[Dovecot] Are host names a secret?
Robert Schetterer
robert at schetterer.org
Fri Jul 17 12:10:32 EEST 2009
Axel Luttgens schrieb:
> Le 17 juil. 09 à 00:45, Ralph Seichter a écrit :
>
>> Axel Luttgens wrote:
>>
>>> [...]
>>> What shouldn't be allowed wrt RFC rules, unless I'm wrong: at any time,
>>> the user should be able to trace the path of a received message (an SMTP
>>> server MUST add a Received header, never remove or modify such a
>>> header).
>>
>> Stripping "Received" headers at an outbound SMTP gateway to obscure
>> internal server infrastructure is a common practice, and there is
>> nothing wrong about it.
>
> You're right, of course. I was too focused on "regular" headers, without
> thinking about those headers that may be internally produced by an
> infrastructure.
>
> Thanks,
> Axel
if somebody likes to delete ip or hostname stuff in postfix
you may use i.e
/^received:.*ip\.add\.re\.ss/ IGNORE
in header_checks
there are a few reasons sombody might hide
i.e internal ips/hostnames
i.e i remember an antispamsolution
( which was teribble missconfigured ) of a big american
university , that interpreted all dynamic ip ( the whole net of german
telekom) in the header
instead of the last mailrelay ip and therefore it leads to bouncing
all mail delivered over the mailrelay
anyway hostnames are not secret, and manipulate headers is not recommended
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
More information about the dovecot
mailing list