Reviving my a bit old question.
Matus UHLAR - fantomas via Postfix-users:
RFC 8601 section 5. requires deleting Authentication-Results headers from
incoming messages. This should be done at trusted border, so when receiving
message via SMTP from clients or the world, except MX gateways or possibly
backup MX srevers.
On 16.01.24 11:55, Wietse Venema via Postfix-users wrote:
Indeed, the idea is to delete any Authentication-Results instance
that claims [...] to have been added within [this MTA's] trust
boundary but that did not come directly from another trusted MTA."
I don't want to rely on milters stripping those headers so I'll try
header_checks.
I guess I could remove all Authentication-Results: headers by using
regexp_table:
/^Authentication-Results: / IGNORE
but is it possible to put environment or postfix variable there?
/^Authentication-Results: $myhostname/ IGNORE
I guess the inline code available since 3.7 supports this:
header_checks = regexp:{ {/^Authentication-Results: $myhostname/ IGNORE} }
This would only remove problem headers and exempt MX backups.
If it helps, header_checks happen before Milters see the message,
while milter_header_checks happen when a Milter adds a header.
I am very glad it works this way.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Microsoft dick is soft to do no harm
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
