Feature wishlist: Allow to hide client IP/host in submission service
Tom Sommer
mail at tomsommer.dk
Wed Aug 28 15:24:10 EEST 2019
On 2019-08-28 14:07, Timo Sirainen via dovecot wrote:
> On 25 Aug 2019, at 21.51, Sebastian Krause via dovecot
> <dovecot at dovecot.org> wrote:
>>
>> Hi,
>>
>> In many mail setups a required feature (for privacy reasons) is to
>> hide the host and IP of clients (in the "Received" header) that use
>> the authenticated submission over port 587. In Postfix that's
>> possible (https://serverfault.com/q/413533/86332), but not very nice
>> to configure especially if you only want want to strip the Received
>> header for port 587 submissions, but not on port 25.
>>
>> As far as I can see this configuration is not possible at all in the
>> Dovecot submission server because the function which adds the
>> Received header with the client's IP address
>> (smtp_server_transaction_write_trace_record) is always called in
>> submission-commands.c.
>>
>> It would be very useful if the submission server could anonymize the
>> client with a single configuration option, then all the Postfix
>> configuration mess (and using SASL) could be skipped by simply using
>> the Dovecot submission server instead.
>
> Yeah, it would be useful to hide the client's IP and do it by default.
> Actually I think there shouldn't even be an option to not hide it. Or
> would it be better or worse to just not have the Received header added
> at all?
Better to just remove the Received header entirely.
Make lmtp_add_received_headers work on submission as well, maybe?
More information about the dovecot
mailing list