diff --git a/app/controllers/web/my-account/ensure-paid-to-date.js b/app/controllers/web/my-account/ensure-paid-to-date.js
index 8a8916c731..7e97d926a8 100644
--- a/app/controllers/web/my-account/ensure-paid-to-date.js
+++ b/app/controllers/web/my-account/ensure-paid-to-date.js
@@ -108,11 +108,12 @@ async function ensurePaidToDate(ctx, next) {
...(ctx.state.user[config.userFields.receiptEmail]
? {
cc: [
- ctx.state.user[config.userFields.fullEmail],
- config.email.message.from
+ ctx.state.user[config.userFields.fullEmail]
+ // config.email.message.from
]
}
- : { cc: config.email.message.from }),
+ : {}),
+ // : { cc: config.email.message.from }),
subject: ctx.translate('PAYMENT_PAST_DUE_API_RESTRICTED')
},
locals: { message, user: ctx.state.user.toObject() }
diff --git a/app/views/faq/index.md b/app/views/faq/index.md
index 812cb75cb9..d338819245 100644
--- a/app/views/faq/index.md
+++ b/app/views/faq/index.md
@@ -1127,6 +1127,8 @@ Yes, we support [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#Open
* If you have multiple aliases that match for a given forwarding address (e.g. regex/wildcard/exact combo) and if more than one of these contains an uploaded PGP key and has PGP checked → then we will send you an error alert email and will not encrypt the message with your uploaded PGP key. This is very rare and usually only applies to advanced users with complex alias rules.
* **PGP encryption will not be applied to email forwarding through our MX servers if the sender had a DMARC policy of reject. If you require PGP encryption on *all* mail then we suggest to use our IMAP service and configure your PGP key for your alias for inbound mail.**
+**You can validate your Web Key Directory setup at (open-source) or (proprietary).**
+
diff --git a/assets/.well-known/openpgpkey/policy b/assets/.well-known/openpgpkey/policy
new file mode 100644
index 0000000000..e69de29bb2