> I guess we are talking about your auth-user relay instance.

We are indeed.  I am not touching the other instances.


> 
> If that one does not get mail via smtp on port 25, or only gets mail from
> authenticated users via that port, you can move configuration to main.cf.


Indeed that is the case. The only thing that connects to 25 on the auth-user 
instance are the users with credentials. And that is enforced by the config, 
e.g. :

smtpd_recipient_restrictions = 
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_relay_restrictions = 
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

> 
> But I still believe anonymising Received: headers is safer than removing
> them.
> 
> Perhaps milter-regex could be able to anonymize them.
>

I am open to the concept of anonymising but I don't know how since e.g. I do 
not have readily defined subnets because the user-base includes roaming users.

So clearly both the host name and the IP would need to be stripped out of the 
Received header.  In which case, you are left with the obvious "is there much 
point keeping what's left ?" question ... to which my thinking is no ?

To forsee an obvious counter-argument you may put forward, where you may 
suggest to me anonymising the IP on prefix-length, I'd say there's still a risk 
of leakage there.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to