On 2018-05-02 20:52:46 (+0200), @lbutlr wrote:
On 2018-05-01 (04:02 MDT), Philip Paeps <phi...@trouble.is> wrote:
I wonder if it wouldn't be easier to add a configuration option to
smtpd to suitably expurgate Received: headers of sensitive
information.
What information in the Received header do you consider sensitive?
When it comes in over submission from authenticated users, I consider
the HELO hostname, the IP address and the reverse lookup of the IP
address sensitive. Those data allow the user to be tracked around the
internet based on where they send email from.
The queue id, the date and the sasl username are sufficient trace
information to grep in logfiles if something needs to be debugged.
Note that I'm only talking about submission. The trace headers added on
mail being relayed are perfectly fine.
I'm not sure if there's a tidy way to implement this as an option. The
hairy header_checks hack also "just works". My mind just rebels against
something so conceptually simple requiring such a crazy regular
expresion. :)
Philip
--
Philip Paeps
Senior Reality Engineer
Ministry of Information
