Remove unnecessary opendkim milter from reinjecting smtpd

OpenDKIM milter is only needed on port 25,
it seems to do nothing on reinjecting port.

.github/workflows/test-and-deploy-ipv4only.yaml

@@ -38,8 +38,8 @@ jobs:
           if [ -f dkimkeys-ipv4/dkimkeys/opendkim.private ]; then rsync -avz -e "ssh -o StrictHostKeyChecking=accept-new" dkimkeys-ipv4 root@ns.testrun.org:/tmp/ || true; fi
           if [ "$(ls -A acme-ipv4/acme/certs)" ]; then rsync -avz -e "ssh -o StrictHostKeyChecking=accept-new" acme-ipv4 root@ns.testrun.org:/tmp/ || true; fi
           # make sure CAA record isn't set
-          scp .github/workflows/staging-ipv4.testrun.org-default.zone root@ns.testrun.org:/etc/nsd/staging-ipv4.testrun.org.zone
-          ssh -o StrictHostKeyChecking=accept-new root@ns.testrun.org sed -i '/CAA/d' /etc/nsd/staging-ipv4.testrun.org.zone
+          scp -o StrictHostKeyChecking=accept-new .github/workflows/staging-ipv4.testrun.org-default.zone root@ns.testrun.org:/etc/nsd/staging-ipv4.testrun.org.zone
+          ssh root@ns.testrun.org sed -i '/CAA/d' /etc/nsd/staging-ipv4.testrun.org.zone
           ssh root@ns.testrun.org nsd-checkzone staging-ipv4.testrun.org /etc/nsd/staging-ipv4.testrun.org.zone
           ssh root@ns.testrun.org systemctl reload nsd
 
@@ -49,7 +49,7 @@ jobs:
             -H "Authorization: Bearer ${{ secrets.HETZNER_API_TOKEN }}" \
             -H "Content-Type: application/json" \
             -d '{"image":"debian-12"}' \
-            "https://api.hetzner.cloud/v1/servers/${{ secrets.STAGING_SERVER_ID }}/actions/rebuild"
+            "https://api.hetzner.cloud/v1/servers/${{ secrets.STAGING_IPV4_SERVER_ID }}/actions/rebuild"
 
       - run: scripts/initenv.sh
 
@@ -63,11 +63,11 @@ jobs:
           while ! ssh -o ConnectTimeout=180 -o StrictHostKeyChecking=accept-new -v root@staging-ipv4.testrun.org id -u ; do sleep 1 ; done
           ssh -o StrictHostKeyChecking=accept-new -v root@staging-ipv4.testrun.org id -u
           # download acme & dkim state from ns.testrun.org
-          rsync -e "ssh -o StrictHostKeyChecking=accept-new" -avz root@ns.testrun.org:/tmp/acme-ipv4 acme-restore || true
-          rsync -avz root@ns.testrun.org:/tmp/dkimkeys-ipv4 dkimkeys-restore || true
+          rsync -e "ssh -o StrictHostKeyChecking=accept-new" -avz root@ns.testrun.org:/tmp/acme-ipv4/acme acme-restore || true
+          rsync -avz root@ns.testrun.org:/tmp/dkimkeys-ipv4/dkimkeys dkimkeys-restore || true
           # restore acme & dkim state to staging2.testrun.org
-          rsync -avz acme-restore/acme-ipv4/acme root@staging-ipv4.testrun.org:/var/lib/ || true
-          rsync -avz dkimkeys-restore/dkimkeys-ipv4/dkimkeys root@staging-ipv4.testrun.org:/etc/ || true
+          rsync -avz acme-restore/acme root@staging-ipv4.testrun.org:/var/lib/ || true
+          rsync -avz dkimkeys-restore/dkimkeys root@staging-ipv4.testrun.org:/etc/ || true
           ssh -o StrictHostKeyChecking=accept-new -v root@staging-ipv4.testrun.org chown root:root -R /var/lib/acme || true
 
       - name: run formatting checks 

CHANGELOG.md

@@ -2,12 +2,39 @@
 
 ## untagged
 
+- filtermail: don't require exactly 2 lines after openPGP payload
+  ([#497](https://github.com/chatmail/chatmail/pull/497))
+
 - cmdeploy dns: offer alternative DKIM record format for some web interfaces
   ([#470](https://github.com/deltachat/chatmail/pull/470))
 
+- journald: remove old logs from disk
+  ([#490](https://github.com/deltachat/chatmail/pull/490))
+
+- opendkim: restart once every day to mend RAM leaks
+  ([#498](https://github.com/chatmail/chatmail/pull/498)
+
 - migration guide: let opendkim own the DKIM keys directory
   ([#468](https://github.com/deltachat/chatmail/pull/468))
 
+- improve secure-join message detection
+  ([#473](https://github.com/deltachat/chatmail/pull/473))
+
+- use old crypt lib in python < 3.11
+  ([#483](https://github.com/deltachat/chatmail/pull/483))
+
+- chatmaild: set umask to 0700 for doveauth + metadata
+  ([#490](https://github.com/deltachat/chatmail/pull/492))
+
+- remove MTA-STS daemon
+  ([#488](https://github.com/deltachat/chatmail/pull/488))
+
+- replace `Subject` with `[...]` for all outgoing mails.
+  ([#481](https://github.com/deltachat/chatmail/pull/481))
+
+- opendkim: use su instead of sudo
+  ([#491](https://github.com/deltachat/chatmail/pull/491))
+
 ## 1.5.0 2024-12-20
 
 - cmdeploy dns: always show recommended DNS records

chatmaild/pyproject.toml

@@ -12,7 +12,7 @@ dependencies = [
   "deltachat-rpc-client",
   "filelock",
   "requests",
-  "crypt-r",
+  "crypt-r >= 3.13.1 ; python_version >= '3.11'",
 ]
 
 [tool.setuptools]

chatmaild/src/chatmaild/common_encrypted_subjects.py

@@ -1,59 +0,0 @@
-"""Generated from deltachat, draft-ietf-lamps-header-protection, and
-encrypted_subject localizations in
-https://github.com/thunderbird/thunderbird-android/
-
-"""
-
-common_encrypted_subjects = {
-    "...",
-    "[...]",
-    "암호화된 메시지",
-    "Ĉifrita mesaĝo",
-    "Courriel chiffré",
-    "Dulrituð skilaboð",
-    "Encrypted Message",
-    "Fersifere berjocht",
-    "Kemennadenn enrineget",
-    "Krüptitud kiri",
-    "Krypterat meddelande",
-    "Krypteret besked",
-    "Kryptert melding",
-    "Mensagem criptografada",
-    "Mensagem encriptada",
-    "Mensaje cifrado",
-    "Mensaxe cifrada",
-    "Mesaj Criptat",
-    "Mesazh i Fshehtëzuar",
-    "Messaggio criptato",
-    "Messaghju cifratu",
-    "Missatge encriptat",
-    "Neges wedi'i Hamgryptio",
-    "Pesan terenkripsi",
-    "Salattu viesti",
-    "Şifreli İleti",
-    "Šifrēta ziņa",
-    "Šifrirana poruka",
-    "Šifrirano sporočilo",
-    "Šifruotas laiškas",
-    "Tin nhắn được mã hóa",
-    "Titkosított üzenet",
-    "Verschlüsselte Nachricht",
-    "Versleuteld bericht",
-    "Zašifrovaná zpráva",
-    "Zaszyfrowana wiadomość",
-    "Zifratu mezua",
-    "Κρυπτογραφημένο μήνυμα",
-    "Зашифроване повідомлення",
-    "Зашифрованное сообщение",
-    "Зашыфраваны ліст",
-    "Криптирано съобщение",
-    "Шифрована порука",
-    "დაშიფრული წერილი",
-    "הודעה מוצפנת",
-    "پیام رمزنگاری‌شده",
-    "رسالة مشفّرة",
-    "എൻക്രിപ്റ്റുചെയ്‌ത സന്ദേശം",
-    "加密邮件",
-    "已加密的訊息",
-    "暗号化されたメッセージ",
-}

chatmaild/src/chatmaild/doveauth.py

@@ -3,7 +3,10 @@ import logging
 import os
 import sys
 
-import crypt_r
+try:
+    import crypt_r
+except ImportError:
+    import crypt as crypt_r
 
 from .config import Config, read_config
 from .dictproxy import DictProxy

chatmaild/src/chatmaild/filtermail.py

@@ -12,7 +12,6 @@ from smtplib import SMTP as SMTPClient
 
 from aiosmtpd.controller import Controller
 
-from .common_encrypted_subjects import common_encrypted_subjects
 from .config import read_config
 
 
@@ -81,7 +80,9 @@ def check_armored_payload(payload: str):
         return False
     payload = payload.removeprefix(prefix)
 
-    suffix = "-----END PGP MESSAGE-----\r\n\r\n"
+    while payload.endswith("\r\n"):
+        payload = payload.removesuffix("\r\n")
+    suffix = "-----END PGP MESSAGE-----"
     if not payload.endswith(suffix):
         return False
     payload = payload.removesuffix(suffix)
@@ -100,6 +101,27 @@ def check_armored_payload(payload: str):
         return False
 
 
+def is_securejoin(message):
+    if message.get("secure-join") not in ["vc-request", "vg-request"]:
+        return False
+    if not message.is_multipart():
+        return False
+    parts_count = 0
+    for part in message.iter_parts():
+        parts_count += 1
+        if parts_count > 1:
+            return False
+        if part.is_multipart():
+            return False
+        if part.get_content_type() != "text/plain":
+            return False
+
+        payload = part.get_payload().strip().lower()
+        if payload not in ("secure-join: vc-request", "secure-join: vg-request"):
+            return False
+    return True
+
+
 def check_encrypted(message):
     """Check that the message is an OpenPGP-encrypted message.
 
@@ -107,8 +129,6 @@ def check_encrypted(message):
     """
     if not message.is_multipart():
         return False
-    if message.get("subject") not in common_encrypted_subjects:
-        return False
     if message.get_content_type() != "multipart/encrypted":
         return False
     parts_count = 0
@@ -203,11 +223,7 @@ class BeforeQueueHandler:
 
         passthrough_recipients = self.config.passthrough_recipients
 
-        is_securejoin = message.get("secure-join") in [
-            "vc-request",
-            "vg-request",
-        ]
-        if is_securejoin:
+        if mail_encrypted or is_securejoin(message):
             return
 
         for recipient in envelope.rcpt_tos:
@@ -222,7 +238,7 @@ class BeforeQueueHandler:
             _recipient_addr, recipient_domain = res
 
             is_outgoing = recipient_domain != envelope_from_domain
-            if is_outgoing and not mail_encrypted:
+            if is_outgoing:
                 print("Rejected unencrypted mail.", file=sys.stderr)
                 return f"500 Invalid unencrypted mail to <{recipient}>"
 

chatmaild/src/chatmaild/tests/mail-data/securejoin-vc-fake.eml

@@ -0,0 +1,21 @@
+Subject: Message from {from_addr}
+From: <{from_addr}>
+To: <{to_addr}>
+Date: Sun, 15 Oct 2023 16:43:25 +0000
+Message-ID: <Mr.78MWtlV7RAi.goCFzBhCYfy@c2.testrun.org>
+Chat-Version: 1.0
+Secure-Join: vc-request
+Secure-Join-Invitenumber: RANDOM-TOKEN
+MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi"
+
+
+--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi
+Content-Type: text/plain; charset=utf-8
+
+Buy viagra!
+
+
+--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi--
+
+

chatmaild/src/chatmaild/tests/mail-data/securejoin-vc.eml

@@ -0,0 +1,21 @@
+Subject: Message from {from_addr}
+From: <{from_addr}>
+To: <{to_addr}>
+Date: Sun, 15 Oct 2023 16:43:25 +0000
+Message-ID: <Mr.78MWtlV7RAi.goCFzBhCYfy@c2.testrun.org>
+Chat-Version: 1.0
+Secure-Join: vc-request
+Secure-Join-Invitenumber: RANDOM-TOKEN
+MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi"
+
+
+--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi
+Content-Type: text/plain; charset=utf-8
+
+Secure-Join: vc-request
+
+
+--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi--
+
+

chatmaild/src/chatmaild/tests/plugin.py

@@ -69,7 +69,7 @@ def maildata(request):
 
     assert datadir.exists(), datadir
 
-    def maildata(name, from_addr, to_addr, subject="..."):
+    def maildata(name, from_addr, to_addr, subject="[...]"):
         # Using `.read_bytes().decode()` instead of `.read_text()` to preserve newlines.
         data = datadir.joinpath(name).read_bytes().decode()
 

chatmaild/src/chatmaild/tests/test_filtermail.py

@@ -5,7 +5,7 @@ from chatmaild.filtermail import (
     SendRateLimiter,
     check_armored_payload,
     check_encrypted,
-    common_encrypted_subjects,
+    is_securejoin,
 )
 
 
@@ -55,19 +55,28 @@ def test_filtermail_no_encryption_detection(maildata):
     assert not check_encrypted(msg)
 
 
-def test_filtermail_encryption_detection(maildata):
-    for subject in common_encrypted_subjects:
-        msg = maildata(
-            "encrypted.eml",
-            from_addr="1@example.org",
-            to_addr="2@example.org",
-            subject=subject,
-        )
-        assert check_encrypted(msg)
+def test_filtermail_securejoin_detection(maildata):
+    msg = maildata(
+        "securejoin-vc.eml", from_addr="some@example.org", to_addr="other@example.org"
+    )
+    assert is_securejoin(msg)
 
-    # if the subject is not a known encrypted subject value, it is not considered ac-encrypted
-    msg.replace_header("Subject", "Click this link")
-    assert not check_encrypted(msg)
+    msg = maildata(
+        "securejoin-vc-fake.eml",
+        from_addr="some@example.org",
+        to_addr="other@example.org",
+    )
+    assert not is_securejoin(msg)
+
+
+def test_filtermail_encryption_detection(maildata):
+    msg = maildata(
+        "encrypted.eml",
+        from_addr="1@example.org",
+        to_addr="2@example.org",
+        subject="Subject does not matter, will be replaced anyway",
+    )
+    assert check_encrypted(msg)
 
 
 def test_filtermail_no_literal_packets(maildata):
@@ -196,10 +205,20 @@ UN4fiB0KR9JyG2ayUdNJVkXZSZLnHyRgiaadlpUo16LVvw==\r
 =b5Kp\r
 -----END PGP MESSAGE-----\r
 \r
+\r
 """
 
     assert check_armored_payload(payload) == True
 
+    payload = payload.removesuffix("\r\n")
+    assert check_armored_payload(payload) == True
+
+    payload = payload.removesuffix("\r\n")
+    assert check_armored_payload(payload) == True
+
+    payload = payload.removesuffix("\r\n")
+    assert check_armored_payload(payload) == True
+
     payload = """-----BEGIN PGP MESSAGE-----\r
 \r
 HELLOWORLD

cmdeploy/src/cmdeploy/__init__.py

@@ -78,6 +78,11 @@ def _install_remote_venv_with_chatmaild(config) -> None:
         always_copy=True,
     )
 
+    apt.packages(
+        name="install gcc and headers to build crypt_r source package",
+        packages=["gcc", "python3-dev"],
+    )
+
     server.shell(
         name=f"forced pip-install {dist_file.name}",
         commands=[
@@ -212,49 +217,36 @@ def _configure_opendkim(domain: str, dkim_selector: str = "dkim") -> bool:
             commands=[
                 f"opendkim-genkey -D /etc/dkimkeys -d {domain} -s {dkim_selector}"
             ],
-            _sudo=True,
-            _sudo_user="opendkim",
+            _use_su_login=True,
+            _su_user="opendkim",
         )
 
+    service_file = files.put(
+        name="Configure opendkim to restart once a day",
+        src=importlib.resources.files(__package__).joinpath("opendkim/systemd.conf"),
+        dest="/etc/systemd/system/opendkim.service.d/10-prevent-memory-leak.conf",
+    )
+    need_restart |= service_file.changed
+
+
     return need_restart
 
 
-def _install_mta_sts_daemon() -> bool:
-    need_restart = False
+def _uninstall_mta_sts_daemon() -> None:
+    # Remove configuration.
+    files.file("/etc/mta-sts-daemon.yml", present=False)
 
-    config = files.put(
-        name="upload postfix-mta-sts-resolver config",
-        src=importlib.resources.files(__package__).joinpath(
-            "postfix/mta-sts-daemon.yml"
-        ),
-        dest="/etc/mta-sts-daemon.yml",
-        user="root",
-        group="root",
-        mode="644",
+    files.directory("/usr/local/lib/postfix-mta-sts-resolver", present=False)
+
+    files.file("/etc/systemd/system/mta-sts-daemon.service", present=False)
+
+    systemd.service(
+        name="Stop MTA-STS daemon",
+        service="mta-sts-daemon.service",
+        daemon_reload=True,
+        running=False,
+        enabled=False,
     )
-    need_restart |= config.changed
-
-    server.shell(
-        name="install postfix-mta-sts-resolver with pip",
-        commands=[
-            "python3 -m virtualenv /usr/local/lib/postfix-mta-sts-resolver",
-            "/usr/local/lib/postfix-mta-sts-resolver/bin/pip install postfix-mta-sts-resolver",
-        ],
-    )
-
-    systemd_unit = files.put(
-        name="upload mta-sts-daemon systemd unit",
-        src=importlib.resources.files(__package__).joinpath(
-            "postfix/mta-sts-daemon.service"
-        ),
-        dest="/etc/systemd/system/mta-sts-daemon.service",
-        user="root",
-        group="root",
-        mode="644",
-    )
-    need_restart |= systemd_unit.changed
-
-    return need_restart
 
 
 def _configure_postfix(config: Config, debug: bool = False) -> bool:
@@ -658,8 +650,8 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
     debug = False
     dovecot_need_restart = _configure_dovecot(config, debug=debug)
     postfix_need_restart = _configure_postfix(config, debug=debug)
-    mta_sts_need_restart = _install_mta_sts_daemon()
     nginx_need_restart = _configure_nginx(config)
+    _uninstall_mta_sts_daemon()
 
     _remove_rspamd()
     opendkim_need_restart = _configure_opendkim(mail_domain, "opendkim")
@@ -669,18 +661,10 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
         service="opendkim.service",
         running=True,
         enabled=True,
+        daemon_reload=opendkim_need_restart,
         restarted=opendkim_need_restart,
     )
 
-    systemd.service(
-        name="Start and enable MTA-STS daemon",
-        service="mta-sts-daemon.service",
-        daemon_reload=True,
-        running=True,
-        enabled=True,
-        restarted=mta_sts_need_restart,
-    )
-
     # Dovecot should be started before Postfix
     # because it creates authentication socket
     # required by Postfix.
@@ -730,6 +714,11 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
         enabled=True,
         restarted=journald_conf.changed,
     )
+    files.directory(
+        name="Ensure old logs on disk are deleted",
+        path="/var/log/journal/",
+        present=False,
+    )
 
     apt.packages(
         name="Ensure cron is installed",

cmdeploy/src/cmdeploy/chatmail.zone.j2

@@ -16,7 +16,7 @@ www.{{ mail_domain }}.               CNAME {{ mail_domain }}.
 ;
 ; Recommended DNS entries for interoperability and security-hardening
 ;
-{{ mail_domain }}.                   TXT "v=spf1 a:{{ mail_domain }} ~all"
+{{ mail_domain }}.                   TXT "v=spf1 a ~all"
 _dmarc.{{ mail_domain }}.            TXT "v=DMARC1;p=reject;adkim=s;aspf=s"
 
 {% if acme_account_url %}

cmdeploy/src/cmdeploy/dovecot/dovecot.conf.j2

@@ -209,7 +209,7 @@ ssl = required
 ssl_cert = </var/lib/acme/live/{{ config.mail_domain }}/fullchain
 ssl_key = </var/lib/acme/live/{{ config.mail_domain }}/privkey
 ssl_dh = </usr/share/dovecot/dh.pem
-ssl_min_protocol = TLSv1.2
+ssl_min_protocol = TLSv1.3
 ssl_prefer_server_ciphers = yes
 
 

cmdeploy/src/cmdeploy/opendkim/systemd.conf

@@ -0,0 +1,3 @@
+[Service]
+Restart=always
+RuntimeMaxSec=1d

cmdeploy/src/cmdeploy/postfix/main.cf.j2

@@ -20,9 +20,9 @@ smtpd_tls_key_file=/var/lib/acme/live/{{ config.mail_domain }}/privkey
 smtpd_tls_security_level=may
 
 smtp_tls_CApath=/etc/ssl/certs
-smtp_tls_security_level=may
+smtp_tls_security_level=verify
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
-smtp_tls_policy_maps = socketmap:inet:127.0.0.1:8461:postfix
+smtp_tls_policy_maps = inline:{nauta.cu=may}
 smtpd_tls_protocols = >=TLSv1.2
 
 # Disable anonymous cipher suites

cmdeploy/src/cmdeploy/postfix/master.cf.j2

@@ -18,6 +18,7 @@ smtp      inet  n       -       y       -       -       smtpd
 submission inet n       -       y       -       5000    smtpd
   -o syslog_name=postfix/submission
   -o smtpd_tls_security_level=encrypt
+  -o smtpd_tls_mandatory_protocols=>=TLSv1.3
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_sasl_type=dovecot
   -o smtpd_sasl_path=private/auth
@@ -36,6 +37,7 @@ smtps     inet  n       -       y       -       5000    smtpd
   -o syslog_name=postfix/smtps
   -o smtpd_tls_wrappermode=yes
   -o smtpd_tls_security_level=encrypt
+  -o smtpd_tls_mandatory_protocols=>=TLSv1.3
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_sasl_type=dovecot
   -o smtpd_sasl_path=private/auth
@@ -79,7 +81,6 @@ filter    unix -        n       n       -       -       lmtp
 # Local SMTP server for reinjecting filered mail.
 localhost:{{ config.postfix_reinject_port }} inet  n       -       n       -       10      smtpd
   -o syslog_name=postfix/reinject
-  -o smtpd_milters=unix:opendkim/opendkim.sock
   -o cleanup_service_name=authclean
 
 # Cleanup `Received` headers for authenticated mail

cmdeploy/src/cmdeploy/postfix/submission_header_cleanup

@@ -2,3 +2,4 @@
 /^X-Originating-IP:/    IGNORE
 /^X-Mailer:/            IGNORE
 /^User-Agent:/          IGNORE
+/^Subject:/             REPLACE Subject: [...]

cmdeploy/src/cmdeploy/service/chatmail-metadata.service.f

@@ -7,6 +7,7 @@ Restart=always
 RestartSec=30
 User=vmail
 RuntimeDirectory=chatmail-metadata
+UMask=0077
 
 [Install]
 WantedBy=multi-user.target

cmdeploy/src/cmdeploy/service/doveauth.service.f

@@ -7,6 +7,7 @@ Restart=always
 RestartSec=30
 User=vmail
 RuntimeDirectory=doveauth
+UMask=0077
 
 [Install]
 WantedBy=multi-user.target

cmdeploy/src/cmdeploy/tests/online/test_1_basic.py

@@ -1,3 +1,4 @@
+import datetime
 import smtplib
 
 import pytest
@@ -52,6 +53,14 @@ class TestSSHExecutor:
         else:
             pytest.fail("didn't raise exception")
 
+    def test_opendkim_restarted(self, sshexec):
+        """check that opendkim is not running for longer than a day."""
+        out = sshexec(call=remote.rshell.shell, kwargs=dict(command="systemctl status opendkim"))
+        assert type(out) == str
+        since_date_str = out.split("since ")[1].split(";")[0]
+        since_date = datetime.datetime.strptime(since_date_str, "%a %Y-%m-%d %H:%M:%S %Z")
+        assert (datetime.datetime.now() - since_date).total_seconds() < 60 * 60 * 24
+
 
 def test_remote(remote, imap_or_smtp):
     lineproducer = remote.iter_output(imap_or_smtp.logcmd)
@@ -115,6 +124,27 @@ def test_reject_missing_dkim(cmsetup, maildata, from_addr):
             s.sendmail(from_addr=from_addr, to_addrs=recipient.addr, msg=msg)
 
 
+def test_rewrite_subject(cmsetup, maildata):
+    """Test that subject gets replaced with [...]."""
+    user1, user2 = cmsetup.gen_users(2)
+
+    sent_msg = maildata(
+        "encrypted.eml",
+        from_addr=user1.addr,
+        to_addr=user2.addr,
+        subject="Unencrypted subject",
+    ).as_string()
+    user1.smtp.sendmail(from_addr=user1.addr, to_addrs=[user2.addr], msg=sent_msg)
+
+    messages = user2.imap.fetch_all_messages()
+    assert len(messages) == 1
+    rcvd_msg = messages[0]
+    assert "Subject: [...]" not in sent_msg
+    assert "Subject: [...]" in rcvd_msg
+    assert "Subject: Unencrypted subject" in sent_msg
+    assert "Subject: Unencrypted subject" not in rcvd_msg
+
+
 @pytest.mark.slow
 def test_exceed_rate_limit(cmsetup, gencreds, maildata, chatmail_config):
     """Test that the per-account send-mail limit is exceeded."""