Remove the username from the milter_headers

Rspamd adds the name of the authenticated user by default. Setting add_smtp_user to false prevents the login to be leaked.
4 years ago · 59bc4f7aea
parent 92bf736da4
commit 59bc4f7aea
1 changed files with 3 additions and 0 deletions
--- a/core/rspamd/conf/milter_headers.conf
+++ b/core/rspamd/conf/milter_headers.conf
@ -5,6 +5,9 @@ skip_authenticated = false;
 use = ["x-spamd-bar", "x-spam-level", "x-virus", "authentication-results"];

 routines {
+  authentication-results {
+    add_smtp_user = false;
+  }
  x-virus {
    symbols = ["CLAM_VIRUS", "FPROT_VIRUS", "JUST_EICAR"];
  }