doc: mention the anti-spam bypass in security.html

We had some issues with reports being marked as spam, so I added a filter to never mark as spam something that mentions the word "vulnerability". We get too much spam at that address to disable the filter entirely, so instead meantion the bypass in the docs. Change-Id: Idb4dabcf51a9dd8234a2d571cd020c970b0a582c Reviewed-on: https://go-review.googlesource.com/c/go/+/205538Reviewed-by: Katie Hockman <katie@golang.org>

doc: mention the anti-spam bypass in security.html
We had some issues with reports being marked as spam, so I added a filter to never mark as spam something that mentions the word "vulnerability". We get too much spam at that address to disable the filter entirely, so instead meantion the bypass in the docs. Change-Id: Idb4dabcf51a9dd8234a2d571cd020c970b0a582c Reviewed-on: https://go-review.googlesource.com/c/go/+/205538Reviewed-by: Katie Hockman <katie@golang.org>
81559af5 · Filippo Valsorda · fb378210 · 81559af5
Commit 81559af5 authored Nov 05, 2019 by Filippo Valsorda
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 1 deletion

doc/security.html doc/security.html +5 -1

No files found.
--- a/doc/security.html
+++ b/doc/security.html
@@ -24,7 +24,11 @@ For critical problems, you can encrypt your report using our PGP key (listed bel
 </p>

 <p>
-Please use a descriptive subject line for your report email.
+To ensure your report is not marked as spam, please include the word "vulnerability"
+anywhere in your email. Please use a descriptive subject line for your report email.
+</p>
+
+<p>
 After the initial reply to your report, the security team will endeavor to keep
 you informed of the progress being made towards a fix and full announcement.
 These updates will be sent at least every five days.