PQM silent branch lossage

Martin Pool mbp at canonical.com
Thu Jul 10 03:25:16 BST 2008

On Wed, Jul 9, 2008 at 11:31 PM, Barry Warsaw <barry at canonical.com> wrote:
>> Then again, you can't *quite* do this, because until you've processed some
>> of
>> the request, you don't have enough info to know who to send to. That, and
>> I
>> think by design he wanted invalid (by gpg, or whatever) to just get
>> ignored,
>> rather than having someone spam the PQM with invalid requests cause a DOS.
> I think it would be fine to not send email on certain error conditions that
> could be used as a vector for spam, such as invalid signatures.  OTOH, PQM
> should still clearly log exactly why such requests (merge or otherwise) are
> getting dropped.  It's been my experience that some silent failures are
> really silent in that they aren't included in the log output, or at least
> not in a way that you can ever match up the request with the logged
> information.

I think either logging them or perhaps mailing them to a fallback
address would be ok.  If one spam generates one error message it
should be tolerable.

Martin <http://launchpad.net/~mbp/>

More information about the bazaar mailing list