I'll give this a look somewhat soon.
Op 19-10-2018 om 18:55 schreef Lee Maguire:
For reasons of user privacy and security I usually configure submission servers
to not include accurate IP address and HELO information of authenticated users.
(Usually replacing it with a private-use domain / IPv6 address.)
Dovecot submission (2.3.2) will produce a header something like this (where
“10.22.36.10" is a public IP address)
Received: from [192.168.1.184] ([10.22.36.10])
by x.example.com with ESMTPSA
id xY/yDFD9yVtsFwAARu9lhg
(envelope-from <t...@example.com>)
for <t...@example.net>; Fri, 19 Oct 2018 18:50:40 +0100
It would be good if a local administrator could override the trace “from”
content with syntactically valid, but privacy respecting, content. e.g.
Received: from submission.local ([fdf7:c4e4:1c1e::10])
by x.example.com with ESMTPSA
id xY/yDFD9yVtsFwAARu9lhg
(envelope-from <t...@example.com>)
for <t...@example.net>; Fri, 19 Oct 2018 18:50:40 +0100
RFC 5321 specifies that the “from” MUST exist but only specifies that the
content SHOULD be the source host. (Assuming that Submission is “an SMTP
environment”. RFC 6409 makes some provision for header rewriting to hide
machine names. https://tools.ietf.org/html/rfc6409#section-8.8 )
https://tools.ietf.org/html/rfc5321#section-4.4
The FROM clause, which MUST be supplied in an SMTP environment,
SHOULD contain both (1) the name of the source host as presented
in the EHLO command and (2) an address literal containing the IP
address of the source, determined from the TCP connection.
