From 81559af51a69d9f2c1c45d78efbe3cd7a4b9e3cb Mon Sep 17 00:00:00 2001
From: Filippo Valsorda <filippo@golang.org>
Date: Tue, 5 Nov 2019 15:45:22 -0500
Subject: [PATCH] doc: mention the anti-spam bypass in security.html

We had some issues with reports being marked as spam, so I added a
filter to never mark as spam something that mentions the word
"vulnerability". We get too much spam at that address to disable the
filter entirely, so instead meantion the bypass in the docs.

Change-Id: Idb4dabcf51a9dd8234a2d571cd020c970b0a582c
Reviewed-on: https://go-review.googlesource.com/c/go/+/205538
Reviewed-by: Katie Hockman <katie@golang.org>
---
 doc/security.html | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/doc/security.html b/doc/security.html
index b334963222..172aea4bc7 100644
--- a/doc/security.html
+++ b/doc/security.html
@@ -24,7 +24,11 @@ For critical problems, you can encrypt your report using our PGP key (listed bel
 </p>
 
 <p>
-Please use a descriptive subject line for your report email.
+To ensure your report is not marked as spam, please include the word "vulnerability"
+anywhere in your email. Please use a descriptive subject line for your report email.
+</p>
+
+<p>
 After the initial reply to your report, the security team will endeavor to keep
 you informed of the progress being made towards a fix and full announcement.
 These updates will be sent at least every five days.
-- 
2.50.0