> On Jan 12, 2023, at 2:40 PM, Viktor Dukhovni <postfix-us...@dukhovni.org> 
> wrote:
> 
> On Thu, Jan 12, 2023 at 01:49:33PM -0500, post...@ptld.com wrote:
> 
>> My solution...
>> 
>> main.cf:
>>     smtp_header_checks = pcre:/etc/postfix/header_checks_smtp
>> 
>> 
>> /etc/postfix/header_checks_smtp:
>>     /^Received:/           IGNORE
>>     /^X-Originating-Ip:/   IGNORE
> 
> That's a rather radical "solution".  More typically one would just drop
> "Received" headers known to be added by the local MTA (matching the
> hostnname in "by" clause explicitly).  As for "X-Originating-Ip:", if
> you're the one not adding it, why remove it?  And if you are adding it,
> then why, if only to remove it?

Also, in my case I'm really looking for a solution to keep the data, but 
obfuscate it so I don't lose the ability to track down issues with other users 
who might get their accounts compromised.

Roundcube webmail has a neat solution - obviously they can't alter the header, 
but they do add their own "received" header with the option of "encrypting" it 
with a fixed key. I'm wondering if that's a "milterable" thing - extract the 
first received header, crypt it, then put it back in the same place in the 
headers...

Also, pointers to a skeletal perl-based milter are welcome...

Thanks,

Charles

> 
> --
>    Viktor.

Attachment: signature.asc
Description: Message signed with OpenPGP

Reply via email to