Jan P. Kessler a écrit : > Victor Duchovni schrieb: >> On Wed, Nov 26, 2008 at 06:50:13PM +0100, Jan P. Kessler wrote: >> >> >>> would it be possible/valuable to enhance xforward by additional >>> attributes reflecting the tls parameters of the upstream smtp >>> session? Background is the current development of a content/proxyfilter. >>> >> >> What problem would this solve? If you need the client certificate >> fingerprint consider the following: >> > Thank you. Of course it would be easy to add a header (or use the one > from smtpd_tls_received_header) but that information could be forged > easily. It would be nice to have reliable data for a > proxy/content_filter that combines session and content based information. >
Only examine the first Received header, which you are sure is generated by postfix.
