> On Jan 12, 2023, at 2:40 PM, Viktor Dukhovni <postfix-us...@dukhovni.org> > wrote: > > On Thu, Jan 12, 2023 at 01:49:33PM -0500, post...@ptld.com wrote: > >> My solution... >> >> main.cf: >> smtp_header_checks = pcre:/etc/postfix/header_checks_smtp >> >> >> /etc/postfix/header_checks_smtp: >> /^Received:/ IGNORE >> /^X-Originating-Ip:/ IGNORE > > That's a rather radical "solution". More typically one would just drop > "Received" headers known to be added by the local MTA (matching the > hostnname in "by" clause explicitly). As for "X-Originating-Ip:", if > you're the one not adding it, why remove it? And if you are adding it, > then why, if only to remove it?
Also, in my case I'm really looking for a solution to keep the data, but obfuscate it so I don't lose the ability to track down issues with other users who might get their accounts compromised. Roundcube webmail has a neat solution - obviously they can't alter the header, but they do add their own "received" header with the option of "encrypting" it with a fixed key. I'm wondering if that's a "milterable" thing - extract the first received header, crypt it, then put it back in the same place in the headers... Also, pointers to a skeletal perl-based milter are welcome... Thanks, Charles > > -- > Viktor.
signature.asc
Description: Message signed with OpenPGP