Archive

Posts Tagged ‘remove entries’

Hide your source IP with emails relayed by postfix

2013/01/03 1 comment

I hate giving to much information with emails i send. If you are using a native E-Mail client (e.g. Outlook, Thunderbird, ..) you will most likely relay your email to a mail provider.
E-Mail clients are very chatty programs and do not hesitate to give out as much information form the sender as possible. These includes at least:

– Source IP address (the outgoing IP address of your pc)- Your E-Mail client software (Outlook, Exchange Server aso.)
– The version of your used software

Attackers can use these informations to create specialized attacks against your infrastructure, as your email header provides info that f.e. you are using an old Outlook version with know vulnerabilities.

To prevent this information disclosure i perform the following header_checks on my postfix:

/^Received:/    IGNORE
/^User-Agent:/  IGNORE
/^X-Mailer:/    IGNORE
/^X-MimeOLE:/   IGNORE
/^X-MSMail-Priority:/   IGNORE
/^X-Spam-Status:/   IGNORE
/^X-Spam-Level:/    IGNORE
/^X-Sanitizer:/     IGNORE
/^X-Originating-IP:/    IGNORE

Just add these entries to your header_checks file (e.g /etc/postfix/header_checks) and add

header_checks = regexp:/etc/postfix/header_checks

to your /etc/postfix/main.cf

Thats it! Outgoing mails have now all your internal details removed.

Caution!

To prevent your mails being blocked by the Exchange spam filter, never ever remove the Message-ID with policies like above. Otherwise your e-mails will always arrive in the Junk-Mail folder!