Remove/hide client sender ip from postfix?
Solution 1:
In main.cf:
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
In dynamicmaps.cf:
# Use your real path to dict_pcre.so, below
pcre /usr/lib/postfix/dict_pcre.so dict_pcre_open
You should put this in your /etc/postfix/smtp_header_checks:
/^Received: .*/ IGNORE
/^X-Originating-IP:/ IGNORE
Then run
# /etc/init.d/postfix reload
Solution 2:
Open /etc/postfix/master.cf and find:
cleanup unix n - n - 0 cleanup
Add below those line and become:
cleanup unix n - n - 0 cleanup
-o header_checks=pcre:/etc/postfix/header_checks
Edit /etc/postfix/header_checks and add below codes:
/^Received:/ IGNORE
Now restart postfix. Let say on CentOS:
service postfix restart
Solution 3:
To remove the sender IP from the Received header for new mail submissions, use the header_checks key instead of the smtp_header_checks option:
header_checks = regexp:/etc/postfix/header_checks_submission
The smtp_header_checks option only applies to mail that is sent from Postfix to external servers whereas the header_checks option applies to incoming mail sent from your client to Postfix.
See also the How Postfix receives mail at http://www.postfix.org/OVERVIEW.html for an overview of the components, mail goes from smtpd -> cleanup -> incoming queue. The smtpd process receives mail and injects the Received header with the sender IP address. The header_checks(5) option is processed by the cleanup(8) component which sanitizes email headers.
It is not recommended to set such a header_checks option globally in your main.cf as this would modify the Received header in all emails, even those received from external servers. Instead, you should configure your client to send email through a dedicated submission service on port 587, and configure Postfix to rewrite the headers for these authenticated submissions only.
In /etc/postfix/master.cf, add the following -o lines after the submission line:
submission inet n - y - - smtpd
# Require SASL authentication
-o smtpd_sasl_auth_enable=yes
# Require TLS transport security, do not leak your credentials in plaintext.
-o smtpd_tls_security_level=encrypt`
# Disallow unauthenticated users from sending mail through this port.
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# Use a different cleanup service (see below)
-o cleanup_service_name=ascleanup
Time to configure the cleanup service for authenticated submissions. I pick the name ascleanup to keep it short and aligned, but any name works. To do so, duplicate the cleanup service line in the same master.cf file, but rename the first field and add a new option to select the filter file:
cleanup unix n - y - 0 cleanup
ascleanup unix n - y - 0 cleanup
-o header_checks=pcre:/etc/postfix/header_checks_submission
(Use of the pcre table requires installing postfix-pcre on Debian, that will automatically take care of updating the dynamicmaps.cf file. No further changes are needed for this.)
The final piece is the actual filter configuration in /etc/postfix/header_checks_submission. You could potentially use something like:
/^Received: .*/ IGNORE
which will remove full Received header line, but instead you can also just drop the from helo.host (reverse.host.name [192.0.2.1]) part while preserving other information:
/^Received: from [^ ]+ \([^ ]+ \[[IPv0-9a-f:.]+\]\)\s+(.* \(Postfix\) with .+)$/ REPLACE Received: $1
If you did change the mail_name option, do change the Postfix word to match your configuration. (This pattern is accurate based on the Postfix source code, smtpd/smtpd.c.)
I tested this with postfix 3.4.7-0+deb10u1 on Debian buster. For another great description with the same approach, see When sending email with Postfix, how can I hide the sender’s IP and username in the Received header?
With the above modification, the following is turned into Received: by ...:
Received: from debian (unknown [IPv6:fe80::b036:2ff:fe6e:73f4])
by mail.example.nl (Postfix) with ESMTPSA id 1571B910B
for <[email protected]>; Sun, 12 Jan 2020 02:23:15 +0000 (UTC)