GDPR/sender-ip (was: make received-header on submission optional or at least drop the ip in it)