Request: option to hide user IP/HELO content from mail sent via submissiond
For reasons of user privacy and security I usually configure submission servers to not include accurate IP address and HELO information of authenticated users. (Usually replacing it with a private-use domain / IPv6 address.)
Dovecot submission (2.3.2) will produce a header something like this (where “10.22.36.10" is a public IP address)
Received: from [192.168.1.184] ([10.22.36.10]) by x.example.com with ESMTPSA id xY/yDFD9yVtsFwAARu9lhg (envelope-from test@example.com) for test@example.net; Fri, 19 Oct 2018 18:50:40 +0100
It would be good if a local administrator could override the trace “from” content with syntactically valid, but privacy respecting, content. e.g.
Received: from submission.local ([fdf7:c4e4:1c1e::10]) by x.example.com with ESMTPSA id xY/yDFD9yVtsFwAARu9lhg (envelope-from test@example.com) for test@example.net; Fri, 19 Oct 2018 18:50:40 +0100
RFC 5321 specifies that the “from” MUST exist but only specifies that the content SHOULD be the source host. (Assuming that Submission is “an SMTP environment”. RFC 6409 makes some provision for header rewriting to hide machine names. https://tools.ietf.org/html/rfc6409#section-8.8 )
https://tools.ietf.org/html/rfc5321#section-4.4 The FROM clause, which MUST be supplied in an SMTP environment, SHOULD contain both (1) the name of the source host as presented in the EHLO command and (2) an address literal containing the IP address of the source, determined from the TCP connection.
I'll give this a look somewhat soon.
Op 19-10-2018 om 18:55 schreef Lee Maguire:
For reasons of user privacy and security I usually configure submission servers to not include accurate IP address and HELO information of authenticated users. (Usually replacing it with a private-use domain / IPv6 address.)
Dovecot submission (2.3.2) will produce a header something like this (where “10.22.36.10" is a public IP address)
Received: from [192.168.1.184] ([10.22.36.10]) by x.example.com with ESMTPSA id xY/yDFD9yVtsFwAARu9lhg (envelope-from test@example.com) for test@example.net; Fri, 19 Oct 2018 18:50:40 +0100
It would be good if a local administrator could override the trace “from” content with syntactically valid, but privacy respecting, content. e.g.
Received: from submission.local ([fdf7:c4e4:1c1e::10]) by x.example.com with ESMTPSA id xY/yDFD9yVtsFwAARu9lhg (envelope-from test@example.com) for test@example.net; Fri, 19 Oct 2018 18:50:40 +0100
RFC 5321 specifies that the “from” MUST exist but only specifies that the content SHOULD be the source host. (Assuming that Submission is “an SMTP environment”. RFC 6409 makes some provision for header rewriting to hide machine names. https://tools.ietf.org/html/rfc6409#section-8.8 )
https://tools.ietf.org/html/rfc5321#section-4.4 The FROM clause, which MUST be supplied in an SMTP environment, SHOULD contain both (1) the name of the source host as presented in the EHLO command and (2) an address literal containing the IP address of the source, determined from the TCP connection.
On 2018-10-19 18:55, Lee Maguire wrote:
For reasons of user privacy and security I usually configure submission servers to not include accurate IP address and HELO information of authenticated users. (Usually replacing it with a private-use domain / IPv6 address.)
participants (3)
-
Lee Maguire
-
Stephan Bosch
-
Tom Sommer