- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
PREPEND access/policy action added headers ABOVE Postfix's own Received:
header, exposing Postfix's own Received: header to Milters (protocol
violation) and hiding the PREPENDed header from Milters. PREPENDed
headers are now added BELOW Postfix's own Received: header and remain
visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
messages for check_reverse_client_hostname_access and
check_reverse_client_hostname_{mx,ns}_access. They replied with the
verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
maps, policy servers or Milter applications. Postfix now hides its own
Received: header from Milters and exposes prepended headers to Milters,
regardless of the mechanism used to prepend a header. This fix reverts
a partial solution that was released on October 13, 2014, and replaces
it with a complete solution.