Philip Paeps:
> On 2018-05-02 20:52:46 (+0200), @lbutlr wrote:
> > On 2018-05-01 (04:02 MDT), Philip Paeps <phi...@trouble.is> wrote:
> >> I wonder if it wouldn't be easier to add a configuration option to
> >> smtpd to suitably expurgate Received: headers of sensitive
> >> information.
> >
> > What information in the Received header do you consider sensitive?
>
> When it comes in over submission from authenticated users, I consider
> the HELO hostname, the IP address and the reverse lookup of the IP
> address sensitive. Those data allow the user to be tracked around the
> internet based on where they send email from.
>
> The queue id, the date and the sasl username are sufficient trace
> information to grep in logfiles if something needs to be debugged.
>
> Note that I'm only talking about submission. The trace headers added on
> mail being relayed are perfectly fine.
>
> I'm not sure if there's a tidy way to implement this as an option. The
> hairy header_checks hack also "just works". My mind just rebels against
> something so conceptually simple requiring such a crazy regular
> expresion. :)
Instead of saying what to remove from headers, it would be more
natural to say what should be in headers. Configurable headers (not
just From: or Recived:) are on the wishlist for as long as Postfix
exists.
Wietse
