diff --git a/README.md b/README.md index d9f6166..ee8e1b2 100644 --- a/README.md +++ b/README.md @@ -158,6 +158,7 @@ linux/arm64 * `POSTFIX_DEBUG`: Enable debug (default `false`) * `POSTFIX_MESSAGE_SIZE_LIMIT`: The maximal size in bytes of a message, including envelope information (default `26214400`) +* `POSTFIX_STRIP_SENDER_HEADER`: Strip the Sender header from incoming emails to prevent SES rejection issues (default `false`) * `POSTFIX_SMTPD_TLS`: Enabling TLS in the Postfix SMTP server (default `false`, possible values: `true`|`may`|`encrypt`|`ask`|`require`, see [Postfix TLS README](https://www.postfix.org/TLS_README.html#client_tls_levels)) * `POSTFIX_SMTPD_TLS_CERT_FILE`: File with the Postfix SMTP server RSA certificate in PEM format * `POSTFIX_SMTPD_TLS_ECCERT_FILE`: File with the Postfix SMTP server RSA private key in PEM format diff --git a/rootfs/etc/cont-init.d/00-env b/rootfs/etc/cont-init.d/00-env index ff9fa45..a5baed1 100755 --- a/rootfs/etc/cont-init.d/00-env +++ b/rootfs/etc/cont-init.d/00-env @@ -83,6 +83,7 @@ MAIL_ENCRYPTION=${MAIL_ENCRYPTION:-null} POSTFIX_DEBUG=${POSTFIX_DEBUG:-false} POSTFIX_MESSAGE_SIZE_LIMIT=${POSTFIX_MESSAGE_SIZE_LIMIT:-26214400} +POSTFIX_STRIP_SENDER_HEADER=${POSTFIX_STRIP_SENDER_HEADER:-false} POSTFIX_SMTPD_TLS=${POSTFIX_SMTPD_TLS:-false} POSTFIX_SMTP_TLS=${POSTFIX_SMTP_TLS:-false} POSTFIX_RELAYHOST_AUTH_ENABLE=${POSTFIX_RELAYHOST_AUTH_ENABLE:-false} diff --git a/rootfs/etc/cont-init.d/15-config-postfix.sh b/rootfs/etc/cont-init.d/15-config-postfix.sh index ec96473..1be47ff 100755 --- a/rootfs/etc/cont-init.d/15-config-postfix.sh +++ b/rootfs/etc/cont-init.d/15-config-postfix.sh @@ -257,6 +257,20 @@ EOL chmod o= /etc/postfix/mysql-virtual-alias-domains-and-subdomains.cf chgrp postfix /etc/postfix/mysql-virtual-alias-domains-and-subdomains.cf +if [ "$POSTFIX_STRIP_SENDER_HEADER" = "true" ]; then + echo "Setting Postfix header_checks to strip Sender header" + cat >/etc/postfix/header_checks <>/etc/postfix/main.cf < /etc/postfix/main.cf fi