Bug 1658993

Summary: Secure bugs don't have X-Bugzilla-* headers in the body
Product: [Community] Bugzilla Reporter: Vitaly Kuznetsov <vkuznets>
Component: Email NotificationsAssignee: PnT DevOps Devs <hss-ied-bugs>
Status: CLOSED WONTFIX QA Contact: tools-bugs <tools-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.0CC: khong, qgong, thoger, vkuznets
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-12-17 10:34:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
needinfo mail without headers in the body none

Description Vitaly Kuznetsov 2018-12-13 10:51:54 UTC 
I use "Include X-Bugzilla- headers in BugMail body" setting to be able to filter email from Bugzilla (gmail). This setting doesn't seem to work for 'Secure bug' emails, e.g. I got the following mail:

"Subject: [Bug 1526001] (Secure bug 1526001 in Security Response :: vulnerability"

inspecting the message I can see X-Bugzilla-* headers, however, I don't see them in the body. This can't be explained by the 'secure' nature of the email: headers are there in plain text, they're just not duplicated in the message body.
Comment 1 Jeff Fearn 🐞 2018-12-13 10:53:52 UTC 
Are the headers in the body different from the headers in the mail header?
Comment 2 Vitaly Kuznetsov 2018-12-13 13:56:44 UTC 
(In reply to Jeff Fearn from comment #1)
> Are the headers in the body different from the headers in the mail header?

They're not different, they're absent.
Comment 3 Vitaly Kuznetsov 2018-12-13 13:59:53 UTC 
Created attachment 1514065 [details]
needinfo mail without headers in the body
Comment 4 Vitaly Kuznetsov 2018-12-13 14:00:05 UTC 
Oh, and BTW, needinfo requests don't have headers in the body as well. Please see the attachment.
Comment 5 Jeff Fearn 🐞 2018-12-20 02:10:34 UTC 
This seems to work fine in dev, can you check please Rony?
Comment 6 Rony Gong 🔥 2019-03-25 08:48:34 UTC 
Hi Vitaly Kuznetsov, I retest it and can receive below email, is this your expected?
If not, please point out the detail expectation.

From - Mon, 25 Mar 2019 08:37:18 +0000
From: bugzilla
To: qgong
Subject: [Bug 1611375] (Security Response) New: test
Date: Mon, 25 Mar 2019 08:37:18 +0000
Precedence: bulk
Auto-Submitted: auto-generated
X-Bugzilla-Reason: Reporter
X-Loop: bugzilla
X-BeenThere: bugzilla
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Classification: Other
X-Bugzilla-Product: Security Response
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: unspecified
X-Bugzilla-Who: qgong
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: unspecified
X-Bugzilla-Assigned-To: security-response-team
X-Bugzilla-QAContact: 
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Component: vulnerability
X-Bugzilla-Sub-Component: 
X-Bugzilla-Version: unspecified
X-Bugzilla-Comment: public
X-Bugzilla-Reporter: qgong
X-Bugzilla-Changed-Fields: bug_id short_desc product bug_status component
 assigned_to reporter target_milestone classification
Message-ID: <bug-1611375-331384.host.qe.eng.pek2.redhat.com/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bz-web.host.qe.eng.pek2.redhat.com/
MIME-Version: 1.0

https://bz-web.host.qe.eng.pek2.redhat.com/show_bug.cgi?id=3D1611375

            Bug ID: 1611375
           Summary: test
           Product: Security Response
            Status: NEW
         Component: vulnerability
          Assignee: security-response-team
          Reporter: qgong
  Target Milestone: ---
    Classification: Other
Comment 7 Vitaly Kuznetsov 2019-03-25 09:40:54 UTC 
(In reply to Rony Gong 🔥 from comment #6)
> Hi Vitaly Kuznetsov, I retest it and can receive below email, is this your
> expected?
...
> 
> From - Mon, 25 Mar 2019 08:37:18 +0000
> From: bugzilla
> To: qgong
> Subject: [Bug 1611375] (Security Response) New: test
> Date: Mon, 25 Mar 2019 08:37:18 +0000
> Precedence: bulk
> Auto-Submitted: auto-generated
> X-Bugzilla-Reason: Reporter
> X-Loop: bugzilla
> X-BeenThere: bugzilla
> X-Bugzilla-Type: new
> X-Bugzilla-Watch-Reason: None
> X-Bugzilla-Classification: Other
...

No, these are email headers and I see that these are in place.

In Bugzilla, there is a special option which is called "Include X-Bugzilla- headers in BugMail body" and when enabled you are supposed to get these headers twice:
1) As normal email headers.
2) As part of message body.

This works well for normal bugs but doesn't work for 'Secure bugs'. As you can see in your example you only get these headers once. Previously, it didn't work for 'needinfo' requests too but now it seems to be fixed.
Comment 13 Jeff Fearn 🐞 2019-12-17 10:34:55 UTC 
Supporting GMail's broken filtering isn't something I intend to spend any more time on. Users who choose to use their web UI also choose to untaken the effort to support basic MUA functionality.

Here is a start point: https://webapps.stackexchange.com/questions/5719/is-it-possible-to-create-a-gmail-filter-that-works-on-headers-other-than-from-t/73544#73544

Untested.

Alternative it to open a ticket with IT to get this basic functionality addressed at the corporate level.