key. Use this option to trust additional keys. See
the --import option for how to add
keys to sa-update's keyring. For sa-update to use a key it must be
in sa-update's keyring and trusted.
For multiple keys, use the option multiple times. i.e.:
sa-update --gpgkey E580B363 --gpgkey 298BC7D0
Note: use of this option automatically enables GPG verification.
--
You are receiving this mail because:
You are the assignee for the bug.
