How removes the Received line
Posted: 14 May 2018 23:48
How to remove the Received line on the EFA.
when sending out emails using the EFA, the reciepient recieves your internal network information, like your exchange/mail server FQDN and internal IP which is risky.
this is a example of my messages header before i configured the EFA. as you see it shows the name of my exchange server EX02, my WAN IP 50.20.40.66 and my lan IP 10.10.44.6
so let get to work to secure our EFA.
first go to and find this line
add the next line with two spaces at the beginnen.
the result should looks like this.
go to at the end of the header_checks
the header_checks before
after we replaced the code
restart your postfix and mailscanner services
the result of my message headers:
the result of my IP address
as you can see we have secured our EFA to not send out our internal LAN info to the reciepent server appliance.
if you have any questions feel free to ask.
Please note this will be on the next release V4.
when sending out emails using the EFA, the reciepient recieves your internal network information, like your exchange/mail server FQDN and internal IP which is risky.
this is a example of my messages header before i configured the EFA. as you see it shows the name of my exchange server EX02, my WAN IP 50.20.40.66 and my lan IP 10.10.44.6
Code: Select all
X-Greylist: from auto-whitelisted by SQLgrey-1.8.0
Received: from filter.jamerson.com (mail.jamerson.com [50.20.40.66])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by filter.dks.com (Postfix) with ESMTPS id 1B499440061
for <EFA@dks.com>; Mon, 14 May 2018 18:44:19 +0200 (CEST)
X-Spam-Status: No
X-jamerson-MailScanner-EFA-Watermark: 1526921060.52464@64NaYBHWK00+zhChFd6+kQ
X-jamerson-MailScanner-EFA-From: julien@jamerson.com
X-jamerson-MailScanner-EFA: Found to be clean
X-jamerson-MailScanner-EFA-ID: 4F93B400B5.AA8B6
X-jamerson-MailScanner-EFA-Information: Please contact info@jamerson.com for more information
Received: from filter.jamerson.com (mail.jamerson.com [10.10.44.6])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by filter.jamerson.com (Postfix) with ESMTPS id 4F93B400B5
for <EFA@dks.com>; Mon, 14 May 2018 18:44:17 +0200 (CEST)
Received: from EX02.jamerson.com (10.10.44.6) by EX02.jamerson.com
(10.10.44.6) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1466.3; Mon, 14 May
2018 18:44:26 +0200
Received: from EX02.jamerson.com ([::1]) by EX02.jamerson.com ([::1])
with mapi id 15.01.1466.008; Mon, 14 May 2018 18:44:26 +0200
From: Julien Angelo <julien@jamerson.com>
To: EFA B.V. <EFA@dks.com>
Subject: Re: Test
Thread-Topic: Test
Thread-Index: AQHTycJY2bz2+vxdSEihX+aRJcTDYqPr8XEpgAF91fD////JUIAhtOoQgCCOGIA=
Date: Mon, 14 May 2018 16:44:26 +0000
Message-ID: <69E4F924-312E-463F-A8C9-4D40929F41D5@jamerson.com>
References: <5b12c848a9ad43fc86418914fbb24b78@EX-DKS.DKS.lan>
<26c84ba8681c4d9ca581d96c8cff8706@jamerson.com>
<16d89b6ecfde4d6fb4c5e303fe46ff7d@EX-DKS.DKS.lan>
<4310959185664e5b80a2e72fbb977c51@jamerson.com>
<4d9bb6ba7de24eef8f22e767085afd8c@EX-DKS.DKS.lan>
In-Reply-To: <4d9bb6ba7de24eef8f22e767085afd8c@EX-DKS.DKS.lan>
Accept-Language: en-US
Content-Language: nl-NL
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:Code: Select all
50.20.40.66
mail.jamerson.com
Netherlands
[ ]
[ ]
[ ]
[ ]
10.10.44.5
(Private Network)
(Private Network)
[ ]
[ ]
[ ]
[ ]
::1
(Localhost)
(Localhost)
first go to
Code: Select all
/etc/postfix/master.cfCode: Select all
cleanup unix n - n - 0 cleanupCode: Select all
-o header_checks=pcre:/etc/postfix/header_checksthe result should looks like this.
Code: Select all
#628 inet n - n - - qmqpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
-o header_checks=pcre:/etc/postfix/header_checks
qmgr fifo n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounceCode: Select all
/etc/postfix/header_checksthe header_checks before
Code: Select all
#
# HEADER_CHECKS(5)
/^Received:/ HOLD
after we replaced the code
Code: Select all
/^Received:.*10.10.44.6/ IGNORE
/^Received:/ HOLD
restart your postfix and mailscanner services
Code: Select all
sudo service postfix restart
sudo service mailscanner restartthe result of my message headers:
Code: Select all
X-Greylist: from auto-whitelisted by SQLgrey-1.8.0
Received: from filter.jamerson.com (mail.jamerson.com [50.20.40.66])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by filter.dks.com (Postfix) with ESMTPS id 94E9E440061
for <EFA@dks.com>; Tue, 15 May 2018 01:04:53 +0200 (CEST)
X-Spam-Status: No
X-jamerson-MailScanner-EFA-Watermark: 1526943879.4864@quXLOcZ8eoAh9G2Ls5nq+w
X-jamerson-MailScanner-EFA-From: julien@jamerson.com
X-jamerson-MailScanner-EFA: Found to be clean
X-jamerson-MailScanner-EFA-ID: 48981400B5.A697C
X-jamerson-MailScanner-EFA-Information: Please contact info@jamerson.com for more information
Received: from EX02.jamerson.com ([::1]) by EX02.jamerson.com ([::1])
with mapi id 15.01.1466.008; Tue, 15 May 2018 01:04:47 +0200
From: julien angelo <julien@jamerson.com>
To: EFA B.V. <EFA@dks.com>
Subject: Re: Test IP-check
Thread-Topic: Test IP-check
Thread-Index: AQHT66dZaTN8b87MaUqqZwVsg8656qQveJ3wgAAAi4CAAACrgIAAXrqA
Date: Mon, 14 May 2018 23:04:47 +0000
Message-ID: <DC96744A-3E13-4DF3-A55D-7A30B452FC99@jamerson.com>
References: <DC932800-B896-451E-93FA-8D8F06C001C7@jamerson.com>
<5a39a22274144cb382b50044619f779c@EX-DKS.DKS.lan>
<0B7A3944-FFB6-4F33-A44A-EDEBAA62BD97@jamerson.com>
<485940b14e034daaa02c41789b5580b4@EX-DKS.DKS.lan>
In-Reply-To: <485940b14e034daaa02c41789b5580b4@EX-DKS.DKS.lan>
Accept-Language: en-US
Content-Language: nl-NL
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:Code: Select all
50.20.40.66
mail.jamerson.com
[ ]
[ ]
[ ]
[ ]
::1
(Localhost)
(Localhost)if you have any questions feel free to ask.
Please note this will be on the next release V4.