Author: Ron White Date: CC: exim users Subject: Re: [exim] Remvoing local IP address from headers of outbound mail
On Mon, 2010-05-17 at 11:05 -0400, W B Hacker wrote: > Ron White wrote:
> > On outbound mail I've noticed this header that, for my needs, is 'a bit
> > too much detail' insofar as revealing the internal IP of the client:
> >
> > Received: from munged.com ([x.x.x.x]:52225
> > helo=[192.168.5.x]) by host.munged.com with esmtpsa
> > (TLSv1:AES256-SHA:256) (Exim 4.71) (envelope-from
> > <postmaster@???>) id 1ODwx4-0000zG-Oy for
> > recipient@???; Mon, 17 May 2010 10:49:34 +0100
> >
> >
> > What is the best approach to removing the header line detailing from
> > outbound smtpa/esmpta but not removing similar items from inbound? I've
> > had a quick look at filters and 'remove_header' but before I get bogged
> > down in this I would like a reassuring 'that's the right way to go'
> > nudge :-)
> >
> >
>
> The purely technical answer would be to apply [selective] header-stripping to
> [one-of] the 'outbound' remote_dns delivery router/transport sets.
>
> 'Selective' in that you can use a conditional on a sender, destination, content,
> added X-header, acl_m ... or any of many other detectable characteristics to
> apply the strip to some subset of all traffic.
>
> 'one-of' driven by the above selection criteria.
>
> The broader answer is that this removes information of value in troubleshooting
> or providing such small measure of affirming end-to-end message authenticity as
> smtp has to offer (eg - not much). IOW - makes it harder for you to deny you
> have been spoofed.
>
> After all, if you can and do remove or alter such information, your server no
> longer has a claim to credible headers of any other kind.
>
> Selective credibility is like selective virginity. Rare.
>
> In any case, hiding the initial-attach IP doesn't really remove a great deal of
> information of value to an entity interested in determining where - or if and
> when - you physically sat when you sent the message. There are far better means
> for that, and you generally wont be able to detect them anyway.
>
> HTH,
>
> Bill
> Thanks for the reply Bill. The key bit I want to remove is the internal
IP address (192.x.x.x). This is really unwelcome in outbound mail and
serves no useful purpose other than to potentially identify a host
behind a firewall/nat device - this I could do from the logs without
letting *the world* know details of the lan host.
I appreciate that it has it's useful places and in part it comes down to
how the client HELO's, but it's a bit of a privacy issue for me. The
external IP I have no issue with - just the LAN client showing up.
>From a troubleshooting perspective logging gives me what I need :-) And very good logging it is too may I add!
So I guess I can do this in the accept authenticated * acl stanza
somehow? I'll look into it and see how far I get.