feat: Don't send unencrypted Auto-Submitted header (#7938)

Cherry-picked 8c09ca3 Follow-up to https://github.com/chatmail/core/pull/7935
2026-05-16 21:36:30 +03:00 · 2026-03-06 10:29:17 +01:00
parent abb93cd79d
commit 1e20055523
3 changed files with 9 additions and 15 deletions
--- a/src/mimefactory.rs
+++ b/src/mimefactory.rs
@@ -1553,13 +1553,10 @@ impl MimeFactory {
            | SystemMessage::MultiDeviceSync
            | SystemMessage::WebxdcStatusUpdate => {
                // This should prevent automatic replies,
-                // such as non-delivery reports.
+                // such as non-delivery reports,
+                // if the message is unencrypted.
                //
                // See <https://tools.ietf.org/html/rfc3834>
-                //
-                // Adding this header without encryption leaks some
-                // information about the message contents, but it can
-                // already be easily guessed from message timing and size.
                headers.push((
                    "Auto-Submitted",
                    mail_builder::headers::raw::Raw::new("auto-generated").into(),
@@ -2190,10 +2187,7 @@ fn group_headers_by_confidentiality(
                        mail_builder::headers::raw::Raw::new("[...]").into(),
                    ));
                }
-                "auto-submitted"
-                | "chat-version"
-                | "autocrypt-setup-message"
-                | "chat-is-post-message" => {
+                "chat-version" | "autocrypt-setup-message" | "chat-is-post-message" => {
                    unprotected_headers.push(header.clone());
                }
                _ => {