Matus UHLAR - fantomas via Postfix-users: > Hello, > > RFC 8601 section 5. requires deleting Authentication-Results headers from > incoming messages. This should be done at trusted border, so when receiving > message via SMTP from clients or the world, except MX gateways or possibly > backup MX srevers.
Indeed, the idea is to delete any Authentication-Results instance that claims [...] to have been added within [this MTA's] trust boundary but that did not come directly from another trusted MTA." > I'm curious if there is a recommended way to achieve this. > I see that using header_checks or message_drop_headers would do what I want, > however: > 1. message_drop_headers would IIUC remove headers added by milter, which is > not > what we want > 2. header_access would do just what I want. Still can't exempt MX gateway. > > Do you remove those headers on your servers? If it helps, header_checks happen before Milters see the message, while milter_header_checks happen when a Milter adds a header. Wietse _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org