On Thu, 2007-03-22 at 07:55 -0500, Gary Bowling wrote: > When I send a message to someone else, in the headers for the received > message, you get the following: > > Received: from unknown (HELO ?192.168.11.10?) ([EMAIL > PROTECTED]@70.240.235.119) > by 0 with ESMTPA; 22 Mar 2007 11:50:48 -0000 > > > This header line contains the client machine's internal ip address > (192.168.11.10) which of course is a private address, and also my public > address 70.240.235.119. > > These addresses are of the client, the actual toaster server addresses > are above that line along with other header info. > > My question is. Is there a way to get rid of my client IP addresses in > the header? Seems like a security risk to me.
Why is the header a security risk? Its a standard smtp auth header added for trackability and should be left in place so that it can be tracked. If you remove that information and someone starts pumping spam out of your network, how are you going to know who its coming from unless you have that info? Shane
