Document sender address for notifications

[malexmave]

Hi there!

I'm planning to hook up the bugalert email alerts to our Jira security service desk, which requires me to create a "customer account" for the sender of the message (otherwise the email will be discarded). Can you document somewhere which email address will be used to send the notifications? Is it a single address that is used for account verification and all future notifications, or are there different email addresses for different purposes, which would all have to be set up as customers in Jira?

Thanks for this awesome project, I really hope it takes off and sticks around :).

[malexmave]

Ah, how convenient, a notification just got sent 😁. So, notices@ is the address for new notifications, it seems.

FYI: On my system (Office 365, Outlook) the last two notifications were both flagged as junk. I don't know if there is anything you can do about that, but I'm happy to provide an email, including headers, for further analysis if that helps.

[matthewsullivan-wf]

I'm happy to provide an email, including headers, for further analysis if that helps.

Please do! Thanks @malexmave

[malexmave]

Here's the headers of the message, as shown by Outlook Web Access (after I had already explicitly marked it as "not spam"):

Received: from AM0P191MB0481.EURP191.PROD.OUTLOOK.COM (2603:10a6:208:4d::33)
 by PAXP191MB1871.EURP191.PROD.OUTLOOK.COM with HTTPS; Tue, 8 Feb 2022
 15:56:22 +0000

Received: from AS8P251CA0021.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:2f2::18)
 by AM0P191MB0481.EURP191.PROD.OUTLOOK.COM (2603:10a6:208:4d::33) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.12; Tue, 8 Feb
 2022 15:56:20 +0000

Received: from VI1EUR04FT014.eop-eur04.prod.protection.outlook.com
 (2603:10a6:20b:2f2:cafe::f0) by AS8P251CA0021.outlook.office365.com
 (2603:10a6:20b:2f2::18) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.19 via Frontend
 Transport; Tue, 8 Feb 2022 15:56:19 +0000

Authentication-Results: spf=pass (sender IP is 149.72.167.116)
 smtp.mailfrom=noreply.bugalert.org; dkim=pass (signature was verified)
 header.d=bugalert.org;dmarc=bestguesspass action=none
 header.from=bugalert.org;compauth=pass reason=109

Received-SPF: Pass (protection.outlook.com: domain of noreply.bugalert.org
 designates 149.72.167.116 as permitted sender)
 receiver=protection.outlook.com; client-ip=149.72.167.116;
 helo=wrqvxttq.outbound-mail.sendgrid.net;

Received: from wrqvxttq.outbound-mail.sendgrid.net (149.72.167.116) by
 VI1EUR04FT014.mail.protection.outlook.com (10.152.28.172) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.4951.12 via Frontend Transport; Tue, 8 Feb 2022 15:56:19 +0000

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bugalert.org;
	h=content-type:from:mime-version:subject:reply-to:to;
	s=s1; bh=Y91DBlpLUJDGGTa6LX7AaKh65qSjTmGgSMOeH9H9iWY=;
	b=c8i2dKPmTDc9Dz56CgEj7a39ZrL5BQAMEZW8WzgLSRQAmdIrxr47ElllK4cJGWSJzj8y
	s6qnOvhhHEbOefSSE+pL9pC2sD8B+s/v7ZwEmID7qzTaK4AKqBG6QSPzlkRGn1OZtPg7PA
	flmkFb3CUgANNcR4OgujQMF/gg/Uek0JEk1TzyNWqZ6Ae3BKbGca8Y4u0rdBobcgwhgnw4
	Tbgq95m+6Y+Mp94fvHQKb/iKGi8duEzmscFYLN4XZ0jtttG14CnyM8pWJKUXiYI7dm1TLV
	DR85jJrfeMivYwmL0u8HTtpznFejx9m17ukEJwu9CJ9MrcfO39KZKvs4k9+eu+Vg==

Received: by filterdrecv-canary-55d9c75bdc-4x694 with SMTP id filterdrecv-canary-55d9c75bdc-4x694-1-620292A1-2
        2022-02-08 15:56:17.116808374 +0000 UTC m=+12068939.650385724

Received: from MjQ5NTA2NjE (unknown)
	by geopod-ismtpd-4-2 (SG) with HTTP
	id GO1auX_1SvyHZboRjWF6JA
	Tue, 08 Feb 2022 15:56:16.941 +0000 (UTC)

Content-Type: multipart/alternative; boundary=8aac5b271ce6639632d087984d49b6362b81a320b6306bdfe39c20dc1de2
Date: Tue, 08 Feb 2022 15:56:17 +0000 (UTC)
From: Bug Alert <[email protected]>
Mime-Version: 1.0
Message-ID: <GO1auX_1SvyHZboRjWF6JA@geopod-ismtpd-4-2>

Subject: [EXT] Bug Alert Notice: Unauthenticated user impersonation (auth
 bypass) in SAP

Reply-To: [email protected]

X-SG-EID:
 =?us-ascii?Q?Bm4CqpB=2FEuniGXM2PQKw0bNdsijcE2xbLzbV=2F2kB94lWuJM+Hy=2FXNIk26a5k8+?=
 =?us-ascii?Q?mOav7j5TPi+f4tBmLt9+9enNzn2CvklZ1Yxha4R?=
 =?us-ascii?Q?ZcseLRBa0Oe8+FrO5w6lQy8yLyN3kQElK8abmma?=
 =?us-ascii?Q?Rzmw=2FlcfVijdxYDDyY783DGsZOFkqNJSOS8LJrT?=
 =?us-ascii?Q?evFzFDg20ORdozSSaEVPDB591kA3nOW5V2Ed2KY?=
 =?us-ascii?Q?8c6ai6QmpaywyAT2pFtb=2FxQDysDomY57QDXEvs?=

X-SG-ID:
 =?us-ascii?Q?se=2F49CGmbS0sfR97ImeXvDoOrI1ra2UfBi=2FYp+tM4sZNnFcdeo8cVPRMz3vfJ1?=
 =?us-ascii?Q?B4lB8ss1VLTXJ6ibLPDs95VBUlMzbRCfT5eXVrQ?=
 =?us-ascii?Q?W0=2FHUFqVALUFe0JM86RRn2ML6quej2uqD5rg9ZE?=
 =?us-ascii?Q?tBqlSMpiyKhesCeLjavL5Cd86D63y8hImzKymVi?=
 =?us-ascii?Q?ErW2o6m4d9En8udwogu7pAUAv5EET9q1lzGUNT9?=
 =?us-ascii?Q?uIe00uf4ZYu8NGGgPx1M7f4tyjOLwOO4fisIU8n?=
 =?us-ascii?Q?EBDykNGqI8c0In97pZMNKhbGfKvtNUTSUYWsrqo?=
 =?us-ascii?Q?roQ9OLpsJStoqGa72O6GEevd+cMOgis3NiapMv+?=
 =?us-ascii?Q?zwTnFZECKCyeiOjpE8hsIXWWi+Q+Ex+VMD8IApl?=
 =?us-ascii?Q?m18EKczizkO62YqLXeQX2ceujJIIjuXfHZ4LUg=2F?=
 =?us-ascii?Q?nOuc55X5vN+GMzxTnFO+UxS2uHGhbiiOEmaJOaO?=
 =?us-ascii?Q?mPvdMASh6eiXHC47UmZc2Xc1zamWhLzzkbpfDTf?=
 =?us-ascii?Q?I7DBUaD+aOuqp0vJTICLzbTKxZ4nPuRkHsXOyAZ?=
 =?us-ascii?Q?mOcyKV=2F6CPJWMwgQR8GAJVQd=2FjJDPX9Ach2rY7u?=
 =?us-ascii?Q?Q359S80DjtRKluIMSE60WZ1QHoRRSa4Z74yPcMI?=
 =?us-ascii?Q?=2FTVBda4tYz1O1G7yzuQjuwVU7o2pJX4E+wqVRrr?=
 =?us-ascii?Q?rxSjk1U7JUtw6vR5g0coXuvfTapdn=2FsTuFB7AQr?=
 =?us-ascii?Q?ywolw=2FVNKLDPqB8Jab?=

To: [my email]

X-Entity-ID: T+AobmFilKq8DnPMh/r/jQ==

Return-Path: [email protected]

X-MS-Exchange-Organization-ExpirationStartTime: 08 Feb 2022 15:56:19.4397
 (UTC)

X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit

X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000

X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit

X-MS-Exchange-Organization-Network-Message-Id:
 40bed02c-b849-4e6b-6e33-08d9eb1b8bf5

X-EOPAttributedMessage: 0

X-EOPTenantAttributedMessage: e96afb08-eeaf-49be-90d6-526571a42d8a:0

X-MS-Exchange-Organization-MessageDirectionality: Incoming

X-MS-PublicTrafficType: Email

X-MS-Exchange-Organization-AuthSource:
 VI1EUR04FT014.eop-eur04.prod.protection.outlook.com

X-MS-Exchange-Organization-AuthAs: Anonymous

X-MS-Office365-Filtering-Correlation-Id: 40bed02c-b849-4e6b-6e33-08d9eb1b8bf5

X-MS-TrafficTypeDiagnostic: AM0P191MB0481:EE_

X-MS-Oob-TLC-OOBClassifiers: OLM:8882;

X-MS-Exchange-Organization-SCL: 5

X-Forefront-Antispam-Report:
 CIP:149.72.167.116;CTRY:US;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:wrqvxttq.outbound-mail.sendgrid.net;PTR:wrqvxttq.outbound-mail.sendgrid.net;CAT:SPM;SFS:(13230001)(4636009)(7916004)(6506007)(966005)(76236003)(6486002)(8676002)(21615005)(58800400005)(356005)(1096003)(7596003)(22186003)(15650500001)(19627405001)(33716001)(66574015)(6916009)(26005)(9686003)(6512007)(336012)(5660300002)(36736006)(83170400001)(7636003)(3450700001)(166002)(83380400001);DIR:INB;

X-Microsoft-Antispam: BCL:0;

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Feb 2022 15:56:19.0491
 (UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: 40bed02c-b849-4e6b-6e33-08d9eb1b8bf5

X-MS-Exchange-CrossTenant-Id: e96afb08-eeaf-49be-90d6-526571a42d8a

X-MS-Exchange-CrossTenant-AuthSource:
 VI1EUR04FT014.eop-eur04.prod.protection.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0P191MB0481

X-MS-Exchange-Transport-EndToEndLatency: 00:00:03.1861137

X-MS-Exchange-Processed-By-BccFoldering: 15.20.4951.019

X-Microsoft-Antispam-Mailbox-Delivery:

	ucf:0;jmr:0;auth:0;dest:J;OFR:SpamFilterAuthJ;ENG:(910001)(944506458)(944626604)(920097)(930097)(3100021);RF:JunkEmail;

X-Microsoft-Antispam-Message-Info:

	=?us-ascii?Q?4AmKs30R/JL9x+MVMYL60ukL5/vzY/yB3PwgJTeQbvokQwa0Hw8LbnuH0bN4?=
 =?us-ascii?Q?LqZk4Pe8xriM51/A7u3Jt9hlIp9jk78AzCQhl4ABn2umYxAWxlkZO385K3wo?=
 =?us-ascii?Q?v84lIJmqr9cHi+YHuNQCHxKKBkqxvUagpqhec3d9Xcfli8YDNP94CTYXjS1r?=
 =?us-ascii?Q?tKAdAypBkaK+RSOiGc3mVpX8lRU65P5AtAoMigM1nQZJLkqBCniQX5BppWEl?=
 =?us-ascii?Q?EJOoWaxmDNMLDhMUSLYknFgwsUph4ErSyGzNG5JIgLj6taIQsAkkVUzh4JlA?=
 =?us-ascii?Q?Z5mOB2opJPHYZOz3E7i34UcGByqFzjE4eGmVu616FvGLMSQu/R32b2lRTL+q?=
 =?us-ascii?Q?yvjrDH3lrfSrAnh3YJzTKaDoBYq5ztor9ok5xIu+NchrXOTFnMPs4h+1oSwr?=
 =?us-ascii?Q?8VouDz4H3fuhXRx04p1jAHZ9d1oLhF3OV06h6+4g2VoT64kFOkVU+DsjPQ7m?=
 =?us-ascii?Q?jP01h84E4fpaaJcyI8Q6v60LVRKXqe9XMlFwerpUMC3DXqi4Ztp1NAQdDNcN?=
 =?us-ascii?Q?3S4kaWLrK1WmBoZOgIGPZGfHN1AkKZX18YR5yRzW1djtI8SuhsBj2pOmJkIG?=
 =?us-ascii?Q?Ya8AVYEKVfoZzqZuLGSzBGt82wU4mjoag6E4GpF36u/9F40SDQd162kJFHC8?=
 =?us-ascii?Q?MpQWovR9ciTscqfkhI8fZ1XvtAPVejhQL3hxdDVuI1eK6Nwra2PBfRK/sQoP?=
 =?us-ascii?Q?q9HHFujn+kP7PVeN8HIauSy9DbmGxnLMHQ3y5xAQLjrTTKv1LIUTMiGDOeDH?=
 =?us-ascii?Q?gm6HbWl4zvkugGRVmguEc/osk1fmjGYMTdiWKQGBAq4Lb692l1ELpzBd+eXD?=
 =?us-ascii?Q?xGI2MJrloYAv6m6qbMSRfYCplwx25e8kPDEb3ubFHn4dmebCFzJ0uJVOCh5e?=
 =?us-ascii?Q?c3cjIWgCEH7OdGPl5hLVGIdXvWhyb5CSJfnqWnI2DZqBRbzfvSeNyL2H6viw?=
 =?us-ascii?Q?ro2kzc5fHZ6LIjamp5cJlzeKmJbbf6sC5O3cn0D/Cl12/frTECJHXeSwQtqk?=
 =?us-ascii?Q?2xmA+4lKj2xc9yAKO3Q1ey0JQYHeJxgrYsmef2TkinCGAfA1Sgt4uIVxpu/N?=
 =?us-ascii?Q?2eMstLcjtTlTpuSR/BVOcNCrF0ca7UVGHWbt/rdpCqI7VEHF03EywdwA2Rh9?=
 =?us-ascii?Q?11wic80xGK5Y1wRr6YvMIIAhufdE8TCcgQx6Kt8ac0qyNilzXz0q22F3Az2q?=
 =?us-ascii?Q?3f6lGWmU7ZoeTETG5/vQE9Qc41fryBhC2mAI7/glCUkoV9v4lYPDqoU9IN8Y?=
 =?us-ascii?Q?Bnt1uGxfi6nZMw3hNJTcfurPwRSUaxhT34Xwa7fJSUEuvp3xnza+kSu9H59W?=
 =?us-ascii?Q?5ZvK6kpr8sI8BZQK/hRCyn0+nYt6qf4iz+72PNY6GX3atg95g1azZDkgOY26?=
 =?us-ascii?Q?rVIrsb1fJ8OoFKHwbeGyw8XdosiKJ4ApIhb4JQgaD45omc3niCZETo11beZo?=
 =?us-ascii?Q?oT+LC5bL+xdnbhDNN7goa452SlqtsT25YHVxuonvvkDscEA/5MCtdtOPFUmK?=
 =?us-ascii?Q?0xvYuG1jBXYDmpdTIpSXqpaTf9e4cMuFef2rGT6pVkuXRGyBIEEy6Zv2voHk?=
 =?us-ascii?Q?AMFMW66KNKVIa8JuATK2E6tzjE+nTlR7ptOnkBhfsfzfim4cWFDzsHzR1iCY?=
 =?us-ascii?Q?NoxyfL1/RaIpB68Vk9lvri7CC2KcDzMWUtZH/LAiQjWeZTLRxMg3nBcYu1Uj?=
 =?us-ascii?Q?mhiqYHaXvxwbJbvkeiIbmsIu7cl/ueGfb5ADUooio41cdGVQjbk/H9mhnQoA?=
 =?us-ascii?Q?SpEr6CaC0Sz8lsyh+0NxaS2kxeAmq302WMIPnX/YTm6WszBygWanAhSOaGEU?=
 =?us-ascii?Q?B0dJEkXjsEYKcTg0/OwzGonG8prtlPTdcmYH18uBUCnDB73yJ5kbyWWZChZR?=
 =?us-ascii?Q?U3RrdPHEfVn8m6GCZxPbUubPy5D5EqmiJ0Hfww4SETBgTtIV3+UHmHILeMQ+?=
 =?us-ascii?Q?8UKMj8Idz+LwJAj/nEMdZcmJ+Nk1a/hAhLKjwyccOG0AL/Pi7THa3aq7IJyp?=
 =?us-ascii?Q?o6zPbtPOC/nqk14JL8W6i8Z7A8Ioox+NVDGy3OkEpKmNi4/ALvX6POvm9E/U?=
 =?us-ascii?Q?UMLKISyOxAjYaUdZxvi4fOhbGEfGi1YwMCGytde6QBscRVqbAm4ju0bMn6vA?=
 =?us-ascii?Q?CDrQbXclGqBtt6HwjEF0OjpgZ+L87aarCOG4ZhkEd6urucw91Rly/DyIrNrp?=
 =?us-ascii?Q?qUu/vbFWpYb1envdfOaQljjL2nltbOqjkFEWy4C/pdqqRrOwADdfI9VCej0/?=
 =?us-ascii?Q?28gfyTCMxF0PtqTtZog7liUr6aTzm1aKHuEwz2SMBOKfmDRTuIxlKUxm5vtb?=
 =?us-ascii?Q?uJUmZr+V/KY+BnRzLF73ExmuBuVR7AsW94taxcucDscHgU04w+iAr3i4VcVy?=
 =?us-ascii?Q?4+ZwgnX70utTRu3uVpiY7f2hDOLZ?=