Supposedly user info could be removed from received header regardless of edit_identit...
authorpdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Fri, 5 Dec 2008 21:05:16 +0000 (21:05 +0000)
committerpdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Fri, 5 Dec 2008 21:05:16 +0000 (21:05 +0000)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13364 7612ce4b-ef26-0410-bec9-ea0150e637f0

class/deliver/Deliver.class.php
config/conf.pl

index 11a8e13..9952a06 100644 (file)
@@ -590,7 +590,7 @@ class Deliver {
           } else {
             // use default received headers
             $header[] = "Received: from $received_from" . $rn;
-            if ($edit_identity || ! isset($hide_auth_header) || ! $hide_auth_header)
+            if (!isset($hide_auth_header) || !$hide_auth_header)
                 $header[] = "        (SquirrelMail authenticated user $username)" . $rn;
             $header[] = "        by $SERVER_NAME with HTTP;" . $rn;
             $header[] = "        $date" . $rn;
index c8c7b19..e87edef 100755 (executable)
@@ -2578,6 +2578,11 @@ sub command311b {
   this setting will make it difficult to determine who sent what where.
   Use at your own risk.
 
+  Note: If you have defined a header encryption key in your SMTP or
+  Sendmail settings (see the \"Server Settings\" option page), this
+  setting is ignored because all user information in outgoing messages
+  is encoded.
+
   ";
 
     if ( lc($hide_auth_header) eq "true" ) {