id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc
19549,Please remove X-Mailer from class-phpmailer,jwz,westi,"It is nobody's business what software I am using to send mail, or what version number it is. Providing version numbers of server-side packages to strangers is an unnecessary security exposure.  With each update to WordPress, I apply this patch.  I would appreciate it if you would either include this patch yourselves, or provide a hook where I can do this myself without modifying the source.


{{{
--- wp-includes/class-phpmailer.php	5 Jul 2011 20:53:19 -0000	1.3
+++ wp-includes/class-phpmailer.php	14 Dec 2011 19:43:32 -0000
@@ -1129,8 +1129,8 @@
     } else {
       $result .= sprintf(""Message-ID: <%s@%s>%s"", $uniq_id, $this->ServerHostname(), $this->LE);
     }
-// jwz: no.    $result .= $this->HeaderLine('X-Priority', $this->Priority);
-// jwz: no.    $result .= $this->HeaderLine('X-Mailer', 'PHPMailer (phpmailer.sourceforge.net) [version ' . $this->Version . ']');
+    $result .= $this->HeaderLine('X-Priority', $this->Priority);
+    $result .= $this->HeaderLine('X-Mailer', 'PHPMailer '.$this->Version.' (phpmailer.sourceforge.net)');
 
     if($this->ConfirmReadingTo != '') {
       $result .= $this->HeaderLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>');

}}}",enhancement,assigned,normal,Future Release,External Libraries,3.3,minor,,has-patch commit 3.5-early 2nd-opinion,clearsite