This post is intended for people who want to set up Postfix to remove specific headers within emails that pass through their systems. The most common use for this is to set up a relaying server that will remove any reference of where source emails originated and relevant information about the sender’s computer. Another useful application for this type of header_checks is to remove details about additional functions of your mail server that you do not want made available to the world.
This guide focuses on postfix’s header_checks capabilities, and although there are other ways to do so, we’ve found that this is by far the simplest.
Use these instructions at your own risk. Never test things out in a production environment!
In order for this to work, your main.cf file will have to have a reference to the header_checks file as follows:
header_checks = regexp:/etc/postfix/maps/header_checks
It is recomended that you keep all of your postfix map files in one directory along with any checks files. In this case, these will be kept in /etc/postfix/maps.
In addition to any spam filters (see our header_checks file for more information), the below lines should be added to your header_checks file to preserve privacy and remove headers for the internal operations of your mail server:
# Sample For Dropping Headers: #/^Header: IfContains/ IGNORE /^Received: from 127.0.0.1/ IGNORE /^User-Agent:/ IGNORE /^X-Mailer:/ IGNORE /^X-Originating-IP:/ IGNORE
Each line above will search for headers tha have the content between the /^ and the / and will remove each line within the email headers that matches. As an example, the line “/^Received: from 127.0.0.1 .*/ IGNORE” will erase any lines from the email headers that list previous handoffs from an internal mail process to another. This is most commonly used for antivirus or antispam functions on a mail server.
The following lines are related to Anomy Sanitizer and SpamAssassin – two very useful products. These three lines will remove references from the headers for the two software packages, making sure that the users of the system will not easily identify the software that is running on the back end.
# Sample For Dropping Headers: #/^Header: IfContains/ IGNORE /^Received: from 127.0.0.1/ IGNORE /^X-Sanitizer:/ IGNORE /^X-Spam-Status:/ IGNORE /^X-Spam-Level:/ IGNORE
If one were to want to remove all headers relevant to personal information and previous hosts on which the email has passed, the following would be a possible configuration. Note that by removing all of this information, some mail servers will automatically identify emails passing through this system as spam. You will also be removing useful information for troubleshooting any problems that may arise with the mail server.
# Sample For Dropping Headers: #/^Header: IfContains/ IGNORE /^Received:/ IGNORE /^User-Agent:/ IGNORE /^Message-ID:/ IGNORE /^X-Mailer:/ IGNORE /^X-MimeOLE:/ IGNORE /^X-MSMail-Priority:/ IGNORE /^X-Spam-Status:/ IGNORE /^X-Spam-Level:/ IGNORE /^X-Sanitizer:/ IGNORE /^X-Originating-IP:/ IGNORE
Hopefully this will help you clean your mail headers up!
Leave a Reply