When we send an email through our Postfix mail server, by default, Postfix adds a Received: header with the IP address of the computer where the email is sent from. We may want to hide this information to the email recipient's and the intermediate SMTP servers so the sender can not be tracked.

Postfix provides header_checks(5) to inspect the email's content and manipulate it. The Postfix parameter that we want to set is smtp_header_checks so the header removal only occurs in outgoing email, preserving all the Received: headers on the mail we receive at our SMTP. Attention: it means that mail that doesn't leave our SMTP (ie: mails that are sent from one account to another one at our same server) have no filtering applied and all their headers will stay. The recipient will see our origin IP. Should have a look at it to solve it.

EDIT: it has been updated because the original code stripped out ALL the Received: headers. Now more specific filter has been added so only the first one (the one with Authenticated sender in it) is deleted.

The Postfix configuration for this behavior is the following:


smtp_header_checks = pcre:/etc/postfix/smtp_header_checks


/^Received: .*Authenticated sender.*/m  IGNORE
/^X-Originating-IP:/    IGNORE

The second line (X-Originating-IP) is there to make sure that this header doesn't go out of our SMTP if the MUA sets it.

After editing both files, just do a postmap pcre:/etc/postfix/smtp_header_checks and reload Postfix.

You'll probably need to install postfix-pcre package (at least in Debian) to provide PCRE support to Postfix.

Tagged as postfix, header_checks, track, client, received

If you liked this post, you can donate using Bitcoin 12jVrWkk5S6x5hEizThZwgTx59KxaDdK4C