Author: Phil Pennock Date: To: Harry Putnam CC: exim-users Subject: Re: [Exim] Home network mailhub
On 2002-03-17 at 16:44 -0800, Harry Putnam wrote: > Starting with the Received header furtherest down in the message
> as 1. I see seven places where my local private network addresses are
> shown.
>
> I'm no rfc expert or even apprentice, but I don't think my local lan
> addresses should be present on internet mail. These are not legal
> addresses, in the sense they can be tracerouted or pinged, from the
> internet.
Received headers can include RFC1918 address space, no problem. They
can include all sorts of things. Including receipt via protocols other
than SMTP. So RFC-wise, as long as the format is correct, you're okay.
Some people with over-enthusiastic spam-filters might notice, though.
> I don't think those addresses should leak out onto the internet
> where they may be taken for legal (domain owned) addresses.
I'm going to answer your request directly, first. As in, providing
exactly what's asked for. Remember to be careful what you ask for. :^)
I'll then give a safer and more reasoned approach to tackling this.
As long as the SMTP Envelope Sender is valid on the network, and the
stuff in the regular non-Received: headers is okay, then you're okay.
It is _possible_ to remove the Received: headers on a transport. You
could then have two similar smtp transports, one with the headers_remote
stuff; then have two routers, the first with a condition which checks
the $sender_host_address against your private netblock and uses the
special transport.
However, you need to think long and hard about this. The mail-loop
detection of last resort is "total number of Received: headers >= 30".
If you start removing Received: headers, then one day you'll be bitten,
and bitten hard.
Another option is to set $received_header_text; make sections of it
conditional upon $sender_host_address and put your sanitised information
in the new header, if so.
In fact, this only really applies to one of the headers. Most of them
look like your primary_hostname needs changing. Where exactly does
"expi.local.lan" come from? If you haven't used primary_hostname in the
main section of your config, then you might want to do so. Does your
DSL provider give dynamic IPs, such that your external hostname will
vary? If so, perhaps it's appropriate to register for an account with
someone like dyndns.org and set:
primary_hostname = youraccountname.dyndns.org
Is running a dynamic DNS update client at connection time a problem for
your setup?
--
<-------- The information went data way