...

1 files changed, 12 insertions, 0 deletions

diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix
index a2e93e32..3d0b43ee 100644
--- a/hosts/surtr/email/default.nix
+++ b/hosts/surtr/email/default.nix
@@ -228,6 +228,8 @@ in {
             "-o" "smtpd_tls_wrappermode=yes"
             "-o" "smtpd_tls_ask_ccert=yes"
             "-o" "smtpd_tls_req_ccert=yes"
+            "-o" "smtpd_tls_received_header=no"
+            "-o" "cleanup_service_name=subcleanup"
             "-o" "smtpd_client_restrictions=permit_tls_all_clientcerts,reject"
             "-o" "{smtpd_data_restrictions = check_policy_service unix:/run/postfwd3/postfwd3.sock}"
             "-o" "smtpd_relay_restrictions=permit_tls_all_clientcerts,reject"
@@ -243,6 +245,16 @@ in {
             "-o" ''smtpd_milters=${config.services.opendkim.socket}''
           ];
         };
+        subcleanup = {
+          command = "cleanup";
+          private = false;
+          maxproc = 0;
+          args = [
+            "-o" "header_checks=pcre:${pkgs.writeText "header_checks_submission" ''
+              /^Received: from [^ ]+ \([^ ]+ [^ ]+\)\s+(.*)$/ REPLACE Received: $1
+            ''}"
+          ];
+        };
         dvlmtp = {
           command = "lmtp";
           args = [