Oops, sorry. My initial mail was sent 6 hours ago, but I forgot to Reply-All. Meanwhile, there is already another solution provided.
Ömer > Am 05.02.2025 um 08:19 schrieb Ömer Güven via Postfix-users > <postfix-users@postfix.org>: > > > Hi! > > I didn‘t read the whole thread but I understand that you want to strip > privacy relevant user data from MUA submissions. > > In master.cf, add twice, one for smtps (port 465) and one for submission > (port 587): > > -o cleanup_service_name=submission-header-cleanup > > > Then add this line to the same file: > > submission-header-cleanup unix n - n - 0 cleanup > -o header_checks=regexp:/etc/postfix/submission_header_cleanup > > > Now create the file submission_header_cleanup: > > /^Received:/ IGNORE > /^X-Originating-IP:/ IGNORE > /^X-Mailer:/ IGNORE > /^User-Agent:/ IGNORE > > > And reload/restart postfix. > > Kind regards, > Ömer Güven > >>> Am 05.02.2025 um 02:18 schrieb postfix--- via Postfix-users >>> <postfix-users@postfix.org>: >>> >> >>> >>>> And Smtp header checks get applied to (smtp) mail received by submission on >>>> its way out to the world. >>> NO. "smtp_header_checks" are applied on output to all mail that leaves >>> the system, regardless of how it arrived, whether inbound from a remote >>> source, an SMTP submission, or generated locally. >> >> Yes, this is what I meant, sorry I didn't word it better or acknowledge >> there's more than one way to get an email "in" other than submission. >> "leaves the system" is what i meant when saying "on its way out to the >> world". >> >> >> >>>> main.cf >>>> smtp_header_checks = pcre:/etc/postfix/smtp_header_checks >>>> /etc/postfix/smtp_header_checks: >>>> /^Received:/ IGNORE >>> If the intent is to only censor submission, This is not correct, it will >>> drop all "Received" headers from any mail that is not delivered locally, >>> so entirely unsuitable for relaying non-submission mail, risks mail >>> loops (the Received hop count is no longer effective), ... >> >> I see, I did not consider being a rely. I was coming from a place of my >> server only sends my email, and isn't a relay for other purposes. >> >> What would be the appropriate way to strip submission source IP's in case >> one were to add relaying? >> Or is waiting for the new `smtpd_hide_session_info` the only answer? >> _______________________________________________ >> Postfix-users mailing list -- postfix-users@postfix.org >> To unsubscribe send an email to postfix-users-le...@postfix.org > _______________________________________________ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
