Re: Bugs against emacsbugs.donarmstrong.com

[Don Armstrong]

On Sat, 13 Dec 2008, Stefan Monnier wrote:
> > There's no way to know whether such a message is going to actually
> > through, and it's still pretty hackish anyway. People really need to
> > stay away from the "reply-to-all" crack.
> 
> I don't think that's right: "reply to all" should include address@hidden,
> but not address@hidden, not bug-gnu-emacs, not emacs-pretest-bug, not
> bug-submit-list, ... so the problem is in the headers of the
> messages sent by Debbugs which doesn't strip some of those addresses
> (tho it does seem to strip address@hidden properly).

The Reply-To: is set to the From:/Reply-To: of the incoming message
and the bug itself, no matter how the bug came in.
 
> If "reply-to-all" sends to addresses to which the reply should
> *never* be sent, then the error is not in the use of rely-to-all,
> but in the headers of the email to which the user is replying.

No, the error is in the use of reply-to-all which include To: in
addition to addresses listed in Reply-To:. The only way to work around
these sorts of idiocies is to totally strip the To: header entirely,
which is fundamentally broken.


Don Armstrong

-- 
If I had a letter, sealed it in a locked vault and hid the vault
somewhere in New York. Then told you to read the letter, thats not
security, thats obscurity. If I made a letter, sealed it in a vault,
gave you the blueprints of the vault, the combinations of 1000 other
vaults, access to the best lock smiths in the world, then told you to
read the letter, and you still can't, thats security.
 -- Bruce Schneier

http://www.donarmstrong.com              http://rzlab.ucr.edu