mirror of
https://github.com/Mailu/Mailu.git
synced 2025-02-15 13:33:21 +02:00
Filter outgoing email headers, fixes #52
This commit is contained in:
parent
92bbfde195
commit
40b9883c8c
postfix
@ -1,6 +1,6 @@
|
|||||||
FROM alpine
|
FROM alpine
|
||||||
|
|
||||||
RUN apk add --update bash postfix postfix-sqlite rsyslog && rm -rf /var/cache/apk/*
|
RUN apk add --update bash postfix postfix-sqlite postfix-pcre rsyslog && rm -rf /var/cache/apk/*
|
||||||
|
|
||||||
COPY conf /etc/postfix
|
COPY conf /etc/postfix
|
||||||
COPY rsyslog.conf /etc/rsyslog.conf
|
COPY rsyslog.conf /etc/rsyslog.conf
|
||||||
|
@ -7,11 +7,17 @@ submission inet n - n - - smtpd
|
|||||||
-o smtpd_tls_security_level=encrypt
|
-o smtpd_tls_security_level=encrypt
|
||||||
-o smtpd_sasl_auth_enable=yes
|
-o smtpd_sasl_auth_enable=yes
|
||||||
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
||||||
|
-o cleanup_service_name=outclean
|
||||||
smtps inet n - n - - smtpd
|
smtps inet n - n - - smtpd
|
||||||
-o smtpd_tls_security_level=encrypt
|
-o smtpd_tls_security_level=encrypt
|
||||||
-o smtpd_sasl_auth_enable=yes
|
-o smtpd_sasl_auth_enable=yes
|
||||||
-o smtpd_tls_wrappermode=yes
|
-o smtpd_tls_wrappermode=yes
|
||||||
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
||||||
|
-o cleanup_service_name=outclean
|
||||||
|
|
||||||
|
# Additional services
|
||||||
|
outclean unix n - n - 0 cleanup
|
||||||
|
-o header_checks=pcre:/etc/postfix/outclean_header_filter
|
||||||
|
|
||||||
# Internal postfix services
|
# Internal postfix services
|
||||||
pickup unix n - n 60 1 pickup
|
pickup unix n - n 60 1 pickup
|
||||||
|
17
postfix/conf/outclean_header_filter
Normal file
17
postfix/conf/outclean_header_filter
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# This configuration was copied from Mailinabox. The original version is available at:
|
||||||
|
# https://raw.githubusercontent.com/mail-in-a-box/mailinabox/master/conf/postfix_outgoing_mail_header_filters
|
||||||
|
|
||||||
|
# Remove the first line of the Received: header. Note that we cannot fully remove the Received: header
|
||||||
|
# because OpenDKIM requires that a header be present when signing outbound mail. The first line is
|
||||||
|
# where the user's home IP address would be.
|
||||||
|
/^\s*Received:[^\n]*(.*)/ REPLACE Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP])$1
|
||||||
|
|
||||||
|
# Remove other typically private information.
|
||||||
|
/^\s*User-Agent:/ IGNORE
|
||||||
|
/^\s*X-Enigmail:/ IGNORE
|
||||||
|
/^\s*X-Mailer:/ IGNORE
|
||||||
|
/^\s*X-Originating-IP:/ IGNORE
|
||||||
|
/^\s*X-Pgp-Agent:/ IGNORE
|
||||||
|
|
||||||
|
# The Mime-Version header can leak the user agent too, e.g. in Mime-Version: 1.0 (Mac OS X Mail 8.1 \(2010.6\)).
|
||||||
|
/^\s*(Mime-Version:\s*[0-9\.]+)\s.+/ REPLACE $1
|
Loading…
x
Reference in New Issue
Block a user