Supposedly user info could be removed from received header regardless of edit_identit...

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13364 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/class/deliver/Deliver.class.php b/class/deliver/Deliver.class.php
index 11a8e138014feb2989d585396e150d9d8c201f16..9952a06e660d731cf773f1e010a3c682e8f0cd0f 100644 (file)
--- a/class/deliver/Deliver.class.php
+++ b/class/deliver/Deliver.class.php
@@ -590,7 +590,7 @@ class Deliver {
           } else {
             // use default received headers
             $header[] = "Received: from $received_from" . $rn;
-            if ($edit_identity || ! isset($hide_auth_header) || ! $hide_auth_header)
+            if (!isset($hide_auth_header) || !$hide_auth_header)
                 $header[] = "        (SquirrelMail authenticated user $username)" . $rn;
             $header[] = "        by $SERVER_NAME with HTTP;" . $rn;
             $header[] = "        $date" . $rn;

diff --git a/config/conf.pl b/config/conf.pl
index c8c7b197188309d1107991824ee4233c560ca605..e87edef878138c6e296a27bb4794f862b8b8dfc0 100755 (executable)
--- a/config/conf.pl
+++ b/config/conf.pl
@@ -2578,6 +2578,11 @@ sub command311b {
   this setting will make it difficult to determine who sent what where.
   Use at your own risk.
 
+  Note: If you have defined a header encryption key in your SMTP or
+  Sendmail settings (see the \"Server Settings\" option page), this
+  setting is ignored because all user information in outgoing messages
+  is encoded.
+
   ";
 
     if ( lc($hide_auth_header) eq "true" ) {