diff -uNr postfix-2.2.1.orig/man/man8/smtpd.8 postfix-2.2.1/man/man8/smtpd.8
--- postfix-2.2.1.orig/man/man8/smtpd.8	2005-03-09 21:07:45.000000000 +0100
+++ postfix-2.2.1/man/man8/smtpd.8	2005-03-22 12:02:07.530662144 +0100
@@ -199,6 +199,8 @@
 version of the AUTH command (RFC 2554).
 .IP "\fBsmtpd_sasl_auth_enable (no)\fR"
 Enable SASL authentication in the Postfix SMTP server.
+.IP "\fBsmtpd_sasl_authenticated_header (no)\fR"
+Enable appending SASL authenticated username in Received message header.
 .IP "\fBsmtpd_sasl_application_name (smtpd)\fR"
 The application name used for SASL server initialization.
 .IP "\fBsmtpd_sasl_local_domain (empty)\fR"
diff -uNr postfix-2.2.1.orig/proto/postconf.proto postfix-2.2.1/proto/postconf.proto
--- postfix-2.2.1.orig/proto/postconf.proto	2005-03-09 20:48:30.000000000 +0100
+++ postfix-2.2.1/proto/postconf.proto	2005-03-22 11:46:11.849947696 +0100
@@ -5165,6 +5165,13 @@
 See the SASL_README file for SASL configuration and operation details.
 </p>
 
+/PARAM smtpd_sasl_authenticated_header no
+
+<p>
+Enable appending special field to Received message header, which contains
+SASL authenticated user name.
+</p>
+
 %PARAM smtpd_sasl_exceptions_networks 
 
 <p>
diff -uNr postfix-2.2.1.orig/proto/postconf.spec postfix-2.2.1/proto/postconf.spec
--- postfix-2.2.1.orig/proto/postconf.spec	2004-10-25 22:59:01.000000000 +0200
+++ postfix-2.2.1/proto/postconf.spec	2005-03-22 11:46:48.365396504 +0100
@@ -288,6 +288,7 @@
 %CLASS smtpd-sasl
 %PARAM smtpd_sasl_application_name
 %PARAM smtpd_sasl_auth_enable
+%PARAM smtpd_sasl_authenticated_header
 %PARAM smtpd_sasl_local_domain
 %PARAM smtpd_sasl_security_options
 %PARAM smtpd_sender_login_maps
diff -uNr postfix-2.2.1.orig/src/global/mail_params.h postfix-2.2.1/src/global/mail_params.h
--- postfix-2.2.1.orig/src/global/mail_params.h	2005-02-27 16:06:07.000000000 +0100
+++ postfix-2.2.1/src/global/mail_params.h	2005-03-18 13:09:29.000000000 +0100
@@ -1177,6 +1177,10 @@
 #define DEF_SMTPD_SASL_ENABLE	0
 extern bool var_smtpd_sasl_enable;
 
+#define VAR_SMTPD_SASL_AUTHENTICATED_HEADER	"smtpd_sasl_authenticated_header"
+#define DEF_SMTPD_SASL_AUTHENTICATED_HEADER	0
+extern bool var_smtpd_sasl_authenticated_header;
+
 #define VAR_SMTPD_SASL_OPTS	"smtpd_sasl_security_options"
 #define DEF_SMTPD_SASL_OPTS	"noanonymous"
 extern char *var_smtpd_sasl_opts;
diff -uNr postfix-2.2.1.orig/src/smtpd/smtpd.c postfix-2.2.1/src/smtpd/smtpd.c
--- postfix-2.2.1.orig/src/smtpd/smtpd.c	2005-03-09 21:07:43.000000000 +0100
+++ postfix-2.2.1/src/smtpd/smtpd.c	2005-03-22 11:51:30.371525056 +0100
@@ -178,6 +178,8 @@
 /* .IP "\fBsmtpd_sasl_security_options (noanonymous)\fR"
 /*	Restrict what authentication mechanisms the Postfix SMTP server
 /*	will offer to the client.
+/* .IP \"fsmtpd_sasl_authenticated_header (no)\fR"
+/*      Append SASL authenticated username in Received header line.
 /* .IP "\fBsmtpd_sender_login_maps (empty)\fR"
 /*	Optional lookup table with the SASL login names that own sender
 /*	(MAIL FROM) addresses.
@@ -854,6 +856,7 @@
 int     var_smtpd_junk_cmd_limit;
 int     var_smtpd_rcpt_overlim;
 bool    var_smtpd_sasl_enable;
+bool	var_smtpd_sasl_authenticated_header;
 char   *var_smtpd_sasl_opts;
 char   *var_smtpd_sasl_appname;
 char   *var_smtpd_sasl_realm;
@@ -1984,6 +1987,11 @@
 			    "\t(No client certificate requested)");
 	}
 #endif
+#ifdef USE_SASL_AUTH
+	if (var_smtpd_sasl_authenticated_header && state->sasl_username) {
+		out_fprintf(out_stream, REC_TYPE_NORM, "\t(Authenticated sender: %s)", state->sasl_username);
+	}
+#endif
 	if (state->rcpt_count == 1 && state->recipient) {
 	    out_fprintf(out_stream, REC_TYPE_NORM,
 			state->cleanup ? "\tby %s (%s) with %s id %s" :
@@ -3361,6 +3369,7 @@
 	VAR_DISABLE_VRFY_CMD, DEF_DISABLE_VRFY_CMD, &var_disable_vrfy_cmd,
 	VAR_ALLOW_UNTRUST_ROUTE, DEF_ALLOW_UNTRUST_ROUTE, &var_allow_untrust_route,
 	VAR_SMTPD_SASL_ENABLE, DEF_SMTPD_SASL_ENABLE, &var_smtpd_sasl_enable,
+	VAR_SMTPD_SASL_AUTHENTICATED_HEADER, DEF_SMTPD_SASL_AUTHENTICATED_HEADER, &var_smtpd_sasl_authenticated_header,
 	VAR_BROKEN_AUTH_CLNTS, DEF_BROKEN_AUTH_CLNTS, &var_broken_auth_clients,
 	VAR_SHOW_UNK_RCPT_TABLE, DEF_SHOW_UNK_RCPT_TABLE, &var_show_unk_rcpt_table,
 	VAR_SMTPD_REJ_UNL_FROM, DEF_SMTPD_REJ_UNL_FROM, &var_smtpd_rej_unl_from,
diff -uNr postfix-2.2.1.orig/src/smtpd/smtpd_check.c postfix-2.2.1/src/smtpd/smtpd_check.c
--- postfix-2.2.1.orig/src/smtpd/smtpd_check.c	2005-03-05 02:13:10.000000000 +0100
+++ postfix-2.2.1/src/smtpd/smtpd_check.c	2005-03-18 13:10:14.000000000 +0100
@@ -4558,6 +4558,7 @@
 }
 
 bool    var_smtpd_sasl_enable = 0;
+bool	var_smtpd_sasl_authenticated_header = 0;
 
 #ifdef USE_SASL_AUTH