Postfix: How to remove outgoing email headers showing originator's IP, hostname and mail-client used?

Hello,

The topic subject is self-explanatory.
The important note here is that I only want to block outgoing information and preserve this on incoming email.
Can someone please advise how this can be done? I have done some research on the net and tried to IGNORE some headers however it did not work.

I am using Centos.
Any help is much appreciated!

Thank you.

Assuming that it is possible, your mail will end up on limbo or if lucky, it will land on spam.

Why is that?
When someone is emailing you from Gmail or Yahoo, you can’t see their client IP. Isn’t this the same scenario?

If you check the log below using Gmail as the sending email service, the headers contain the source IP which is the Gmail server IPv6:2607:f8b0:4001:c06::22a
The DKIM communication and authentication between my server,Gmail and Google.

The only client was Gmail connecting to Google since this was a website.


Sending an email with forged header (modified) containing no source IP will fail all spam test, invalidate all DKIM test. Without hostname will cause numerous fails though IP can be enough on some cases.

Return-Path: <---@gmail.com> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on pandora.coderinthebox.com X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE autolearn=ham autolearn_force=no version=3.4.0 X-Original-To: info@coderinthebox.com Delivered-To: info-coderinthebox.com@pandora.coderinthebox.com Received: from mail-io0-x22a.google.com (mail-io0-x22a.google.com [IPv6:2607:f8b0:4001:c06::22a]) by pandora.coderinthebox.com (Postfix) with ESMTP id 71B28104CD0 for ; Thu, 10 Mar 2016 09:23:01 +0800 (PHT) Authentication-Results: pandora.coderinthebox.com; dkim=pass reason="2048-bit key; unprotected key" header.d=gmail.com header.i=@gmail.com header.b=cef7WDuh; dkim-adsp=pass Received: by mail-io0-x22a.google.com with SMTP id g203so88381433iof.2 for ; Wed, 09 Mar 2016 17:22:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to; bh=fTyLrn8tvOLDq85OBJrkhVhuy5yFEMoJIAuCt6T9YjA=; b=cef7WDuh3m4FIdGEhyuMNURQfx/4P98FmyNeB3MlohwB5TarL7bJhn1Ge0FuQw16VC FNG52AUawUJgMhxcRjmLM7JXVrKS2+u0TFHDCfoPI3Ui/7fCM7EW1BFrMSXm9XgN8nd4 cXI7u3VVBOekGEGeJgxeYnnJKj3bSf5AICEaRm3FIjs9GbG48gixl9INepNoI89GpvrP L6RKukMuEsqoK3FxYnG2YlBxLcoz6iFn+Q1yGAZku0OWxbFFySExzXU2jj3p+bCDYTOp e4bDumlbm51cCBlxB7IEx9s+8KlZPDN1R6jdNzdPPnxdhwwtMugHteonrW+3S/jAWya1 g7cQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to; bh=fTyLrn8tvOLDq85OBJrkhVhuy5yFEMoJIAuCt6T9YjA=; b=fhECghK+btJ6uh35Bm/xlDahz4LKqg7IIAKg6XbLtmTuUNELjiH4nhS4RbB/pHMQrV kuXJWenAqfz8PHOY23YuF/JsODjV8Jz5I1t03FVyif/m+S05JrPfERrxAgaCGDFM1kRv evaxaYoH8eTSq018aMAP4r95i5Scgss3GRWhCeHsK76KMvhOPkByaISnFS91UVYmzx6v I4qRyT44hkgi9qTpMrVoThNUUrVngR37pKM9mb/e6PJMkxoKRmRxsVPo6Z4SQEEWyUqd R59ymToDC5xEDT3VwdHBY92SUM8LU02muqgiyRkkJcrtnsQEjS9pFTGUKcrxTAP1hWDd a3dQ== X-Gm-Message-State: AD7BkJLqbilTDK69FkJEGXQEITpEPJsnpw0FGgnvuWrxXebSGL21KPJVm+EgegAsBzepDBhu8Z6jnCM4DBlqjA== MIME-Version: 1.0 X-Received: by 10.107.134.202 with SMTP id q71mr792590ioi.74.1457572925281; Wed, 09 Mar 2016 17:22:05 -0800 (PST) Received: by 10.36.29.3 with HTTP; Wed, 9 Mar 2016 17:22:05 -0800 (PST) Date: Thu, 10 Mar 2016 09:22:05 +0800 Message-ID: Subject: hi From: --- <----@gmail.com> To: Info Content-Type: multipart/alternative; boundary=001a113f9c86721fe5052da7a445

I don’t think there is an easy standard way of filtering out mail client headers, e.g., user-agent and IP address. However, you should be able to implement a home-grown solution if you are motivated enough.

I think there are two possible way of doing it. Postfix offers two types of SMTP filters, before-queue and after-queue.

I think the before-queue filter will be easier to implement. Simply create a local smtp proxy that accepts a mail message, strips out selected headers, and feeds the message back to Postfix for further processing. Only mail arriving via ports 465 and 587 would be fed to this smtp proxy. Since only user-generated mail is filtered, the filter doesn’t need to process large amounts of mail, so could be implemented in an interpreted language like Perl or Python.

You can find simple filtering SMTP proxies on the Internet, e.g.: https://github.com/jnorell/smtpprox.

Hi all.

Just to clarify: I only want to conceal IP addresses of the clients that connect to my server in order to send email out. Not the IP/hostname of my virtualmin server.

I have found the following how-to and I have implemented it:
https://realtechtalk.com/Postfix_how_to_secure_outgoing_authenticated_emails_for_privacy_and_hide_the_IP_address_mailer_and_other_things-1573-articles

It appears working and when I send emails out (say to Gmail) they don’t get marked as spam.
The received headers in Gmail show something like this :

Received: from [127.0.0.1] (localhost [127.0.0.1])
by myhostname.mydomainname.com (SERVER-M) with ESMTPSA id 5349EDEDEC

where myhostname.mydomainname.com is my FQDNS name of the virtualmin server and SERVER-M is the config value of mail_name (in postfix configuration).

I have also used this link in order to check if my outgoing emails would be potentially marked as spam and the result was 10/10 (=good). Link: https://www.mail-tester.com/

Can someone please suggest if the above process is safe to use?
Is there maybe another spam-tester like the above that I can use for further tests?

Your thoughts are much appreciated.

Anyone?

It’s great that you were able to filter out the headers as desired by using header_checks.

The cited forum posting at realtechtalk.com is an illegible mess. I did a Google search for [Postfix hide user agent] and found quite a few recipes that are much more readable.

These recipes recognize selected headers and remove then. If the sender’s mail client inserts any other headers, they will not be removed, so there is a potential loss of anonymity.

Assuming you are wanting to provide genuine anonymity to users, a better strategy would be to remove all headers except the ones that you recognize as permitted. This way anonymity will be preserved regardless of which headers the mail client inserts. I don’t know if header_checks can do this. You would need a pattern that matches all headers and does IGNORE on them, and overriding patterns that would match selected headers like From:, To:, Cc:, Date:, etc., and permit them. If you figure out how to do this I hope you will post your recipe because it will be useful for all of us.