remove senders X-Leap-* headers
An attacker could add X-Leap-Signature or X-Leap-Provenance to trick the client to believe that the email is signed or not encrypted.
(from redmine: created on 2015-09-08, closed on 2016-08-05, relates #5993 (closed))
An attacker could add X-Leap-Signature or X-Leap-Provenance to trick the client to believe that the email is signed or not encrypted.
(from redmine: created on 2015-09-08, closed on 2016-08-05, relates #5993 (closed))