Re: [exim] Remvoing local IP address from headers of outboun…

Góra strony
Delete this message
Reply to this message
Autor: W B Hacker
Data:  
Dla: exim users
Temat: Re: [exim] Remvoing local IP address from headers of outbound mail
Ron White wrote:
> On outbound mail I've noticed this header that, for my needs, is 'a bit
> too much detail' insofar as revealing the internal IP of the client:
>
> Received: from munged.com ([x.x.x.x]:52225
> helo=[192.168.5.x]) by host.munged.com with esmtpsa
> (TLSv1:AES256-SHA:256) (Exim 4.71) (envelope-from
> <postmaster@???>) id 1ODwx4-0000zG-Oy for
> recipient@???; Mon, 17 May 2010 10:49:34 +0100
>
>
> What is the best approach to removing the header line detailing from
> outbound smtpa/esmpta but not removing similar items from inbound? I've
> had a quick look at filters and 'remove_header' but before I get bogged
> down in this I would like a reassuring 'that's the right way to go'
> nudge :-)
>
>


The purely technical answer would be to apply [selective] header-stripping to
[one-of] the 'outbound' remote_dns delivery router/transport sets.

'Selective' in that you can use a conditional on a sender, destination, content,
added X-header, acl_m ... or any of many other detectable characteristics to
apply the strip to some subset of all traffic.

'one-of' driven by the above selection criteria.

The broader answer is that this removes information of value in troubleshooting
or providing such small measure of affirming end-to-end message authenticity as
smtp has to offer (eg - not much). IOW - makes it harder for you to deny you
have been spoofed.

After all, if you can and do remove or alter such information, your server no
longer has a claim to credible headers of any other kind.

Selective credibility is like selective virginity. Rare.

In any case, hiding the initial-attach IP doesn't really remove a great deal of
information of value to an entity interested in determining where - or if and
when - you physically sat when you sent the message. There are far better means
for that, and you generally wont be able to detect them anyway.

HTH,

Bill