Filter privacy-sensitive headers on outgoing mail

This re-implements part of PR #69 by @mkropat, who wrote: By default, Postfix adds a Received header — on all mail that you send — that lists the IP of the device you sent the mail from. This feature is great if you're a mail provider and you need to debug why one user is having sending issues. This feature is not so great if you run your own mail server and you don't want every recipient of every email you send to know the device and IP you sent the email from. To limit this filtering to outgoing mail only, we apply the filters just to the submission port. See these guides [1] [2] for more context. [1] http://askubuntu.com/a/78168/11259 [2] http://www.void.gr/kargig/blog/2013/11/24/anonymize-headers-in-postfix/
2014-06-08 17:30:37 -04:00 · 2014-06-08 17:30:37 -04:00 · cd1802fecc
parent 2c4212fa36
commit cd1802fecc
2 changed files with 22 additions and 2 deletions
--- a/conf/postfix_outgoing_mail_header_filters
+++ b/conf/postfix_outgoing_mail_header_filters
@ -0,0 +1,10 @@
+# Remove the first line of the Received: header. Note that we cannot fully remove the Received: header
+# because OpenDKIM requires that a header be present when signing outbound mail. The first line is
+# where the user's home IP address would be.
+/^\s*Received:[^\n]*(.*)/         REPLACE Received: from authenticated-user (unknown [127.0.0.1])$1
+
+# Remove other typically private information.
+/^\s*User-Agent:/        IGNORE
+/^\s*X-Enigmail:/        IGNORE
+/^\s*X-Mailer:/          IGNORE
+/^\s*X-Originating-IP:/  IGNORE
--- a/setup/mail.sh
+++ b/setup/mail.sh
@ -17,7 +17,7 @@ source setup/functions.sh # load our functions
 source /etc/mailinabox.conf # load global vars

 apt_install \
-	postfix postgrey \
+	postfix postgrey postfix-pcre \
 	dovecot-core dovecot-imapd dovecot-lmtpd dovecot-sqlite sqlite3 \
 	openssl

@ -28,9 +28,19 @@ mkdir -p $STORAGE_ROOT/mail

 # Enable the 'submission' port 587 smtpd server, and give it a different
 # name in syslog to distinguish it from the port 25 smtpd server.
+#
+# Add a new cleanup service specific to the submission service ('authclean')
+# that filters out privacy-sensitive headers on mail being sent out by
+# authenticated users.
 tools/editconf.py /etc/postfix/master.cf -s -w \
 	"submission=inet n       -       -       -       -       smtpd
-	  -o syslog_name=postfix/submission"
+	  -o syslog_name=postfix/submission
+	  -o cleanup_service_name=authclean" \
+	"authclean=unix  n       -       -       -       0       cleanup
+	  -o header_checks=pcre:/etc/postfix/outgoing_mail_header_filters"
+
+# Install `outgoing_mail_header_filters` file required by 'authclean' service.
+cp conf/postfix_outgoing_mail_header_filters /etc/postfix/outgoing_mail_header_filters

 # Enable TLS and require it for all user authentication.
 tools/editconf.py /etc/postfix/main.cf \