Hello, just change AddIntendedForHeader from 'all' to 'incoming and local' is the default and recommended.
regards -----Message d'origine----- De : frny <f...@web.de> Envoyé : lundi 28 mai 2018 17:48 À : assp-user@lists.sourceforge.net Objet : [Assp-user] BCC mails and X-Assp-Intended-For Hello all, we've encountered that the standard setting in the OVA, to append the "X-Assp-Intended-For"-Header both to incoming and outgoing mails, is HUGELY insecure and also might violate privacy rules in Europe in some setups regarding BCC: If you have an Exchange Server before you relay through ASSP, the Exchange Server will split the mail into one mail to the original recipient and one mail to the BCC'd recipients. But it will (of course) remove the BCC header line from both mails. So what this means is ASSP now does not know anymore that some of these addresses have been BCC addresses, other than looking if they appear somewhere in the header lines (To or CC). So in the end, if you do not strip the X-Assp-Intended-For header lines after ASSP, the BCC'd users will see each other. I found a related thread here: http://anti-spam-smtp-proxy-server.996265.n3.nabble.com/bcc-X-ASSP-Intended-For-header-lines-td42381.html which should be the same problem. -- Sent from: http://anti-spam-smtp-proxy-server.996265.n3.nabble.com/assp-user-f16845.html ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
