On 7/16/22 23:49, Pierre-Elliott Bécue wrote:
Dear developers,
In the past months, it's been clear that sending mails from an
@debian.org address to some mail providers, including GMail, has become
harder and harder. While user DKIM feature (documented on [0]) can help,
we thought providing a re
Package: wnpp
X-Debbugs-Cc: debian-devel@lists.debian.org
Owner: Vincent Prat
Severity: wishlist
* Package name : sunpy-sphinx-theme
Version : 1.2.32
Upstream Author : SunPy developers
* URL : https://github.com/sunpy/sunpy-sphinx-theme
* License : BSD-2-Clause
On 2022-07-17 01:49:53 -0400 (-0400), Timothy M Butterworth wrote:
[...]
> Telnet is old, insecure and should not be used any more. What is
> the point of packaging a Telnet daemon when everyone should be
> using SSH. Telnet Client I can see because a person may need to
> connect to a router or swi
Package: wnpp
Severity: wishlist
Owner: Guido Günther
X-Debbugs-Cc: debian-devel@lists.debian.org
* Package name: phom
Version : 0.20.0~beta1
Upstream Author : Guido Günther
* URL : https://gitlab.gnome.org/guidog/phom/
* License : GPL
Programming Lang: C
On 17/7/22 10:37, Ansgar wrote:
On Sun, 2022-07-17 at 10:29 +0200, Dominik George wrote:
tl;dr: DKIM-signed mail is verifiable, but only the headers; the body
can be tampered with;
This is just wrong. There is no reason to sign mails to ensure
authenticity if one can just change the body...
On 2022-07-17 10:29, Dominik George wrote:
tl;dr: DKIM-signed mail is verifiable, but only the headers; the body can be
tampered with
That's not true. The body is always part of the signature (in a strict
or relaxed way).
> The Signer/Verifier MUST compute two hashes: one over the body of
Package: wnpp
Severity: wishlist
Owner: Thomas Goirand
X-Debbugs-Cc: debian-devel@lists.debian.org
* Package name: jruby-rake
Version : 12.3.3
Upstream Author : Ruby upstream
* URL : https://github.com/ruby/rake
* License : Expat
Programming Lang: Ruby
Desc
On Sun, Jul 17, 2022 at 10:35:21AM +0200, Ansgar wrote:
> On Sun, 2022-07-17 at 10:02 +0200, Mattia Rizzolo wrote:
> > At this point, what about SPF? Ignoring potential whitelists on mail
> > receivers, I think using this service doesn't provide extra
> > advantages than signing on our own servers
On Sun, 2022-07-17 at 10:29 +0200, Dominik George wrote:
> tl;dr: DKIM-signed mail is verifiable, but only the headers; the body
> can be tampered with;
This is just wrong. There is no reason to sign mails to ensure
authenticity if one can just change the body...
Ansgar
On Sun, 2022-07-17 at 10:02 +0200, Mattia Rizzolo wrote:
> At this point, what about SPF? Ignoring potential whitelists on mail
> receivers, I think using this service doesn't provide extra
> advantages than signing on our own servers.
Why SPF? It doesn't provide any extra advantages over DKIM.
Hi,
thanks for finally providing this!
> Mails sent via this server will be DKIM-signed if the from is a
> debian.org, debconf.org or ftp-master.debian.org address. If any
> additional domain should be considered, feel free to ask.
I just wanted to make you aware of something interesting I lear
On Sat, Jul 16, 2022 at 11:49:31PM +0200, Pierre-Elliott Bécue wrote:
> This service is now operational behind mail-submit.debian.org (AKA
> stravinsky.debian.org). Documentation about how to use this service can
> be accessed via [1].
That's great!
> If you have any question or issue, please don
12 matches
Mail list logo
