From 772e5efb7d16c2f5519cf38ddef35a7f8644fd3f Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Wed, 11 Aug 2021 22:47:29 +0200
Subject: [PATCH] Disable pipelining to prevent bypass

---
 core/postfix/conf/master.cf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/postfix/conf/master.cf b/core/postfix/conf/master.cf
index eca0ad77..15613476 100644
--- a/core/postfix/conf/master.cf
+++ b/core/postfix/conf/master.cf
@@ -7,6 +7,7 @@ smtp      inet  n       -       n       -       -       smtpd
 # Internal SMTP service
 10025     inet  n       -       n       -       -       smtpd
   -o smtpd_sasl_auth_enable=yes
+  -o smtpd_discard_ehlo_keywords=pipelining
   -o smtpd_client_restrictions=$check_ratelimit,reject_unlisted_sender,reject_authenticated_sender_login_mismatch,permit
   -o smtpd_reject_unlisted_recipient={% if REJECT_UNLISTED_RECIPIENT %}{{ REJECT_UNLISTED_RECIPIENT }}{% else %}no{% endif %}
   -o cleanup_service_name=outclean