Matus UHLAR - fantomas via Postfix-users:
> Hello,
>
> RFC 8601 section 5. requires deleting Authentication-Results headers from
> incoming messages. This should be done at trusted border, so when receiving
> message via SMTP from clients or the world, except MX gateways or possibly
> backup MX srevers.
Indeed, the idea is to delete any Authentication-Results instance
that claims [...] to have been added within [this MTA's] trust
boundary but that did not come directly from another trusted MTA."
> I'm curious if there is a recommended way to achieve this.
> I see that using header_checks or message_drop_headers would do what I want,
> however:
> 1. message_drop_headers would IIUC remove headers added by milter, which is
> not
> what we want
> 2. header_access would do just what I want. Still can't exempt MX gateway.
>
> Do you remove those headers on your servers?
If it helps, header_checks happen before Milters see the message,
while milter_header_checks happen when a Milter adds a header.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
