For a very long time now I've been concerned about my LAN IP and my home WAN IP addresses being leaked in the Received Headers when sending emails from clients on my computers at home.
So here is my issue: Lets say I log into my webmail and send an email to [email protected]... The email is delivered just fine to suzie Q, and when she gets the email it shows the Received From Header with the IP Address of my Email Server... Great, this makes perfect sense... None of my personal information is exposed and they have all the information required to provide a response to the email.
But then, I go home and open up my email software on my personal computer and send another email to suzie Q, this time the LAN IP of my personal computer is exposed as well as my personal IP Address to my home. Not cool...
The most interesting part is that pretty much all of the current information i have found references back to using "
So if headers_remove don't work in exim system filter, then is there a solution? How about exim document Chapter 44? Adding and removing header lines in routers and transports? The document explains
Reading through the book about ACLs, I eventually came to Section 44.25. Removing header lines in ACLs:
In WHM / Service Configuration / Exim Configuration Manager / Advanced Editor:
Scroll down to acl_smtp_data: custom_begin_exiscanall
add the following:
Alright, now restart exim and send an email from an email client on your local workstation and test... 
JOY!
As far as I can tell this doesn't break any current email spam checks or RBLs... The reason is that the Received From Header is still showing from your web host. This is just a local acl to remove your personal information and any scanners outside of your server would not know of this change unless they are checking for the warn message, which doesn't indicate any specifics other than the fact that something changed, in which case a person could probably just remove the warn message and then nobody would ever know, unless there is some kind of secret hidden monitor that alerts big brother, in which case we're all screwed anyway.
Hope this helps someone in the future! Please let me know if you find anything wrong with my solution or possible issues that could arise from doing this.
So here is my issue: Lets say I log into my webmail and send an email to [email protected]... The email is delivered just fine to suzie Q, and when she gets the email it shows the Received From Header with the IP Address of my Email Server... Great, this makes perfect sense... None of my personal information is exposed and they have all the information required to provide a response to the email.
But then, I go home and open up my email software on my personal computer and send another email to suzie Q, this time the LAN IP of my personal computer is exposed as well as my personal IP Address to my home. Not cool...
The most interesting part is that pretty much all of the current information i have found references back to using "
headers_remove" in the exim system filter, but according to exim documentation for system filter,
As far as I can tell Received: From Headers are not stored with the message and thus are not removed with a system filter. Honestly, I'm really not sure where the Received: From headers are stored, but somehow they are added to the outgoing message during delivery, and this is what I wanted to stop. (if anybody knows how Received From Headers work, please let me know)This command applies only to those headers that are stored with the message; those that are added at delivery time (such as Envelope-To: and Return-Path
So if headers_remove don't work in exim system filter, then is there a solution? How about exim document Chapter 44? Adding and removing header lines in routers and transports? The document explains
So could that mean these rules would apply to emails I send from home??? hmmmmm
Reading through the book about ACLs, I eventually came to Section 44.25. Removing header lines in ACLs:
Now we're getting somewhere. So lets try it.
In WHM / Service Configuration / Exim Configuration Manager / Advanced Editor:
Scroll down to acl_smtp_data: custom_begin_exiscanall
add the following:
Code:
warn message = Remove internal headers
remove_header = ReceivedJOY!
As far as I can tell this doesn't break any current email spam checks or RBLs... The reason is that the Received From Header is still showing from your web host. This is just a local acl to remove your personal information and any scanners outside of your server would not know of this change unless they are checking for the warn message, which doesn't indicate any specifics other than the fact that something changed, in which case a person could probably just remove the warn message and then nobody would ever know, unless there is some kind of secret hidden monitor that alerts big brother, in which case we're all screwed anyway.
Hope this helps someone in the future! Please let me know if you find anything wrong with my solution or possible issues that could arise from doing this.
Last edited by a moderator:
