diff options
| author | geistesk <github.jyf300hj@0x21.biz> | 2018-04-08 20:58:30 +0200 |
|---|---|---|
| committer | geistesk <github.jyf300hj@0x21.biz> | 2018-04-09 22:14:17 +0200 |
| commit | 386faf960c657031a3d950c04d496b540139d399 (patch) | |
| tree | 8087525036e0ce62f3c3566ba83162ba4fce12b8 /mail-server | |
| parent | 1dd394e63fa15d200faf83988f8fb5f9a54c04c5 (diff) | |
Fog user's hostname in the Message-ID
Diffstat (limited to 'mail-server')
| -rw-r--r-- | mail-server/postfix.nix | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix index 8fd67b5..f101b7a 100644 --- a/mail-server/postfix.nix +++ b/mail-server/postfix.nix @@ -66,7 +66,7 @@ let # The user's own address is already in all_valiases_postfix. vaccounts_file = builtins.toFile "vaccounts" (lib.concatStringsSep "\n" all_valiases_postfix); - submissionHeaderCleanupRules = pkgs.writeText "submission_header_cleanup_rules" '' + submissionHeaderCleanupRules = pkgs.writeText "submission_header_cleanup_rules" ('' # Removes sensitive headers from mails handed in via the submission port. # See https://thomas-leister.de/mailserver-debian-stretch/ # Uses "pcre" style regex. @@ -76,7 +76,13 @@ let /^X-Mailer:/ IGNORE /^User-Agent:/ IGNORE /^X-Enigmail:/ IGNORE - ''; + '' + lib.optionalString cfg.rewriteMessageId '' + + # Replaces the user submitted hostname with the server's FQDN to hide the + # user's host or network. + + /^Message-ID:\s+<(.*?)@.*?>/ REPLACE Message-ID: <$1@${cfg.fqdn}> + ''); in { config = with cfg; lib.mkIf enable { |