Private Mode Broken

[iammattmartin]

Describe the bug

Since the last update, the privacy mode seems to be slightly broken. Before, when enabled, it would not disclose any information on the sending SMTP server, now it does partially or fully depending on what mode is set.

With privacy mode enabled the headers appear like:

Received: by postal.host with SMTP; Mon, 20 May 2024 16:00:21 +0000
Received: from sending.host (localhost [IPv6:::1]) by sending.host (Postfix) with ESMTPS id 0C222B2F05	for <[email protected]>; Mon, 20 May 2024 16:00:21 +0000

but with it disabled they appear like:

Received: from sending.host (sending.host [2001:xx:xx::xx]) by postal.host with SMTP; Mon, 20 May 2024 15:58:03 +0000
Received: from sending.host (localhost [IPv6:::1]) by sending.host (Postfix) with ESMTPS id 9EFA011D194	for <[email protected]>; Mon, 20 May 2024 15:58:02 +0000

It used to only ever show:

Received: by postal.host with SMTP; Mon, 20 May 2024 16:00:21 +0000

[adamcooke]

From what I can see the received header added by Postal is correct. The header which includes the IP was added by Postfix elsewhere in the chain.

[iammattmartin]

We've always used it in this way for some pre-routing we have to do before sending.

I restored an old backup of postal last night for testing and it did not do this previously. As per the last example, the same output was seen both indirectly and directly.

It looks like previously Postal had been stripping off anything before it had received it, which was desirable now and it appears now it does not.

[iammattmartin]

It looks like this is related to #2781. So whereas this was good for protecting internal hosts that use SMTP and postal as an outbound gateway, the new code reveals far too much information.

Downgrading "resolved" the issue, but it may be there needs to be a middle, configurable, ground as to what people want to hide or show.