From 4b07a6aa8fd38b60fd395cc809c3ab3bee73923e Mon Sep 17 00:00:00 2001 From: Tristan Hill Date: Tue, 18 Oct 2016 19:15:33 +0100 Subject: [PATCH] disable nested checker checks (#972) fixes #967 --- CHANGELOG.md | 4 ++++ setup/mail-postfix.sh | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 504e58b7..1c820724 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,10 @@ System: * Lower memory requirements to 512MB, display a warning if system memory is below 768MB. +Mail: + +* Turn off header filters for forwarded email. + v0.20 (September 23, 2016) -------------------------- diff --git a/setup/mail-postfix.sh b/setup/mail-postfix.sh index d62478e1..ca52edbd 100755 --- a/setup/mail-postfix.sh +++ b/setup/mail-postfix.sh @@ -91,7 +91,8 @@ tools/editconf.py /etc/postfix/main.cf \ # * Give it a different name in syslog to distinguish it from the port 25 smtpd server. # * Add a new cleanup service specific to the submission service ('authclean') # that filters out privacy-sensitive headers on mail being sent out by -# authenticated users. +# authenticated users. By default Postfix also applies this to attached +# emails but we turn this off by setting nested_header_checks empty. tools/editconf.py /etc/postfix/master.cf -s -w \ "submission=inet n - - - - smtpd -o syslog_name=postfix/submission @@ -100,7 +101,8 @@ tools/editconf.py /etc/postfix/master.cf -s -w \ -o smtpd_tls_ciphers=high -o smtpd_tls_exclude_ciphers=aNULL,DES,3DES,MD5,DES+MD5,RC4 -o smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3 -o cleanup_service_name=authclean" \ "authclean=unix n - - - 0 cleanup - -o header_checks=pcre:/etc/postfix/outgoing_mail_header_filters" + -o header_checks=pcre:/etc/postfix/outgoing_mail_header_filters + -o nested_header_checks=" # Install the `outgoing_mail_header_filters` file required by the new 'authclean' service. cp conf/postfix_outgoing_mail_header_filters /etc/postfix/outgoing_mail_header_filters