On 2 Jan 2007, at 06:25, Joachim Boltz wrote: > > due to privacy issues I want to strip the IP address of authenticated > users from the received header. Currently i am adding a special header > in a content ACL when i receive mail from authenticated users: >
well, read the current thread by subject "replace Received: from" and use the information in the specs pointed out by John. Although not experimented, I would just replace the Received: header with the string you give below for authenticated senders. [...] > if $header_X-authenticated-user: is $message_id > then > headers remove Received > headers remove X-authenticated-user > headers add "Received: from 127.0.0.1 \n \t \ > by foo.example\n \t \ > id $message_id \n \t \ > for ???; $tod_full" > endif > > > > this works, but the filter always adds the new received header at the > bottom of the header list. and i don't know how to get the "for" > address. well, it depends on what the for address is for you... I can guess, it must be the sender. Then look again in the specs! "$sender_address When a message is being processed, this variable contains the sender’s address that was received in the message’s envelope. For bounce messages, the value of this variable is the empty string. See also $return_path." Clearly, if you do not valdate this address against the authentication data, it could be forged. Giuliano -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
