At 10:12 PM 23-08-02 -0400, Carolyn Longfoot wrote:
>The problem is that I don't want to thus advertize my internal network
>topology to the world, and instead have a single From: header that shows the
>externally accessible address (such as mail.mydomain.com).
>
>If anybody has any ideas (or better still, actual examples) how to drop
>internal forward headers like that I would really appreciate it. I'm not
>familiar with rewriting rules (if this involves any) so please be gentle.
Security By Obscurity Is No Security At All.
You go around removing Received: headers, what you will get is a gigantic
potential for mail loops.
Also, if that firewall also has NAT setup, RFC 1918 addresses are anyway
not routable on the public internet. If someone breaks into your firewall,
it will be quite trivial for him to discover what your internal network
topology is ...
In short, "not worth the effort".
-srs
