Loading ...
Sorry, an error occurred while loading the content.

hide private ip in header

Expand Messages
  • Ramesh
    Hi List, I would like know to steps required to hide private ip address in postfix, when we sent email, full header at recipient end shows client private ip
    Message 1 of 8 , Dec 5, 2011
    • 0 Attachment

      Hi List,


      I would like know to steps required to hide private ip address in postfix, when we sent email, full header at recipient end shows client private ip address and also shows public ip address of firewall instead of public ip address of mail server. i have cross checked iptables nating rules which are correct.

      appreciate suggestion to resolve the issue even i have tried with domain_masqurade not successful

      Thanks and Regards,
      Ramesh 
       
    • James Seymour
      On Mon, 5 Dec 2011 21:10:11 +0530 (IST) ... [snip] Header checks with appropriate regexp and IGNORE. ... If the mailserver is sending through the firewall, and
      Message 2 of 8 , Dec 5, 2011
      • 0 Attachment
        On Mon, 5 Dec 2011 21:10:11 +0530 (IST)
        Ramesh <itsramesh_s@...> wrote:

        > Hi List,
        >
        > I
        > would like know to steps required to hide private ip address in
        > postfix, ...
        [snip]

        Header checks with appropriate regexp and IGNORE.

        > ...and also shows public ip address of firewall instead of
        > public ip address of mail server.

        If the mailserver is sending through the firewall, and that's what the
        receiving MTA is seeing, there's nothing you can do about it other than
        rearrange your public network topology. If the mailserver and firewall
        are one-in-the-same, but have different (virtual) public IP
        addresses, look to this mailing list's archives for the identical
        question I asked just the other day, entitled "Problem with smtp client
        bind address."

        Regards,
        Jim
        --
        Note: My mail server employs *very* aggressive anti-spam
        filtering. If you reply to this email and your email is
        rejected, please accept my apologies and let me know via my
        web form at <http://jimsun.LinxNet.com/contact/scform.php>.
      • Noel Jones
        ... You can remove internal IPs with an IGNORE header_checks rule. Be careful your rule is specific enough that you don t remove headers from outsider s mail.
        Message 3 of 8 , Dec 5, 2011
        • 0 Attachment
          On 12/5/2011 9:40 AM, Ramesh wrote:
          >
          > Hi List,
          >
          >
          > I would like know to steps required to hide private ip address in
          > postfix, when we sent email, full header at recipient end shows
          > client private ip address and also shows public ip address of
          > firewall instead of public ip address of mail server. i have cross
          > checked iptables nating rules which are correct.
          >
          > appreciate suggestion to resolve the issue even i have tried with
          > domain_masqurade not successful
          >
          > Thanks and Regards,
          > Ramesh
          >


          You can remove internal IPs with an IGNORE header_checks rule. Be
          careful your rule is specific enough that you don't remove headers
          from outsider's mail. See postfix-users archives for examples.
          WARNING: removing internal IPs is seldom necessary and hides
          valuable debugging information.

          The public IP Received: header is added by the receiving system;
          that's the IP they receive the mail from. If your mail server has
          multiple addresses, smtp_bind_address can control which one is used.
          http://www.postfix.org/postconf.5.html#smtp_bind_address




          -- Noel Jones
        • Ramesh
          Thanks for suggestion.   I have created header_check filter with following but no success. /^Received:.* [127 .0 .0 .1/ IGNORE
          Message 4 of 8 , Dec 6, 2011
          • 0 Attachment
            Thanks for suggestion.
             
            I have created header_check filter with following but no success.
            /^Received:.*\[127\.0\.0\.1/      IGNORE
            /^Received:.*\[10\.2\.1\.83/ IGNORE
            /^Received:.*\[192\.168\.1\.[0-9]/ IGNORE

            anything i am missing.

            Regards,
            Ramesh






            From: Noel Jones <njones@...>
            To: postfix-users@...
            Sent: Monday, 5 December 2011 9:32 PM
            Subject: Re: hide private ip in header

            On 12/5/2011 9:40 AM, Ramesh wrote:
            >
            > Hi List,
            >
            >
            > I would like know to steps required to hide private ip address in
            > postfix, when we sent email, full header at recipient end shows
            > client private ip address and also shows public ip address of
            > firewall instead of public ip address of mail server. i have cross
            > checked iptables nating rules which are correct.
            >
            > appreciate suggestion to resolve the issue even i have tried with
            > domain_masqurade not successful
            >
            > Thanks and Regards,
            > Ramesh



            You can remove internal IPs with an IGNORE header_checks rule.  Be
            careful your rule is specific enough that you don't remove headers
            from outsider's mail.  See postfix-users archives for examples.
            WARNING: removing internal IPs is seldom necessary and hides
            valuable debugging information.

            The public IP Received: header is added by the receiving system;
            that's the IP they receive the mail from.  If your mail server has
            multiple addresses, smtp_bind_address can control which one is used.
            http://www.postfix.org/postconf.5.html#smtp_bind_address




              -- Noel Jones


          • Wietse Venema
            ... You are deleting the headers in mail from remote mail systems, too. This corrupts digital signatures of DKIM. Wietse
            Message 5 of 8 , Dec 6, 2011
            • 0 Attachment
              Ramesh:
              > Thanks for suggestion.
              > I have created header_check filter with following but no success.
              > /^Received:.*\[127\.0\.0\.1/ IGNORE
              > /^Received:.*\[10\.2\.1\.83/ IGNORE
              > /^Received:.*\[192\.168\.1\.[0-9]/ IGNORE
              >
              > anything i am missing.

              You are deleting the headers in mail from remote mail systems, too.
              This corrupts digital signatures of DKIM.

              Wietse
            • Noel Jones
              ... [Don t top post] This is wrong. You must not remove headers from other people s mail -- if my mail has those IPs in it, you must not alter it. At a
              Message 6 of 8 , Dec 6, 2011
              • 0 Attachment
                On 12/6/2011 6:47 AM, Ramesh wrote:
                > Thanks for suggestion.
                >
                > I have created header_check filter with following but no success.
                >
                > /^Received:.*\[127\.0\.0\.1/ IGNORE
                > /^Received:.*\[10\.2\.1\.83/ IGNORE
                > /^Received:.*\[192\.168\.1\.[0-9]/ IGNORE
                >
                > anything i am missing.


                [Don't top post]

                This is wrong. You must not remove headers from other people's mail
                -- if my mail has those IPs in it, you must not alter it.

                At a minimum, add something like '.*by myhost.example.com' to
                restrict matches to headers added by your server.

                See the mail list archives for examples and details.


                If you still have trouble, show "postconf -n" output and the actual
                header you're trying to match.



                -- Noel Jones
              • Ramesh
                Here is log at recipient end, 164.164.87.90 is public ip address and 10.3.1.83 is private ip of mail server and 192.168.1.114 is local client ip address. how
                Message 7 of 8 , Dec 6, 2011
                • 0 Attachment

                  Here is log at recipient end, 164.164.87.90 is public ip address and 10.3.1.83 is private ip of mail server and 192.168.1.114 is local client ip address.
                  how to hide our private ip address (10.3.1.83 and Local subnet)


                  ##########Log
                  Return-Path: <ramesh@...>
                  X-YahooFilteredBulk: 164.164.87.90
                  Received-SPF: pass (domain of ltp.soft.net designates 164.164.87.90 as permitted sender)
                  X-Originating-IP: [164.164.87.90]
                  Authentication-Results: mta1015.mail.in.yahoo.com  from=ltp.soft.net; domainkeys=neutral (no sig);  from=ltp.soft.net; dkim=neutral (no sig)
                  Received: from 127.0.0.1  (EHLO ltp.soft.net) (164.164.87.90)
                    by mta1015.mail.in.yahoo.com with SMTP; Tue, 06 Dec 2011 16:43:40 +0530
                  Received: from mailhub.ltp.soft.net (Not Verified[10.3.1.83]) by ltp.soft.net with NetIQ MailMarshal
                      id <B4eddfbdf0000>; Tue, 06 Dec 2011 16:56:23 +0530
                  Received: from [192.168.1.114] (unknown [192.168.1.114])
                  #######

                  Thanks and Regards,
                  Ramesh


                  From: Noel Jones <njones@...>
                  To: postfix-users@...
                  Sent: Tuesday, 6 December 2011 6:56 PM
                  Subject: Re: hide private ip in header

                  On 12/6/2011 6:47 AM, Ramesh wrote:
                  > Thanks for suggestion.

                  > I have created header_check filter with following but no success.
                  >
                  > /^Received:.*\[127\.0\.0\.1/      IGNORE
                  > /^Received:.*\[10\.2\.1\.83/ IGNORE
                  > /^Received:.*\[192\.168\.1\.[0-9]/      IGNORE
                  >
                  > anything i am missing.


                  [Don't top post]

                  This is wrong.  You must not remove headers from other people's mail
                  -- if my mail has those IPs in it, you must not alter it.

                  At a minimum, add something like '.*by myhost.example.com' to
                  restrict matches to headers added by your server.

                  See the mail list archives for examples and details.


                  If you still have trouble, show "postconf -n" output and the actual
                  header you're trying to match.



                    -- Noel Jones


                • Noel Jones
                  On 12/6/2011 11:51 PM, Ramesh wrote: Please don t top post. ... The above header is added by Yahoo. Nothing you can do about it. ... The above header is added
                  Message 8 of 8 , Dec 7, 2011
                  • 0 Attachment
                    On 12/6/2011 11:51 PM, Ramesh wrote:

                    Please don't top post.

                    >
                    > Here is log at recipient end, 164.164.87.90 is public ip address and
                    > 10.3.1.83 is private ip of mail server and 192.168.1.114 is local
                    > client ip address.
                    > how to hide our private ip address (10.3.1.83 and Local subnet)
                    >
                    >
                    > ##########Log
                    > Return-Path: <ramesh@...>
                    > X-YahooFilteredBulk: 164.164.87.90
                    > Received-SPF: pass (domain of ltp.soft.net designates 164.164.87.90
                    > as permitted sender)
                    > X-Originating-IP: [164.164.87.90]
                    > Authentication-Results: mta1015.mail.in.yahoo.com
                    > from=ltp.soft.net; domainkeys=neutral (no sig); from=ltp.soft.net;
                    > dkim=neutral (no sig)
                    > Received: from 127.0.0.1 (EHLO ltp.soft.net) (164.164.87.90)
                    > by mta1015.mail.in.yahoo.com with SMTP; Tue, 06 Dec 2011 16:43:40
                    > +0530

                    The above header is added by Yahoo. Nothing you can do about it.

                    > Received: from mailhub.ltp.soft.net (Not Verified[10.3.1.83]) by
                    > ltp.soft.net with NetIQ MailMarshal
                    > id <B4eddfbdf0000>; Tue, 06 Dec 2011 16:56:23 +0530

                    The above header is added by something called NetIQ MailMarshall.
                    Postfix can't change headers added by downstream servers.

                    > Received: from [192.168.1.114] (unknown [192.168.1.114])

                    This either isn't a postfix header or you deleted the interesting
                    parts.



                    -- Noel Jones
                  Your message has been successfully submitted and would be delivered to recipients shortly.