Request: option to hide user IP/HELO content from mail sent via submissiond
Lee Maguire
lee at openrightsgroup.org
Fri Oct 19 19:55:21 EEST 2018
For reasons of user privacy and security I usually configure submission servers to not include accurate IP address and HELO information of authenticated users. (Usually replacing it with a private-use domain / IPv6 address.)
Dovecot submission (2.3.2) will produce a header something like this (where “10.22.36.10" is a public IP address)
Received: from [192.168.1.184] ([10.22.36.10])
by x.example.com with ESMTPSA
id xY/yDFD9yVtsFwAARu9lhg
(envelope-from <test at example.com>)
for <test at example.net>; Fri, 19 Oct 2018 18:50:40 +0100
It would be good if a local administrator could override the trace “from” content with syntactically valid, but privacy respecting, content. e.g.
Received: from submission.local ([fdf7:c4e4:1c1e::10])
by x.example.com with ESMTPSA
id xY/yDFD9yVtsFwAARu9lhg
(envelope-from <test at example.com>)
for <test at example.net>; Fri, 19 Oct 2018 18:50:40 +0100
RFC 5321 specifies that the “from” MUST exist but only specifies that the content SHOULD be the source host. (Assuming that Submission is “an SMTP environment”. RFC 6409 makes some provision for header rewriting to hide machine names. https://tools.ietf.org/html/rfc6409#section-8.8 )
https://tools.ietf.org/html/rfc5321#section-4.4
The FROM clause, which MUST be supplied in an SMTP environment,
SHOULD contain both (1) the name of the source host as presented
in the EHLO command and (2) an address literal containing the IP
address of the source, determined from the TCP connection.
More information about the dovecot
mailing list