Feature wishlist: Allow to hide client IP/host in submission service
Tom Sommer
mail at tomsommer.dk
Tue Aug 27 09:40:19 EEST 2019
On 2019-08-25 20:51, Sebastian Krause via dovecot wrote:
> Hi,
>
> In many mail setups a required feature (for privacy reasons) is to
> hide the host and IP of clients (in the "Received" header) that use
> the authenticated submission over port 587. In Postfix that's
> possible (https://serverfault.com/q/413533/86332), but not very nice
> to configure especially if you only want want to strip the Received
> header for port 587 submissions, but not on port 25.
>
> As far as I can see this configuration is not possible at all in the
> Dovecot submission server because the function which adds the
> Received header with the client's IP address
> (smtp_server_transaction_write_trace_record) is always called in
> submission-commands.c.
>
> It would be very useful if the submission server could anonymize the
> client with a single configuration option, then all the Postfix
> configuration mess (and using SASL) could be skipped by simply using
> the Dovecot submission server instead.
>
> The anonymization would work by replacing the client's EHLO host
> with "submission" and the IP address with 127.0.0.1. In full the
> Received header would look something like this where the first line
> is always the same:
>
> Received: from submission (unknown [127.0.0.1])
> by mail.example.com with ESMTPSA
> id 8bV9D+51Yl1FOwAA1ctoJQ
> (envelope-from <john at example.com>)
> for <jane at example.com>; Sun, 25 Aug 2019 13:50:06 +0200
Check https://github.com/dovecot/core/pull/74
Unsure if it covers Submission though
More information about the dovecot
mailing list