From 8fb8cd65d5cdb8ac380eed07bc7784dadae5e876 Mon Sep 17 00:00:00 2001 From: Daniel Frank Date: Fri, 21 Jun 2019 22:12:58 +0200 Subject: [PATCH] postfix: increase privacy by removing the first received header if the mail was sent to the submission port by an authorized user --- postfix.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/postfix.nix b/postfix.nix index 1650023..5473c75 100644 --- a/postfix.nix +++ b/postfix.nix @@ -1,6 +1,9 @@ { config, lib, pkgs, ... }: let + submission_header_cleanup_regex = pkgs.writeText "submission_header_cleanup_regex" '' + /^Received:.*by ${config.variables.myFQDN} \(Postfix/ IGNORE + ''; pfvirtual_mailbox_domains = pkgs.writeText "virtual_mailbox_domains.cf" '' dbpath = ${config.variables.pfadminDataDir}/postfixadmin.db query = SELECT domain FROM domain WHERE domain='%s' AND active = '1' @@ -75,6 +78,13 @@ in virtual_mailbox_maps = "proxy:sqlite:${pfvirtual_mailbox_maps}, proxy:sqlite:${pfvirtual_alias_domain_mailbox_maps}"; virtual_transport = "lmtp:unix:${config.variables.dovecotLmtpSocket}"; }; + masterConfig.submission.args = [ "-o" "cleanup_service_name=submission_cleanup" ]; + masterConfig."submission_cleanup" = { + command = "cleanup"; + args = [ "-o" "header_checks=regexp:${submission_header_cleanup_regex}" ]; + private = false; + maxproc = 0; + }; rootAlias = config.variables.mailAdmin; postmasterAlias = config.variables.mailAdmin; };