Seems a security risk because it shows both the internal address and the
external address of the client, not the server. Which gives a hacker an
easy way to start discovering outside/inside address pairs.
Finding who the user that sent the message is, is identified by the
sending email address. I don't have a problem with that being in the
header, but the IP address pairs of the client machine I'm not all that
comfortable with.
Gary
____________________
Gary Bowling
GBCO.US
[EMAIL PROTECTED]
____________________
Shane Chrisp wrote:
On Thu, 2007-03-22 at 07:55 -0500, Gary Bowling wrote:
When I send a message to someone else, in the headers for the received
message, you get the following:
Received: from unknown (HELO ?192.168.11.10?) ([EMAIL PROTECTED]@70.240.235.119)
by 0 with ESMTPA; 22 Mar 2007 11:50:48 -0000
This header line contains the client machine's internal ip address
(192.168.11.10) which of course is a private address, and also my public
address 70.240.235.119.
These addresses are of the client, the actual toaster server addresses
are above that line along with other header info.
My question is. Is there a way to get rid of my client IP addresses in
the header? Seems like a security risk to me.
Why is the header a security risk? Its a standard smtp auth header added
for trackability and should be left in place so that it can be tracked.
If you remove that information and someone starts pumping spam out of
your network, how are you going to know who its coming from unless you
have that info?
Shane
