Ron White wrote: > On outbound mail I've noticed this header that, for my needs, is 'a bit > too much detail' insofar as revealing the internal IP of the client: > > Received: from munged.com ([x.x.x.x]:52225 > helo=[192.168.5.x]) by host.munged.com with esmtpsa > (TLSv1:AES256-SHA:256) (Exim 4.71) (envelope-from > <[email protected]>) id 1ODwx4-0000zG-Oy for > [email protected]; Mon, 17 May 2010 10:49:34 +0100 > > > What is the best approach to removing the header line detailing from > outbound smtpa/esmpta but not removing similar items from inbound? I've > had a quick look at filters and 'remove_header' but before I get bogged > down in this I would like a reassuring 'that's the right way to go' > nudge :-) > >
The purely technical answer would be to apply [selective] header-stripping to [one-of] the 'outbound' remote_dns delivery router/transport sets. 'Selective' in that you can use a conditional on a sender, destination, content, added X-header, acl_m ... or any of many other detectable characteristics to apply the strip to some subset of all traffic. 'one-of' driven by the above selection criteria. The broader answer is that this removes information of value in troubleshooting or providing such small measure of affirming end-to-end message authenticity as smtp has to offer (eg - not much). IOW - makes it harder for you to deny you have been spoofed. After all, if you can and do remove or alter such information, your server no longer has a claim to credible headers of any other kind. Selective credibility is like selective virginity. Rare. In any case, hiding the initial-attach IP doesn't really remove a great deal of information of value to an entity interested in determining where - or if and when - you physically sat when you sent the message. There are far better means for that, and you generally wont be able to detect them anyway. HTH, Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
