On Tue, 21 Apr 2015, Phillip Carroll wrote:
> From: Phillip Carroll <postmaster@???>
> To: exim-users@???
> Date: Tue, 21 Apr 2015 20:08:20
> Subject: Re: [exim] Changing email headers to reflect server IP when they pass
> through Exim
>
> On rereading what I wrote earlier, I realize I didn't adequately
> explain the process of emailing via SSH tunnel.
>
> The specific SSH client I use in Windows supports the ability
> to forward arbitrary listening ports on the client computer to
> arbitrary destination ports on the SSH connected server.
>
> I use ThunderBird on my desktop as both an IMAP client, and SMTP
> client. ThunderBird is configured to use arbitrary ports on IP
> 127.0.0.1.
>
> The SSH client is configured to listen for these ports and forward
> them to the IMAP and SMTP ports on localhost at the connected SSH
> server. (Exim is the smtp server software, and Dovecot the IMAP
> server software.)
...
When I was looking at SSH tunnels I found the following book a
very useful reference:
"SSH Mastery (OpenSSH, PuTTY, Tunnels and Keys)", Michael W Lucas,
Tilted Windmill Press, 2012, ISBN 97814700697111
It's a few years ago now, but when I was administering exim mail
servers I just modified the Received: header for authenticated users
to omit their IP address:
# We'll also be shy about announcing who we are on the Received
# lines we generate. Also hide the IP addresses of authenticated
# users. No need to expose their home machines to the unwashed
# masses. The information is in the logs if we ever need it.
received_header_text = Received: \
${if and {{def:sender_host_address}{def:authenticated_id}}\
{from authenticated-user }\
{${if def:sender_rcvhost {from $sender_rcvhost\n\t}\
{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}\
${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}}}\
by $primary_hostname \
${if def:received_protocol {with $received_protocol}} \
${if def:tls_cipher {($tls_cipher)}}\
\n\t\
${if def:sender_address \
{(envelope-from <$sender_address>)\n\t}}\
id $message_exim_id\
${if def:received_for {\n\tfor $received_for}}
You could if you wish modify the above to just omit the Received:
header for authenticated users.
--
Dennis Davis <dennisdavis@???>
